Author: Annabelle Rau

Annabelle Rau focuses on banking and financial services law, European financial supervisory law, and corporate law. Her advisory practice ranges from issues related to the regulation of traditional financial services to new FinTech business models, including crypto regulation. In addition, Annabelle Rau advises several listed companies on their general meetings and ongoing capital markets legal obligations.

MiCAR in Practice: BaFin Issues Guidance on Crypto Services

By Annabelle Rau | Renate Prinz on 10. January, 2025

Posted In Crypto Regulation

At the beginning of the year, the German Federal Financial Supervisory Authority (“BaFin“) released a guidance document on crypto-asset services under the new EU Regulation on Markets in Crypto-Assets (“MiCAR“). This regulation has been directly applicable to crypto service providers in the EU since December 30, 2024.

The guidance provides clarifications on the licensing requirements for crypto services and the obligations for providers. Key points include:

Definitions of Crypto Services: BaFin specifies which crypto services are subject to licensing and connects these to the well-established investment services under MiFID II.
Licensing of Crypto-Asset Service Providers: The guidance includes detailed information on when licensing requirements apply, and which entities are eligible for authorization.
Notification Requirement: Entities with existing licenses (e.g., credit or investment institutions) may provide certain crypto services without obtaining additional authorization but must notify BaFin in accordance with MiCAR requirements. The guidance outlines the specific requirements for this notification procedure.

The guidance serves as a practical tool for crypto businesses to navigate and comply with the new regulatory framework established under MiCAR securely and efficiently.

ZuFinG II – The Next Step Towards Strengthening Germany as a Financial Hub?

By Annabelle Rau on 10. October, 2024

Posted In Banking Law, Crypto Regulation, Financial Services, Payment Services

Following the initial steps with the Future Financing Act (“ZuFinG I“), the Federal Ministry of Finance presented the draft of the Second Future Financing Act (“ZuFinG II-E” and “Draft Bill“) on 27 August 2024. The Draft Bill aims to further develop the German financial market and revise some of the existing regulations. The primary focus is on facilitating access to the capital markets and relieving financial actors from excessive bureaucracy.

New Regulations for Payment Service Providers Regarding Customer Funds

Payment service providers are required to safeguard customer funds they receive according to the methods outlined in the German Payment Services Supervision Act (Zahlungsdiensteaufsichtsgesetz – ZAG). This can be done, for example, through an escrow account with a credit institution, as well as through insurance or a guarantee. ZuFinG II-E now introduces an additional provision, allowing customer funds to be deposited with the Deutsche Bundesbank or any other central bank of an EU member state. This gives payment service providers another option for safeguarding customer funds compliant with insolvency law.

To protect customers, the Draft Bill further proposes explicit regulations, whereby the received funds will be legally protected if they are held in a segregated account. Until now, this protection was based only on general, non-codified rules for escrow accounts. Payment service providers will likely need to review and potentially adapt their processes in light of the new regulations. However, these amendments also provide greater flexibility by offering an additional method for safeguarding funds. Furthermore, customer protection is enhanced through the explicit provisions, leading to increased legal certainty for payment service providers as well.

Loosening Employment Protection for High Earners in the Financial Sector

The conditions for high earners in the financial sector are set to become more flexible. ZuFinG II-E proposes loosening employment protection for individuals with very high incomes in the financial sector. This includes employees whose annual fixed remuneration exceeds three times the contribution assessment threshold for general pension insurance (Section 159 of the German Social Code VI) and who are not managing directors, plant managers or similar senior executives.

Specifically, high earners who are risk-takers will be treated similarly to executive employees in terms of employment protection. This means, for example, that the employer may submit an application for termination of the employment agreement in return for severance pay, which does not require any substantiation.

Such a regulation already exists under current rules for risk-takers at significant credit institutions. The limitation to significant institutions will now be lifted and extended to include securities institutions, asset management companies, and insurance companies, among others.

Further Measures to Reduce Bureaucracy: Less Effort, More Efficiency

Additionally, ZuFinG II-E seeks to further promote the reduction of bureaucracy in financial supervision through the following measures:

Simplifying cross-border services: The Federal Financial Supervisory Authority (Bundesanstalt für Finanzdienstleistungsaufsicht – “BaFin“) will no longer be required to substantively review the notification of cross-border services provided by German investment firms. Instead, BaFin will simply forward the notifications to the competent authority in the host member state without a detailed examination.
Higher threshold for large exposures: The reporting threshold for large exposures and loans will be raised from EUR 1 million to EUR 2 million.
Facilitations for crowdfunding: An amendment to the German Asset Investment Act (Vermögensanlagegesetz – VermAnlG) will extend the prospectus exemption for crowdfunding offerings to also cover offers of cooperative shares.
Removal of the list for crypto securities:
- Under ZuFinG I, the requirement to publish entries of crypto securities in the German Federal Gazette was abolished to reduce the bureaucratic burden and costs for issuers.
- According to the Draft Bill, the public list of crypto securities maintained by BaFin will also be abolished to save costs and reduce the effort required by BaFin to maintain the list and by issuers to submit notifications.
Removal of the Employee and Complaints Register (Mitarbeiter- und Beschwerderegisters – “MBR”) at BaFin:
- The obligation for institutions to notify BaFin of their investment advisors, sales representatives, and compliance officers, as well as to report complaints to the MBR, will be removed, which will reduce the administrative burden on both institutions and BaFin.
- The obligation for institutions to only employ competent and reliable staff for the relevant tasks remains unchanged and is unaffected by the abolition of the MBR.

