Nos derniers articles

L'𝗔𝗖𝗣𝗥 met en garde les institutions financières, notamment les banques en ligne, concernant l'utilisation croissante de « comptes rebonds » pour le 𝗯𝗹𝗮𝗻𝗰𝗵𝗶𝗺𝗲𝗻𝘁 𝗱'𝗮𝗿𝗴𝗲𝗻𝘁 issu de 𝗳𝗿𝗮𝘂𝗱𝗲𝘀. Le rapport de l'ACPR, basé sur des données de 2022 et 2023, révèle que ces comptes servent à recevoir rapidement des fonds frauduleux avant de les transférer, souvent à l'étranger, rendant leur récupération difficile. 𝗘𝗻 𝟮𝟬𝟮𝟯, 𝗽𝗹𝘂𝘀 𝗱𝗲 𝟳𝟬 𝟬𝟬𝟬 𝗰𝗼𝗺𝗽𝘁𝗲𝘀 𝗳𝗿𝗮𝗻ç𝗮𝗶𝘀 𝘀𝘂𝘀𝗽𝗲𝗰𝘁𝘀, 𝗮𝘆𝗮𝗻𝘁 𝘁𝗿𝗮𝗻𝘀𝗶𝘁é 𝗽𝗿è𝘀 𝗱'𝘂𝗻 𝗺𝗶𝗹𝗹𝗶𝗮𝗿𝗱 𝗱'𝗲𝘂𝗿𝗼𝘀, 𝗼𝗻𝘁 é𝘁é 𝗳𝗲𝗿𝗺é𝘀. L'ACPR exhorte les organismes à renforcer leurs dispositifs de prévention et de détection face à cette menace croissante.

The paper 𝙏𝙝𝙚 𝙍𝙚𝙜𝙪𝙡𝙖𝙩𝙞𝙤𝙣 𝙤𝙛 𝘿𝙖𝙩𝙖 𝙋𝙧𝙞𝙫𝙖𝙘𝙮 𝙖𝙣𝙙 𝘾𝙮𝙗𝙚𝙧𝙨𝙚𝙘𝙪𝙧𝙞𝙩𝙮 by Jasmin Gider (Tilburg University - Tilburg University School of Economics and Management), Luc Renneboog (Tilburg University - Department of Finance), and Tal Strauss (European Central Bank ECB) compares and contrasts the regulatory landscapes of data privacy and cybersecurity in the EU and the US. It outlines the fragmented nature of US regulations, often relying on state-specific laws and sectoral approaches, in contrast to the EU's more unified framework like 𝗚𝗗𝗣𝗥 and 𝗡𝗜𝗦 Directives. The text details the increasing costs and frequency of cyber incidents, emphasizing the insufficient mandatory disclosure requirements in both regions. Furthermore, it identifies gaps in current legislation and ongoing efforts, such as the 𝗘𝗨'𝘀 𝗖𝘆𝗯𝗲𝗿 𝗥𝗲𝘀𝗶𝗹𝗶𝗲𝗻𝗰𝗲 𝗔𝗰𝘁 and the US.'s 𝗖𝗜𝗥𝗖𝗜𝗔, to enhance 𝗱𝗶𝗴𝗶𝘁𝗮𝗹 𝗿𝗲𝘀𝗶𝗹𝗶𝗲𝗻𝗰𝗲 and address underinvestment in 𝗰𝘆𝗯𝗲𝗿𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆.

The ESAs DORA guide explains the framework's objectives, principles, structure, activities, processes, and expected outcomes. It covers CTPP designation based on criticality, risk assessment, and detailed oversight activities including ongoing monitoring, requests for information, general investigations, and inspections. The document also outlines the issuance of non-binding recommendations for identified deficiencies and subsequent follow-up procedures to ensure compliance, ultimately aiming to enhance digital operational resilience and financial system stability across the EU.

EIOPA submitted three draft technical standards and one revised guideline to the European Commission to support the implementation of the updated Solvency II Directive. The documents address criteria for identifying insurance groups under dominant or unified control, assessing cross-border activity relevance, updating lists of regional authorities for capital calculations, and revising guidance on undertaking-specific parameters. The Commission has three months to decide on adoption. These measures aim to clarify supervisory responsibilities, enhance cross-border oversight, and align technical rules with current legal frameworks, contributing to more effective and coordinated insurance supervision across the EU.

