ESMA Guidelines on methodology, oversight function and record keeping under the Benchmarks Regulation

The Cyprus Securities and Exchange Commission (CySEC) has issued Circular C515 drawing the attention to Benchmark Administrators that the European Securities and Markets Authority (ESMA), has published the Guidelines on methodology, oversight function and record keeping under the Benchmarks Regulation.

The Guidelines are designed to establish consistent, efficient and effective supervisory practices within the European System of Financial Supervision (ESFS) and to ensure the common, uniform and consistent application of the requirements related to material changes to the methodology, the use of an alternative methodology in exceptional circumstances and the oversight function.

The purpose of these guidelines is to amend the existing guidelines on non- significant benchmarks, in line with the new guidelines introduced for administrators of critical and significant benchmarks, with regard to the oversight function and the use of an alternative methodology in exceptional circumstances. The guidelines apply from 31 May 2022.

CySEC has adopted these Guidelines by incorporating them into its supervisory practices and regulatory approach.

Contact us now for any questions you may have!

Prudential requirements for CIFs – when shall CySEC be notified?

The Cyprus Securities and Exchange Commission (CySEC) has issued Circular C513 informing the Cyprus Investment Firms (CIFs) of their obligation to on-going monitor their prudential requirements. The CySEC reminded all CIFs, about the necessary steps that they must take when they no longer meet their own funds requirements and/or concentration limits. The following steps should be taken:

  1. Class 2 and class 3 CIFs should notify CySEC as soon as they become aware that their own funds fall below their own funds requirement.
  2. Class 2 CIFs should notify CySEC without delay when they exceed the concentration limits.
  3. All CIFs should have sound administrative and accounting procedures to enable them to monitor their own funds, own funds requirements, concentration risk and all other obligations from IFR
  4. Establish an effective internal control framework as per Final Report on Guidelines on Internal

Governance under Directive (EU) 2019/2034 and CySEC Circular C508.

  1. CIFs which are notifying CySEC, that they have not met their relevant prudential requirements, through their normal submission of the Prudential Forms 165-01 or 165-02 is not sufficient as CIFs in this case either do not monitor their prudential requirements on an on-going basis or willingly fail to inform CySEC.

Therefore, CySEC expects from all CIFs to:

  1. Implement sound administration and accounting procedures and adequate internal control mechanisms, appropriate and proportionate to the nature, scale and complexity of the risks inherent in the business model and the activities of the CIF, which will enable them to monitor on an on-going basis all their prudential requirements accordingly.
  2. Be notified without undue delay and in any case prior to the normal submission of the Prudential Forms 165-01/165-02, when any of the following cases occur, on a solo and/or consolidated basis, for the date of the occurrence:
    1. the own funds of the CIF have decreased below its own funds requirement, calculated in accordance with Article 11 of IFR, which amounts to at least D, where D is defined as the highest of the following:
      • The CIF’s fixed overheads requirement calculated in accordance with Article 13 of IFR;
      • The CIF’s permanent minimum capital requirement in accordance with Article 14 of IFR;
      • The CIF’s K‐factor requirement calculated in accordance with Article 15 of IFR
    2. The composition of own funds has been decreased below the minimum requirement, as calculated in accordance with Article 9 of IFR.
    3. The CIF’s liquid assets are below its liquidity requirement, calculated in accordance with Article 43 of IFR, ie. less than the one third of the fixed overhead requirement calculated in accordance with Article 13(1) of IFR.
    4. The CIF has exceeded the concentration risk limits, as defined in Articles 37(1) and 37(3) of IFR.
  3. Verify that their internal control framework (i.e., compliance, risk management and internal audit functions, where established) ensures compliance with laws, regulations and supervisory requirements at all times.

Our dedicated team at FiveComply remains always at your disposal for any assistance you may need. Contact us now for any questions you may have!

CySEC launches “CyTBOR” platform

The Cyprus Securities and Exchange Commission (CySEC) has issued a Press Release informing the public that the online platform for the Cyprus Beneficial Ownership Register of Express Trusts and Similar Legal Arrangements (CyTBOR), will be accessible to trustees as of 17/05/2022 and all involved parties as of 17/06/2022.

According to CySEC, the necessity for the creation of the CyTBOR derives from the Prevention and Suppression of Money Laundering and Terrorist Financing Law of 2007 (AML/CFT Law), in full accordance with the 4th and 5th European Directives or the Prevention and Suppression of Money Laundering and Terrorist Financing.

CyTBOR facilitates easy and immediate searches for up-to-date information and data about the beneficial owners of Express Trusts and Similar Legal Arrangements. For this reason, it is now possible to directly search and identify the settlors, trustees, protectors (if any), beneficiaries, and any other natural person exercising final control over the trust through direct or indirect ownership, or by other means

In addition to CySEC, all supervisory authorities, such as the Customs Department, the Taxation Department, MOKAS and the Police, will have unhindered access to the Register within the framework of their responsibilities.

