We have published a new briefing note 3 February 2025: DPE regime becomes fully operational.

On 28 January 2025, UK Finance published a report on Generative AI in Action: Opportunities & Risk Management in Financial Services. The report looks at the current and emerging use cases of generative artificial intelligence (AI) in the financial sector, along with emerging risk mitigation techniques. The report concludes that the financial services sector is investing more in AI and that overall, firms are benefitting from their investment in generative AI. It identifies 7 key areas where generative AI is driving the most value:    Customer engagement and personalised marketing.    Knowledge management and information retrieval. Software development and data management.    Intelligent workflow and email processing.    Fraud and financial crime.    Legal, contractual and compliance text analysis.    Desktop and meeting productivity. Key areas of risk flagged in the report are: Reliability of outputs, noting that generative AI models (particularly Large Language Models or LLMs) could produce bias, errors, or inappropriate language. The report explains that firms mitigate these risks by carefully selecting models, fine-tuning them using use case-specific datasets, and ongoing testing of outputs. Data privacy and security – the report states that in addition to risks common to many systems, such as inadequate handling of input data, LLMs can produce or reveal personal information in unexpected ways. Strong data protection practices and cybersecurity measures are critical, with new measures emerging such as personal information ‘filters’. Third party considerations, with a warning that relying on external AI providers can reduce control. Firms can enhance third-party risk management processes to deal with this.  The report highlights that to support further innovation, ongoing collaboration is needed with regulators and government, as well as engagement with customers. It notes that: “Building trust through transparency and education, and ethical practices is key to ensuring AI’s potential is realised.”

On 28 January 2025, the Retained EU Law (Revocation and Reform) Act 2023 (Consequential Amendments) Regulations 2025 (the Regulations) were published on legislation.gov.uk, along with an explanatory memorandum. The Regulations make consequential amendments to secondary legislation necessitated by provisions of the Retained EU Law (Revocation and Reform) Act 2023, with the aim of enhancing the clarity and accessibility of the statute book for businesses and consumers. In particular, they: Remove references to “retained EU law” and replace them with “assimilated law”. Remove references to general principles of EU law and section 4 rights. The Regulations come into force on 27 February 2025.

On 28 January 2025, HM Treasury (HMT) published a letter from the Bank of England (BoE) responding to the November 2024 remit letter for the Financial Policy Committee (FPC). The letter provides the FPC’s response to HMT’s recommendations to it for 2024/25, highlighting in particular its work to support financial stability and to address systemic risks to the resilience of the UK financial system. Topics addressed in the response include geopolitical risks, non-financial risks (including cyber and operational risks, and emerging technologies), risks from the non-bank financial sector, and climate change and nature.

On 28 January 2025, HM Treasury (HMT) published a letter from the Bank of England (BoE) responding to the November 2024 remit letter for the Prudential Regulation Committee (PRC). The letter provides the PRC’s response to HMT’s recommendations to it for 2024/25, noting in particular its actions to maintain financial stability and to advance the secondary competitiveness and growth objective. The PRC also confirms that it will take account of each of the six recommendations on Government economic policy to which the PRC should have regard (which were set out in the remit letter). It sets out, in an annex to the response, further detail on the work the Prudential Regulation Authority is carrying out in support of those recommendations.

On 28 January 2025, the Financial Conduct Authority (FCA) published its Adaptation Report 2025, in which it responds to the Department for Environment, Food and Rural Affairs’ (DEFRA) invitation to report on climate change adaptation challenges faced by financial services firms. The report is based on informal engagement with financial services firms and the FCA’s understanding of market dynamics, but the FCA flags that it is not a comprehensive assessment and further research is needed to verify the findings. It also notes that the report is not intended to set out regulatory expectations for firms. Issues The FCA identifies 3 major issues affecting climate change adaptation in the financial services industry: Data and modelling to help financial services quantify and manage climate risks. Barriers and enablers to insurance underwriting for climate risks and, as a consequence, lending and investment. Barriers and enablers to financial services in allocating capital to adaptation. Areas of focus The report emphasises the need for financial services firms to adjust their risk management practices in response to climate change. It also highlights the crucial role of financial products in facilitating and supporting adaptation and transition within the broader economy. These two areas are closely connected, as a thorough understanding of climate risk is essential for both. Additionally, the report warns that firms must protect their critical infrastructure, particularly IT systems, while ensuring that net-zero transition plans consider necessary adaptation.

