The Cyprus Securities and Exchange Commission (CySEC) introduced Circular C601 on October 12, 2023, marking a significant shift in client onboarding practices for various financial entities. Applicable to Cyprus Investment Firms (CIFs), Administrative Service Providers (ASPs), UCITS Management Companies, Alternative Investment Fund Managers, Crypto Asset Service Providers, and others, this Circular implements the European Banking Authority’s (EBA) Guidelines on Remote Customer Onboarding Solutions under Article 13(1) of Directive (EU) 2015/849. This article explores the key aspects of this Circular, shedding light on its practical implications for the financial industry.

1. Development of Policies and Procedures:

• Obligations: Institutions must establish and maintain risk-sensitive policies and procedures in line with Article 13(1) (a) and (c) of the AMLD, ensuring compliance with remote customer onboarding obligations.
• Pre-Implementation Assessment: Prior to adopting any new remote onboarding solution, institutions are mandated to conduct a pre-implementation assessment. This assessment guarantees the solution’s adequacy and adherence to regulatory standards, mitigating potential risks from the outset.

2. Identity Verification:

• Reliable Verification Methods: The guidelines underscore the importance of real-time identity verification methods, including one-time passwords, biometric data collection, and direct phone interactions with customers. These methods ensure the authenticity of the customer’s identity, fortifying the onboarding process.

3. Quality Assurance Testing:

• Critical Testing: Rigorous quality assurance testing is imperative to maintain the integrity of remote onboarding solutions.
• Testing Methods: Institutions should employ methods such as regular automated quality reports, sample testing, and manual reviews. These methods uphold the reliability and accuracy of the onboarding process.

4. Outsourcing and Third-Party Providers:

• Due Diligence: Institutions must integrate the guidelines into vendor due diligence exercises when outsourcing onboarding solutions.
• Third-Party Compliance: Institutions are responsible for ensuring that third-party solutions meticulously adhere to prescribed regulations. This vigilance is paramount to maintain compliance and security.

5. Document Review Using Technology:

• Algorithms and OCR: The guidelines provide explicit instructions on employing algorithms and Optical Character Recognition (OCR) methods for accurate and consistent review of Customer Due Diligence (CDD) documents.
• Accuracy Measures: Institutions must ensure these tools accurately and consistently capture information to maintain the integrity of the customer onboarding process.

6. Monitoring and Reporting:

• Regular Monitoring: Institutions must routinely monitor remote onboarding solutions to ensure alignment with regulatory expectations.
• Ad Hoc Reviews: Ad hoc reviews are necessary in response to changes in risks, detected deficiencies, increased fraud attempts, or alterations in the legal or regulatory framework.

7. Remedial Measures and Compliance:

• Prompt Actions: Institutions must establish procedures to promptly address risks and errors, including additional due diligence, transaction limits, relationship termination, reporting to FIU, etc.
• Demonstrating Compliance: Clear records of assessments and actions taken are indispensable for regulatory compliance and demonstrating adherence to guidelines.

8. Security and Compliance with ICT Standards:

• Secure Communication: Institutions should utilize secure communication channels, secure protocols, and cryptographic algorithms to safeguard the confidentiality, authenticity, and integrity of exchanged data.
• Secure Access Points: A secure access point must be provided for initiating the remote customer onboarding process based on qualified certificates for electronic seals or website authentication.

9. Use of Trust Services and National Identification Processes:

• Compliance with Solutions: Credit and financial institutions may leverage relevant trust services and electronic identification processes regulated, recognized, approved, or accepted by national authorities to comply with the guidelines. Mitigation measures are necessary to address authentication risks and potential identity frauds.

10. Storage of Customer Data:

• Data Storage Measures: Institutions must ensure that only necessary customer data is collected and stored within clearly defined retention periods.
• Data Access and Security: Access to stored data must be limited and registered, and appropriate security measures should be implemented to protect the stored data.

CySEC’s Circular C601 signifies a transformative phase where client onboarding evolves into a seamless, secure, and efficient process. By adhering meticulously to these guidelines, financial institutions not only fulfil regulatory mandates but also invest in a future defined by integrity and compliance. Embracing these changes, the industry establishes a new standard of excellence, ensuring a financial landscape built on trust and efficiency.

