5 May, 2017
Significant regulatory change is looming on the horizon for many financial services firms. The UK must implement the revised Payment Services Directive ("PSD2") and must also implement the new General Data Protection Regulation, (the "GDPR"). Implementation of both PSD2 and the GDPR are unaffected by Brexit and are discussed in more detail below.
The Payment Services Directive (PSD2)
The UK must implement PSD2 by 13th January 2018. PSD2 introduces many changes to the payment services regulatory regime including:
Compliance with PSD2 will necessitate review and amendment of payment service providers’ policies and procedures and also amendments to customer documentation. The adjustments required for compliance with PSD2 will demand planning, testing and execution time, none of which is facilitated by the fact that having published its consultation paper CP17/11 in April, the FCA does not plan to publish the finalised rules and guidance until Q3 2017.
The General Data Protection Regulation
The General Data Protection Regulation (the “GDPR”) comes into force on 25th May 2018. The GDPR has direct effect and therefore, no domestic legislation is required to implement the GDPR in the UK.
The GDPR introduces wide ranging changes to the data protection regulatory regime including:
May 2018 may seem like a long way off, but it is clear that in order to make the required adjustments to policies, procedures and documentation, data controllers and data processors should examine first what it is that they do in practice so as to ensure compliance in real terms. The evaluation and analysis of actual practice in terms of the collection, processing, sharing and retention of personal data could be a lengthy process and data controllers and data processors should commence work and seek advice sooner rather than later.
Mortgage Credit Directive Article 3(1)(b) Credit Agreements
Finally, it is just over a year since the Mortgage Credit Directive ("MCD") took effect into English law. Whilst it is widely appreciated that the MCD regime covers lending secured over residential property, the concept of the ‘article 3(1)(b) credit agreement’ is less widely understood.
An ‘article 3(1)(b) credit agreement’ is a credit agreement which falls outside the definition of ‘regulated mortgage contract’, for example because it is secured on assets other than residential property, and which is entered into with a consumer where the purpose of the credit agreement is to ‘acquire or retain property rights in land or in an existing or projected building’.
Article 3(1)(b) credit agreements have a hybrid position in regulatory terms. Part 4A Permission for consumer credit lending is required before a lender lawfully may advance monies under an article 3(1)(b) credit agreement, but article 3(1)(b) credit agreements are subject to the rules set down in the Mortgages and Home Finance Conduct of Business Sourcebook within the FCA Handbook of Rules and Guidance at MCOB 14 and to the rules set down in the Consumer Credit Sourcebook (CONC) at CONC 1.2.8. Certain rules also apply to brokers and intermediaries of article 3(1)(b) credit agreements.
If the proposals outlined above were not enough to deal with, further upheaval is likely as follows: