Another eventful year has drawn to a close, and all eyes are now on the year ahead. We asked specialists across the region to choose their highlights of 2023, and what to look out for in 2024. Phil Taylor reports.
2023 saw Reglex grow dramatically, expanding its remit to Abu Dhabi, as well as Singapore and Hong Kong, and adding a number of exciting new product features. We have written about the challenges of remote working, the rise of fraud, and the importance of business continuity planning (BCP), all important topics and ones which we think will continue to be important for companies in 2024.
Meanwhile, the legal and regulatory frameworks across the jurisdictions on which Reglex focuses have continued to develop in several key areas, with topics such as AI dominating headlines in the mainstream as well as specialist media.
The start of a new year, as the holiday season fades into memory, is a good time to step back, draw breath and take stock. We asked some leading experts, including those who have contributed to our editorials over the past year, to pick out their top developments of 2023, and share with us what they consider to be the most significant things to watch out for in 2024.
Looking back …
For Kate Wombell, Chief Compliance Advocate at Reglex, crypto and cyber were key features of 2023:
“Though it should not dominate the regulatory agenda, it would be hard to dismiss the two elephants in the room, i.e. the regulatory framework for crypto/defis, and cyber vulnerabilities.
“Reglex issued a checklist for virtual asset service providers (VASPs) operating, or intending to operate, in Hong Kong to ensure they are aware of SFC and HKMA obligations while awaiting approval of their applications. Scammers are the bane of our lives, and everyone must be vigilant. In Singapore, banks and telcos will bear the cost for failures on their part.
DBS Singapore also tested our regulator’s patience with repeated system backup failures caused by third-party outsourcing. This requirement is an important part of BCP upkeep and is very much focussed on by other global regulators, too. I would also add that good corporate governance remains fundamental to stave off disruptions.”
Katharine Leaman of Leaman Crellin picked her two key takeaways:
“First, the regulation of digital assets, particularly crypto but also frameworks emerging for stablecoins and technologies associated with digital assets – mostly very positive.
Second, IOSCO standards and local regulatory actions to tackle greenwashing – long overdue and hopefully a sign of things to come from regulators around the world.”
As Katharine mentions, the board of IOSCO (the International Organisation of Securities Commissions) issued a set of recommendations on greenwashing in November 2021 and a “call for action” a year later. In December 2023, it published a key report which gives an overview of greenwashing initiatives introduced around the world in line with those recommendations, as well as the challenges relating to their implementation.
The report thereby provides an extremely useful measure of international progress in this area, and a guide to global best practice, highlighting points such as data gaps, transparency, quality, and reliability of ESG ratings, consistency in labelling and classification of sustainability-related products, evolving regulatory approaches, and capacity building needs. As the report states: “While some of these challenges are currently being addressed, greenwashing remains a fundamental market conduct concern that poses risks to both investor protection and market integrity.”
In a press release, IOSCO Board Chair Jean Paul Servais explained that, although there has been “a growing recognition of the economic and financial materiality of climate change and ESG considerations” in recent years, this is tempered by “a growing concern against misleading claims about ESG risks, opportunities, and impacts.”
Actions by national regulators have markedly increased over the past year. In the UK, for example, the Financial Conduct Authority issued its new Sustainability Disclosure Requirements and investment labels on 28 November 2023 (see PS23/16) following a year-long consultation process. This includes a new anti-greenwashing rule which will come into force on 31 May 2024, and will require all regulated firms to ensure that sustainability-related claims are clear, fair and not misleading (proportionate and not exaggerated).
Paul Haswell, TMT lawyer at K&L Gates, picked AI as a top issue:
“The first big development of 2023 will come of no surprises to anyone, and that is the emergence and embrace of generative AI and the incredibly fast impact it has already had on some industries such as the creative industry. This impact is now widening to finance, law, law enforcement and government, and whilst the use and development of generative AI tools is growing rapidly, it seems that the world, and certainly the world of regulation, simply cannot keep up. It’s going to make a change to everyone’s industry to some extent, and the question is how different jurisdictions should manage this and whether we need regulation in place.
The problem here of course is that no industry sector or even legal jurisdiction can yet agree, or move quickly enough, in formulating effective regulation. This is something we’ll see be attempted (and likely fail) in 2024, and I don’t think we’ll see concrete changes until well into the second half of the year. The key issue here is that regulating generative AI on a global scale is like trying to regulate the internet: essentially impossible.
The second development, from a cybersecurity perspective, is the increasing reluctance to pay ransomware payments in cyber incidents, with some jurisdictions turning to the position that they should not be paid since they are effectively funding crime. Singapore and the UK are making headway in this and it will likely affect not just cyberattacks but the attitudes of cyber-insurance providers. Given that AI is making cyberattacks ever more sophisticated and fast it remains to be seen what regulators and the law will do in the various jurisdictions around the world.”
And moving forward …
Katharine Leaman, Leaman Crellin:
“First, AML / KYC / SoW, especially across Asia due to the 2023 Singapore MAS investigation and resulting regulatory reaction, especially around Chinese family offices.
Second, holistic compliance risk appreciation: the ability to see aggregated compliance risk holistically versus traditional siloed risk management. Linked to this will be the establishment of consistent compliance risk taxonomies, centralised aggregation and the application of advanced analytics.”
In June 2023, Singapore’s MAS announced that it had imposed total penalties amounting to S$3.8 million (approximately USD 2.8 million) in total on Citibank N.A. Singapore Branch, DBS Bank Ltd, OCBC Singapore and Swiss Life (Singapore) Pte. Ltd. for serious breaches of the regulator’s Anti-Money Laundering and Countering the Financing of Terrorism (AML/CFT) requirements. This followed extensive investigations arising from the earlier Wirecard AG scandal. The MAS said that the firms “were found to have inadequate AML/CFT controls in place when they dealt with persons who were involved in transactions with, or had links to, Wirecard AG or its related parties.” Although all the firms satisfied the MAS that they had taken prompt and effective remedial actions (including enhancements to their policies and procedures, and staff training) they will need to ensure the ongoing effectiveness of their compliance functions.
According to Comply Advantage, these fines formed part of a record amount of penalties issued by the MAS in the most recent 18-month period (more than $20 million as opposed to just over $2.7 million in 2020-21). The penalties were set out in the MAS’s 4th Enforcement Report, along with its enforcement priorities for 2023-2024.
Paul Haswell, K&L Gates:
“The inevitable rise of AI and the impact it has on the regulatory environment and lack thereof is the thing to watch.
It’ll also be interesting to see how the rather fragile geopolitical situation in the world at present brings more regulation of industries, especially tech industries, in certain jurisdictions, as well as the impact of potential sanctions on entire industry sectors or countries.”
Without the benefit of a working crystal ball, it is impossible to know exactly what the trajectory of the next 12 months will be. What is certain is that it will be another interesting and challenging year for practitioners, advisers and investors alike.