On 27 January 2025, the Payment Systems Regulator (PSR) and the Bank of England (BoE) published letters to each other regarding the operation of CHAPS. The regulators note that they agreed a set of principles (set out in an exchange of letters at the time) to ensure effective working with regard to CHAPS when the BoE became the operator of CHAPS in November 2017. The principles reflect the PSR’s ongoing regulation of payment service providers who are CHAPS participants. The latest letters exchanged by the PSR and BoE update those principles in light of the CHAPS reimbursement requirement and rules which became effective in Autumn 2024. The PSR’s letter to the BoE, dated 15 January 2025, sets out areas that have been identified for ongoing cooperation and coordination in respect of CHAPS. It reflects how the PSR and BoE intend to continue to work together in respect of the CHAPS reimbursement requirement, including three steps to ensure cooperation and coordination in relation to the CHAPS reimbursement requirement: Information sharing, including in relation to compliance data. The BoE sharing any changes to the CHAPS reimbursement rules. The PSR sharing any changes to Specific Direction 21 or Faster Payments arrangements that may impact the CHAPS reimbursement rules or policy. In the BoE’s response to the PSR, dated 22 January 2025, it agrees with the updated principles set out in the PSR’s letter, noting its support for the three key steps set out in the PSR’s letter.

On 27 January 2025, the European Supervisory Authorities (ESAs) published Terms of Reference for the European Systemic Cyber Incident Coordination Framework (EU-SCICF). The EU-SCICF is set up in accordance with Article 49(1) of the Regulation on digital operational resilience for the financial sector (DORA) and the ESAs Joint Committee response to the Recommendation of the European Systemic Risk Board of 2 December 2021 on a pan-European systemic cyber incident coordination framework for relevant authorities.

On 24 January 2025, the Global Foreign Exchange Committee (GFXC) issued a press release announcing that it had completed its review of the FX Global Code (Code). This latest version of the Code will supersede the July 2021 version. Updates have been made to five of the Code’s fifty-five principles to strengthen the Code’s guidance on FX Settlement Risk, as well as to increase transparency around certain types of FX transactions and the use of client-generated data on electronic trading platforms. Also, the Disclosure Cover Sheets (DCS) for Liquidity Providers and Platforms were also extended with the objective to enhance transparency and comparability across providers on the use of FX data. The GFXC encourages the uptake of the DCS, which are available on the GFXC website.

On 24 January 2025, the European Securities and Markets Authority (ESMA) issued a new web page reminding market participants that responsibility for reporting over-the-counter (OTC) transactions will shift from systematic internalisers (SIs) to the new Designated Publishing Entities (DPEs) from 3 February 2025. The DPE regime allows Member State competent authorities to grant the status of DPE to investment firms. DPEs, when they are party to a transaction, will need to make these transactions public through an approved publication arrangement.  Discontinuation of the SI quarterly calculations ESMA also states that it will no longer be necessary for it to perform SI calculations from September 2025 and therefore it has decided to discontinue the voluntary publication of quarterly SI calculations data already now. This action will also reduce the administrative burden for investment firms. Consequently, the mandatory SI regime will no longer apply from 1 February 2025, and investment firms will not need to perform the SI-test. However, investment firms can continue to opt into the SI-regime.

On 24 January 2025, the European Commission (Commission) adopted a Delegated Regulation supplementing the Markets in Financial Instruments Regulation (MiFIR) as regards over-the-counter (OTC) derivatives identifying reference data to be used for the purposes of the transparency requirements laid down in Article 8a(2) and Articles 10 and 21. The main objective of the Delegated Regulation is to comply with the mandate given to the Commission in Article 27(5), first sub-paragraph, of MiFIR which is to specify the identifying reference data to be used with regard to OTC derivatives for the purposes of the transparency requirements laid down in Article 8a(2) and Articles 10 and 21 of MiFIR. The Delegated Regulation differentiates between interest rate and credit derivatives. As the issue of the daily expiry date has only arisen with the ISO 6166 (ISIN) for OTC interest rate swaps, the Delegated Regulation is mostly focused on this asset class (interest rates) and instrument type (swaps). Key provisions The key provisions of the Delegated Regulation are: Article 1 contains the operative rules on the identifying reference data to be used from 1 September 2026 for OTC interest rate and OTC credit default swaps for the purposes of the transparency requirements laid down in Article 8(a), and Articles 10 and 21 of MiFIR. Article 2 sets out the date of entry into force as well as the date of entry into application. The Delegated Regulation starts to apply from the date of its entry into force. The Annex includes a table listing identifying reference data for OTC interest rate swaps. The Annex also includes a table listing standard business terms for the reference rates referenced in OTC interest rate swaps subject to the transparency requirements laid down in Article 8a(2), and Articles 10 and 21 of MiFIR. Next steps The Delegated Regulation enters into force on the twentieth day following that of its publication in the Official Journal of the European Union.

