23 Sep 2021 | 09.00 am
Regulation Piles Up For The Financial Sector
New senior executive, ESG and cyber rules in store
23 Sep 2021 | 09.00 am
The new senior executive accountability regime has yet to be fleshed out. In the meantime, there’s a lot more regulation heading the way of the financial industry, writes Liam Flynn (pictured) of Mason Hayes & Curran LLP
The Department of Finance’s publication on 27 July 2021 of the general scheme of the Central Bank (Individual Accountability Framework) Bill will create Ireland’s first comprehensive senior executive accountability regime (SEAR). The regime will introduce prescribed responsibilities for senior managers and strengthen firms’ obligations to undertake due diligence on staff. It will also impose more onerous conduct standards that can be enforced directly by the Central Bank of Ireland (CBI) against staff, through fines and other sanctions.
However, the draft Bill sets out only the main regime features with important details delegated to subsequent CBI rule-making. For example, we don’t yet know whether SEAR will require financial firms to obtain regulatory references from previous employers, nor do we know precisely what kinds of staff action will result in fines and potentially career-ending regulatory sanctions. Extensive consultations will be critical when the CBI exercises its rule-making powers under the proposed legislation to avoid damage to Ireland’s important foreign direct investment financial sector.
SEAR is the latest Irish example of the current prominence of cultural and conduct issues in financial regulation. What are we likely to see next? Even pre-pandemic, the Financial Stability Board – the G20’s financial think-tank – and the EU Commission were focused on some other prominent themes.
FinTech and AI
The FinTech and InsurTech sector is alive with excitement about the possible applications of artificial intelligence, and the Commission’s April 2021 proposed AI Regulation (AIR) will have wide-ranging impacts. AIR will impose specific requirements on financial firms using AI in ‘high-risk’ settings, such as creditworthiness as well as more routine applications such as chatbots. Some uses of AI will even be prohibited under the proposals.
The Commission’s July 2021 strategy on financing the transition to sustainability announced that it will shortly propose further amendments to CRDIV/CRR, the prudential framework for banks. These amendments will be designed to ensure that ESG factors are consistently included in risk management systems and supervision.
To achieve this, clear requirements will be set to identify, measure, manage and monitor sustainability risks, including climate change stress testing for banks. It seems likely that these changes to risk management systems will subsequently be rolled out by the EU beyond banking to other financial sectors, such as insurance.
The EU has produced standards for cyber-resilience previously, but the Commission’s proposed Digital Operational Resilience Act (DORA), published in September 2020, is a sector-specific piece of legislation that should take precedence for the financial sector. DORA aims to bring critical third-party ICT providers to the financial sector within the regulatory perimeter, and seeks to strengthen and standardise ICT risk management frameworks. It will also intensify regulatory scrutiny in this area.
Irish financial firms should be ready for close scrutiny of their crisis management, business continuity and operational resilience arrangements in the aftermath of the pandemic. The CBI will focus on hybrid working arrangements, expecting firms to have carefully analysed inherent risks, and to demonstrate that necessary additional controls have been implemented.
The CBI is also likely to encourage firms to further prioritise ESG in their businesses, perhaps by setting up stakeholder engagement groups or even pressing firms to allocate board seats to stakeholder advocates. The CBI will also focus ever more closely on firms’ risk management frameworks relating to climate risk, building on previous CBI industry climate risk surveys.
In his Wealth of Nations, Adam Smith bemoaned the economic damage done by ‘do-gooder’ market regulators. There seems to be little sympathy for Smith’s views among today’s politicians and regulators.
For more information, visit mhc.ie
Pic: Paul Sherwood