Looking Ahead: What’s Next?

The Draft Bill is still in the legislative process and is expected to undergo several amendments. However, financial sector participants can already consider how they might adapt their internal processes to comply with the upcoming regulations. In particular, the proposed bureaucratic relief and enhanced options for safeguarding customer funds present attractive opportunities for more efficient and flexible business practices.

Annabelle Rau in Cointelegraph: An EU perspective on the Supreme Court’s Loper Bright decision

By Annabelle Rau on 18. July, 2024

Posted In MiCAR

Annabelle Rau comments in Cointelegraph on the judgement in the Loper Bright vs Raimondo case and its significance for the crypto industry from an EU perspective . Read her expert assessment of the US Supreme Court’s decision here.

From payment service providers to professional football clubs: New EU regulations to combat money laundering adopted

By Annabelle Rau on 30. April, 2024

Posted In Banking Supervision, Crypto Regulation, Financial Services, Money laundering, Payment Services

On April 24, 2024, the European Parliament adopted a new anti-money laundering legislative package to strengthen the EU’s tools to combat money laundering and terrorist financing.

The package includes

• the sixth Anti-Money Laundering Directive (“AMLD6”) as well as
• the EU Regulation on a Single Rulebook and
• a new central supervisory authority.

Extended access to beneficial ownership data

A key aspect of the new legislation is to ensure that persons with a legitimate interest – including journalists, civil society organizations, supervisory authorities and other relevant stakeholders – have direct and unhindered access to beneficial ownership data.

This information, stored in national registers and networked at EU level, also includes historical data going back at least five years. In the case of legal entities, a beneficial owner is any natural person who owns more than 25% of the capital or voting rights of a legal entity or exercises control in any other way. The information on the beneficial owner includes the name, date of birth, nationality, country of residence and the nature and extent of the beneficial interest of the owner.

Stricter due diligence obligations for obliged entities under money laundering law

The new regulations require obliged entities to implement stricter due diligence measures.
Obliged entities under money laundering law include, for example

• Banks
• Asset managers
• Crypto asset service providers (“CASPs”)
• Real estate and virtual real estate agents
• Lawyers, auditors and notaries
• Retailers of luxury goods

In future, the obliged entities will not only have to check the identity of their customers more thoroughly, but also report suspicious activities.
From 2029, this will also apply to professional football clubs involved in high-value financial transactions.

Restrictions on cash payments and stricter monitoring

The legislative package introduces an EU-wide limit for cash payments of EUR 10,000, except in the non-professional sector between private individuals.
In addition, increased monitoring of particularly wealthy individuals (total assets of at least EUR 50,000,000, excluding their main residence) will be implemented.

New central supervisory authority: AMLA

The new Anti-Money Laundering and Terrorist Financing Authority (“AMLA”) will be established in Frankfurt, Germany. AMLA will not only directly supervise the highest-risk financial companies but will also serve as a central coordination point for national supervisory authorities and monitor the enforcement of targeted financial sanctions.

Outlook

Formal adoption by the Council of the European Union is still pending before the new regulations can enter into force. Once adopted, the laws will be published in the EU Official Journal.
Those subject to anti-money laundering obligations should therefore familiarize themselves with the new regulations and extended due diligence obligations now.

Update for crypto asset service providers: Draft bill to transfer German crypto regulation to the EU MiCAR regime

By Annabelle Rau on 24. April, 2024

Posted In Crypto Regulation, Financial Services

On April 5, 2024, the German Federal Ministry of Finance (BMF) published a draft bill for two regulations intended to facilitate the transition of national crypto regulation into the EU MiCAR regime.
These proposed regulations specify the simplified authorization procedure and create the possibility of submitting applications before the MiCAR regulations become fully applicable.

In brief: Simplified authorization procedure for already regulated institutions

At the end of 2023, the German legislator presented the draft Financial Market Digitization Act (“FinmadiG“), which, among other things, provides for a separate Crypto Markets Supervision Act (“KMAG“) (we reported here). The KMAG enables a so-called simplified procedure through which institutions that already have a national license for crypto asset services can obtain a MiCAR license under simplified conditions.