In light of Circular No: C602 recently issued by the Cyprus Securities and Exchange Commission (CySEC) concerning the Spanish National Securities Market Commission’s (CNMV) Resolution of 11 July 2023 on product intervention measures relating to Contracts for Differences (CFDs) and other leveraged products, it is imperative for both investors and financial service providers to grasp the newly introduced guidelines. This article aims to offer a comprehensive insight into the key aspects and implications of the CNMV’s resolution.

The CNMV’s Resolution of 11 July 2023 builds upon previous measures enacted in 2019 and focusing on concerns related to the marketing, distribution, and sale of CFDs and other leveraged products to retail investors in Spain. Despite earlier interventions, persistent aggressive marketing practices and high-risk investments have necessitated the implementation of additional protective measures.

The resolution is scheduled to become effective twenty days after its publication in the Spanish Official State Gazette. Current sponsorship or brand advertising agreements are permitted to continue until their initial expiration, within a maximum period of 12 months from the publication date.

Key Measures for CFDs:

The CNMV’s resolution introduces vital measures to ensure the safety and security of retail investors. These measures include:

1. Leverage Limitation: The CNMV has set limits on leverage ratios for different asset classes, such as 1/30 for relevant currencies, 1/20 for other currencies, gold, and relevant equity indices, and 1/2 for crypto assets, among others; thereby mitigating potential losses.
2. Close Position Protection: Implementation of close position protection to safeguard retail customers from significant losses.
3. Protection Against Negative Balances: Adequate protection to prevent retail investors from incurring losses exceeding their initial investment.
4. Prohibition of Certain Practices: Stricter regulations prohibiting the offering of excluded payments and non-monetary benefits concerning CFDs.
5. Mandatory Risk Warning: Inclusion of clear and comprehensive risk warnings in all marketing materials to highlight the high-risk nature of CFD investments.

Additional Measures for CFDs:

In addition to the key measures, the CNMV’s resolution includes further restrictions to ensure investor protection:

1. Prohibition of Certain Marketing Practices for CFDs:

• Rewards and Remuneration Prohibition: Providers are prohibited from offering rewards or remuneration to customers, marketing networks, or third parties based on the number of clients acquired, cash deposits, or losses by clients.
• Use of Call Centres: Providers are not allowed to use call centres to contact clients or potential clients to promote CFDs.
• Software Restrictions: The use of software where providers’ remuneration is determined based on client deposits or losses is prohibited.
• Credit Card Deposits: Acceptance of cash deposits using credit cards is prohibited.
• Prohibition of Advertising Communications: The marketing, distribution, and sale of subject instruments and services by means of advertising communications aimed at retail investors in Spain, including potential clients, shall be prohibited.

Please note that marketing communications prohibited will be considered to include those:

• Redirecting to a website that offers instruments or subject services;
• Sending to a contact form, an application download, or any other kind of tool intending to put the client in touch with investment service providers that offer said type of instruments or services;
• Offering training, technical seminars, courses, or sessions to the general public whenever such offers are related to the subject services or instruments, as well as similar training demo accounts or tools for retail investors or the general public that encourage investing in these, whether promoted or held by the regulated entities or by related or affiliated parties, regardless of whether they are free or have a token charge.

2. Scope of Application for Leveraged Instruments:

• The guidelines are applicable to entities authorized to provide investment services in Spain, irrespective of their origin, regarding the marketing, distribution, and sale of CFDs and other leveraged products to retail investors in Spain. It also extends to activities by Spanish firms in other Member States, especially in the case of CFDs with crypto-assets as underlying assets.

3. Specific Measures for Other Leveraged Instruments:

• For instruments beyond CFDs, such as futures and options, there are limitations on leverage and mandatory close position protection measures. These measures are designed to protect retail customers from excessive losses.

4. Periodic Review and Revocation of Measures:

• The measures adopted in this resolution may be reviewed annually and revoked as per the provisions of Article 42.6 of Regulation (EU) No 600/2014 of the European Parliament and of the Council, of 15 May 2014, on markets in financial instruments.

