Award Winning Consultants 2018

It has been a busy few months for Midshore Consulting, and we would like to take the opportunity to share with you some of our achievements and appointments.

fintech.png

FinTech Awards & GFSC’s Soundbox Sprint

Firstly, in the FinTech Awards given by Wealth & Finance International, Midshore have won “Best Fintech Consultancy 2018 – Channel Islands”. These awards showcase the talents of those who have played a vital role in shaping the Fintech industry, in our case moving to integrate reg-tech into our consultancy work – an area that has historically been purely people-driven.

Secondly, and more importantly in the local environment, we competed in the Guernsey Financial Services Commission’s Soundbox Sprint on Friday 22nd June. Against some serious competition from some much bigger firms we took home the Silver Bailiwick Innovation Award following our pitch to the judges for our solution to using technology to improve innovation. Our solution involved optical character recognition, artificial intelligence and application programming interfaces in a new application that would be an overlay to legacy systems.

Bill Green Award for Entrepreneurial Spirit

Following nomination by the Past President of the Young Business Group, we were shortlisted and invited to give a short presentation to the Bill Green Award judging panel. The winner was announced at the YBG Ball on 30th June, and whilst we didn’t win (congratulations to the School of Popular Music) it was an honour to be a finalist for this award.

New Committee Positions for Christopher

In May 2018, following his re-election as Vice-Chairman of the Guernsey Investment Fund Association (GIFA) the previous month, Christopher was selected to be one of the GIFA representatives on the Council of the Guernsey International Business Association (GIBA). Furthermore, last week Christopher became the Vice-President of the Guernsey Branch of the Chartered Institute for Securities and Investment.

Midshore Moving Forward

Remaining in key positions within the financial services sector is key to Midshore’s positioning as a leading innovative consultancy. We have access to the right people, and can marry this level of access to our unique team composition to bring a technological approach to compliance and anti-money laundering. One of our key goals is to use technology to reduce the cost of compliance and assist Guernsey financial services businesses with being more competitive in today’s international market.

A Time for (Regulatory) Change

Summer…. A time for holidays, beaches, ice cream and regulation!

It might be the time of year when many people think about slowing down, but those responsible for the regulatory programme in any Guernsey-based financial services business have much to keep them busy. Ignoring minor changes to the Prospectus Rules & Registered Funds Rules there are some major changes in the pipeline. In this article, we will examine five key changes and their implications before looking at what more is to come.

Pension Rules

What is it?The Pension Licensees (Conduct of Business) & Domestic and International Pension Scheme and Gratuity Scheme Rules 2017Stage:The Rules are finalisedImplementation:30th September 2018Impact:Licensees undertaking Pension Scheme & Gratuity Scheme formation, management and/or administration

The Rules cover the formation, management or administration of Pension Schemes or Gratuity Schemes under the Fiduciaries Law. The Rules bear some striking similarities to the Conduct of Business Rules for Investment Licensees, which makes sense given that many pension schemes operate in a manner analogous to collective investment schemes.Key Deliverables:By 30 September 2017 Licensees must have conducted an assessment of the internal controls in order to identify and plan for any amendments required to ensure compliance with the Rules by 30 September 2018.

MiFID II & MiFIR

What is it?The Markets in Financial Instruments Directive II
The Markets in Financial Instruments RegulationStage:The Directive & Regulation are finalisedImplementation:3rd January 2018Impact:Licensees providing a range of activities* on various instruments to clients in the European Union (including the UK)

* Reception/transmission of orders; execution of client orders; dealing on own account; portfolio management; investment advice; underwriting of financial instruments; placing of financial instruments; operation of a MTF or OTF.

The Directive and Regulation cover the provision of various investment services to people and institutions in the European Union. Both the Directive and the Regulation include requirements for the provision of services from third countries (non-EU). At this point the Guernsey Financial Services Commission is not considering wholescale adoption of MiFID II & MiFIR.Key Deliverables:Consider what activities are provided to EU-based clients, including potential marketing to attract new clients. Please be aware that not only Investment Licensees will be captured as the Directive and Regulation work on the basis of the activities and instruments rather than a category of licensee.

GDPR & New Guernsey Data Protection Law

What is it?General Data Protection Regulation
Guernsey Data Protection Law (new version to achieve equivalence)Stage:The EU Regulation is finalised; The Guernsey Law is in draftImplementation:25th May 2018Impact:All businesses holding personal data

The Regulation gives increased rights to data subjects, increased requirements for data controllers and data processors, increased fines and penalties to regulators, and increased responsibilities for data protection officers.Key Deliverable:Consider what data is being held, why it is held, whether it is held securely and how is it accessed/maintained. Review internal documentation as well as client consent collection. Ensure all stages of your project are documented as your “road to compliance”.