Key points of the draft bill

The draft bill comprises two regulations:

The MiCAR-TransitV, which specifies the simplified procedure for already regulated institutions, and
the MiCAR-AntragsV, which allows applications to be submitted before the MiCAR becomes fully applicable.

Implementation of the simplified procedure through the MiCAR-TransitV

The MiCAR-TransitV is intended to structure the simplified procedure for companies already holding a license. This applies in particular to owners of a German license for the crypto custody business who do not also hold other (EU) licenses that would allow them to make use of the notification procedure. This is intended to enable already regulated institutions to make a simple transition to the MiCAR legal framework.
The BaFin review to be carried out in the simplified procedure in accordance with MiCAR-TransitV should be limited to those aspects in which the MiCAR requirements go beyond the existing requirements under current supervisory law and take into account the special features of the market and business models.
For example, applicants must present their current business organization and corporate governance to BaFin and submit an updated business plan. Depending on the specific crypto-asset service to be provided, additional obligations to provide proof may apply.

Application before MiCAR comes into force through the MiCAR-AntragsV

Parallel to the MiCAR-TransitV, the MiCAR-AntragsV regulates the details of the application for authorization as a crypto asset service provider (also “CASPs“) under MiCAR. This regulation is particularly relevant as it enables applications to be submitted before MiCAR comes into full force on December 30, 2024.
This is the BMF ‘s response to the business community’s need to make the transition as smooth and efficient as possible. Both already regulated companies and new market entrants should be able to enter into dialog with the supervisory authority at an early stage in this way. The MiCAR-AntragsV will expire once its purpose has been fulfilled, probably at the end of 2024.

Practical implications for CASPs

The new legal framework in Germany, which is to be introduced by the MiCAR-TransitV and the MiCAR-AntragsV, represents a significant step in the right direction for existing and prospective crypto asset service providers:

Regulated institutions should now consider the substantive requirements that will be placed on their application as part of the simplified authorization procedure and start preparing their application.
Furthermore, regulated institutions as well as new market entrants can prepare for the possibility of submitting an application as early as this year. With regard to the exchange with BaFin required as part of the application procedure, this option should be made use of in order to be able to offer crypto asset services in the EU single market at the same time as MiCAR becomes fully applicable.

Market participants and experts had until April 19, 2024 to comment on the proposed regulations. It is expected that the regulations will be adopted and enter into force by summer 2024 at the latest.

Are You Ready for MiCAR? – Webinar on the Introduction to the new EU Crypto Regulation

By Annabelle Rau | Renate Prinz on 09. February, 2024

Posted In Crypto Regulation, MiCAR

We had the pleasure to host our webinar on the new regulation of crypto-assets in the EU (Markets in Crypto-Assets Regulation (MiCAR)), with a focus on the scope of MiCAR, licensing requirements and procedures, and obligations for crypto-asset service providers in the EU. Our experts, specializing in Financial Regulatory Law with a focus on the current crypto regulation, engaged in discussions regarding the upcoming changes due to MiCAR in 2024.

The seminar was targeted at all those who were (or aspired to be) involved in the crypto scene or provided services in this domain, seeking insights into compliance with the new regulation.

You can view a recording of the session below:

FinmadiG and KMAG – Implementation of European crypto-financial market regulation in Germany

By Annabelle Rau on 29. January, 2024

Posted In Crypto Regulation, Financial Services

The German legislator has responded to the harmonization of European financial market regulations: In October 2023, the Federal Ministry of Finance published the draft bill for the Act on the Digitization of the Financial Market (Finanzmarktdigitalisierungsgesetz – “FinmadiG“), followed by the publication of the government draft of the FinmadiG just one month later.

MiCAR, DORA and money transfers – what does the FinmadiG implement?

The FinmadiG is intended to implement the following EU regulations on digital financial market regulation:

Markets in Crypto-Assets Regulation (“MiCAR”): The first EU-wide uniform set of rules for markets in crypto assets (we provided information here, for example)
The EU DORA package (Digital Operational Resilience Act): The financial sector-wide EU regulation of cybersecurity, ICT risks and digital operational resilience
Revision of the EU Transfer of Funds Regulation (TFR): Including regulating the collection and disclosure of customer information in crypto transfers

New regulations on the terms “crypto assets” and “crypto custody business”

The FinmadiG is intended to harmonize the German definition of crypto assets with the European MiCAR standard. The term crypto assets will be removed from the catalogue of financial instruments of the German Banking Act (“KWG“), which means a realignment of the regulatory coverage of crypto assets. In future, crypto assets as defined by MiCAR will be directly covered and regulated by MiCAR.
At the same time, a new term – cryptographic instrument – will be introduced. This is intended to cover digital assets that do not fall within the scope of MiCAR (e.g. security tokens within the meaning of MiFID II) and must therefore continue to be regulated by the KWG and the German Securities Institutions Act.
Consequently, the previous national crypto custody business will also be renamed “qualified crypto custody business”. In future, it will apply to the custody of crypto assets that do not fall under MiCAR but qualify as cryptographic instruments within the meaning of national regulations.
In future, both issuers and providers of crypto services will therefore have to check exactly which crypto asset term the respective tokens fall under and which supervisory regime will subsequently apply.

