Technology

The regulatory mood around digital assets in 2022 and beyond

Published

5 months ago

January 8, 2022

admin

By Michael Magrath, Vice President, Global Standards and Regulations, OneSpan

Put simply, digital assets are unique digital representations of financial assets, the ownership of which is registered securely on a blockchain. This includes cryptocurrencies, stablecoins, NFTs and digital asset tokens. With global financial institutions investing in cryptoassets, consumer ownership of cryptocurrency skyrocketing, and cryptocurrency even becoming legal tender in some countries, digital assets are now playing a significant role in the global financial ecosystem.

Like with any emerging technology, regulation in this area has for many years lagged behind the pace of innovation. However, this is now changing as regulators rush to protect investors, fight crime and establish their jurisdictions as fintech hubs. With this in mind, what regulatory changes can we expect key European players – France, Germany and the UK – to make in 2022 and beyond?

Michael Magrath

Confronting the growing role of digital assets in global money laundering

From drug trafficking to ransomware, we cannot ignore the fact that cryptocurrency enables serious organised crime. Crypto allows bad actors to easily receive bribes and ransoms, as well as disseminating the proceeds of their crimes – all without being identified and apprehended. This pressing issue was highlighted by the European Commission’s EU Strategy to Tackle Organised Crime 2021-2025 report published earlier this year. The authors noted that: “only 1% of criminal assets are confiscated. This has been aggravated by the increasing use of financial channels with more limited oversight than the banking sector, such as virtual currencies.”

Given this startling figure, it’s no surprise that EU member states are closely examining the role of digital assets in criminal activity – so, what steps are they taking?

In April this year, the French Ministry of the Economy and Finance published a decree designed to strengthen the country’s existing mechanism for freezing criminal assets. The new decree aims to eliminate the use of anonymous digital assets in illegal activity. At its core is an expansion of the scope of customer due diligence requirements for payment and e-money institutions, and a requirement for digital asset service providers to identify customers before permitting a transaction.

In addition to member states’ individual efforts, the EU’s proposed Regulation of Markets in Crypto-Assets (MiCA) legislation proposes a detailed regulatory framework for digital asset issuers across the bloc. It’s worth noting that the legislation doesn’t apply to central bank digital currencies, issued by states and regulated by central banks, but other cryptocurrencies, including utility tokens and payment tokens do fall within its scope. In the three years since MiCA was first put forward, there remains a lack of clarity in several key areas. Currently, it’s expected that a single licensing regime for cryptoassets will be in place across all member states by 2024.

Outside the EU, the UK Treasury published a consultation on amendments to its 2017 Money Laundering, Terrorist Financing and Transfer of Funds Regulations in July 2021. The amendments seek to implement a Travel Rule for the cross-border transfer of cryptoassets. The Financial Action Task Force’s Travel Rule requires both financial institutions Virtual Asset Service Providers (VASPs) (cryptocurrency exchanges)—to collect personal data including names and account numbers for both senders and recipients in wire transactions exceeding 1,000 USD/EUR. Secondary legislation is expected to be introduced in spring 2022.

Boosting security standards for exchanges and custodians

Money laundering isn’t the only pressing concern and increased scrutiny has been placed on exchanges. Though undoubtedly the most high-profile, the recent Coinbase hack was not the first to successfully target crypto exchanges and custodians. In fact, research shows that an estimated $1.9 billion worth of cryptocurrency was stolen by hackers in 2020. This eyewatering figure demonstrates that the security standards of digital asset exchanges and custodians must be significantly improved to protect investors.

The German Federal Financial Supervisory Authority (BaFin) has established itself as a pioneer in regulating digital assets – and has already taken significant steps to boosting security standards among cryptocurrency exchanges and custodians. Germany was one of the first countries to allow financial institutions to custody cryptoassets. This was classified as a financial service back in January 2020. German law states that all entities seeking to custody cryptoassets, and those engaging in the trade of cryptocurrency, must apply for BaFin authorisation. The German Banking Act considers all crypto custodians and exchanges to be financial institutions, so they must adhere to stringent anti-money laundering rules.

In the UK, the Financial Conduct Authority (FCA) will soon require cryptoasset exchanges and custodians to submit an annual financial crime report. As part of the FCA’s Extension of Annual Financial Crime Reporting Obligation policy, the number of firms required to submit to financial crime reporting is expected to rise from 2,500 to around 7,000. The requirement will go into effect from 30 March 2022.

Though it’s heartening to see increased regulation in this area, custodians and exchanges need to go above and beyond the bare minimum of what is required by law. This is the only way to cultivate lasting consumer trust, which is currently at an all-time low.