On 24 January 2025, the European Securities and Markets Authority (ESMA) issued an opinion on the regulatory technical standards (RTS) specifying certain requirements in relation to conflicts of interest for crypto-asset service providers (CASPs) under the Markets in Crypto-Assets Regulation (MiCAR). On 31 May 2024, ESMA published its final report on the draft RTS to further specify the requirements for the policies and procedures to identify, prevent, manage, and disclose conflicts of interest, as well as the details and methodology for the content of the disclosure by CASPs of the general nature and sources of conflicts of interest and the steps taken to mitigate them (RTS on Cols). The draft RTS on CoIs were then submitted to the European Commission (Commission) for adoption. The Commission subsequently notified ESMA that it intended to adopt the draft RTS on CoIs with amendments. The Commission also referred to the possibility for ESMA to submit a new draft of the RTS on CoIs reflecting the proposed amendments. In the opinion, ESMA suggests a limited number of changes to the amendments proposed by the Commission. Among other things ESMA suggests keeping the provisions relating to personal transactions as a self-standing article (Article 6, Policies and procedures on conflict of interest in the context of personal Transactions) on the basis that personal transactions may be problematic not only because they may be conflicting with the interest of the CASP but also with the interests of one or more clients. Next steps ESMA has adopted the opinion, which is being communicated to the Commission, with copies to the European Parliament and the Council. The Commission may adopt the draft RTS on CoIs with the amendments it considers relevant or reject it. The European Parliament and the Council may object to an RTS adopted by the Commission within a period of three months.

On 23 January 2025, the Platform on Sustainable Finance issued a report, Building trust in transition: core elements for assessing corporate transition plans. The report provides initial analysis to support financial market participants’ assessment of the core elements of transition plans, aligning with the European Commission’s Recommendation on Transition Finance. It identifies core elements for evaluating these plans, offering recommendations to the Commission for enhancing the effectiveness of its policy framework and supporting the market to provide and access transition finance. The Platform on Sustainable Finance will present the report in a webinar on 27 January from 14:00 to 15:00 CET.

On 24 January 2025, the FCA published a Dear CEO letter setting out its new strategy for supervising wholesale brokers. The letter covers: Prudential risk management. Financial crime. Remuneration and broker misconduct. The FCA’s strategy for the next two years. In relation to the FCA’s strategy for the next two years, the regulator has identified four strategic areas which will be the focus of its programme of proactive work. The FCA will use a combination of regulatory reporting data analysis, proactive outreach, and incisive testing to assess and mitigate risks of harm. The four strategic areas are: Broker conduct. The FCA will be conducting targeted work to assess how firms manage their brokers. It expects firms to have suitable controls in place to detect misconduct and to take appropriate action against those found to be committing misconduct. If the FCA identifies material weaknesses in the frameworks governing broker conduct, it will take actions which may include restrictions placed on individual firms or enforcement action against firms or individuals. Culture. The FCA will be using the results of its 2024 non-financial misconduct (NFM) survey for further proactive engagement with the portfolio, with a strong focus on the ‘outlier’ firms from the survey data. In particular, with respect to those outlier firms, the FCA will scrutinise (i) policies and procedures in place for reporting NFM concerns, including evidence of firms encouraging a good ‘speak up’ culture and giving staff confidence that they will be treated appropriately if they raise concerns, (ii) management of NFM cases by firms once they are reported by staff and (iii) processes for ensuring that fair outcomes are reached. Business oversight. The FCA intends to test firms’ frameworks comprehensively through its proactive work on broker conduct. Apart from the usual detective and monitoring controls, it will be particularly interested in the firms’ use of remuneration tools such as deferrals, clawback, or malus in cases of proven misconduct. Financial resilience. The FCA will focus on ensuring that firms which were subject to its liquidity review have acted on the feedback and implemented good practices. More broadly, the regulator will test wholesale brokers’ contingency funding plans and frameworks to assess whether firms’ plans are adequate for potential liquidity challenges caused by stress events. Overall, the FCA expects firms to review their levels of liquidity continuously to ensure that they comply with the Investment Firm Prudential Regime at all times. Where the FCA identifies material weaknesses, it is likely to impose additional capital and liquidity requirements. CEOs of wholesale brokers are expected to discuss the contents of the letter with their Board, understand how the risks apply to their business and take action to manage those risks effectively. The FCA expects this to happen by March 2025.