MiCAR supervision by BaFin: the new Crypto Markets Supervision Act (KMAG)

The German Federal Financial Supervisory Authority (“BaFin“) is responsible for the supervision of crypto assets, issuers, and service providers within the meaning of MiCAR. To regulate its powers and sanctions in connection with the new regulation, a separate Crypto Markets Supervision Act (“KMAG”) is to be created.
The KMAG also addresses the possibility of a simplified licensing procedure for institutions that are already regulated. The exact structure of the simplified procedure is then to be regulated by a separate ordinance to be issued by the BMF.

Digital resilience of the financial sector: implementation of DORA

DORA addresses the digital operational resilience of financial companies in a standardized manner to create a common framework for the effective management of cyber security and ICT risks. BaFin recently published its own DORA information page on this.
To implement DORA, the FinmadiG provides for numerous amendments to national supervisory laws. This also includes authorization bases for BaFin orders in the event of violations of DORA as well as the introduction of administrative offenses that can be punished with a fine.

Crypto and money laundering: implementation of the TFR

The FinmadiG also aims to adapt national regulations to the requirements of the updated EU Funds Transfer Regulation. In future, crypto service providers will have to collect, transmit and make available information on the originators and beneficiaries of the transfers of crypto assets they carry out. In addition, such crypto service providers will continue to be considered obliged entities under money laundering law within the meaning of the Money Laundering Act (“GWG“).

Outlook

The form in which the implementation proposals of the FinmadiG will find their way into legislation remains to be seen. In particular, the dual regulation of crypto assets under MiCAR on the one hand and security tokens under MiFID II on the other, which was already laid out in MiCAR, will continue to challenge legal practitioners in the future. It is to be hoped that the German legislator will find a way of implementation that is comprehensible and legally secure in practice.

Update for securities institutions: German Securities Institutions Owner Control Ordi-nance published

By Annabelle Rau on 17. January, 2024

Posted In Banking Law, Financial Services

On January 15, 2024, the German Securities Institutions Owner Control Ordinance was published in the Federal Law Gazette and thus entered into force today, January 16, 2024.

Owner control procedures for securities institutions

The Securities Institutions Owner Control Ordinance regulates the material and formal requirements for the acquisition of a significant shareholding in a regulated securities institution (so-called owner control procedure).

A significant or qualified shareholding is defined as the direct or indirect holding of shares in a company that represents at least 10% of the capital or voting rights of this company or that otherwise enables the exercise of significant influence over the management of this company.

Specification of the notification of the acquisition of shareholdings by the ordinance

Anyone intending to acquire such a significant shareholding or increase an existing shareholding must notify BaFin (Section 24 (1) WpIG). The Securities Institutions Owner Control Ordinance specifies how this notification must be made.

The checklists in the ordinance are useful in particular, e.g. for

Notification of the acquisition or increase of a significant shareholding by a natural person
Notification of the acquisition or increase of a significant shareholding by a non-natural person

The regulation now contains notification forms for both constellations. In addition, it contains the forms for information on the required reliability of the interested acquirer, on the presentation of complex shareholding structures and on the disposal or reduction of a significant shareholding.

Outlook

With the entry into force of the German Securities Institutions Owner Control Ordinance, there is now finally an owner control procedure tailored to securities institutions. The previously necessary recourse to parallel regulations from other German supervisory laws no longer applies. Interested acquirers should familiarize themselves with the requirements for the acquisition of a significant shareholding in a securities institution at an early stage to be able to initiate the process with BaFin as well prepared as possible.

What To Expect From The EU’s New PSD3, PSR AND FIDA Regulations

By Annabelle Rau | Renate Prinz on 08. November, 2023

Posted In EU

The Payment Services Directive II (PSD2) has changed the payment services industry in Europe. However, many details remain open and impractical and the implementation of the directive and the administrative practices of local financial supervisory authorities differ greatly in some cases. A reform is now pending with PSD3, which aims for a higher degree of harmonization and will bring with it many new requirements for payment service providers.What are the most important changes and challenges facing the industry? How can payment service providers prepare? Read the article by Renate Prinz and Annabelle Rau to find out how the planned PSD 3 directive, the Payment Services Regulation (PSR) and the Framework Regulation on Access to Financial Data (FIDA) could change the landscape of payment services.

Click here for the full article.

United Kingdom’s digital pound meets public backlash – Why?