Furthermore, according to CySEC’s announcement, it is possible to provide timely information on the beneficial owners of express trusts and similar legal arrangements to the respective competent authorities of the other Member States of the European Union, while all liable entities will also have access to the Register, as part of due diligence and identification measures of their clients.

CySEC Circular C504 – ESMA Guidelines on certain aspects of the MiFID II appropriateness and execution-only requirements (ESMA35-43-3006)

The Cyprus Securities and Exchange Commission (CySEC) has issued Circular C504 informing Regulated Entities (i.e., CIFs and AIFMs) on the publication of Guidelines on certain aspect of the MiFID II appropriateness and execution-only requirements that were issued by European Securities and Markets Authority (ESMA) on April 14, 2022.

Guideline no. Important requirement Legal Framework
INFORMATION TO CLIENTS ABOUT THE PURPOSE OF THE APPROPRIATENESS ASSESSMENT AND ABOUT EXECUTION-ONLY
Guideline 1 Firms should, in good time before the provision of non-advised services, inform their clients, by using clear and simple language, about the appropriateness assessment and its purpose which is to enable the firm to act in the client’s best interest. (Article 24(1), 24(4), 24(5), 25(3) and 25(4) of MiFID II)
KNOW YOUR CLIENT AND KNOW YOUR PRODUCT
Guideline 2 – Arrangements necessary to understand clients Firms’ policies and procedures should aim to enable firms to collect all information necessary to conduct the appropriateness assessment in relation to the specific product types offered or demanded (Articles 16(2) and 25(3) of MiFID II and Article 55 of the Delegated Regulation)
Guideline 3 – Extent of information to be collected from clients (proportionality) In determining the extent of the information to be asked about the client’s or potential client’s knowledge and experience, firms should take into account the type and characteristics of the investment products or services to be considered (i.e., the level of complexity and risk of the investment products or services) and the nature of the client (Article 25(3) of MiFID II and Article 55 of the Delegated Regulation)
Guideline 4 – Reliability of client information Firms should take reasonable steps and have appropriate tools to ensure that the information provided by their clients is reliable and consistent, without unduly relying on clients’ self-assessment (Article 25(3) of MiFID II and Article 55(3) of the Delegated Regulation)
Guideline 5 – Relying on up-to-date client information When firms rely on previously collected information on clients’ knowledge and experience, firms should establish procedures defining the frequency of updating such information in order to ensure that the information remains up to date and is accurate and complete for the purpose of the appropriateness assessment (Articles 16(2) and 25(3) of MiFID II and Article 55(3) of the MiFID II Delegated Regulation)
Guideline 6 – Client information for legal entities or groups Firms should have a policy defining on an ex-ante basis how to conduct the appropriateness assessment in situations where a client is a legal person or a group of two or more natural persons or where one or more natural persons are represented by another natural person. Such a policy should be drafted in accordance with the general guideline 6 and supporting guidelines enshrined in ESMA Guidelines on certain aspects of the MiFID II suitability requirements (Articles 16(2) and 25(3) of MiFID II)
Guideline 7 – Arrangements necessary to understand investment products Firms should ensure that policies and procedures are implemented to understand the characteristics, nature, and features of investment products in order to allow them to assess if such products are appropriate to their clients (Articles 16(2) and 25(3) of MiFID II)
MATCHING CLIENTS WITH APPROPRIATE PRODUCTS
Guideline 8 – Arrangements necessary to ensure a consistent appropriateness assessment In order to assess whether an investment service or product envisaged is appropriate for the client, firms should establish policies and procedures to ensure that they consistently take into account:

·         all information obtained about the client’s knowledge and experience necessary to assess whether an investment product is appropriate;

·         all relevant characteristics and risks of the investment products considered in the appropriateness assessment.

Firms should establish policies and procedures enabling them to issue a clear and not misleading warning in case they consider that the investment service or product is not appropriate for the client or potential client

(Articles 16(2) and 25(3) of MiFID II and Articles 21 and 56(1) of the Delegated Regulation)
Guideline 9 – Effectiveness of warnings To ensure its effectiveness, the warning issued by firms in case no or insufficient information is provided by the client on his/her knowledge or experience, or in case the assessment of such information shows that the investment service or product offered or demanded is not appropriate for the client, must be prominent, clear, and not misleading (Article 25(3) of MiFID II and Article 56(2) of the Delegated Regulation)
OTHER RELATED REQUIREMENTS
Guideline 10 – Qualifications of firm staff Staff involved in the appropriateness assessment should understand the role they play in this assessment and have an adequate level of skills, knowledge, and expertise, including sufficient knowledge of the relevant regulatory requirements and procedures in order to discharge their responsibilities. To that end, firms should regularly train their staff (Articles 16(2) and 25(3) of MiFID II and Article 21(1)(d) of the Delegated Regulation)
Guideline 11 – Record-keeping As part of their obligation to maintain records of the appropriateness assessment referred to in Article 56(2) of the MiFID II Delegated Regulation, firms should at least:

