Dear colleagues,
in this issue, we highlight key regulatory developments in the areas of money laundering prevention, financial market regulation and crypto-assets. Particularly relevant are the new BaFin requirements for submitting the information register, the revised MaRisk expert committee protocol and the latest ESMA warnings on the use of artificial intelligence in the financial sector.
Table of Contents
- 1. New BaFin guidance on the submission of the information register
- 2. MaRisk FG: New requirements for ESG risks, outsourcing and governance
- 3. BaFin warns against avoidance transactions in the financial sector
- 4. EBA publishes draft for reporting framework 4.1
- 5. EBA report: Payment crime and de-risking as the main problems
- 6. ESMA guidelines on suitability requirements under MiCA
- 7. ESMA warns against AI-powered investment tools
- Now receive the most important compliance notifications every week free of charge
1. New BaFin guidance on the submission of the information register
Summary: BaFin has published new guidance to assist financial firms with the submission of the information register. Companies can submit the information either via a structured file in xBRL format or via an Excel template provided by BaFin. The aim is to make data submission processes more efficient and standardized.
Opinion: This new guidance is a step in the right direction to simplify regulatory reporting for financial institutions. At the same time, it is clear that the digitalization of reporting obligations is progressing and companies should deal with the technical requirements at an early stage.
Source: BaFin notes
2. MaRisk FG: New requirements for ESG risks, outsourcing and governance
Summary: The minutes of the meeting of the MaRisk specialist group on November 27, 2024 shed light on important regulatory developments. The focus was on the EBA guidelines on ESG risks, outsourcing and governance. The ESG guidelines were discussed at the end of 2024 and publication is planned for early 2025.
The German banking supervisory authority is aiming for proportional implementation, although it is still unclear which points will be incorporated directly into MaRisk. In addition, new EBA guidelines are to regulate third-party risk management and replace the previous outsourcing guidelines. Adjustments by DORA are necessary, finalization is expected in mid-2025. In the area of governance, CRD VI introduces new requirements for third-country branches and internal control functions. A public consultation on the governance guidelines is planned for the second or third quarter of 2025.
Opinion: These developments show that the regulatory environment for banks is continuing to change dynamically. ESG risks and third-party management in particular will be the focus of greater attention in future. Institutions should prepare for the new requirements at an early stage, particularly with regard to DORA implementation and possible adjustments to MaRisk.
Source: Minutes of the MaRisk FG 27.11.2024
3. BaFin warns against avoidance transactions in the financial sector
Summary: BaFin points out that avoidance transactions pose significant risks for money laundering and terrorist financing. These are transactions that deliberately aim to circumvent legal requirements in order to undermine transparency and control mechanisms. Obligated parties must apply enhanced due diligence obligations in the event of indications and, if necessary, submit suspicious activity reports in accordance with the AMLA.
Opinion: This warning from BaFin underlines the need for financial institutions to further tighten their internal control systems. The deliberate circumvention of regulatory requirements not only entails legal risks, but also considerable reputational risks.
Source: BaFin supervisory notice
4. EBA publishes draft for reporting framework 4.1
Summary: The EBA has published a draft of the technical package for version 4.1 of its reporting framework. This includes new XBRL taxonomies and validation rules for reporting requirements on ESG data, MiCAR and Instant Payments. The final version is expected in May 2025.
Opinion: These changes show that regulatory reporting obligations are becoming increasingly complex. Companies should examine at an early stage how they can adapt their IT and reporting systems to meet the new requirements.
Source: EBA draft
5. EBA report: Payment crime and de-risking as the main problems
Summary: The EBA’s new Consumer Trends Report highlights payment crime, over-indebtedness and de-risking as key problems for consumers in the EU. The report is based on data from 27 EU member states and consumer associations and identifies increasing risks for consumers due to insufficient protection measures.
Opinion: The results show that banks and payment service providers need to implement more measures against fraud and de-risking. At the same time, the supervisory authorities must ensure that consumer protection does not lead to financial exclusion.
Source: EBA report
6. ESMA guidelines on suitability requirements under MiCA
Summary: ESMA has published guidelines on the application of the MiCA provisions on suitability requirements for crypto service providers. These are intended to ensure consistent application of the rules on client advice and reporting by crypto portfolio managers.
Opinion: These guidelines are an important step towards creating a regulated crypto market in the EU. Firms will need to adapt their internal processes and advisory practices to meet the increased regulatory requirements.
Source: ESMA guidelines
7. ESMA warns against AI-powered investment tools
Summary: ESMA has issued a warning on AI-based tools for investment decisions. It points out that these systems are prone to errors and can provide misleading investment recommendations that lead to financial losses.
Opinion: AI-supported financial advice is a topic of the future, but poses considerable risks for consumers. Increased supervision is necessary to prevent misinformation and automated wrong decisions. AI-supported financial advice is a logical consequence of the already familiar robo-investment advice. Accordingly, the same mechanisms should apply here as for robo-advice to ensure a minimum level of protection for small/private/retail investors.
Source: ESMA warning
Now receive the most important compliance notifications every week free of charge
Many compliance officers already use our free service and receive the most important news from the areas of compliance, money laundering prevention, data protection and IT security. We provide a weekly overview of the most important reports and categorize them.
Subscribe now free of charge.
Would you like to be up to date every day?
Our legal rights monitoring software gives you access to all notifications and allows you to filter them by relevance, type and area. You can create and download summaries. Get in touch with us.
We wish you a successful week.
Your Riscreen team