By Annabelle Rau on 17. July, 2023

Posted In Financial Services

It’s not only the EU with its plans for a digital Euro that’s addressing the matter of Central Bank Digital Currency (“CBDC“). The UK has also unveiled an ambitious roadmap for the introduction of a ‘Britcoin’ by 2030. In a conversation with Cointelegraph, Annabelle Rau sheds light on the impacts of CBDCs on privacy, financial inclusion, and the risks of bank runs.

Follow this link to the full version of the article on Cointelegraph.

ESG, home office and real estate transactions – BaFin publishes 7th MaRisk amendment

By Annabelle Rau on 06. July, 2023

Posted In Banking Law

The German Federal Financial Supervisory Authority (“BaFin“) published the seventh amendment to the Minimum Requirements for Risk Management of Banks (“MaRisk“) on June 29, 2023.
The MaRisk codify BaFin’s administrative practice on risk management for German banks, in particular with respect to business organization and outsourcing, and in doing so substantiates the statutory requirements of Section 25a of the German Banking Act (“KWG“).
The amendments range from requirements of the European Banking Authority (“EBA“) for lending and monitoring to exceptions for securities trading in the home office and the managing of ESG and real estate risks.

Loans: New stricter requirements for review and documentation in lending and monitoring in line with EBA guidelines.
Home office: Securities trading is now to be permitted permanently from the home office under certain requirements.
ESG: Sustainability risks are to be taken into account in the banks’ risk management in the future.
Real estate: For the first time, BaFin has defined own requirements for the management of bank-owned real estate.

Integration of EBA guidelines for lending and monitoring
BaFin has now integrated all EBA requirements for lending and monitoring into the MaRisk and thus into its administrative practice. This has added a number of formal requirements for banks in terms of processes, particularly for lending.

These include, among other things, more differentiated and more specific rules for the lending process. When granting loans, for example, a distinction will now have to be made between the category of borrower (e.g. secured consumer loans or loans to small and micro enterprises) and the type of financing involved (e.g. financing of commercial real estate or project financing).

Integration of EBA guidelines for lending and loan monitoring
BaFin has now integrated all EBA requirements for lending and monitoring into MaRisk and thus into its administrative practice. This has added a number of formal requirements for banks in terms of processes, particularly for lending.

In the context of risk classification and the drafting of contracts that is based on it, banks will have to examine more criteria in the future when determining the creditworthiness of customers. In addition, security assessments will have to be carried out even more carefully in the future as part of the drafting of contracts. If there are doubts about the potential customer’s ability to repay the loan, the reduction in creditworthiness must be calculated by means of simulations and taken into account accordingly when drawing up the contractual terms and conditions.

Securities trading now permanently possible from the home office
During the Covid 19 pandemic, BaFin had permitted securities trading from the home office under certain conditions. The 7th amendment to the MaRisk will now make this possible on a permanent basis, although the conditions formulated during the pandemic must still be met:

Specifically, securities traders’ home workplaces must be located in specified locations and enable confidential business transactions.
In addition, it must be ensured that trading can be relocated to the business premises in the event of (technical) impairments in the home office.
Furthermore, a sufficient presence of other traders on the business premises shall be ensured at all times.
In addition, all business transactions executed outside the business premises must be specially marked and brought to the attention of an area of the institute that is independent of the traders.

Appropriate consideration of ESG risks
Furthermore, the sustainability criteria of environmental, social and governance (“ESG“) have now found their way into the MaRisk and thus into the banks’ risk management. The practical requirements for dealing with risks now regularly include that the effects of ESG risks must be considered appropriately:

To determine these risks, banks should use scientifically based scenarios, which they can source from generally recognized institutions or networks and apply to their own business model, for example.
In any case, banks should not base their considerations on their own assumptions about climate change or the transition to a sustainable economy.

The wording of “appropriate consideration” refers to the proportionality principle and makes it clear that there cannot exist a “one size fits all” solution for sustainability risks. According to BaFin, smaller institutions can thus carry out a simpler ESG risk assessment depending on how they are exposed to ESG risks, for example, due to their business model. It is then possible, for example, to limit the risk analysis to the most affected risk positions or portfolios.

Managing the banks’ own real estate transactions
Since many banks have purchased real estate in the booming real estate market in recent years, BaFin has now included a new module in the MaRisk in which it formulates a large number of requirements for the assessment, valuation and risk analysis of real estate investments.

For example, in future the market value of real estate acquired by banks for their own portfolios must be determined by experts. In addition, the institution must analyse the relevant economic aspects before acquiring or constructing real estate and, in particular, include risks in the assessment.

Nevertheless, the requirements only apply if an institution’s real estate portfolio accounts for more than two percent of its total assets or exceeds the threshold of EUR 30 million. In addition, real estate funds are not affected by the new requirements.