In the December episode in our Split the Difference podcast series, which explores divergence in the regulatory regimes in the markets space, Mark Highman and Hannah McAslan-Schaaf consider the US and UK regimes for short selling. On the US side we focus in particular on the SEC’s short position and activity reporting requirements under SEC Rule 13f-2. The podcast can be found here.

On 23 January 2025, the Financial Stability Board (FSB) published its work programme for 2025. An annex to the work programme provides an indicative timeline of key FSB publications and external events planned for 2025-26. This includes: April 2025 – Final format for Incident Reporting Exchange. July 2025 – Final report on non-bank financial intermediation leverage policy recommendations. July 2025 – Climate roadmap progress report. October 2025 – Thematic peer review of crypto-assets recommendation implementation. October 2025 – Cross-border payments roadmap progress and KPI monitoring report.

On 23 January 2024, the Bank Recapitalisation Bill was voted through its second reading. As mentioned by City Minister Emma Reynolds MP in the debate: “The Bill does four main things. First, it expands the statutory functions of the Financial Services Compensation Scheme, giving the Bank of England the power to require the FSCS to provide it with funds to be used to support the resolution of a failing bank. Secondly, it allows the FSCS to recover the funds provided to the Bank [of England] by charging levies on the banking sector. This mirrors the arrangements for funding payouts to covered depositors in insolvency, with the exception of the treatment of credit unions, to which I will return. Thirdly, the Bill gives the Bank of England an express ability to require a bank in resolution to issue new shares, facilitating the use of industry funds to meet a failing bank’s recapitalisation costs. Finally, following constructive debate in the other place, the Bill sets out a number of accountability measures that apply when the Bank of England uses the recapitalisation mechanism.” During the debate it was noted that the Bill “retains surprisingly strong cross-party support” but there appears to be disagreement between the two main political parties regarding the scope of the Bill and the amendment that was introduced in the House of Lords which would mean that the industry-funded levy brought by the Bill could not be used for the largest banks that have built up a loss-absorbing debt. Emma Reynolds MP said: “There remains one area of the Bill that will require the attention of this House, namely the question of the scope of the mechanism—that is, which firms the Bank of England can use the mechanism on to support their failure. This was heavily debated in the other place, and reflects concerns about the risk of the mechanism being used on a wide range of firms, with the potential for large levies as a consequence. Those concerns led to an amendment to the Bill, intended to exclude from the scope of the mechanism those banks that already hold the full set of equity and debt resources—the so-called MREL, or minimum requirement for own funds and eligible liabilities—necessary to manage their own failure. The intent was to limit the scope to banks that are not required to hold additional capital resources, or banks that have not yet raised the full amount of additional resources to fully support their own failure. As I have alluded to, the Government note and appreciate the concerns being raised on this point, but as the Financial Secretary to the Treasury made clear during the Bill’s passage in the other place, the Government are clear that this Bill is primarily intended for smaller banks. My predecessor made a written statement to the House on 15 October to reiterate this policy position. However, after careful reflection, the Government continue to believe that some flexibility should remain in the legislation on this point, in order to avoid constraining the Bank of England’s ability to use the mechanism in a highly uncertain crisis scenario. Narrowing the scope would constrain the Bank of England’s optionality, particularly where it might be necessary to supplement the bail-in of a firm’s own resources with additional capital resources. I note that this is considered an unlikely outcome, rather than a central case. Nevertheless, the Government consider it important to avoid constraining that optionality, given that the alternative may be to use public funds. Ultimately, we want to protect the taxpayer. The Government will therefore table an amendment in Committee to remove the constraint on the scope of the application of the new mechanism. In the same debate shadow City Minister Mark Garnier MP stated: “The Opposition took reassurance from a policy statement that the mechanism would be used for the largest banks only in exceptional circumstances. However, this still left the key question as to why the legislation allowed large-scale banks to trigger the mechanism. In her opening speech, the Minister referred exactly to this. Baroness Vere’s amendment makes it clear that this mechanism cannot be used on the largest banks—those that have achieved end-state MREL. That amendment was opposed by the Government in the other place. I was hoping that the Minister would update the House today on the Government position and she has done that, but we may want to talk about this at greater length. Next steps The Bill is now committed to a Public Committee Proceedings in the Public Bill Committee shall (so far as not previously concluded) be brought to a conclusion on Thursday 13 February 2025.