New Guernsey AML/CFT Framework

What is it?The Criminal Justice (Proceeds of Crime) (Bailiwick of Guernsey) (Amendment) Ordinance, 2017
Handbook on Countering Financial Crime and Terrorist FinancingStage:Consultation (until 31 July 2017)Implementation:TBCImpact:All regulated financial services businesses, registered financial services business & prescribed businesses

The updated Ordinance and Handbook seek to deal with “deficiencies” identified in the Moneyval review of the Guernsey AML/CFT framework. The changes will place additional requirements on impacted businesses and require new business risk assessments, policies, procedures & controls. There is also a requirement to review existing business relationships to ensure information held complies with the new standards.

Consider the resources that will be needed to complete the following:

  • 4 months after implementation – revised business risk assessment
  • 6 months after implementation – revised policies, procedures & controls
  • 1 year after implementation – review existing high-risk business relationships
  • 2 years after implementation – review all other existing business relationships

Lending, Credit & Finance Framework

What is it?Lending, Credit & Finance Consultation PaperStage:Consultation (until 15 September 2017)Implementation:TBCImpact:Registered financial services business, regulated financial services businesses & other affected businesses

The consultation proposes replacing the existing Non-Registered Financial Services Business (NRFSB) framework with a new Lending Credit & Finance Framework, splitting business into three supervision categories:

  1. Alternative Financial Products & Services
  2. AML/CFT only
  3. Consumer Lending & Credit

Existing regulated financial services businesses (such as banks) may also need to register under the new framework (for example under category 3 if the bank providers consumer lending services). Other businesses, which are currently not regulated, may require licensing under the proposals (e.g. an AML/CFT platform).

Consider the resources that will be needed to complete the following:

  • 30 business days before implementation – submit Notice of Intent
  • 3 months after implementation – deadline for applying for a Class 3 Licence
  • 6 months after implementation – deadline for applying for a Class 1 Licence
  • General – ensuring new policies, procedures and processes are in place, particularly those required for applications to the Commission

More to come…

Don’t forget that other changes are still expected over the coming year (or more), including:

  • New/Revised Financial Services legislation – beginning with the Enforcement Law
  • Investment & Fiduciary Division review of the Client Money & Client Asset rules
  • Clarification of the landscape post-Brexit
  • Expansion to countries reported under CRS
  • Measures introduced to ensure BEPS-compliance

What next?

For help with any new, existing or updated regulation impacting on your business please contact Midshore Consulting. We are here to help, and the first consultation is free.

Please contact us here.

Taking a look at Cyber Security threats in 2017

2016 was a busy year for cyber-security professionals. It goes without saying that 2017 is likely to be far worse as more and more cyber-security threats emerge and the number of internet enabled devices continues to grow. I briefly took a count of how many internet enabled devices I have in my home and it was near 25… which even included a coffee machine, heating and a desk lamp.

Throughout 2016 the rise of Ransomware, digital extortion schemes, targeted attacks, LinkedIn’s historic 2012 breach, Yahoo!’s breach, political attacks and many more made the headlines our news feeds, newspapers and even our TV screens at one point or another.

But that hasn’t changed how we use our devices right? That’s not “our fault”. Just a quick password change, write it down on a piece of paper and pop it in the back of your wallet/purse until you can remember it. Job done.

Wrong…

What’s this got to do with 2017’s cyber threats?

A lot. It’s our attitude to the way we download apps, install them, and just assume they are as good as they say they are.

We got angry when we heard Facebook was going to make all our posts public (which was a hoax – although great for privacy setting awareness and I hope it happens again), but none of us probably checked which apps were allowed access to our data, which we had already allowed. So when we changed a few posts and maybe added a phone number to our account for an extra layer of security, they can see our change and update their records too.

That even means, when we create ourselves a lovely new email address to stop receiving spam, those apps had access to it. So we will likely see those nasty emails again. Meaning it was probably our fault all along for not checking those settings, or approving “Super emoji app’s” request for our “basic personal data” which was then sold on the “Big Data” market.

So this brings me on to my first top threat:

Everybody is a cyber-security threat

Everybody can be their own worst enemy when it comes to cyber-security.

Posting personal data online, using the same password for every website, simple answers to secret questions (first dog… mother’s maiden name… etc), pin numbers including date of birth or ‘1234’ and that’s just to name a few.