Transition periods for the new MaRisk requirements
The new version came into force on the publication date on June 29, 2023. The amendments to the MaRisk that merely serve to clarify BaFin’s administrative practice (e.g., on the home office) already started to apply when they came into force. For the implementation of the amendments that entail new requirements (e.g., on real estate transactions), there is a transition period until January 1, 2024.

ESG query obligation will also apply to German investment intermediaries (Finanzanlagenvermittler)

By Annabelle Rau on 03. February, 2023

Posted In Financial Services, Financial situation intermediary

ESG is also coming to German investment intermediaries!
On November 11, 2022, the German Federal Ministry of Economics presented a draft bill for a Regulation Amending the Trade Notification Regulation and the Financial Investment Intermediaries Regulation. As a result of the amendment, German investment intermediaries licensed under Section 34f of the German Trade Regulation Act (Gewerbeordnung – „GewO“) will have to ask their customers about their sustainability preferences in the context of investment advice and take these into account in a suitability test.

Alignment of the ESG query obligation with the European regulatory standard
Since August 2022, investment advisors and financial portfolio managers licensed under the German Banking Act (Kreditwesengesetz – “KWG“) have been required to ask their clients about their sustainability preferences and to recommend only financial instruments that meet these sustainability preferences (we reported here).

The background to this was a delegated act of the European Commission on MiFID II (“Delegated Regulation”), which imposed an ESG query obligation on European banks and investment firms.

However, the German Investment Intermediaries Regulation (Finanzanlagenvermittlungsverordnung – “FinVermV“), which applies to German investment intermediaries, has so far only referred “rigidly” to a specific version of the EU regulations – the newly imposed ESG query obligation therefore remained without consequence for national investment intermediaries.

The draft legislation now provides for a so-called “dynamic” reference to the EU-Regulation “as amended”. This means that future amendments to the Delegated Regulation will automatically apply to investment intermediaries licensed in Germany.

What does this mean in concrete terms for German investment intermediaries?
In future, German investment intermediaries will have to obtain information from their customers about their sustainability preferences when providing investment advice and then take this information into account and document it when assessing the suitability.

The sustainability preferences to be determined are divided into three categories:

Do the financial instruments contain a minimum proportion of environmentally sustainable investments as defined in the Taxonomy Regulation (Regulation (EU) 2020/852)?
Do the financial instruments contain a minimum proportion of sustainable investments within the meaning of the Sustainable Finance Disclosure Regulation (Regulation (EU) 2019/2088)?
Do the financial instruments take into account the main adverse impacts on sustainability, thereby excluding financial instruments with certain negative impacts (e.g. human rights violations and greenhouse gas emissions)?

Further changes for German investment intermediaries
In addition to the new obligation for sustainability exploration, the draft bill provides for further amendments to the FinVermV:

The catalog of professional qualifications that are treated as equivalent to the necessary expert examination (Section 4 (1) FinVermV) is expanded to include the successfully passed final examination as a businessman or businesswoman for insurance and financial investments.
The written form requirement for the negative declaration (Section 24 (1) sentence 5 FinVermV) is replaced by a text form requirement.
The subject of “sustainable financial investment products” will be included in the subject area catalog of the qualification examination for German investment intermediaries.

The draft bill still needs to be agreed within the German government, but it can be assumed that the new regulations will be implemented. However, it is not yet known when the regulation will come into force and when the new rules will apply to financial investment intermediaries.

BaFin considers dark patterns in trading apps and trading portals to be unlawful

By Annabelle Rau on 24. November, 2022

Posted In Securities Service Providers

On November 21, 2022, the German Federal Financial Supervisory Authority (Bundesanstalt für Finanzdienstleistungsaufsicht – “BaFin“) clarified in a statement that investment firms are not allowed to use dark patterns in trading apps or trading portals. Against this background, BaFin also published two new FAQs on the conduct of business rules for investment firms.

In BaFin’s opinion, dark patterns in digital decision worlds (“choice architecture“) violate the ban of misleading information and the principle of fairness and are therefore unlawful.

What are dark patterns?

Dark patterns are when individual buttons in apps or on websites have a significantly lower contrast, are grayed out or transparent compared to others, and are therefore less noticeable to users overall.

Such graphical designs (e.g., graying out or “making invisible” an active button area) are designed to lead the customer to make a particular decision when faced with an equivalent choice decision.

Legal background to the BaFin decision

Trading apps and trading portals typically offer investment services and ancillary investment services that require a license. They are therefore supervised by BaFin as investment firms within the meaning of Section 2 (10) of the German Securities Trading Act (Wertpapierhandelsgesetz – “WpHG“).

