Regulatory Update: the focus areas for Q1 2023

Retrospective

What laws and regulations have recently come into effect?

• On December 31, 2023, the EBA guidelines on benchmarking of remuneration and gender pay differentials (IFR) came into force.
• On January 8, 2023, the ITS on pillar 3 disclosures for ESG risks came into force. Banks will have to publish the first set of mandatory disclosures with their financial statements of 2022. After that, the disclosures will take place semi-annually. The other mandatory disclosures are subject to a phase-in period.
• On January 16, 2023, the Regulation and Directive for Managing ICT Risk (DORA) came into force. Regulation 2022/2554 is applicable as of January 17, 2025. Member states must implement Directive 2022/2556 by January 17, 2025.

AP ruling on the use of Google Analytics

European privacy regulators (from Denmark, France, Italy and Austria) conducted an investigation into the use of Google Analytics by websites in several EU member states in 2022. They concluded that the application violates privacy regulations. As a result, Google Analytics may no longer be used in these countries.

The Dutch Data Protection Authority (AP) also conducted an investigation in 2022. After reporting their findings, the AP’s Enforcement Division still needs to complete a legal process. The AP expected to make a statement by the end of 2022, deciding whether the use of Google Analytics remains permitted or not. So far, the AP still has not issued a ruling.

Recent developments that may affect AP’s ruling: in October, President Biden signed an Executive Order to form the basis of a new privacy framework for data sharing between the EU and the US. Additionally, in December 2022, the Spanish regulator ruled that Google Analytics does comply with GDPR requirements.

A ruling by the AP is expected in early 2023.

Own Strategy Pension Fund Act

The private member’s own strategy pension fund bill amends the Pension Act and the Compulsory Professional Pension Schemes Act (Wvb). The proposal states that the accountability board (AB) or stakeholders board (SB) at pension funds:

• A right of approval on the exclusion policy of the pension fund; and
• An advisory right on the socially responsible investment policy.

If this proposal passes through the House, an AB or SB can, for example, ensure that a pension fund excludes tobacco companies from its investment portfolio, or that the pension fund board recommends a more sustainable investment policy. This will make the investment policy correspond better with the preferences of the participant.

The Council of State advised on April 5, 2022 to amend the bill. Although it understands the desire to involve members and pensioners more in the investment policy and in the way in which the environment, climate, human rights and social relations are taken into account, this does not fit in with the structure and functioning of the accountability body. Based on this advice, the law has been amended. Instead of a right of approval, the AB or SB will have an advisory right. In June 2022 some (minor) adjustments to the bill were proposed. In October 2022, this bill was discussed in the House of Representatives. The bill is on the agenda of the plenary debate of the House of Representatives.

The effective date is yet unknown, at least not before mid-2023.

Revision PRIIPs regulation

On July 27, 2021, European regulators (ESAs) received a request from the EC to advise on a revision of the PRIIPs Regulation (Regulation (EU) No. 1286/2014). This regulation applies to financial firms that design or distribute retail and insurance-based investment products. At the end of 2021, the ESAs held a Call for Evidence to support the preparation of the opinion to the EC.

In April 2022, the ESAs advised the EC to make significant changes to the PRIIPs Regulation. The ESAs’ advice includes:

• Consider a broad revision of the PRIIPs framework;
• Conduct appropriate consumer testing;
• Adapt the essential information document (EID) to the digital age, by making more user-friendly, and incorporate sustainable investment objectives;
• To ensure better digital disclosure capabilities by, for example, allowing information to be presented in a “layered” format;
• Not to extend the scope to additional financial products at this stage, but to specify the existing scope; and
• Making changes to the rules for multiple insurance products to better facilitate comparison between different investments.

Any amendment to the PRIIPs regulation is not expected to take effect before mid-2024.

EMIR revision (EMIR 3.0)

On December 7, 2022, the EC published a proposal to amend EMIR (Regulation (EU) No. 648/2012). This regulation applies to financial firms that trade in derivatives covered by EMIR. On the same date, the EC published a proposal that makes changes to CRD, IFD and UCITS V necessary to achieve the objectives of EMIR 3.0 and to ensure consistency.

The proposal includes changes regarding:

• Intra-group transactions
• Clearing obligation
• Active account
• Information on clearing services
• Transaction reporting
• Risk mitigation for non-cleared derivatives
• Concentration risk in strategies and processes (CRD/IFD)
• Elimination of counterparty risk limits (UCITS)

It is still unclear when the new regulations will take effect, but it is not expected to be before 2025.

Regulation digital euro as a single currency

A consultation was held by the EC from April 5 to June 14, 2022, for a regulation for the use of the digital euro as a single currency alongside euro banknotes and coins. The regulation is relevant to payment service providers, including credit institutions, payment institutions and e-money institutions.

The EC intended the consultation to gather information on:

• Users’ needs and expectations regarding a digital euro;
• The role of the digital euro for retail payments in the EU and the digital economy;
• Making the digital euro available for retail use while maintaining the legal tender status of cash;
• The impact of the digital euro on the financial sector and financial stability;
• Application of anti-money laundering and terrorist financing (AML/CFT) regulations;
• The privacy and data protection aspects; and
• International payments with the digital euro.

For now, no specific bill has been published. It is expected that a regulation (if any) will not come into force before 2026.

Outlook

What other upcoming laws and regulations should you be aware of?

In our next Regulatory Update article, we will explain in more detail the following developments:

• Corporate Social Responsibility Act (Wmvo)
• Regulation of lending by non-bank entities

Tailor-made Regulatory Update

We hope this article has given you an idea of the regulatory changes in Q4 2022. Do you want to make sure not to overlook any developments? Then you can request a tailor-made Regulatory Update (available in Dutch and English). Each quarter you will receive a comprehensive report with current developments, legislative changes, publications by regulators and consultations. This report will be fully tailored to your organisation and activities. This way, you will never be faced with unpleasant surprises.

Our specialists will discuss with you the possible impact on your organisation and think along about possible next steps and their practical implementation. They can also help you draw up an action plan for the adaptation of your policies and procedures, so that you remain in control at all times. For more information, please feel free to get in touch.