On 23 January 2025, the Financial Conduct Authority (FCA) published the key findings from its multi-firm review on payment services and account providers’ use of the National Fraud Database (NFD) and money mule account detection tools to tackle risks associated with money muling activities. Background The FCA explains that money muling is a money laundering technique  where an individual – a ‘money mule’ – moves the proceeds of crime on behalf of criminals, allowing the criminal misuse of the financial system and facilitating fraud. It notes that using the NFD effectively, together with detection tools designed to trace the proceeds of fraud across payment networks, is critical in tackling mule activity. The review The FCA has reviewed how firms use these controls and is sharing its key findings, noting that they should be read in conjunction with its previously published findings in November 2023 (where it shared its expectation for firms to strengthen their controls during onboarding, improving transaction monitoring to detect suspicious activity involving money mules, and to robustly address the associated risks). The review findings include what the FCA found in its review of firms’ use of the NFD (both areas for improvement and key challenges) and what it found in its review of firms’ use of a money mule account detection tool, along with some additional findings. Next steps The FCA notes that it will continue to directly engage with the firms included in the review to ensure they consider these findings to enhance their overall systems and controls for fraud. It also expects all other payment services and account providers to consider their own systems and controls against the findings, ensuring they take a proactive approach to identifying and swiftly remedying any weaknesses in their response to tackling the risks posed by money muling. Finally, the FCA emphasises the need for firms to have strong and effective systems and controls to mitigate the risk of money mules, and to consistently keep under review their detection and monitoring methodologies, prioritising the identification of money mule activity, alongside educating consumers about the risks of money muling.

On 23 January 2025, the Financial Conduct Authority (FCA) and the Payment Systems Regulator (PSR) set out the next steps for open banking. The regulators note that there was significant progress in developing open banking in 2024 as a result of voluntary funding from 20 leading firms. Those developments included: Fraud analysis capabilities. Consumer protections. New open banking services such as variable recurring payments (VRPs), which aim to give consumers greater sight and control over their regular payments. Variable recurring payments The regulators note that, as a step towards using open banking payments for e-commerce, VRPs will help consumers to take greater control of their regular payments. It will do this by allowing customers to control how much can be paid at one time or over the course of a month, with the aim of reducing the risk of unexpected expenditure. For businesses, VRPs are intended to offer greater competition to current payment methods and to potentially help reduce processing fees. They might also increase the proportion of customers who complete a payment, through better user experiences. New independent operator for VRPs The FCA and PSR explain that, as part of the next steps to deliver VRPs, Open banking Limited will play an important role in establishing an independent central operator to coordinate how VRPs are made. The FCA and PSR (working with industry and trade associations) support it in doing so and note that they look forward to significant progress being made in 2025, which will see live services available for consumers to make VRPs to utility companies, government and financial services firms. The regulators also note that they are working with industry and trade associations to progress development of the commercial arrangements underpinning both VRPs and the use of open banking for e-commerce. Next steps The regulators confirm that they will continue to work closely together (overseen by a joint steering committee), and with industry, as they implement the next steps.

On 23 January 2025, the Financial Conduct Authority (FCA) published updated analysis on money laundering through the markets (MLTM) risk – i.e. the use of capital markets to move criminally generated cash, so it appears legitimately generated. The FCA focused on wholesale brokers in its review because of their important role in capital markets in facilitating deals, although it also engaged with other market participants to understand wider risks, issues and good practice. The report, which is intended to help firms better understand and mitigate the risk of MLTM, covers: Examples of good and poor practice on enhancing systems, controls and training. Practical case studies. Detailed areas of focus for firms. The FCA found that good progress had been made since the FCA’s Thematic Review in 2019, including with customer risk assessments, onboarding processes, governance and oversight, and collaboration between trade surveillance and transaction monitoring teams. It saw good practice and progress in several financial crime systems and controls across larger and smaller firms. However, it also identified areas where firms needed to improve to better protect against money laundering, including: An underestimation of the risks of money laundering firms are exposed to. Over-reliance on others in the transaction chain completing appropriate due diligence checks on customers. Limited information sharing between firms. Insufficient awareness of the MLTM suspicious activity reports glossary code. Next steps The FCA flags that: Firms must continue to review their systems, controls, MLTM awareness and training. Public bodies and firms need to work together to evolve and respond effectively to the threat of MLTM. Through its supervisory work, it will ensure that firms are considering MLTM risks and the points raised in the report to drive improvements and reduce risk across the markets. It will also encourage firms and third-party providers to innovate more, to tailor transaction monitoring systems and alerts to capital markets.