Investment firms are subject to the conduct of business rules of MiFID II, which have been harmonized under European law and implemented in Germany in Sections 63 et seq. WpHG:

According to the rules of conduct, all information that investment firms make available to clients must be fair and clear and must not be misleading (Section 63 (6) WpHG).
According to BaFin, the use of dark patterns can mislead customers and conceals important points in the process.
In a choice architecture of investment firms, the use of dark patterns therefore violates the prohibition of misleading information and the requirement of fairness pursuant to Section 63 (6) WpHG.
According to BaFin, the absence of an important and relevant button (e.g. to cancel a transaction) is also unfair and thus prohibited. Since the concealment of a decision-making option through dark patterns is already inadmissible, this applies all the more to the complete absence of such a button.

What does this mean in practice for investment firms?

As a result of BaFin’s classification, it is now inadmissible, for example, to display the button for completing a securities transaction in a high-contrast manner, while the button for canceling is designed to be less noticeable in comparison.

Equally inadmissible is, for example, the absence of a button for an important action option of the customer that is relevant in the choice architecture (such as canceling a securities transaction), even though another button is offered at the same time for the same decision situation (in this case, the execution of the transaction).

Investment firms are now called upon to check their online presence for such inappropriate designs. If BaFin has already identified dark patterns in trading apps through its own audits, it intends to address this promptly with the companies concerned.

McDermottTech 2022 – Recap

By Annabelle Rau | Renate Prinz on 21. October, 2022

Posted In Crypto Regulation, Events

From crypto, NFTs and blockchain technologies, to ethics in artificial intelligence, outsourcing and cloud deals, to trends in IP protection and enforcement in the metaverse: Together, we discussed some of the latest global trends in the technology industry at this year’s McDermottTech.

Interested in the content of our panels? Click here for the videos of our panels. You can also download the PowerPoint presentation here.

ESG risks & Co. in the 7th MaRisk update

By Annabelle Rau on 14. October, 2022

Posted In Banking Law, Sustainability Risks

On September 26, 2022, the German Federal Financial Supervisory Authority (Bundesanstalt für Finanzdienstleistungsaufsicht – “BaFin“) published an amended draft of its circular “Minimum Requirements for Risk Management” (Mindestanforderungen an das Risikomanagement – “MaRisk“), which is now open for consultation.

MaRisk codifies BaFin’s administrative practice on risk management for German banks, particularly with regard to business organization and outsourcing, and in doing so specifies the statutory requirements of Section 25a of the German Banking Act (Kreditwesengesetz – „KWG“).

The draft of the 7th MaRisk amendment includes, among other things

the implementation of the European Banking Authority (“EBA”) guidelines on credit allocation and supervision;
specific requirements for real estate transactions by banks;
basic rules that credit institutions must comply with when using risk models;
ESG risk management requirements.

BaFin for the first time explicitly imposes binding requirements on banks for the treatment of ESG risks

BaFin had already provided banks with guidance on the management of sustainability risks in its leaflet on dealing with sustainability risks. It defines the term “sustainability” in terms of “ESG” (environmental, social and governance). However, the guidance still served as a summary of non-binding “good practice” approaches. By incorporating these approaches into MaRisk, they can become part of BaFin audits in the future.

This means that banks will have to develop an approach to sustainability risks that is appropriate to their business model and risk profile. This involves adapting existing processes and developing new measurement, management and risk mitigation tools for sustainability risks.

In line with the proportionality principle of MaRisk, simpler structures, processes and methods may suffice if the risk profile is less complex. However, the more significant the sustainability risks are for a credit institution, the more elaborate the instruments must be.

Banks are also to take the impact of ESG risks into account in risk classification procedures. However, as long as this proves to be impracticable, separate ESG scores can also be used in the assessment of creditworthiness and credit assessment, according to BaFin.

The consultation will run until October 28, 2022. BaFin and Deutsche Bundesbank are accepting comments by e-mail to konsultation-06-22@bafin.de and B32_MaRisk@bundesbank.de with the subject “Consultation 6/2022”. The new version of MaRisk will then replace the currently valid Circular 10/2021.

FinTech Market: Regulation of crypto assets in Germany and the EU

By Annabelle Rau | Renate Prinz on 21. September, 2022

Posted In Crypto Regulation

In this webinar, Renate Prinz and Annabelle Rau provide an overview of the current regulatory land-scape for crypto assets and crypto service providers in Germany, also taking a look at the European level, where uniform legislation for the regulation of crypto-assets is coming soon. The following fur-ther topics will be covered:

Regulatory classification of crypto-assets in Germany.
Licensing requirements in connection with crypto-assets and crypto-services
Overview of the regulatory requirements for entities regulated in Germany
Draft European crypto regulation, in particular the Markets in Crypto-Assets Regulation (“MiCAR”).
Passporting of licenses within the EU

Click here to watch the video.

Interested in the presentation used in the webinar? Contact us to receive a PDF of the presentation.

Article in Libra: EU creates uniform rules for dealing with crypto assets

By Annabelle Rau | Renate Prinz on 16. September, 2022

Posted In Crypto Regulation

In their latest article for “Libra – das Rechtsbriefing”, Renate Prinz and Annabelle Rau present the main contents of the new “Markets in Crypto-Assets Regulation” (MiCAR), which the European Council, the EU Parliament and the EU Commission recently agreed on.

