The Banking Regulation Review: United Kingdom
After more than 47 years of EU membership, and a further 11-month implementation period that expired at 11pm on 31 December 2020, the United Kingdom is no longer part of the EU's single market and is, at least in principle, free to determine its own regulatory regime for banks. The true meaning and outcomes of this independence remain unclear, however, and a vigorous debate is under way about the direction that future regulatory initiatives should take.
The continuing effects of the coronavirus pandemic have likely concealed much of the immediate economic disruption wrought by Brexit and the end of the implementation period. While the promised 'sunlit uplands' are certainly yet to emerge, recent regulatory and legislative initiatives (including, in particular, the Financial Services Bill 2019–21 (the FS Bill)) demonstrate how the UK might develop an approach to financial services regulation that is more tailored to its individual circumstances than the EU framework it has inherited.
The uncertain regulatory environment created by Brexit, and the unprecedented economic effects of covid-19, have conspired to create a very challenging environment for UK banking groups over the past 12 months. Most have weathered this well, and in the early stages of the pandemic, UK banking groups and their regulators were quick to point out how well-capitalised they were, and that they stood ready to support the real economy through very difficult economic circumstances. The true test of the sector's resilience will be its performance as normal service (hopefully) resumes in 2021, and the UK is left to address the long-term effects of both Brexit and the pandemic.
The top five UK banking groups by market capitalisation are HSBC Holdings plc, Lloyds Banking Group plc, Barclays plc, NatWest Group plc (formerly The Royal Bank of Scotland Group plc) and Standard Chartered plc.2 Other than Standard Chartered plc, these banks, together with Santander UK plc (the UK subsidiary of the Spanish banking group), are the most prominent in the UK personal and business banking markets, although the market share of smaller challenger and digital banks continues to develop.
The regulatory regime applicable to banks
Regulatory and supervisory responsibility for UK banks is divided principally between the Bank of England (in its capacity as the Prudential Regulation Authority (PRA)) and the Financial Conduct Authority (FCA). The Bank of England exercises its role as the PRA through its Prudential Regulation Committee (PRC), while its Financial Policy Committee (FPC) has a macroprudential mandate to identify imbalances, risks and vulnerabilities in the UK financial system, and can direct the PRA and the FCA to take certain actions to mitigate those risks. The Bank of England also acts as the UK's resolution authority for banks, building societies and certain investment firms.
The authority of the PRA and the FCA derives from the Financial Services and Markets Act 2000 (as amended) (FSMA). The FSMA sets out objectives for each regulator and requires them to exercise their powers in a manner that they consider will advance those objectives.
i Authorisation requirements
Under the FSMA, it is a criminal offence for a person to engage in regulated activities by way of business in the United Kingdom unless authorised (an authorised person) or exempt from the authorisation requirement. Firms that wish to carry on deposit-taking activities (i.e., prospective banks and building societies) are required to seek authorisation to do so from the PRA.
The FCA is responsible for the authorisation and prudential supervision of firms that are not subject to prudential regulation by the PRA, which may include banks' subsidiaries or other entities within banking groups, such as dedicated consumer credit lenders and investment firms.
Banks authorised in jurisdictions outside the UK may seek authorisation to carry on business in the UK through a UK branch or subsidiary. If an overseas bank's UK retail deposit-taking activities are deemed by the PRA to be significant, or its wholesale banking activities are deemed to be systemically important, the PRA would generally expect that bank to carry on its business in the UK through a separately authorised UK subsidiary. Under the PRA's temporary permissions regime, European Economic Area (EEA) banks operating in the UK through a branch or on a cross-border basis prior to 31 December 2020 (IP Completion Day) are permitted to carry on doing so for a maximum period of three years from that date, provided that they notified the PRA of their intention to do so, or submitted an application for authorisation, prior to IP Completion Day. For more information on the PRA and FCA's temporary permissions regimes, see Section VII.i.
ii The PRA
The PRA is the prudential regulator of all UK banks and building societies, insurance companies and certain investment firms.
The PRA has a general power under the FSMA to make rules, and to issue related guidance, that apply to the firms it regulates, provided that it considers such rules or guidance necessary or expedient for the purpose of advancing any of its statutory objectives. PRA rules are set out in a rule book published by the PRA (the PRA Rulebook), and guidance is set out in associated supervisory statements and statements of policy.
iii The FCA
The FCA is responsible for the regulation of the conduct of business of all authorised firms in the United Kingdom (including banks and other PRA-authorised firms) and the conduct of business in respect of wholesale and retail financial markets and market infrastructure. It also has powers to regulate competition in the financial services sector that are concurrent with those of the Competition and Markets Authority.