It’s the way we are using our tech, and the way we wish to live our modern-day lives, that’s putting us at risk.

Yes, it should be our right to post what we like, where we like (within T&C / Law restrictions of course), but sadly in a world with “internet gangsters” we must be more considerate.

Which also brings me on to my second largest threat:

Targeted Attacks through social media

Targeted attacks are going to be a huge problem in 2017, as generally targeted attacks tend to pay off in a bigger way. If you manage to crack an individual’s security on “one platform”, you’ll probably have access to many more and our social media behaviour is making it as easy as ever for hackers.

But why not hack a huge website? Well this data could be more useful than just a list of email addresses and therefore more profitable. Also, we also might not notice and continue to provide them a source of income.

Other Cyber security threats in 2017

This doesn’t mean that every cyber-security breach is our fault… there are a whole list of other cyber security threats that could, and will, cause problems in 2017. I would expect it won’t be long before we are reading again about: ransomware, worms, identity theft, the Internet Of Things (internet enabled devices such as smart devices), and even our mobile phones being a source of a cyber-enabled crime or breach.

How to be prepared for cyber-enabled threats going forward?

It’s our habits that should be changed, but that can only come from education and hard-work. My recommendation would be that everybody took a moment to even consider looking through some recent (or old) posts on social media. If you think they might give a hacker an insight into your password, questions or just an edge on how to hack into your account, then review who can view it, or better yet delete it.

You could even look to seek further education into Cyber Security threats.. I’ve heard of a lovely company called Midshore Consulting that are offering “Managing Cyber Security” training via their brand new online platform… perfect. (www.midshoreonlinetraining.com)

When it comes to websites we regularly (or rarely) use we are putting our data, and faith, into their hands. So, it’s worth thinking about sites we didn’t really need to register on, and perhaps even removing our data if necessary to stay safe. Hopefully the upcoming GDPR (General Data Protection Regulation) will help strengthen their cyber security loopholes.

But for my final words, it’s action rather than re-action which should be at the forefront of our minds when it comes to cyber security and keeping our much-loved data, safe.

To Brexit or not to Brexit?.. That is the question!

It seems that in the United Kingdom the government might want to observe the majority will to leave the European Union… however those plans might be scuppered by a few citizens from the minority that clearly lost the vote.

Why is this?

The United Kingdom has Parliamentary Sovereignty and therefore any vote of the people is purely “advisory”, the vote that took place on 23 June 2016 was an Advisory Referendum. This has no legal standing and is merely “advice” for the government and does not bind government. Technically, it could be seen that the High Court has made the correct ruling, however we should wait and see what the ruling of the Supreme Court is.

How did this happen?

That the case was brought by ordinary citizens, presumably “miffed” at voting for the losing side of the referendum, and not Members of Parliament who were on the losing side of the campaign speaks volumes. Would any self-respecting politician want to be seen to go against the will of the majority of the people and risk losing their seat at the next election?

What is more intriguing is that the case was led by a “businesswoman” (Gina Miller) who has clearly failed to see the unique situation that invoking Article 50 puts the United Kingdom in. The UK has been one of the largest financial centres in the world since well before the European Union was even a fledgling customs union with a handful of countries.

Final thoughts…

Leaving the EU is not going to end the UK’s leading position in financial markets. The freedom it will gain by no longer being constrained by the dictates of Brussels in dealing with the rest of the world will free it up to move into an even more dominant position globally.

Interview: Christopher Jehan talks funds with BL Magazine

Recently Christopher was interviewed by BL Magazine, in the Funds Edition (November / December 2016).
The photo shoot for the telephone interview was held on Wednesday 28th September in Jersey at the Radisson Blue Hotel.

We are delighted to now be able to share this interesting & informative article with you!

You can download our “assembled” PDF of the entire article here;

pdf

Credit: BL Mag, read the full issue here.

Brexit: The Potential Impact on Fund Distribution – A Viewpoint from Guernsey

On 23rd June 2016 the United Kingdom referendum on whether or not to remain in the European Union resulted in a majority of 51.89% of those voting wanting to leave the EU. Whilst the UK Government has yet to invoke Article 50 of the Treaty on European Union, which sets out the process by which countries exit the Union, it is clear that major changes are going to be felt across the UK and, to a lesser extent, the Crown Dependencies (including Guernsey).

Rather than deal with the wider Brexit issues, this article will focus on the expected impact on fund distribution.

Before Brexit

The situation is currently as it was prior to the referendum and will remain as such until the Article 50 negotiations are concluded and the UK’s membership of the EU comes to an end. This means that in the UK, funds are constituted in accordance with one of two EU Directives – UCITS (Undertakings for Collective Investment in Transferable Securities) or AIFMD (Alternative Investment Fund Managers Directive).

