EU regulatory round-up for 2017 and 2018 | Wolters Kluwer
  • Insights

  • EU regulatory round-up for 2017 and 2018

    By Michael Imeson

    Published January 11, 2018

    The key regulatory developments that took place in the E.U. financial services sector in 2017, and what is in store for 2018, are summarised here by Michael Imeson.

    The European Commission’s main focus on financial services regulation in 2017 was to continue work on the Banking Union and the Capital Markets Union, a focus that will continue into 2018.

    In its Commission Work Programme 2018, published in October 2017, the Commission said it had “recently set out an ambitious but realistic path to ensuring agreement on all outstanding elements of the Banking Union – notably on the European Deposit Insurance Scheme – based on existing commitments by Council”. It added: “A complete Banking Union, together with the Capital Markets Union, will help build the stable and integrated financial system that citizens and businesses need.”

    Most financial regulation is generated by the Commission’s Directorate-General for Financial Stability, Financial Services and Capital Markets Union (DG FISMA), headed by Commission Vice-President Valdis Dombrovskis. Here is a summary of the main developments in 2017 and what is likely to happen in 2018 and beyond. The listings appear in alphabetical order.


    The Alternative Investment Fund Managers Directive (AIFMD), which came into effect in 2013, created a tighter regulatory framework for hedge funds, private equity funds and real estate funds. 

    2017 developments

    There were no significant developments in the AIFMD framework in 2017, but the European Commission is about to commence a major review of its operation. The directive stipulated that such a review should take place after four years of operation, so it will be a year late.

    2018 and beyond

    The Commission’s review is due to start in January 2018 or soon after. Invest Europe, the association representing Europe’s private equity, venture capital and infrastructure sectors, believes the Commission “will not pursue a major overhaul of the AIFMD in the short term”. Instead it is likely to concentrate on making the AIFMD and UCITS (retail mutual funds) passport frameworks function better, and on “enhancing and facilitating the cross-border distribution of [AIFMD and UCITS] investment funds”.

    The review should have commenced in July 2017, but it has been delayed due to a number of factors “including Brexit, conflicting priorities, and a feeling that there is not yet enough information to conduct a review,” say bloggers at private bank Brown Brothers Harriman.

    “A delay in the review of the AIFMD is a mixed blessing for the asset management industry,” continue the bloggers. “On the one hand, there are elements of the AIFMD, such as the Annex 4 reporting, that it would like changed. On the other hand, the idea of initiating an AIFMD 2 process makes the industry’s blood run cold.”

    Anti-Money Laundering Directive, 4th.

    The 4th Anti-Money Laundering Directive, and the related Transfers of Funds Regulation, came into effect in June 2017.

    2017 developments

    The European Commission is now working on “further revisions” to the 4th AMLD, which are likely to lead to a 5th AMLD. The amendments, first announced in 2016 in the wake of the terrorist attacks in Europe, include:

    • Making it harder for prepaid cards and crypto-currencies to be used to fund terrorist or criminal activity.
    • Giving E.U. citizens access to the beneficial ownership records of legal entities. 
    • Enhanced due diligence for high-risk countries which may not have adequate AML strategies in place.

    2018 and beyond

    The proposed amendments are currently being discussed by the Commission, the European Parliament and the Council. In the U.K., the House of Commons European Scrutiny Select Committee, meeting on November 22, 2017, said it was unclear whether the 5th AMLD, once agreed, would apply in the U.K. once it leaves the E.U.

    Nonetheless, the Select Committee concluded that the amendments deserve “detailed scrutiny” because “there is a strong possibility that some or all of the E.U. [laws] may apply in the U.K. beyond March 2019 during an interim period while a new U.K.-E.U. trading relationship is negotiated”.

    Banking Union

    All countries in the euro area must be in the Banking Union, and non-euro countries can join if they wish. It has three elements:

    • The Single Supervisory Mechanism (SSM), with the European Central Bank (ECB) the lead supervisor. It was fully implemented in 2015.
    • The Single Resolution Mechanism (SRM), whose purpose is to ensure an orderly sale or winding up (“resolution”) of failing banks, with minimal costs to taxpayers and the real economy. The SRM came into effect through a Regulation in January 2016.
    • The European Deposit Insurance Scheme (EDIS), which will protect up to €100,000 per depositor per bank if a bank fails. It has yet to be implemented.

