The Central Bank of Ireland (Central Bank) recently published its second Securities Markets Risk Outlook Report (the Report). The Report informs regulated financial service providers, investors and market participants of key risks and areas of focus for the Central Bank’s supervisory engagements in 2022.
We summarise the key risks outlined in the Report.
In recent years the Central Bank has prioritised market abuse as its key focus of misconduct risk in securities markets. In 2021, the Central Bank carried out an industry wide thematic review of compliance with the Market Abuse Regulation (MAR) (the Thematic Review). It identified areas requiring significant improvement by market participants with some receiving specific risk mitigation programmes on foot of the Thematic Review.
Addressing market abuse deficiencies remains a priority for the Central Bank in 2022. In the Report, the Central Bank reminds firms that they have extensive obligations to detect, prevent and report misconduct. It also notes inconsistent practices between market participants and market operators relating to Suspicious Transaction and Order Reports submission practices. The Report reminds operators of trading venues of their obligations under MAR and states that trade surveillance systems should be configured to include the full suite of products the firm offers and activities it undertakes, and alert thresholds should be reviewed regularly.
The Central Bank also notes that during the Thematic Review, deficiencies were identified in the establishment and maintenance of insider lists as well as operational risks in relation to trading outside of agreed mandates. The Central Bank notes that firms should have controls and systems in place that govern the oversight of trading and adherence to mandates.
Addressing climate risks and the transition to a carbon neutral economy is a strategic priority for the Central Bank. The Report highlights ‘greenwashing’ risks and the resource and management focus required to ensure the successful implementation of the Sustainable Finance Disclosure Regulation. Firms are expected to have regard to the Central Bank’s supervisory expectations set out in its Dear CEO letter from November 2021. See our previous briefing for further information.
Having well governed securities markets and firms is a fundamental component of the Central Bank’s supervisory principles. The Central Bank expects the boards of regulated entities to challenge the information they receive in order to ensure good governance and management over the organisation. The Central Bank expects board accountability. This includes the need for clear organisational structures that define and clarify responsibilities for operational, control and reporting processes; and crucially identifies who within the firm is responsible for making key decisions. The Central Bank expects firms to adhere to all legislative requirements on outsourcing and to comply with the new Cross-Industry Guidance on Outsourcing. See our previous briefing for further information.
For funds and fund management companies (FMCs), the Report provides examples of deficiencies identified from the Central Bank’s FMC Guidance (CP86) thematic review and includes governance expectations for funds and FMCs. It expects that they will consider and address how resources and operational capacity will need to change to take account of any increase in the nature, scale and complexity of funds under management. It also includes providing a rationale for investment advisor appointments and the role the entity will fulfil. In addition, it references an expectation that they will receive and scrutinise at regular intervals the necessary reports from investment managers on portfolio management. This includes any interaction with investment advisors during the period in question.
Notably the Report features a case study based on a recent targeted conduct risk assessment on Interbank Offered Rate (IBOR) transition preparedness. The case study highlights incidences of governance practices falling short of the Central Bank’s expectations.
Conflicts of interest
The Report notes that the Central Bank continues to see risks where firms do not consider conflicts of interest in their day-to-day business operations. The Central Bank notes shortcomings on the part of investment funds around compliance with the Central Bank’s Connected Party Transaction Rules and for brokers, specifically around Payment for Order Flow (PFOF) arrangements. Firms are expected to ensure that regulatory requirements in relation to conflicts of interest are met. In addition, PFOF and MiFID II best execution requirements need to be complied with in full. Relevant firms also need to have robust connected party processes and procedures in place. Finally, where relevant, firms should engage with fund depositories and designated persons to ensure that all parties fulfil their obligations.
The Central Bank highlights Special Purpose Acquisition Companies (SPACs) and crypto assets as complex new products potentially posing a threat to investor protection. It refers to ESMA’s public statement on SPAC investor protection considerations and noting ESMA’s concerns, has limited investments in SPACs to a maximum of 10% of the net asset value for retail investment funds. The Report includes innovations in the design of funds and the Central Bank’s expectations to minimise risks to investors.
Data quality will remain a focus of the Central Bank in 2022 and is a key priority of its Strategic Plan. Firms should review the Central Bank’s expectations and anticipate increased engagement with the Central Bank on data quality issues and supervisory action where firms do not have sufficient frameworks in place to meet their reporting obligations.
The Central Bank sets out its expectations for firms and refers to its 2016 Cross Industry Guidance in respect of Information Technology and Cybersecurity Risks and its 2021 Cross Industry Guidance on Operational Resilience. Firms need to take steps to understand critical business services and ensure that they are more resilient to disruption from operational and cyber risks. Boards and senior management of regulated firms should fully recognise their responsibilities in relation to IT, cybersecurity governance and risk management and place these among their top priorities. The Report provides that a cyberattack on a firm, which could have been avoided if deficiencies had been addressed, will be subject to enhanced regulatory scrutiny.
The Central Bank sets out its expectations for funds and fund management companies arising from leverage and liquidity risk.
The Central Bank encourages all securities markets participants to review the risks and supervisory priorities outlined in the Report and to consider incorporating practices relevant to their business activities into their own risk assessment and mitigation programmes.
At the outset of the Report, Patricia Dunne, Director of Securities and Markets Supervision, notes that the Central Bank:
“will take appropriate supervisory action in instances where securities market participants have not considered the risks outlined in this report or where we identify behaviour that falls short of our expectations” and the Report provides that 2022 will see a defined plan of work with enforcement in the Central Bank. Enforcement of this nature will include specific cases across the Central Bank’s mandate and the assessment and investigation of suspected market abuse.
The content of this article is provided for information purposes only and does not constitute legal or other advice.