The measures outlined in the CNMV’s resolution, effective from 3 August 2023, apply universally to all entities authorized to provide investment services in Spain. These regulations pertain to any marketing, distribution, and sale of the specified instruments and services to retail investors in Spain. It is important to note that these guidelines are applicable irrespective of the origin of the investment firm marketing and distributing such products. This includes entities operating under the freedom to provide services without a physical establishment in Spain. The CNMV’s reach encompasses both local and international entities, emphasizing a comprehensive approach to investor protection within Spain’s financial markets.

CySEC emphasizes the importance for all CIFs engaged in marketing, distributing, and selling CFDs and similar leveraged products to retail investors in Spain to promptly adopt necessary actions and strategies to comply with the CNMV’s Resolution.

The CNMV’s latest resolution marks a significant leap in ensuring investor protection within Spain’s financial markets. Through rigorous regulations on CFDs and leveraged products, the CNMV aims to minimize risks for retail investors and eliminate aggressive marketing practices.

On 28th September 2023, the European Union underscored its commitment to global financial stability by strengthening its measures against money laundering, terrorist financing, and proliferation financing. This significant step forward was achieved through the amendment of Commission Delegated Regulation (EU) 2016/1675 via Commission Delegated Regulation (EU) 2023/2070, dated 18th August 2023. This amendment, slated to be effective on the 20th day following its publication in the Official Journal of the European Union, addresses evolving challenges in the financial landscape.

A comprehensive assessment conducted by the European Commission identified Cameroon and Vietnam as third country jurisdictions with strategic deficiencies in their Anti-Money Laundering (AML) and Countering the Financing of Terrorism (CFT) regimes. These deficiencies were recognized as significant threats to the Union’s financial system. Consequently, Cameroon and Vietnam are scheduled to be added to the table in Point I of the Annex to the Delegated Regulation (EU) 2016/1675.

The addition of Cameroon and Vietnam reaffirms the EU’s dedication to safeguarding the integrity of its financial institutions. By fortifying its anti-money laundering, terrorist financing, and proliferation financing measures, the EU aims to create a secure financial environment, both internally and globally. This development signifies the EU’s proactive approach in adapting to emerging challenges and its commitment to international collaboration in combating financial crimes.

The amendment, executed with precision and in accordance with regulatory protocols, sets a standard for regulatory bodies worldwide. It emphasizes the importance of stringent AML/CFT regimes in ensuring a stable and secure global financial ecosystem. The EU’s decision to include Cameroon and Vietnam in its regulatory framework exemplifies the Union’s commitment to fostering financial security and integrity, thereby reinforcing confidence in the international financial markets.

On behalf of our client, we are recruiting a full-time #ComplianceOfficer to join a growing Investment Dealer based in Mauritius.

Main duties:

• Ensuring continued compliance with the obligations under the FIAMLA and FIAML Regulations 2018 subject to the ongoing oversight of the Board of the Company
• Contributing to creating, implementing, and maintaining the Company’s compliance manual, policies and procedures, and system for combating Money Laundering and FT
• Undertaking day-to-day supervision of the AML Program and compliance monitoring activities
• Carrying out risk assessments
• Maintain compliance registers (including PEP, Incidents and Errors, Breaches, Conflicts of Interest, etc)
• Regular reporting, including reporting of non-compliance to the Board of the Company
• Undertaking a review of all internal disclosures on relevant information and determining whether or not such internal disclosures have substance and require filing/reporting to be made to the FIU
• Maintaining relevant records
• Provide guidance to the Board and develop ongoing training programs to the staff
• Any other related duties that may be required from time to time
• Reviewing and evaluating suspicious activity reports and being the first contact person in regard to FIU and other regulatory reporting matters
• Profound knowledge and experience in AML/FCC and Sanctions domain

Qualifications and experience:

• Degree in law, finance, Accounting, or any other relevant qualification. Certification from CAMS/ACAMS will be a plus
• 5 years of relevant experience in the Global Business Sector
• Approved Compliance Officer, appointments as MLRO/DMLRO will be a plus
• Extensive knowledge of regulatory and legal frameworks relating to the business

Company summary/profile:

The Company is a leading award-winning financial services company with a global presence for over a decade. As a trusted and regulated Forex broker, the Company holds licenses from multiple jurisdictions, including a license from the Mauritius Financial Services Commission. 

The Company’s commitment to excellence, compliance, and customer satisfaction has earned them numerous awards for their exceptional customer experience and innovative trading platforms.