    2017 developments

    The Single Resolution Board (SRB), the decision-making body of the SRM, had its first test in 2017 when it successfully “resolved” Spain’s troubled Banco Popular by selling it to Banco Santander for €1.

    The European Deposit Insurance Scheme continues to be dogged by problems. It has failed to receive the backing of Germany and other northern E.U. states in the European Parliament and the Council, who do not want to pay to rescue depositors in other member states. The German government and the European Central Bank have said that EDIS will not happen until Europe’s banks have substantially reduced their risks and their levels of non-performing loans (NPLs).

    The European Commission in October published a Communication suggesting new measures to reduce NPLs and to help banks diversify their investments in sovereign bonds, “to facilitate progress in the European Parliament and the Council on steps towards a European Deposit Insurance Scheme”.

    2018 and beyond

    SRB Chair Elke König, said in December 2017 that by 2020 the board will have developed complete resolution plans for all the banking groups under its direct remit. “Until then, the SRB envisages intermediate stages for resolution plans which will be gradually refined until they reach the ultimate stage,” she said. “Let me be clear that we already have plans for the vast majority of our banks – it is now about enhancing and enriching them with more detail – for example, tackling possible impediments to resolvability.”

    The SRB continues to build up the Single Resolution Fund (SRF), to which the banking sectors of each country in the Banking Union have to contribute. The fund is to be used as a last resort to prop up failing banks when shareholders’ and creditors’ bail-in funds have been exhausted. The fund will be gradually increased between 2016-2023, so that by December 31, 2023 it will amount to 1% of covered deposits of all banks in the Banking Union.

    Capital Markets Union

    The Capital Markets Union (CMU) “action plan” was launched in 2015. Its objective is to build a single market for capital across the E.U., as an alternative to bank lending: these alternatives include the debt and equity capital markets, securitisation, venture capital, crowd funding and asset management.

    2017 developments

    In June 2017, the European Commission published a mid-term review of its Capital Markets Union plans, announcing objectives achieved so far, further work needed to achieve existing objectives, and some new objectives.

    Objectives achieved to date. Two–thirds of the CMU’s 33 goals have now been implemented, such as the securitisation package and the venture capital funds reforms.

    Further work on existing objectives. A legislative proposal for a pan-European personal pension product was announced.

    New objectives

    These include “a more proportionate regulatory environment” for SMEs listing on public markets; assessing the case for an E.U. licensing and passporting framework for fintech activities; and support for developing secondary markets in non-performing loans.

    European Commission Vice-President Valdis Dombrovskis, said: “As we face the departure of the largest E.U. financial centre, we are committed to stepping up our efforts to further strengthen and integrate the E.U. capital markets. This review makes clear the scale of the challenge and we count on the support of the European Parliament and Member States to rise to it.”

    2018 and beyond

    In a press announcement in December 2017 the Commission said it aims to have CMU in place by 2019. To help facilitate this it proposed “a two-track overhaul” of regulations on investment firms.

    Smaller investment firms, which make up the vast majority of such firms, will no longer be subject to the Capital Requirements Directive and Regulation (CRD IV) that were originally designed for banks. They will instead be subject to new and simpler rules, which “will reduce the administrative burden, boost competition and increase investment flows, all of which are priorities of the CMU, without compromising financial stability”, said the Commission.

    However, the largest and most systemic investment firms will remain subject to the same CRD IV rules and supervision as banks. They will be treated as banks, which is line with similar regulations in other parts of the world like the US.

    CCPs: Recovery and Resolution Regulation and more robust supervision

    The European Commission in 2016 proposed a Recovery and Resolution Regulation for Central Counterparties (CCPs) – financial market infrastructures that provide clearing and settlement services – to ensure they can be recovered or resolved if they get into trouble. The regulation is similar to the Bank Recovery and Resolution Directive (BRRD) for banks.

    2017 Developments

    The European Commission continued its discussions on the regulation with CCPs and the relevant public authorities in all member states.

