Cross-border client onboarding is becoming a matter of some concern in the EU, prompting regulators to not only target financial institutions; but other regulators as well. In fact, one would say we are witnessing the equivalent of a 'regulators brawl', with regulators around Europe quarrelling over cross-border client onboarding issues like never before.
Round 1 of the Cross-Border Client Onboarding Brawl
EBA’s New Draft Guidelines on Remote Customer Onboarding. The first regulator to recently weigh into the issue of cross-border client onboarding is the European Banking Authority. On 12th December 2021, the EBA published a consultation paper regarding 'New Remote Customer Onboarding Guidelines'.
In its consultation paper, the EBA directly addresses the topic of cross-border client onboarding, and states that there are significant differences between different parts of the EU in regard to client onboarding. “These divergences might be an obstacle fostering innovation and at the same time, they might hamper cross-border provisions of the financial services.”
The EBA tries to ease and facilitate cross-border client onboarding by compiling a new set of guidelines, standardising the use of technological solutions in cross-border client onboarding. The guidelines, of course, are not in effect yet, and regretfully so, as issues regarding cross-border client onboarding are already flaring up, as we’ll soon see.
Round 2 of the Cross-Border Client Onboarding Brawl – the AMF and AFM Punch
The first punch in the cross-border client onboarding regulators brawl was thrown last December by the French and Dutch regulators, AMF and AFM. The two regulators came out with a joint 'call for improvements in cross-border supervision', which was accompanied by an eleven-page long position paper, in which, to put it shortly, the AMF and AFM said:
- French and Dutch citizens are being onboarded and mis-sold by financial institutions from other EU Member States, and the regulators of those financial institutions fail to stop that.
- Meaning, the current regulatory regime, that allows passporting of licenses to other EU Member States, is not working properly and, therefore, needs to change.
- One possible change can be subjecting the financial institutions not to the supervision of the regulator that licenses them ('Home NCA'), but to the supervision of the regulator in the country most of their clients reside in ('Host NCA').
This is an earthquake in cross-border client onboarding in the EU context, at a magnitude of about 6 on the Richter scale. I wrote about it for Finance Magnates here.
Essentially, what the French and Dutch regulators are saying is, that the passporting system is not working. Financial institutions are practicing 'regulatory arbitrage ', meaning, setting up shop where the more lenient regulators are, and use that license and the passporting system to get away with things they would not have got away with in other, more strict jurisdictions.
So, in two documents, issued in December 2021, just days (twelve, to be exact) apart, three major European regulatory authorities say there are key issues regarding cross border client onboarding that need to be addressed; there is inconsistency; there is mis-selling; there are real-life problems related to cross-border client onboarding.
Round 3 of the Cross-Border Client Onboarding Brawl – ESMA’s Recommendations to CySEC on Cross Border Client Onboarding
The AMF and AFM’s position paper does not specifically name those 'more lenient jurisdictions'. It does, however, state that “Research shows very significant use of the passport by ISPs authorised in Cyprus and operating on an FPS [Freedom to Provide Services, meaning Passporting – the author] basis in France. Of 228 authorised ISPs in Cyprus, 197 (i.e. 86%) carried out a passport notification with France”.
Add that to some quite recent bad press regarding Cypriot CFD dealers’ operations in the Netherlands, and it should come as no surprise that on 10 March 2022, a mere two and a half months after the AMF and AFM’s rather dramatic position paper, ESMA, the European Securities and Markets Authority, came out with a rather dramatic statement of its own regarding cross-border client onboarding.
A press release from 10 March 2022 reads: “ESMA finds shortcomings in supervision of cross-border investment activities and issues specific recommendations to CySEC”. Home NCAs (National Competent Authorities), according to ESMA (not just CySEC), “did not specifically, adequately and structurally consider firms’ cross-border activities in their supervision. In particular, NCAs did not sufficiently identify, assess and monitor the risks related to firms’ cross-border activities or take supervisory actions to effectively address those risks”.
Therefore, ESMA says they need “to significantly improve their approach in the authorisation, ongoing supervision and enforcement work, relating to investment firm’s cross border activities.” First the EBA, then the AFM and AMF, and now ESMA is saying, cross-border client onboarding is a mess.
But, ESMA is not just saying cross-border client onboarding is a mess, it is also, for the first-time ever, using its power under Regulation (EU) No 1095/2010 (the 'ESMA Regulation') to issue specific recommendations to a regulator. This regulator was CySEC, to which ESMA recommended to “increase the human resources dedicated to the supervision of cross-border services of Cypriot investment firms, and to strengthen CySEC’s supervisory activities to effectively monitor, promote and enforce compliance by authorised firms.”
Round 4 of the Cross-Border Client Onboarding Brawl – Automation?
There are two points of concern in regard to cross-border client onboarding. The first is the onboarding process itself; the second is the supervision. As for the cross-border client onboarding itself, the problem lies in differentiation between legal regimes, as the EBA pointed out.
The EBA aims to solve this part by standardising the KYC process, which is positive. But, there will still be a divergence in the laws relating to matters such as client categorisation, suitability and appropriateness. As long as these are not standardized, there might still be significant divergence that can cause major issues. The way to solve this is to automate this part as well, as Muinmos has with its mPASS™ module.
Additionally, automation can help with supervision. Client onboarding and cross-border client onboarding included, is still, in many financial institutions, a semi-manual semi-automated process. Automating all of the process and centralizing it (like, on the Muinmos platform), allows for easy supervision, which is paramount in situations like CySEC that does not have the manpower of BaFin or other large regulators.
Or, in other words, cross-border client onboarding poses real problems, problems that are so real they literally caused a crack in the European Union. Problems that are real, and should be taken seriously, as we all saw in the 2007-8 financial crisis what an under-regulated market and the loss of investor trust can do to the global economy. Problems that should be taken seriously, as we all saw more recently how fragile the European Union is, in both Brexit and the pandemic situations.
And, regulators across the continent are taking the cross-border client onboarding issues seriously. They’re trying to solve them with the tools they know, creating standards, issuing orders and peer reviews. However, we would like to point out that another way, perhaps easier, faster and more efficient to deal with the ailments of cross-border client onboarding, is to simply automate. Use tools, which are now currently available in the market, and were meant to deal with the very same ailments. Instead of brawling and bickering, we believe, one simply needs to harmonise and automate, ultimately securing the single market and protecting the interests of clients across the European Union and beyond.
Remonda Kirketerp-Møller is Founder and CEO of Muinmos