Offering clarity on licensing and consumer protection for financial institutions

With the value of digital assets soaring, it’s no surprise that banks and financial institutions are keen get involved by creating exchange traded products linked to cryptocurrencies. Essentially, crypto exchange traded funds (ETFs) are securities that track the price of a cryptocurrency, like Bitcoin or Ether, but can be bought and sold on a regular stock exchange.

As interest in such products continues to grow, there are increasing calls for more to be done to clarify how banks and financial institutions are allowed to license the purchase of cryptoassets.

Both Germany and France have approved the sale of exchange traded products linked to cryptocurrencies. In fact, just last month, Europe’s first UCITs-compliant bitcoin ETF was listed on the Paris stock exchange. It’s the first product of its kind to be made available to retail and institutional investors across the EU.

It was a desire to protect retail investors from the high volatility of cryptocurrency markets that led the UK government to ban ETFs of crypto products back in 2020. Given that many countries, including Germany, France and most recently the US, have approved exchange traded products linked to cryptocurrencies, the UK’s cautious position makes it an outlier in this area. And considering that retail investors can legally trade ETFs of volatile commodities like gold and oil, many have branded the UK’s outright ban as heavy-handed and disproportionate.

Overall, it’s clear that there’s a palpable sense of urgency among regulators to create a fair and enduring legislative framework governing digital assets. In 2022, we can expect regulation to increase in both complexity and rigour. To ensure that this brings stability, protects investors, and doesn’t stifle innovation, key industry players should collaborate with regulators, rather than resisting external oversight.

To discover more about the regulation of digital assets, download OneSpan’s Global Financial Regulatory Report here.

Up Next

Predictions for financial fraud in 2022

Don't Miss

Why robotics is reshaping the world of RPA and IA

Banking

Wealth Managers and the Future of Trust: Insights from CFA Institute’s 2022 Investor Trust Study

Published

2 days ago

May 23, 2022

editorial

Author: Rhodri Preece, CFA, Senior Head of Research, CFA Institute

Corporate responsibility is more important than ever. Today, many investors expect more than just profit from their financial decisions; they want easy access to financial products and to be able to express personal values through their investments. Crucial to meeting these new investor expectations is trust in the financial services providers that enable investors to build wealth and realise personal goals. Trust is the bedrock of client relationships and investor confidence.

The 2022 CFA Institute Investor Trust Study – the fifth in a biennial series – found that trust levels in financial services among retail and institutional investors have reached an all-time high. Reflecting the views of 3,588 retail investors and 976 institutional investors across 15 markets globally, the report is a barometer of sentiment and an encouraging indicator of the trust gains in financial services.

Wealth managers may want to know how this trust can be cultivated, and how they can enhance it within their own organisations. I outline three key trends that will shape the future of client trust.

THE RISE OF ESG

ESG metrics have risen to prominence in recent years, as investors increasingly look at environmental, social and governance factors when assessing risks and opportunities. These metrics have an impact on investor confidence and their propensity to invest; we find that among retail investors, 31% expect ESG investing to result in higher risk-adjusted returns, while 44% are primarily motivated to invest in ESG strategies because they want to express personal values or invest in companies that have a positive impact on society or the environment.

The Trust Study shows us that ESG is stimulating confidence more broadly. Of those surveyed, 78% of institutional investors said the growth of ESG strategies had improved their trust in financial services. 100% of this group expressed an interest in ESG investing strategies, as did 77% of retail investors.

There are also different priorities within ESG strategies, and our study found a clear divide between which issues were top of mind for retail investors compared to institutional investors. Retail investors were more focused on investments that tackled climate change and clean energy use, while institutional investors placed a greater focus on data protection and privacy, and sustainable supply chain management.

What is clear is that the rise of ESG investing is building trust and creating opportunities for new products.

TECHNOLOGY MULTIPLIES TRUST

Technology has the power to democratise finance. In financial services, technological developments have lowered costs and increased access to markets, thereby levelling the playing field. Allowing easy monitoring of investments, digital platforms and apps are empowering more people than ever to engage in investing. For wealth managers, these digital advancements mean an opportunity for improved connection and communication with investors, a strategy that also enhances trust.

The study shows us that the benefits of technology are being felt, with 50% of retail investors and 87% of institutional investors expressing that increased use of technology increases trust in their financial advisers and asset managers, respectively. Technology is also leading to enhanced transparency, with the majority of retail and institutional investors believing that their adviser or investment firms are very transparent.

It’s worth acknowledging here that a taste for technology-based investing varies across age groups. More than 70% of millennials expressed a preference for technology tools to help navigate their investment strategy over a human advisor. Of the over-65s surveyed, however, just 30% expressed the same choice.

THE PULL OF PERSONALISATION

How does an investor’s personal connection to their investments manifest? There are two primary ways. The first is to have an adviser who understands you personally, the second is to have investments that achieve your personal objectives and resonate with what you value.