The FCA has the power under the FSMA to make rules, and issue guidance, that apply to all regulated firms, provided that it can only make such rules as it considers necessary or expedient for the purpose of advancing one or more of its statutory operational objectives. FCA rules and guidance are set out in the FCA Handbook.
iv The Bank of England
Alongside its roles as a microprudential regulator (exercised in its capacity as the PRA) and as the central bank of the UK, the Bank of England has specific regulatory functions relating to financial stability. In particular, it is the resolution authority responsible for the enforcement of the special resolution regime introduced by the Banking Act 2009 (as amended) (the Banking Act) (see Section III.v) and, acting through the FPC, has the macroprudential objective of protecting and enhancing financial stability and the resilience of the UK financial system. The FPC does this by monitoring threats and taking action where necessary to address any perceived or identified vulnerabilities and imbalances in the UK financial system. While the FPC has the power to issue macroprudential recommendations and directions to the PRA and the FCA, it cannot exert control over, or issue directions to, individual firms.
i Relationship with the prudential regulator
Consistent with its judgment-led approach to supervision, the PRA's supervisory approach focuses on the most significant risks to its statutory objectives. The PRA draws on a broad set of information and data in forming supervisory judgments and relies on banks – and other firms that it regulates – to submit that information and data. Periodically, the PRA may validate data through on-site inspections conducted either by its own supervisory staff or by third parties. To support its information-gathering and analysis, the PRA requires firms to participate in meetings with supervisory staff at senior and working levels, and expects to be kept informed of all material developments relevant to the prudential situation of a UK bank or its group. This includes, for example, details of proposed acquisitions, disposals and significant intra-group transactions.
ii Management of banks
The individual accountability of senior bankers became a key area of focus for UK legislators and regulators in the immediate aftermath of the financial crisis of 2007 to 2009. Post-crisis reforms intended to enhance individual accountability in the banking sector have ultimately evolved into a series of connected measures that now apply to all firms (including banks) that are authorised by the PRA or the FCA. These comprise a senior managers regime, a certification regime and a set of PRA and FCA conduct rules for individuals. These measures are accompanied by requirements relating to the remuneration of the employees and directors of banks.
Senior managers regime
Individuals intending to carry on certain specified senior management functions (SMFs) at UK banks require prior approval by the PRA or the FCA (depending on the SMF in question). SMFs are specified by either the PRA or the FCA, a distinction that reflects the difference in scope of each regulator's objectives. For SMFs specified as PRA functions, individuals are pre-approved by the PRA with the FCA's consent. For SMFs specified as FCA functions, individuals require pre-approval by the FCA only.
The regulators will approve an individual to perform an SMF only if satisfied that the candidate is a fit and proper person. Both regulators are interested in the qualifications of applicants, and expect banks to carry out extensive referencing and due diligence before appointing new directors and other individuals performing SMFs, including assessing suitability for the role, conducting criminal record and credit checks and obtaining references from previous employers. The PRA and the FCA have, and frequently exercise, the power to interview prospective directors and other individuals proposing to perform SMFs.
The certification regime applies to individuals employed in positions where they could pose a risk of significant harm to a firm or its customers. Neither the PRA nor the FCA pre-approves these individuals, but banks are required to certify that the individuals are fit and proper for their roles, both at the point of recruitment and at least annually thereafter.
The FCA and the PRA have each issued high-level conduct rules that reflect core standards expected of individuals within their scope.
The FCA's conduct rules apply to all individuals approved as senior managers or covered by the certification regimes, as well as to:
- any non-executive directors (NEDs) who are not required to seek pre-approval from the PRA or the FCA (these are NEDs who do not chair the board or the risk, audit, remuneration or nominations committee or perform any other SMF, and are referred to as 'notified NEDs'); and
- all other employees (other than certain specified ancillary staff who perform a role that is not specific to the financial services business of the firm). The PRA's conduct rules apply to individuals approved as senior managers or covered by the certification regime, and to notified NEDs.
Both the FCA's and the PRA's conduct rules are set out in two tiers: those that apply to all individuals within the scope of the conduct rules (individual conduct rules) and those that apply only to senior managers (senior management conduct rules). In addition to the individual conduct rules, notified NEDs are subject to the senior management conduct rule requiring them to disclose to the PRA and the FCA any information of which the regulators would reasonably expect notice.