The UCITS (currently in its 5th iteration) was the first of the two directives introduced to allow funds to passport throughout the European Union and European Economic Area. UCITS was specifically designed to meet strict requirements for sale to retail investors and as such has strict investment & borrowing restrictions. The ability to utilise a UCITS fund passport is only available to members of the EU & EEA and there are no provisions to extend the UCITS passport to non EU/EEA countries (third country).

The Alternative Investment Fund Managers Directive came into operation in July 2013 with a one-year transitional period. This covers all funds (in the directive defined as “collective investment undertakings” and named Alternative Investment Funds or AIFs) that are not already covered under the UCITS directive. Unlike UCITS, AIFMD focuses on the distribution of funds to institutional investors and, as it is designed to capture everything not covered by UCITS, there are no investment / borrowing restrictions.

Under AIFMD there are provisions dealing with the sale of third country funds into the EU & EEA under National Private Placement Regimes (NPPR) on a country-by-country registration basis. Not all EU/EEA countries transposed this part of the directive or otherwise allow such private placements (i.e. the regulator in that country has not signed a Memorandum of Understanding with the relevant third country regulator). In some countries the requirements for registration are onerous and thus discourage third country fund registration.

The directive allows for the possible future extension of the passport to third countries, which is currently progressing for a number of third countries. There are also provisions dealing with the marketing of AIFs to retail investors with EU/EEA countries able to allow retail marketing with the addition of such additional regulation as they deem necessary and appropriate.

Guernsey is not part of the European Union or the European Economic Area. Funds established in Guernsey do not, therefore, have access to the UCITS passport. Before the implementation of AIFMD there were various routes by which Guernsey funds could be sold into the UK:

  • Guernsey open-ended class “A” funds could register for marketing to retail investors under section 270 of the Financial Services and Markets Act 2000 (FSMA), which was possible as class “A” funds were designated by Her Majesty’s Treasury under s270
  • Other Guernsey funds could apply for recognition under section 272 of FSMA on a case-by-case basis requiring more information and assurances than s270
  • Guernsey funds could private place to institutions in the UK without registration
  • Financial advisers could advise their clients to invest into an unregistered Guernsey fund, although from a UK regulatory perspective this would be seen as investment into a Unregulated Collective Investment Scheme (UCIS)

With the advent of AIFMD the UK government repealed s270 of FSMA and introduced a National Private Placement Regime (NPPR) registration process. The NPPR process is one of notification only and requires payment of a fee and the reporting as required under Articles 22 to 24 of AIFMD. However the repeal of s270 of FSMA means that any Guernsey scheme wanting to market to retail investors needs to comply with both AIFMD and the more onerous requirements of s272.

Brexit Option 1 – European Economic Area (EEA): The Norway Model

The first option is to remain a member of the EEA whilst leaving the EU. This would put the UK in the same situation as Norway, Liechtenstein and Iceland.

The problem with this is that it doesn’t solve any of the issues that drove the Brexit vote. The UK would still be subject to each EU directive as and when it is incorporated into the EEA Agreement but would no longer have a voice in negotiating and deciding the content of the directive. It would retain access to the single market but still be subject to the free movement of people and therefore none of the population’s migration concerns would be addressed.

If this option was to be taken then the UK would still be subject to both UCITS and AIFMD and the situation for distributing Guernsey funds into the UK would not change.

Brexit Option 2 – European Free Trade Association (EFTA): The Switzerland Model

By being a part of EFTA the UK could, as Switzerland does, adopt EU directives on a bilateral basis with the EU as a whole. The Swiss public remain opposed to joining either the EU or the EEA.

As at 2010 Switzerland had over 210 separate treaties signed with the EU. All of the agreements that Switzerland signed in 1999 are co-dependent – if any is denounced then they all cease to apply. This means that if Switzerland stops allowing the free movement of people (immigration) from EU member states then most of its agreements with the EU are automatically terminated.

Clearly the UK could negotiate its own package of treaties with the EU, however it is important to note that Switzerland has never been able to utilise the UCITS passport and is treated as a third country under AIFMD. This gives some indication of the fund passport access the UK may expect if it chooses this route.

Brexit Option 3 – Customs Union with the EU: The Turkey Model

The UK could seek to establish a Customs Union with the EU, much the same as the Customs Union between the EU and Turkey.