    Additionally, in June, the Commission proposed more robust regulation and supervision of OTC derivatives clearing in Europe, aimed particularly at the U.K. as it prepares to leave the E.U. The proposal includes the creation of a supervisory mechanism in the European Securities and Markets Authority (ESMA) to supervise E.U. CCPs, and non-E.U. CCPs clearing euro-denominated transactions.

    2018 and beyond

    The “level 1” framework principles of the CCP Recovery and Resolution Regulation should be finalised in 2018. The Regulation will also require “level 2” detailed technical standards to be drawn up by the European Securities and Markets Authority (ESMA) and agreed by the Commission, which will happen some time in 2018 or 2019.

    The Commission’s June 2017 proposal for more robust supervision, mentioned above, is aimed at U.K. CCPs, LCH in particular, which clear the vast majority of euro-denominated OTC derivatives. The Commission wants to have regulatory and supervisory powers over them once the U.K. has left the E.U. in 2019. To this end the Commission has proposed a two-tier system for classifying non-E.U. CCPs. The first tier are non-systemically important CCPs, which will continue to be able to operate under the existing EMIR (European Market Infrastructure Regulation) equivalence framework.

    The second tier are systemically important CCPs, and they will be subject to stricter requirements. Some of these CCPs – such as LCH –may be of such systemic importance that the requirements may be “deemed insufficient to mitigate the potential risks”, says the Commission. “In such instances, the Commission, upon request by ESMA and in agreement with the relevant central bank, can decide that a CCP will only be able to provide services in the Union if it establishes itself in the E.U.” In other words, London could lose most of its euro-denominated clearing business.

    Consumer Financial Services Action Plan

    The Consumer Financial Services Action Plan is based on the European Commission’s Green Paper on Retail Financial Services, published in 2015. The paper sought views “on how to improve choice, transparency and competition in retail financial services for the benefit of European consumers and how to facilitate true cross-border supply of these services, so that financial firms can make the most of the economies of scale in a truly integrated E.U. market”.

    2017 developments

    The E.C. received 428 responses to the Green Paper from national regulators, firms and consumers and decided to act. In March 2017 it presented an “Action Plan” to improve financial services for consumers. Its focus is on technology and online services, and it published a related consultation on financial technology.

    The plan seeks to “prise open national barriers” as only 7% of consumers buy finances from another E.U. country. Valdis Dombrovskis, Vice-President responsible for Financial Stability, Financial Services and Capital Markets Union, said: "European consumers and firms should be able to take full advantage of a true Single Market for financial services. Consumers should have access to the best products available across the E.U., not just within their own country. At the same time, we want to explore the full potential of the technology that's out there. If harnessed well, it has the potential to change for the better the financial industry and the way people access financial services."

    The Action Plan has three strands:

    1. To “empower consumers” when buying services at home or from another country. For example, the intention is to make it easier for drivers to use their no claims insurance bonus abroad; to reduce fees for international transactions involving non-euro currencies; and to make car rental insurance more transparent.
    2. To “reduce legal and regulatory obstacles” for financial firms when seeking to expand abroad; for example, creating common creditworthiness assessment criteria for loans.
    3. To “support the development of an innovative digital world”. For instance, it wants to encourage the use of electronic identity services for checking customer identities.

    The fintech consultation concentrated on three principles:

    1. “Technology neutrality”, where the same rules are applied to traditionally sold services (by branch, post or phone) as those sold digitally.
    2. “Proportionality”, so that the rules are suitable for the different business models, size and activities of regulated firms.
    3. “Improved integrity”, to ensure transparency, privacy and security for consumers.

    2018 and beyond

    For 2018 the Commission is planning further measures, including:

    • A study on the need for a deeper single market for consumer credit.
    • Improvements in the quality of comparison websites for financial services.
    • A review of national consumer protection rules to ensure they are fair and simple.
    • Exploring ways of making it easier to switch financial providers.

    CRD IV

    The CRD IV package – the Capital Requirements Directive (CRD) and the Capital Requirements Regulation (CRR) – implements Basel III in Europe. The CRD IV came into effect in 2014 but it will not be fully implemented until January 1, 2019, in line with the timing of the Basel standards.