Duty of responsibility and individual liability
The senior managers regime is supported by legislation that imposes individual liability on senior managers and other individuals performing certain functions in relation to UK banks. In particular:
- under the FSMA, the PRA or the FCA can bring a misconduct claim against a senior manager if an authorised firm has contravened a relevant requirement, and the senior manager with the relevant responsibility did not take reasonable steps to avoid the contravention occurring or continuing. The burden of proof is on the regulator, which may suspend or limit the senior manager's approval, impose a penalty on the senior manager, impose conditions on the senior manager's approval or publish a statement of misconduct if it finds that the senior manager is in breach;
- the FSMA also allows the FCA and PRA to impose the same penalties on a relevant individual who fails to comply with a conduct rule, or who is knowingly involved in a contravention by an authorised firm of any requirement imposed on it by or under the FSMA, or FCA or PRA rules; and
- the Financial Services (Banking Reform) Act 2013 (as amended) (the Banking Reform Act) imposes criminal liability in respect of misconduct by a senior manager that leads to the failure of a bank, building society or PRA-authorised investment firm.
The remuneration requirements to which UK banks are subject are largely derived from EU legislation, and have been implemented in the UK by the PRA's CRR Remuneration Code and the FCA's Dual-Regulated Firms Remuneration Code. These are supplemented by guidance issued by the PRA, FCA and the European Banking Authority.
The provisions of the two remuneration codes apply to certain senior and risk-taking individuals in UK banks, staff engaged in control functions, and those earning in the same remuneration bracket as senior management and risk-takers. UK banks are required to apply the provisions of the remuneration codes to their subsidiaries and other members of their consolidation group, including such entities that are established in countries or territories outside the UK.
The remuneration codes prohibit guaranteed variable remuneration (other than in exceptional circumstances), and cap variable remuneration at 100 per cent of fixed remuneration, although this can be increased to 200 per cent with shareholder approval. The codes also require at least 50 per cent of variable remuneration to be paid in shares or equivalent instruments, and for at least 40 per cent to 60 per cent of variable remuneration (depending on total remuneration) to be deferred for between four and five years. Variable remuneration must also be subject to clawback arrangements, which must cover specific criteria (such as a failure to meet appropriate standards of fitness and propriety).
Additional remuneration rules apply in relation to senior managers, including a mandatory deferral of bonus payments for at least seven years (for senior managers), five years (for risk managers) or three years (for other material risk-takers). The clawback period for bonuses paid to senior managers can also be extended to 10 years if, at the end of the seven-year period, there are outstanding investigations that could lead to clawback.
Certain smaller banks, building societies and investment firms are not subject to the full range of restrictions in the remuneration codes; for example, the smallest banks, smaller investment firms and asset managers may disapply the requirement to maintain ratios between fixed and variable remuneration.
In the event of a breach of the remuneration codes, the PRA or the FCA, or both, may (depending on the provision breached) prohibit a firm from remunerating its staff in a certain way, make void any provision of an agreement that contravenes such a prohibition, and provide for the recovery of payments made, or property transferred, in pursuance of such a void provision.
Since 1 January 2019, UK banking groups with 'core deposits' (broadly, any deposits other than those made by corporates that are not small and medium-sized enterprises, financial institutions or consenting high-net-worth individuals or taken by branches outside the EEA) in excess of £25 billion have been required to organise themselves such that their core deposit-taking business is legally and financially independent of other group entities that carry on various wholesale or investment banking activities.
The entities through which affected groups carry on their core deposit-taking business (referred to as ring-fenced banks) are subject to significant restrictions on their banking activities, including a prohibition (subject to exceptions) on dealing in investments as principal and on dealing in commodities; a prohibition (subject to exceptions) on incurring exposures to relevant financial institutions (e.g., non-ring-fenced banks, global systemically important insurers and investment firms); and limitations on the types of financial products and services that they may provide.