Among retail investors surveyed for the study, 78% expressed a desire for personalised products or services to help them meet their investing needs. Of these, 68% said they’d pay higher fees for this service.

So, what does personalisation actually look like? The study identifies the top three products of interest among retail investors. They are: direct indexing (investment indexes that are tailored to specific needs); impact funds (those that allow investors to pursue strategies designed to achieve specific real-world outcomes); and personalised research (customised for each investor).

When it comes to this last product, it’s worth noting that choosing advisors with shared values is also becoming more significant. Three-quarters of respondents to the survey said having an adviser that shares one’s values is at least somewhat important to them. Another way a personal connection with clients can be established is through a strong brand, and the proportion of retail investors favouring a brand they can trust over individuals they can count on continues to grow; it reached 55% in the 2022 survey, up from 51% in 2020 and 33% in 2016.

TRUST IN THE FUTURE

As the pressure on corporations to demonstrate their trustworthiness increases, investors will also look to financial services to bolster trust. Wealth managers that embrace ESG issues and preferences, enhanced technology tools, and personalisation, can demonstrate their value and build durable client relationships over market cycles.

Technology

UK Organisations turn to artificial intelligence to fight sophisticated cyberattacks

Published

5 days ago

May 20, 2022

admin

New research by cybersecurity expert Mimecast finds that email attacks are becoming more frequent and sophisticated

More and more companies in the UK are using artificial intelligence (AI) and machine learning (ML) to fend off increasingly sophisticated cyber-attacks, according to new research from cybersecurity specialist Mimecast. The research finds that 40% of UK organisations are already using AI or ML in their organisations’ cybersecurity programme, with 30% planning to do so within the next 12 months.

The use of advanced technologies such as AI and ML is in direct response to the growing sophistication of cyberattacks that UK businesses are experiencing. 53% believe that increasingly sophisticated attacks will be their biggest email security challenge in 2022, leading to 80% believing it is at least likely their organisation will suffer a negative business impact from an email-borne attack this year.

Growing threat landscape

The research shows that email remains the largest threat vector for UK businesses, with 71% of respondents reporting an increase in the volume of email threats their organisation has faced in the last 12 months. This includes phishing with malicious links or attachments (56%), impersonation fraud or Business Email Compromise (53%), and malicious insiders (43%). However, it isn’t just email attacks that are on the rise, as 90% of UK businesses experienced at least one spoofing attack that uses a lookalike web domain or a clone of their organisation’s website in the last 12 months. The average UK company has experienced 11 of these attacks.

On top of this, employees are also presenting organisations with a very real threat to their cybersecurity. The survey identifies that IT decision makers have relatively low confidence in their colleagues’ cyber awareness , believing that there is a risk of an employee making a serious security risk due to oversharing company information on social media (84%), poor password hygeine (80%), using personal email (80%), or using cloud storage and other shadow IT functionality (81%). When an employee does full victim to an attack, it frequently results in more widespread consequences. 85% of respondents say threats have spread from one infected user to other members of the organisation.

AI to the rescue

To overcome this growing threat landscape, more and more UK organisations are turning to advanced technologies to strengthen their cybersecurity position. The 40% of UK organisations that are already using AI as part of their cybersecurity strategy are already seeing a number of benefits, including increased accuracy in terms of threat detection (54%), reduced human error within cybersecurity team (51%), and reduced workload/working hours for cybersecurity team (45%).

Despite these very real benefits, there is the very real danger that many UK organisations will miss out due to a lack of budget dedicated to cybersecurity. The research highlights a clear discrepancy between the amount IT decision makers believe should be spent on cyber resilience and how much budget is actually allocated by business leaders. IT decision makers in the UK believe that 16% of their IT budget should be allocated to cyber, but at the moment they see less than 12% allocated. Missing out on new technology innovations such as AI is identified as the most likely consequence (49%) for organisations where the cybersecurity budget is not as high as respondents believe it should be.

Elaine Lee, AI expert at Mimecast, said: “There is no doubt that cyberattacks are becoming more frequent, as UK businesses adjust to the world of hybrid work. On top of this increase in frequency, we are also seeing a rise in the sophistication of attacks. This is creating a perfect storm and making it more difficult than ever for organisations to keep their businesses secure. With this in mind, it is no surprise to see so many organisations turn to advanced technologies such as AI to bolster their cybersecurity defences. AI solutions can help businesses to automate security processes, ensuring they are better able to fend off attacks, as well as providing their security experts with more time to focus on high-level analyses that require human interaction.”

Lee continued: “Organisations that have yet to invest in AI technologies as part of their cybersecurity strategy should do so. Cyberattacks are going to continue to be a major threat to UK businesses and these businesses need to respond accordingly with sufficient budget. A successful cyberattack has the potential to cause serious ramifications for a business, including both financial and reputational damage. Now is the time to take this threat seriously and get prepared.”