    2017 developments

    In October, the European Parliament, the Council and the Commission agreed on elements of the reviews of CRD IV and the Bank Recovery and Resolution Directive (BRRD). The agreement on CRD IV implements the new International Financial Reporting Standard (IFRS 9). “This will help mitigate the impact of IFRS 9 standards on E.U. banks' capital and ability to lend,” said the Commission. “It will also avoid potential disruptions in government bond markets that would result from rules limiting large exposures to a single counterparty.”

    The agreement on the BRRD creates a new category of unsecured debt in bank creditors' insolvency ranking. It establishes an E.U. harmonised approach on the priority ranking of bank bond holders in insolvency and in resolution. 

    2018 and beyond

    Banks and regulators will continue with their final preparations for when CRD IV is fully implemented in 2019. 

    General Data Protection Regulation

    Financial services firms are worried that the European Commission’s General Data Protection Regulation

    (GDPR), which will apply to all industry sectors, not just financial services, from May 25, 2018, will seriously harm their commercial interests. It will force them to improve the privacy rights of E.U. citizens and report data breaches within three days, rules that will be difficult and costly to comply with. Penalties for non-compliance could be as high as 4% of global turnover. 

    2017 developments

    The Commission issued a statement May 25, 2017, reminding firms that they had exactly one year left to prepare for the GDPR. The success of the regulation “depends not only on member states adapting national laws to the new rules, but also on the knowledge of citizens of their new rights, and on businesses in the E.U. to be ready once the new rules enter into force”, said the Commission.

    2018 and beyond

    The Article 29 Data Protection Working Party – made up of representatives from the data protection authorities of every E.U. member state, the E.U. Data Protection Supervisory and the E.C. –published new guidelines on consent and transparency towards the end of 2017 and is inviting comments on them until January 23, 2018.

    Insurance Distribution Directive

    The Insurance Distribution Directive (IDD) is due to come into effect on February 23, 2018, but the European Parliament has called on the Commission to delay it until October 1, 2018. The directive applies to insurers and reinsurers, insurance and reinsurance brokers, and other firms involved in the insurance business such as Lloyds managing agents.

    Its provisions include a general principle that brokers and insurers should treat customers fairly; that the existing requirement for intermediaries to be registered with a regulator should continue; that staff should meet a minimum requirement for professional training and development each year; and that there should be rules on remuneration that ensure that staff are not paid in a way that conflicts with their duty to act in the best interests of customers.

    2017 developments

    In November 2017, the Economic and Monetary Affairs Committee (ECON) of the European Parliament recommended that the implementation of the IDD be delayed from February 23, 2018 to October 1, 2018. The ECON chairman wrote to the head of the Directorate General for FISMA at the European Commission saying a postponement was necessary to give insurance firms more time to prepare.

    The Association of British Insurers supports Parliament’s request. “We welcome this initiative and hope that the other European bodies will support this amendment to ensure that insurers have sufficient time to properly implement the complex IDD requirements, in order to draw the maximum benefits for firms and consumers,” it said in a submission to the U.K.’s FCA.

    Meanwhile, the Financial Conduct Authority has published two Policy Statements on the “near-final rules” for the application of the IDD in the U.K. They were published on September 25, 2017 and December 15, 2017. 

    2018 and beyond

    The European Commission is still considering the European Parliament’s request to postpone the directive’s application. Meanwhile, the FCA is expected to publish its final rules in January 2018.

    MiFID II

    MiFID II comes into effect on January 3, 2018. It makes improvements to the first Markets in Financial Instruments Directive, and incorporates into E.U. legislation aspects of the financial reform programme set out by the G20 leaders in response to the global financial crisis, including the requirement for standardised OTC derivatives contracts to be traded on exchanges or electronic trading platforms where appropriate.

    2017 developments

    National governments had to transpose MiIFID II into national laws by July 3, 2017, ready to apply on January 3, 2018. ESMA (European Securities and Markets Authority) continued to publish guidelines and draft RTS throughout 2017.

    In the U.K., the FCA published two Policy Statements on MiFID II in March and July 2017 setting out the final rules on conduct of business and other matters. The FCA issued a short, 6th consultation paper dealing with “a small number of residual issues”, the deadline for which was September 7, 2017. The results will be published shortly.