Since 1 January 2019, the FSMA has required the PRA to discharge its general functions in relation to ring-fenced bodies and ring-fencing requirements to ensure the continuity of the provision of 'core services' in the UK. These core services are broader than the core activity of accepting deposits and extend to facilities for making payments from, and overdrafts in connection with, deposit accounts. The PRA also has the power to require the restructuring or break-up of a group that, in the PRA's view, is failing to meet the ring-fencing objectives.
iv Regulatory capital and liquidity
Prior to IP Completion Day, the capital requirements applicable to UK banks were set out under the EU Capital Requirements Regulation (CRR).3 They are now contained in the retained EU law version of that regulation (the UK CRR). There are, at present, only fairly limited differences between the capital requirements that apply to UK banks under the UK CRR and those that apply to their EEA counterparts under the CRR; while HM Treasury made a number of changes to the CRR as part of the 'onshoring' process, these predominantly related to the domestication of the EU acquis and did not substantively amend the requirements to which UK banks are subject. As set out in more detail in Section VII.ii, the UK government is now proposing to make more wide-ranging changes to the UK CRR as part of its implementation of final Basel III standards and the development of separate regimes for the prudential supervision of UK banks and investment firms.
The UK CRR imposes capital requirements by reference to a bank's 'total risk exposure amount', which weights the accounting value of a bank's assets and credit exposures according to their potential to suffer loss. The minimum capital requirements (referred to as Pillar 1) currently applicable to UK banks under the UK CRR can be summarised as follows:
- base regulatory capital of at least 8 per cent of the total risk exposure amount;
- Common Equity Tier 1 (CET1) capital of at least 4.5 per cent of the total risk exposure amount; and
- Tier 1 capital (comprising CET1 capital and Additional Tier 1 (AT1) capital) of at least 6 per cent of the total risk exposure amount.
CET1 capital is the highest quality of capital and generally comprises ordinary share capital and reserves, which must, in each case, meet eligibility criteria specified by the UK CRR. AT1 capital is the next highest quality of capital and comprises perpetual subordinated debt instruments or preference shares that meet the relevant eligibility criteria, chief among which is that the relevant instruments or shares must automatically be written down or converted into CET1 upon the bank's CET1 ratio falling below a specified level, which, in practice, the PRA expects to be at least 7 per cent. Tier 2 capital is capital of a lower quality and comprises subordinated debt or capital instruments with an original maturity of at least five years that meet the relevant eligibility criteria.
In addition to the Pillar 1 requirements, banks must hold capital against risks not adequately captured under the Pillar 1 regime (referred to as Pillar 2A) and in respect of the following regulatory capital buffers:
- the combined buffer, which is formed of a capital conservation buffer of 2.5 per cent of the total risk exposure amount, a countercyclical capital buffer (CCyB) (cut in March 2020 from 1 per cent to zero as part of a range of policy measures intended to combat the economic effects of the pandemic), a buffer for global and other systemically important institutions and, for banks subject to UK ring-fencing requirements, the systemic risk buffer; and
- the PRA buffer (also referred to as Pillar 2B), which is set by the PRA and takes account of a bank's ability to withstand a severe stress scenario, any perceived deficiencies in its risk management and governance framework, and any other information deemed relevant by the PRA.
UK banks must meet the Pillar 2A requirement with at least 56 per cent CET1 capital, while both the combined buffer and the PRA buffer must be met exclusively with CET1 capital. In practice, UK banks therefore need to maintain a CET1 capital ratio significantly in excess of the minimum 4.5 per cent CET1 ratio. While both the combined buffer and the PRA buffer are available to UK banks in times of stress, the PRA has the power to restrict the payment of distributions (in the form of dividends, coupons and staff bonuses) by UK banks if the combined buffer is breached.
Capital requirements apply to UK banks on a stand-alone (solo) basis and to their ultimate UK parent undertakings on a consolidated basis. Where that parent undertaking is a holding company (and not authorised as a bank or investment firm in its own right), it must (subject to certain exceptions) be approved by the PRA under Part 12B of the FSMA. This reflects changes made to the CRR and the Capital Requirements Directive (CRD) IV4 prior to IP Completion Day as part of the EU Banking Reform Package; before the implementation of those changes, no approval requirement existed in relation to the holding companies of UK banks (other than in respect of the acquisition of control of such banks – see Section VI), and consolidated capital requirements applied to the banks themselves, and not directly to their holding companies.
The application of these consolidated requirements are, however, subject to transitional provisions, which provide that:
- UK banks that formed part of an EEA consolidation group under the CRR on 31 December 2020 are not required to comply with consolidated capital requirements at a UK level until 1 April 2022;
- entities established as UK holding companies on 29 December 2020 are deemed to have been approved by the PRA under Part 12B of the FSMA until 28 June 2021 (if they have not submitted an application for approval to the PRA) or the earlier of 31 December 2021 and the date on which their application is finally determined (if they have submitted such an application); and
- UK banks that are subsidiaries of such holding companies are themselves required to comply with the consolidated capital requirements during that period.
