Regulatory round-up

Our list of the latest advice, rulings and technical standards from regulators across the globe


The EU Commission has written to ESMA requesting its opinion and advice on the AIFMD passport.

In this letter, dated 17 December 2015, the Commission supports ESMA’s approach of granting the non-EU passport on a country-by-country basis. ESMA is asked to assess the USA, Hong Kong, Singapore, Japan, Canada, Isle of Man, Cayman Islands, Bermuda and Australia by 30 June 2016.

The Commission also requests ESMA’s advice on third country regulators and inflows of third country funds, in addition to another opinion on the current passporting regime.

Cyber security

FINRA in the USA published its annual Priorities Letter on 5 January 2016, in which cyber security is listed as a priority for 2016.

Concerns regarding cyber threats continue at the SEC, with its examination priorities for 2016 again reflecting a focus on this area.

In the EU, an agreement was reached on 7 December 2015 on the Commission’s proposed measures to increase online security. The Network and Information Security Directive is the first piece of European legislation on cyber security and will take effect 21 months after its publication.


With many of the MiFID II Level 2 rules outstanding, a lot of work remains for both the firms impacted and the regulators to ensure readiness in advance of the effective date of 3 January 2017.

This led to ESMA requesting in October 2015 that the MiFID II implementation be delayed by one year to January 2018.

However, concerns have been raised at ESMA and industry level that even a one year delay may be insufficient if the remaining MiFID II rules are not promptly finalised and endorsed.


The delayed UCITS V Level 2 measures were published on 17 December 2015.

With the directive transposition date of 18 March 2016 looming, these measures must still be approved before they can be finalised. Uncertainties consequently surround the timing of UCITS V’s full application with the directive coming into force on 18 March 2016.

The insolvency protection monitoring obligations imposed on a UCITS depositary, in addition to the absence of a contractual discharge provision in the ‘strict liability’ standard, are significant departures from existing requirements and equivalent provisions in AIFMD.


Citing resource shortages, on 18 December 2015 the European Banking Authority wrote to the EU Commission to request revised deadlines for the delivery of a number CRD IV draft technical standards.

The standards were due by the end of December 2015 and the delays requested, if approved, will push their delivery out to mid-late 2016 in most cases.

By contrast, also on 28 January 2016, a number of CRD IV Level 2 measures were published in the Official Journal and will take effect on 17 February 2016.

Local updates – Ireland

On 4 November 2015, the Central Bank issued a consultation (CP97) on the publishing of an investment firms rule book, which will consolidate into one document all of the requirements imposed on investment firms.

Investment firms are typically authorised in Ireland as MiFID firms or under the Investment Intermediaries Act 1995 as investment business firms.

On 22 December 2015, an additional consultation (CP100) was published on the introduction of a risk assessment and capital planning requirement for fund administrators authorised under the Investment Intermediaries Act 1995.

Data protection

The invalidation of the US-EU Safe Harbor Rule in October 2015, combined with agreement on a new General Data Protection Regulation (GDPR) in the EU on 15 December 2015, have triggered animated debate on the question of data protection.

On 2 February 2016, the European Commission announced that it had reached agreement with the United States on the Safe Harbor Rule’s successor, the EU-US Privacy Shield.

The GDPR was first proposed in 2012. It is expected to be published in early 2016 and should become applicable in Member States in 2018.

Local updates – Luxembourg

On 27 November 2015, the bill of law regarding reserved alternative investment funds (RAIF) was approved by the Council of Government.

The RAIF regime will allow AIFMs to set up a new type of AIF, which combines features of the SIF and SICAR fund regimes but without the regulatory oversight of the CSSF. The time to market for the launch of the RAIF will rest with the governing body and service providers of the RAIF as the CSSF will not be involved in its authorisation or supervision.

10th March 2016