    The FCA also published a warning to firms that they must meet the January 3, 2018 deadline, while acknowledging that “implementation of MiFID II represents a significant challenge for firms, particularly given that important issues concerning the interpretation of the legislation are still being resolved”.

    2018 and beyond

    Although firms must comply with MiFID II on January 3, 2018, there is one exception: the Legal Entity Identifier (LEI) requirements. The LEI deadline was recently extended to July 3, 2018 because it had become clear that a sizeable number of entities would not obtain their LEIs on time.

    MiFID II obliges E.U. investment firms to identify their clients with LEIs in their transaction reporting. It also requires trading venues to identify each issuer of a financial instrument traded on their systems with an LEI code when making daily data submission to the Financial Instruments Reference data System (FIRDS).

    However, ESMA and national regulators realised that many clients and issuers would not be able to obtain their LEIs by January 2018, so on December 20, 2017 ESMA announced it would postpone the LEI requirement for six months.

    Network and Information Systems Directive

    The Directive on Security of Network and Information Systems (the NIS Directive) will require “operators of essential services” (OES) – such as banks, energy companies and transport companies – and digital service providers, to improve their cyber security. If they fail to comply they face stiff penalties. National governments must transpose the directive into national legislation by May 9, 2018 and must identify all the OESs within their jurisdiction by November 9, 2018.

    2017 developments

    The European Commission published on September 13, 2017 a Communication to help member states in their efforts to implement the directive swiftly and coherently.

    2018 and beyond

    In the U.K., the Department for Digital, Culture, Media and Sport (DCMS) ran a consultation from August 8, 2017 to September 30, 2017 on how it proposes to implement the directive. The results will be published in early 2018.

    The DCMS consultation proposes two bands of penalties for non-compliance:

    • Band one. A maximum penalty of €10m or 2% of global turnover (whichever is greater) for lesser offences, such as failure to cooperate with the competent authority, failure to report a reportable incident, or failure to comply with an instruction from the competent authority. 

    • Band two. A maximum penalty of €20m or 4% (whichever is greater) for the more serious offence of failure to implement appropriate and proportionate security measures. 

    The U.K.’s National Cyber Security Centre will publish generic cross-sector security guidance in January 2018.

    This will be followed in the spring with advice from regulators to OESs on how they should interpret this generic NCSC guidance when the NIS Directive comes into effect. In November 2018, when all OESs have been identified, regulators will provide them with detailed sector specific guidance.

    The U.K. government has said that financial services firms will be exempt from aspects of the directive where they are already covered by similar laws and regulations. However, trade association U.K. Finance has noted that few other E.U. countries have chosen to apply such an exemption to their financial sector. In addition, some of U.K. Finance’s members “may well find themselves caught under NIS implementing legislation in other Member States”.

    Payment Services Directive 2

    The second Payment Services Directive (PSD 2) comes into effect on January 13, 2018. It applies to banks, building societies, card companies and other payment service providers (PSPs). Its most significant provision is that it will force PSPs to open up access to their customers’ accounts to competitor PSPs, if customers consent. A customer’s current PSP is referred to in the directive as an Account Servicing Payment Service Provider (ASPSP), while a competitor PSP is referred to as a Third-Party Provider (TPP). Once given access, a TPP will be able to provide these customers with information on alternative services, and even make payments from their ASPSP accounts.

    In the U.K., the authorities have imposed specific rules and standards on banks to ensure this open access requirement is implemented efficiently. It is known as the Open Banking “standard” or “initiative”. Phase 1 of the standard came into effect in March 2017. Phase 2 comes into effect on January 13, 2018, the same day as PSD 2.

    PSD 2 also includes measures to improve consumer protection against fraud, to promote mobile payments, to prevent retailers from imposing surcharges on customers using credit and debit cards, and to strengthen the role of the European Banking Authority.

    2017 developments

    The European Commission announced on November 27, 2017 that it had adopted the European Banking Authority’s (EBA’s) Regulatory Technical Standards (RTS) on PSD 2. The European Parliament and Council now have three months to scrutinise them (by February 2018) and they will come into effect 18 months later (by September 2019).