·         maintain adequate recording and retention arrangements to ensure orderly and transparent record-keeping regarding the appropriateness assessment, including the collection of information from the client and the non-advised service provided;

·         ensure that record-keeping arrangements are designed to enable the detection of failures regarding the appropriateness assessment;

·         ensure that records kept are accessible for the relevant persons in the firm and for competent authorities;

·         have adequate processes to mitigate any shortcomings or limitations of the record-keeping arrangements.

(Articles 16(6), 16(7), 25(5) and 25(6) of MiFID II and Articles 56(2) and 72 and 76 of the Delegated Regulation)
Guideline 12 – Determining situations where the appropriateness assessment is required Firms should adopt appropriate arrangements to ensure that they are able to determine situations where an appropriateness assessment needs to be performed and avoid performing one in situations where a suitability assessment needs to be performed (Articles 16(2), 25(3) and 25(4) of MiFID II and Article 57 of the Delegated Regulation)
Guideline 13 – Controls Firms should have appropriate monitoring arrangements and controls in place to ensure compliance with the appropriateness requirements (Articles 16(2), the second subparagraph of 16(5) and 25(3) of MiFID II and 76 of the Delegated Regulation)

 

Our dedicated team at FiveComply can assist you in achieving compliance with any CySEC regulatory obligation.

New Commission Delegated Regulation on the EU list of high-risk third countries under MLD4

On 21st of February 2022,  the European Commission has published in its official journal (‘OJ’) the revised list of High-Risk Third Countries. The Commission Delegated Regulation (EU) 2022/229 (‘the Delegated Regulation’), amends Delegated Regulation (EU) 2016/1675 on the list of high-risk third countries with strategic anti-money laundering (AML) and counter-terrorist financing (CTF) deficiencies under the Fourth Money Laundering Directive ((EU) 2015/849) (MLD4).

The Delegated Regulation makes the following changes to Delegated Regulation (EU) 2016/1675:

  • Burkina Faso, Cayman Islands, Morocco, Senegal, Haiti, the Philippines, South Sudan, Jordan and Mali are added to the list of third countries that are identified as having strategic AML and CTF deficiencies.
  • Ghana, Botswana, Mauritius, the Bahamas and Iraq are removed from the list of countries identified as not having strategic AML and CTF deficiencies. The Bahamas, Botswana, Ghana, Iraq and Mauritius have strengthened the effectiveness of their AML/CFT regime.

Therefore, in the Annex to Delegated Regulation (EU) 2016/1675, the table under point ‘I. High-risk third countries which have provided a written high-level political commitment to address the identified deficiencies and have developed an action plan with FATF’ is replaced by the following:

No. High-risk third country
1. Afghanistan
2. Barbados
3. Burkina Faso
4. Cambodia
5. Cayman Islands
6. Haiti
7. Jamaica
8. Jordan
9. Mali
10. Morocco
11. Myanmar
12. Nicaragua
13. Pakistan
14. Panama
15. the Philippines
16. Senegal
17. South Sudan
18. Syria
19. Trinidad and Tobago
20. Uganda
21. Vanuatu
22. Yemen
23. Zimbabwe

The Delegated Regulation enters into force twenty (20) days following its publication in the OJ (i.e., 13 March 2022).

You can contact our firm for more information and guidance.

Redefining threshold criteria of a ‘significant CIF’

The Cyprus Securities and Exchange Commission (CySEC) has issued Circular C487 (‘the Circular’) informing Cyprus Investment Firms (‘CIFs’) on the revised threshold criteria that determine a ‘significant CIF’ for the purposes of the Investment Services and Activities and Regulated Markets Law of 2017, as amended, (‘the Investment Services Law’) in light of a new prudential framework for investment firms (IFR/IFD). It should be noted that, Circular C487 updates and replaces Circular C228 that was issued on 26 July 2017, in relation to the matter.

According to the Circular, a CIF should be considered a ‘significant CIF’ where its on and off-balance sheet assets are on average, greater than EUR 100 million over the four‐year period immediately preceding the given financial year (‘the threshold’).

CIFs should assess/decide within four months from the end of each of their financial year, whether they meet the threshold to become a ‘significant CIF’ for the purposes of the Investment Services Law and for the purposes of sections 22(4) and 27 of the Prudential Law. This assessment is considered as valid, until the next assessment is made for the following year. Where a CIF has been in business for less than four years, for the purposes of the above assessment it shall use its on and off-balance sheet assets for the periods available.

