Perspective: 4 Regulatory Trends for Bank GCs to Focus on in 2016

February 11th, 2016

An article by Charles Hastie, Regulatory Head, Clutch Group, has been published by Bloomberg. The article titled ‘Perspective: 4 Regulatory Trends for Bank GCs to Focus on in 2016’ discusses some of the key regulatory trends to keep an eye on as 2016 unfolds. Read the full article below or click on the link to read the article on the Bloomberg site. 

Perspective: 4 Regulatory Trends for Bank GCs to Focus on in 2016

by Charles Hastie


2015 was a busy year for regulators as they drafted major rulemakings, continued market investigations, and established new trends within enforcement.

If you’re a General Counsel, Head of Compliance, or Chief Risk Officer, here are 4 relevant points worth noting as your company finds its New Year rhythm.

1. MiFID II (Markets in Financial Instruments Directive) Implementation Delays Buy Firms More Time

Any mention of MiFID II tends to cause a hush in certain corridors in Europe, as though financial history will be divided into “pre” and “post” phases following its implementation. The good news is that the implementation, originally set to occur in January 2017, is likely to be delayed a year.

Now that companies have more time to prepare, there is a distinct opportunity to lay the groundwork for future compliance. A key area of focus should be meeting the requirement to bolster data extraction capabilities such that if a customer so requests, they can be swiftly provided with all relevant records, including transcripts of telephone calls, relating to intended or actual transactions. From a collection standpoint, discretionary investment managers will, for the first time, be required to record calls, including certain internal calls.

Companies can also use the extra time to develop rollout plans to meet new, intensified requirements for surveillance of electronic communications and telephone conversations.

Overall, a delay provides a golden opportunity to improve readiness for MiFID II’s challenging requirements.

2. Individual Accountability: Genuine Risk or Empty Threat?

The Yates Memo caused a flurry in the media as commentators wondered whether it signaled a change of approach from the Department of Justice (DOJ) away from settling for penalizing firms and towards aggressively pursuing the prosecution of individuals. Some commentators felt that the memo was not indicative of a new direction in policy but merely a reiteration of the DOJ’s position by a different official. However, one significant measure is a ban on firms receiving cooperation credit unless they identify all culpable individuals and produce all relevant evidence.

Meanwhile, in the U.K., the government withdrew a plan that would have imposed a “guilty until proven innocent” burden on senior managers. The proposal had come under severe criticism. There is a growing feeling among some commentators that recent changes such as this reveal an increasingly banker-friendly regulatory atmosphere in the U.K.

Actions and commentary by regulators 2016 will be closely analyzed to better understand if individual accountability is more of a focus or actually a major shift from an enforcement perspective.

3. Do Government-Led Initiatives like Project Innovate Hint That Technology Risks Will Become A New Focus For Enforcement in the U.K.?

The headlines of the last few years have been dominated by multi-firm trader misconduct cases. The underlying message from those cases was that banks must control and monitor their trading operations more effectively. That message was delivered convincingly, in unison, by a number of agencies. It’s time for something new.

A close reading of the tea leaves within the Financial Conduct Authority’s (FCA) 2015/16 Business plan reveals that technological challenges have been highlighted as prominent risks. Work on related issues includes a thematic review of Dark Pools, a review of the use of “big data” by insurance companies, and most notably, “Project Innovate.”

Project Innovate is the FCA’s laudable effort to support innovation in the interests of consumers. Some of the project’s consequences have been new guidance for firms using the Cloud, a joining of forces with Her Majesty’s government to introduce regulation for digital currencies, and the removal of barriers to mobile solutions for financial services.

The focus and view on technology will need to be closely monitored as it impacts operational requirements on a day to day basis for most financial services organizations.

4. Europe’s Data Privacy Laws Have Been Revised – what will that mean for U.S.-based companies? A lot, actually.

In 2015, the EU took further steps to introduce the General Data Protection Regulation (GDPR), Europe’s revised data privacy laws. Although the revisions to these laws will not apply until early 2018, two years after their adoption by European Parliament and Council, their influence on the way U.S.-based companies conduct business with their European divisions, vendors, and customers cannot be underestimated.

The key change is that the regulation applies to organizations based outside the European Union if they process personal data of EU residents through offering goods or services in the EU market. Furthermore, service providers processing data collected by other firms will also fall within scope of the GDPR. Non-compliance penalties will go up, with the latest reports suggesting a ceiling of 4% of annual turnover. The revisions will lead to tighter requirements for obtaining consent and greater restrictions on Big Data analytics and profiling.

In 2016, U.S. financial services organizations will have to re-examine their approach to data transfer and privacy across borders.


With major rule-making and implementation of regulation on the cards, 2016 will lead to a number of legal and operational shifts for financial services firms. There is a need to understand implementation and fully digest the guidelines for ensuring compliance with regulatory frameworks that center on wide-ranging surveillance, the comprehensive recording of data, and full and frank cooperation with investigators. In the case of the EU’s revision of the GDPR, it also gives firms a window to steal a march on their competitors by planning for the future.On the Enforcement side, authorities may move on from trader misconduct cases.

There is a lot to look out for in 2016.