    In the U.K., HM Treasury in July 2017 laid before Parliament legislation to transpose PSD 2 into U.K. law. On the same day, it published a document summarising its approach, entitled Implementation of the revised E.U. Payment Services Directive II.

    Also in July 2017, the Treasury and the FCA jointly published Expectations for the third party access provisions in Payment Services Directive II . This document lays down the rules on how ASPSPs should make their customer current account data accessible to TTPs, and how those TTPs must be registered with the FCA and must obtain customer consent.

    On September 19, 2017, the FCA issued a Policy Statement on Implementation of the revised PSD 2: Approach Document and final Handbook changes. It stated that the PSD had been transposed into U.K. legislation via the Payment Services Regulations 2017 (PSRs 2017); that the FCA is the competent authority responsible for authorising and supervising PSPs under PSD2; and that this Policy Statement confirms changes to its Handbook and Approach Document to reflect PSD2 and PSRs 2017.

    2018 and beyond

    Most of the PSD 2 provisions come into effect on January 13, 2018. However, as mentioned in the previous section, the security measures outlined in the EBA’s RTS will not become applicable until around September 2019.

    Solvency II

    Solvency II came into effect in 2016. Its main objective is to improve risk and capital management among Europe’s insurers and re-insurers, making them safer institutions, improving protection for policyholders and reducing the likelihood of market disruption. It also harmonises insurance standards across the E.U., obliges insurance companies to give a more accurate picture of their financial situation through a shift to market consistent valuation of assets and liabilities, and improves the supervision of insurance groups.

    2017 developments

    In October 2017, the U.K.’s Prudential Regulation Authority announced a series of improvements to how Solvency II would operate in the U.K. It started with a consultation paper (CP) on reforming the Matching Adjustment (MA). MA is used by life insurers to cushion their capital resources, if they can demonstrate to regulators that the cash flow of a designated portfolio of assets is matched to the life insurance liabilities. Another consultation paper, on making it easier for firms that want to change their models, was due to be issued in December 2017.

    “The series of targeted improvements will support the PRA’s commitment to the Treasury Committee made in February 2017 to explore reform of some areas of the PRA’s implementation of Solvency II,” said the PRA.
    The Association of British Insurers has welcomed the proposed reforms. “The industry has consistently and unanimously highlighted concerns about the rigid nature of the matching adjustment, the burden firms face when trying to keep their internal model up-to- date and the excessive cost of regulatory reporting,” said the ABI’s Head of Prudential Regulation, Steven Findlay. “The ABI has worked closely with the PRA over the summer on each of these areas. These proposals, which address a number of our recommendations, are an important step forward.”

    2018 and beyond

    The PRA will issue more CPs in the coming months, on:

    • Reducing the reporting burden on firms.
    • Simplifying the recalculation process for the transitional measure on technical provisions.
    • Relaxing some of the audit provisions for firms, especially smaller firms.

    The European Commission will review in 2018 how Solvency II has been working in practice. The European Insurance and Occupational Pensions Authority (EIOPA) submitted the first instalment of its draft advice on the review to the Commission in October 2107. EIOPA will submit more advice in 2018.


    This is by no means a summary of all financial regulation in the E.U. in 2017 and 2018 but it aims to cover most of the main developments. The key priorities are Banking Union and Capital Markets Union.
    But the big questions are around Brexit. How will the U.K. financial services sector fare once the U.K. has left the E.U., and how closely will U.K. financial regulation mirror the E.U.’s? These questions are only likely to be answered in March 2019, once the terms of the U.K.-E.U. trading relationship is finalised and the U.K. has left.

    About the author: Michael Imeson Chartered MCSI is Contributing Editor of The Banker magazine; Senior Content Editor at Financial Times Live where his role is to organise and/or chair events on financial services; and the owner of editorial services agency Financial & Business Publication.

    If this article was useful to you, we can assist with more in-depth analysis needed to understand the ever changing regulatory environment.  We’ve made OneSumX Compliance Resource Network an all-inclusive information solution. In a single, convenient location, you can quickly and accurately access all pertinent regulations, legislation and updated rulebooks. Sign up for your free trial today.

  • Please take a moment and tell us what you think of our content.