CIFs that after the abovementioned assessment are qualified as ‘significant CIFs’ must make arrangements to establish and have in place sound, effective and comprehensive strategies, processes and systems to achieve compliance with the following requirements:

 

Requirement Reference
Limitations on Directorships Section 9(4) of the Investment Services Law
Establishment of Nomination Committee Section 10(2)(a) of the Investment Services Law
Establishment of Risk Committee Section 22(4) of the Prudential Law
Establishment of Remuneration Committee Section 27 of the Prudential Law

 

You can contact our firm for more information and guidance.

The Financial Intelligence Unit (FIU) issues Guidelines for Suspicious Transaction Reporting

The Financial Intelligence Unit (FIU) of Seychelles has issued Guidelines for Suspicious Transaction Reporting (STR) in an effort to provide practical assistance and comprehensive approach to reporting entities by enabling them to recognise suspicious transactions and meet their reporting obligation under Section 48 of the AML/CFT Act 2020 to the FIU.

More specifically, the issued Guidelines, explain reporting timelines, the information that must be included in the Suspicious Transaction Report (STR) and the procedure for submitting reports electronically to the FIU.

It is also important for reporting entities, to differentiate their STR reporting obligations from the currency transaction threshold reporting obligations (i.e., the Cash Transaction Threshold Report (CTTR) and Wire Transfer Threshold Report (WTTR). The difference is that, CTTR and WTTR are merely threshold reports and such transaction(s) shall not necessarily involve criminal behaviour.

The FIU emphasises that, any reporting entity that suspects that any service or transaction may be related to criminal conduct, including an offence of money laundering or terrorist financing activities, it shall submit an STR to the FIU, in line with the requirements under section 48 of the AML/ CFT Act and related Regulations.

Our specialised team can assist you to be compliant; contact us now for any information you need.  

 

EU Proposed Regulation on Markets in Crypto Assets

On 24 September 2020, the European Commission published its proposal on the Regulation on Markets in Crypto Assets (‘MiCA Regulation’), which shall form part of a wider set of publications on Europe’s Digital Finance Strategy. On 24 November 2021, the European Council published a significantly expanded proposed MiCA Regulation (available here).

The objectives of MiCA Regulation are the following: 

  • To provide legal certainty for crypto-assets not covered by existing EU financial services legislation;
  • To establish uniform rules for crypto-asset service providers and issuers at an EU level; and
  • To establish specific rules for the so-called ‘stablecoins’, including when these are e-money.

The proposed MiCA Regulation aims to enhance consumer protection, transparency and governance standards, given the fact that, the AML risks related to cryptos were addressed with the introduction of the 5th EU Anti-Money Laundering Directive.

It is expected that, the MiCA Regulation will be formalised within 2022 and EU competent authorities shall need to comply with the provisions of the Regulation which shall be directly applicable in all EU Member States.

Our FiveComply team is always vigilant to provide you with the latest updates on the matter.

FiveComply attends CySEC Digital Event

FiveComply has attended today CySEC’s digital event “CySEC 25 Years: The Past, Present and Future of Financial Development and Innovation” which discussed various interesting topics relating to the growth and expansion of CySEC and the evolvement of the financial industry in Cyprus throughout the years.

One of the most important remarks of today’s event, was the Chairwoman’s, Ms. Demetra’s Kalogerou statement relating to crypto asset service providers and the fact that, CySEC will prepare the relevant applications for registration by September 2021.

As always, our team will keep you updated!

Extension of CySEC Deadlines

The Cyprus Securities and Exchange Commission (‘CySEC’) has issued Circular C445 to inform CIFs that, due to the COVID-19 situation, the deadlines for submission of the following to CYSEC are extended:

Reporting Obligations Previous deadline New deadline
1.      Annual Compliance Function Report for the year 2020 30 April 2021 30 June 2021
2.      Annual Risk Management Report for the year 2020 30 April 2021 30 June 2021
3.      Annual Internal Audit Report for the year 2020 30 April 2021 30 June 2021
4.      Annual Audited Financial Statements for the year 2020 30 April 2021 30 June 2021
5.      Annual Auditors’ Suitability Report for the year 2020 30 April 2021 30 June 2021
6.      Pillar III Disclosures for the year ending 31 December 2020  30 April 2021 30 June 2021
7.      COREP forms based on the audited financial statements of 2020 31 May 2021 30 June 2021
8.      External Auditors’ verification report on Pillar III Disclosures 31 May 2021 1 June 2021 – 31 August 2021
9.      Disclosures made in Form 144-14-11 (Prudential Supervision Information) 30 June 2021 31 July 2021

In regards to Pillar III Disclosures, CySEC stated that, in case their publication is delayed, the CIF needs to inform the market participants for that delay, the reasons of delay and, to the extent possible, their estimated publication date.

Our Team remains at your disposal for any assistance you may require in regards to the above.