Whilst there are clear benefits to Turkey from the Customs Union there are also negative factors to such a union, where the signing party (in this case Turkey) has given political and economical powers to the EU. Amongst others:

  • Unconditional acceptance to make laws parallel to the new laws made for the customs union by the EU
  • Accepting to obey all laws and decisions of the European Court of Justice, without being able to supply judges to that court
  • Any treaty with a non-EU country has to be made with the knowledge of the EU or the EU can step in an annul that treaty

Customs Union also relates to the movement of goods and not services. Turkey does not have the right to utilise the UCITS passport and is treated as a third country under AIFMD.

Brexit Option 4 – Comprehensive Economic and Trade Agreement (CETA): The Canada Model

The UK could seek to negotiate a CETA in the same way as Canada has done. The CETA between the EU and Canada still requires approval (Council of the European Union, European Parliament and all 28 current member states) although the negotiations were concluded on 1st August 2014. This indicates that a full agreement may be possible within the two years allowed for Article 50 exit negotiations, although full ratification may take longer.

Again, the bulk of this agreement relates to trade rather than services. Canada is also treated as a third-country for fund passport purposes.

Potential Changes to Fund Distribution

Given the above options it appears highly unlikely that following Brexit the UCITS passport will continue to be available to UK-based funds. For this to be allowed would require changes to the UCITS Directive to recognise third country funds, which given the protectionist stance of many EU member states seems unlikely. Any extension of the passport would likely be seen as an opportunity for other third countries to negotiate UCITS access.

Given that UK retail funds would no longer be eligible, UCITS allows for the possibility of the UK to rewrite the Collective Investment Schemes Sourcebook (COLL) and focus on those areas that the UK considers are essential for retail sales domestically. However, being outside the EU means that the UK no longer has to allow for the recognition of UCITS funds from remaining EU countries for sale into the UK (s264 of FSMA). Why should the UK allow such funds access to retail clients when there is no reciprocity available?

This provides an opportunity for re-opening the recognition of Guernsey Class “A” Schemes in the United Kingdom under a re-constituted FSMA s270. The reasons are clear:

  • Reciprocal recognition of UK schemes for sale in Guernsey. Which already exists in Guernsey under The Investor Protection (Designated Countries and Territories) Regulations 1989 – this currently recognises UK Authorised Unit Trusts but could be extended to cover Open-Ended Investment Companies and any other UK retail collective investment schemes
  • The “International Capital Flows” report published by KPMG and commissioned by the Guernsey government shows that (as at November 2014):
    • Guernsey funds act as a conduit for £25bn in overseas investment into the UK
    • Guernsey funds act as a conduit for £27bn in global investment by UK investors
    • £1.1bn in Investment Management fees is earned by UK-based managers of Guernsey funds
  • UK government and quasi-government investors can invest internationally via tax neutral vehicles in Guernsey thereby maximising return of taxpayers capital

Moving into the realm of alternative investment funds, again being outside the EU gives the UK a chance to re-write the rules under the Investment Funds Sourcebook (FUND). The UK can make its alternative funds more internationally competitive by adopting an opt-in AIFMD regime similar to those in jurisdictions such as Guernsey. This allows for funds aimed both at internal UK investors and non-EU investors to fall outside the AIFMD regime resulting in cheaper streamlined products. This could also allow non-EU funds (such as those in Guernsey) to market under private placement into the UK without being subject to the AIFMD requirements.

For the UK as a third country to sell funds into the EU under the AIFMD passport would require positive assessment from the European Securities & Markets Authority (ESMA) and the third country passport regime itself would need to be implemented by the European Commission. Until the UK has access to the AIFMD passport any marketing of UK-based AIFs into EU countries will need to be done under NPPR. Before NPPR marketing is allowed in each EU or EEA country the Financial Conduct Authority would need to sign a Memorandum of Understanding with the relevant regulator in each EU & EEA country and the country would need to have transposed AIFMD into national law, including Article 42.

Again, the benefits for Guernsey are that selling Guernsey-domiciled funds to institutions in the UK will not necessarily have to be governed by an EU directive (in this case AIFMD). A less formal type of private placement could be utilised without necessarily requiring registration and certainly without the onerous levels of reporting required under Articles 22 to 24. This may reduce the costs for Guernsey funds being sold into the UK, although any fund still selling into the remaining EU/EEA jurisdictions would still have to comply with the Directive.

What are the benefits to the UK of being outside the scope of both UCITS and AIFMD? The simple answer is being outside of an institutionalised straight-jacket. The longer answer is that the UK will be able to put in place whatever regime it wants, and can plan for dealing with the rest of the world. A topic for another time…