This consultation package is aimed at easing the reporting burden on insurance and reinsurance companies under the Solvency II framework. The proposed amendments seek to reduce reporting requirements by at least 26% for solo undertakings and 36% for small and non-complex undertakings. Key changes include reducing template frequency, deleting annual templates, and introducing technical simplifications. The EIOPA expects these changes to substantially reduce the burden on European insurers without compromising policyholder protection or financial stability. Stakeholders can provide feedback via the EU Survey until October 10, 2025.

These proposed guidelines update the 2019 EBA Guidelines on Outsourcing to align with the Digital Operational Resilience Act (DORA). Key aspects include:
◾ 𝗥𝗶𝘀𝗸 𝗠𝗮𝗻𝗮𝗴𝗲𝗺𝗲𝗻𝘁 𝗙𝗿𝗮𝗺𝗲𝘄𝗼𝗿𝗸: Financial entities must assess, monitor and mitigate risks throughout the third-party arrangement lifecycle, including due diligence, contractual phases and exit strategies.
◾ 𝗣𝗿𝗼𝗽𝗼𝗿𝘁𝗶𝗼𝗻𝗮𝗹𝗶𝘁𝘆 𝗣𝗿𝗶𝗻𝗰𝗶𝗽𝗹𝗲: The guidelines provide specific criteria for applying proportionality, limiting documentation burdens on financial entities and authorities.
◾ 𝗖𝗼𝗻𝘀𝗶𝘀𝘁𝗲𝗻𝗰𝘆 𝘄𝗶𝘁𝗵 𝗗𝗢𝗥𝗔: A single register can be used for both ICT and non-ICT services, streamlining information storage and reducing administrative burdens.
◾ 𝗧𝗿𝗮𝗻𝘀𝗶𝘁𝗶𝗼𝗻 𝗣𝗲𝗿𝗶𝗼𝗱: Financial entities have two years to review and amend existing arrangements and update their registers.

The consultation runs until October 8, 2025, allowing stakeholders to provide feedback on the draft guidelines.

The European Commission’s AI Continent Action Plan emphasizes the need to significantly expand cloud and data center capacity across the EU to support AI and digital infrastructure goals. The Cloud and AI Development Act aims to incentivize investment and triple current capacity within seven years. The insurance sector supports this approach but warns against restrictive sovereignty measures that could exclude non-EU providers without viable alternatives. It advocates for flexible, risk-based cloud definitions and support for hybrid strategies. The sector stresses that capacity-building, not protectionism, is key to achieving digital sovereignty while maintaining innovation, competitiveness, and international interoperability.

The ESAs and the EU’s new Anti-Money Laundering Authority (AMLA) have signed a multilateral Memorandum of Understanding to formalize cooperation and information exchange. The agreement outlines procedures for coordination and data sharing to support effective supervision across the EU’s financial sector. It aims to enhance supervisory convergence, foster cross-sector learning, and improve consistency in applying AML/CFT rules. This MoU is part of AMLA’s broader mandate to strengthen EU-wide oversight and coordinate with national authorities and Financial Intelligence Units in combating financial crime.

En 2024, Tracfin a franchi le cap des 200 000 déclarations de soupçon, avec 211 165 signalements (+13,2 % par rapport à 2023), reflétant l’engagement croissant des 50 professions assujetties à la lutte contre le blanchiment de capitaux (LCB-FT). Le secteur financier domine (93,1 %), mais le non-financier progresse (+25,7 %), notamment les opérateurs d’art (+254,4 %). Deux nouvelles professions, les entreprises de jeux numériques et gestionnaires de crédit, intègrent le dispositif. Tracfin renforce la qualité des déclarations via des échanges avec les déclarants et consolide sa coopération internationale, notamment avec l’AMLA et le Groupe Egmont.

The UK Financial Conduct Authority (FCA) has clarified that serious bullying and harassment in financial firms constitute misconduct under its rules. Previously, the classification of such behaviors as conduct breaches was often unclear for firms other than banks.
Effective September 1, 2026, these regulations will encompass approximately 37,000 additional regulated firms, aiming for consistent standards across the financial services sector. Substantial cases of poor personal behavior will also be mandated for inclusion in regulatory references, similar to financial misconduct, to prevent individuals from avoiding accountability by changing employers.
The FCA is consulting on further guidance to aid firms in implementing these changes, considering feedback on earlier drafts. This guidance addresses how firms should evaluate non-financial misconduct, including social media use and private life behavior, when assessing an individual's fitness for financial services roles. The consultation period for this guidance extends until September 10, 2025.