Click here to read the entire article.

BaFin on the new sustainability exploration in investment advice and financial portfolio management

By Annabelle Rau on 17. August, 2022

Posted In Financial Services

In a publication dated August 3, 2022, BaFin referred to the now applicable obligation of investment advisors and financial portfolio managers to conduct customer exploration with regard to the sustainability preferences of customers.

Customer exploration now also includes sustainability factors, which is why the suitability check and declaration is expanded to include the aspect of the customer’s sustainability preference.
The background is the Delegated Regulation (EU) 2021/1253 of the European Commission, which regulates the inclusion of sustainability factors, risks and preferences in certain organizational requirements and conditions for the operation of securities firms.
In practice, this means that investment advisors must now ask their clients about their sustainability preferences and may only recommend financial instruments to them that meet these sustainability preferences.
Sustainability preferences are divided into three categories:
- environmentally sustainable investments within the meaning of the Taxonomy Regulation (Regulation (EU) 2020/852)
- sustainable investments within the meaning of the Disclosure Regulation (Regulation (EU) 2019/2088).
- according to whether a financial instrument should take into account the most significant adverse impacts on sustainability, thereby excluding financial instruments with certain negative impacts, such as human rights violations and greenhouse gas emissions.
Concrete specifications on the design of the exploration are still pending, but are expected with regard to guidelines of the European Securities and Markets Authority (“ESMA“), which are only available in draft form so far.

BaFin points out that it will closely monitor the implementation of the new regulations and – where necessary – request securities companies to make improvements. Compliance with the new regulations will also be examined in the annual audit under the German Securities Trading Act.

PSD3 on the horizon?

By Annabelle Rau on 17. August, 2022

Posted In Payment Services

The European Commission is currently consulting on the revision of the Payment Service Directive 2 („PSD2“).

PSD2 regulates uniform EU-wide requirements for payment service providers and the provision of payment services. In Germany, the regulatory requirements of PSD2 are implemented by the Payment Services Supervision Act (“ZAG“).

In this regard, the European Banking Authority (“EBA“) submitted proposals to amend PSD2 to the European Commission in a 126-page opinion on June 23, 2022.

The proposals include:

Adjustments to the catalogue of payment services, e.g., streamlining and clarification to enable clearer delineation between individual payment services as well as splitting and merging of individual payment services.
Adjustments to the licensing procedure and supervision of payment service providers (e.g., with regard to capital requirements, the distinction between freedom to provide services and freedom of establishment, regulatory arbitrage and the resulting forum shopping, and delays in the licensing procedure).
Clarification of liability rules and related key terms in connection with unauthorized transactions, which are said to have recently led to legal uncertainty and inconsistent application of the Directive.
Specification and adaptation of strong customer authentication (“SCA”), e.g. with regard to liability and necessity of implementation.
Requirement for account servicing payment service providers to make more information available to providers of account information and payment initiation services and exploration of the possibility of a single application programming interface (“API“) for these services as a standard in the EU.
Enforcement of PSD requirements, such as measures to address the delayed implementation of SCA in card-based e-commerce.

The targeted consultations ended already at the beginning of July 2022, the public consultation end-ed on August 2, 2022. Against the background of the comprehensive opinion of the EBA, it is expected that the European Commission will deal with one or the other proposal even more intensively.

EU Trilogue agreed on Markets in Crypto Assets Regulation (“MiCAR”)

By Annabelle Rau | Renate Prinz on 11. August, 2022

Posted In Crypto Regulation

The trilogue agreed on the final text for the Markets in Crypto Assets Regulation (“MiCAR“) on June 30, 2022, which now needs to be adopted by the member states (click here for the press release).

MiCAR will for the first time create a single European legal framework for crypto assets, crypto issuers and service providers. Crypto assets have been regulated in a predominantly inconsistent manner in Europe to date.
MiCAR provides for specific requirements for Utility Token, Value-Referenced Token and E-Money Token. It does not include Security Tokens, which are already subject to existing EU financial services regulations, and Non-fungible Tokens (“NFTs”), unless they fall under one of the crypto asset categories.
In addition, MiCAR regulates regulatory requirements for crypto issuers (e.g., obligation to prepare a white paper) and crypto service providers (e.g., requirement for licensing and ongoing conduct of business obligations).
New compared to the draft version is, for example, that companies on the crypto securities market are now required to submit a statement with information on their environmental and climate footprint. The content, methods and presentation of the statement will then be specified by ESMA (European Securities and Markets Authority) via technical standards.

The final text of MiCAR has not yet been published. The regulation is expected to enter into force at the end of the year, and the provisions will then be directly applicable in all EU member states after a transition period of 18 months following entry into force.