As a progressive financial services company, the Company fosters a supportive work environment that values work-life balance and offers abundant growth opportunities.

The Company’s team of experienced professionals is committed to providing expert guidance, empowering its clients to make informed trading decisions.

**

Kindly be advised that the designated deadline for submission of applications for the aforementioned position is the 9^th of August, 2023.

The European Securities and Markets Authority (ESMA) has released a follow-up report on the compliance function under MiFID I, assessing the progress made by National Competent Authorities (NCAs) since the previous peer review in 2017.

The follow-up report focuses on the efforts of several NCAs, namely CySEC (CY), HCMC (EL), CBI (IS), AFM (NL), and ATVP (SI). These authorities have displayed commendable progress through the implementation of stronger supervisory frameworks, conducting investigations and thematic reviews, and utilizing enforcement tools to discourage misconduct within firms.

The report acknowledges the strides made by CySEC and CBI while offering guidance on further enhancements:

CySEC: The authority is encouraged to consolidate its supervisory approach to maintain an ongoing focus on firms’ compliance functions. This consolidation will ensure continuous monitoring and evaluation of compliance activities.

CBI: In order to bolster its supervisory approach, CBI is advised to integrate all aspects of the ESMA Guidelines on the compliance function under MiFID into its framework. Additionally, increasing controls on the compliance function of non-banking investment firms is recommended.

For more information on the follow-up report and its recommendations please visit the following link provided by ESMA – https://lnkd.in/ddTPDXW4

The Financial Services Authority (FSA) of Seychelles via Circular No. 5 of 2023 has informed financial services providers that, given that the guidelines regarding consumer protection have not yet been finalised from the FSA, shall be exempting all financial services providers from the obligation to submit a report due on the 15th of July 2023.

Therefore, any financial service providers who fail to submit their reports by the 15th of July 2023, will NOT incur the penalty provided under the FCPA.

However, financial service providers who have prepared their reports and wish to submit them, may do so, by the July 15th of 2023.

It should be noted, however, that all financial service providers will be required to submit the report for the reporting period of July to December 2023, by the 15th of January 2024.

In line with the MiCA roadmap announced last month, ESMA published yesterday its first consultation package related to the authorisation, identification and management of conflicts of interests of crypto-asset service providers (CASPs) and also how CASPs should address complaints.

ESMA invites comments from stakeholders by 20 September 2023, expecting insights with regards to stakeholders current and planned activities.

ESMA expects to publish a final report and submit the draft technical standards to the European Commission for endorsement by 30 June 2024 at the latest.

In the meantime, as per the MiCA roadmap the second consultation package is expected to be published in October 2023.

On 23rd of June 2023, the Global anti-money laundering watchdog FATF added Cameroon, Croatia and Vietnam to its “grey list” of countries for failing to combat money laundering and terrorism financing. Although no countries have been removed from the grey list, the plenary has approved onsite visits to Albania, the Cayman Islands, Jordan, and Panama, who have concluded their respective action plans.

Additionally, the link below provides the full details regarding the Jurisdictions under Increased Monitoring as of 23 June 2023.
https://lnkd.in/esug5Ak8

Following the publication of the EU MiCA Regulation in the Official Journal of the European Union (OJEU) on Friday 9th of June, we now have a clear roadmap about the developments of the crypto asset market and its service providers in the EU.

MiCA will enter into force on 29 June 2023. However, its provisions will become applicable on June 30th 2024 and on December 30th 2024.

In the meantime, ESMA will publish three consultation packages (the first one to cover the Level 2 and 3 measures with authorisation, governance, conflicts of interest, and complaint handling procedures).

Please see below the main timelines about the MiCA Regulation.
·        MiCA Publication in the Official Journal – June 9th, 2023
·        MiCA Enter into force – June 29th, 2023
·        first consultation package – July 2023
·        second consultation package – October 2023
·        third (and final) consultation package, including the MiCA mandates – Q1/2024
·        rules on E-Money tokens and Asset-Referenced tokens become applicable – June 30th, 2024
·        rules on remaining provisions of MiCA – December 30th, 2024

FiveComply team will provide more details about the development of the EU Crypto Asset Market very soon. Stay tuned!