The combined effect of these transitional measures is to preserve, for a limited period, the basis on which consolidated capital requirements applied prior to both the introduction of Part 12B of the FSMA and IP Completion Day.
The UK CRR requires UK banks to identify, manage and control large exposures to counterparties and groups of connected counterparties. In very broad terms (and subject to certain exceptions), those requirements prohibit an institution from incurring exposures to such counterparties in excess of 25 per cent of its eligible capital.
The requirements are substantively the same as those that applied to UK banks under the CRR; while the UK CRR does not distinguish between exposures to EEA and other non-UK entities (removing the preferential treatment that previously applied to certain EEA exposures), those changes are subject to transitional relief, such that the requirements in the most part continue to apply as they did prior to IP Completion Day. The PRA is currently consulting on proposals that would replace the large exposures requirements set out in the UK CRR with PRA rules. Those proposals, which are intended to implement Basel III requirements, would significantly amend the existing UK large exposures framework. See Section VII.ii.
Under the UK CRR, a UK bank must maintain a liquidity buffer equal to at least 100 per cent of its anticipated net liquidity outflows over a 30-calendar-day stress period and ensure that long-term obligations are adequately met with a diversity of stable funding instruments under both normal and stressed conditions.
Liquidity requirements apply on a solo and consolidated basis. The PRA can waive the application of the requirements on a solo basis in relation to (sub-)groups of institutions authorised in the UK. UK banks are, therefore, generally not able to rely on liquidity from non-UK subsidiaries to satisfy UK liquidity requirements.
In common with the CRR, the UK CRR does not contain any binding net stable funding ratio (NSFR) requirement, although the PRA is currently consulting on changes to the PRA Rulebook that would introduce a binding NSFR requirement of 100 per cent. See Section VII.ii.
At present, only UK banks and building societies that have retail deposits equal to or greater than £50 billion are subject to a binding leverage ratio requirement. This is set at 3.25 per cent and also includes a countercyclical leverage ratio buffer set at 35 per cent of the institution-specific countercyclical buffer, and, for UK global systemically important banks (G-SIBs) and domestic systemically important banks (D-SIBs), an institution-specific supplementary leverage ratio buffer.
The UK CRR also requires all UK banks to calculate, report and disclose their leverage ratios on a solo and consolidated basis. The FPC and the PRC are currently undertaking a review of the UK leverage ratio framework, and are expected to report on their findings later in 2021.
v Recovery and resolution
The Bank of England is the UK's resolution authority. Its resolution powers are derived from the Banking Act, which first introduced the 'special resolution regime' for UK banks in the immediate aftermath of the financial crisis of 2007 to 2009, and was subsequently updated to give effect to the resolution regime under the EU Bank Recovery and Resolution Directive (BRRD).5
The special resolution regime enables the Bank of England to exercise five pre-insolvency stabilisation options (transfer to a private sector purchaser, bridge bank or asset management vehicle; bail-in; and transfer to temporary public sector ownership), and includes modified insolvency and administration procedures for insolvent banks. The Bank of England is also able to exercise various pre-resolution powers (by directing the removal of perceived impediments to resolution, or the mandatory conversion or write-down of certain capital instruments, or both) without placing a bank in resolution.
As the UK resolution authority, the Bank of England is also required to set minimum requirements for own funds and eligible liabilities (MREL) for UK banks, building societies and certain investment firms. The Bank's approach to setting MREL reflects the requirements of the BRRD and the Financial Stability Board's total loss-absorbing capacity standard, although the UK has not implemented (and will not implement) changes to EU MREL requirements arising under BRRD II.6 UK G-SIBs and material subsidiaries of non-UK G-SIBs are also subject to a binding MREL requirement under the UK CRR, and are bound by the higher of the two requirements. The Bank of England is currently conducting a review of the UK MREL framework, ahead of the application of 'end-state' MREL requirements to UK G-SIBs and D-SIBs from 1 January 2022 and to other institutions within the scope of the special resolution regime from 1 January 2023.
Conduct of business
The FCA is responsible for the supervision and regulation of the conduct of business of banks in the United Kingdom. There are certain overarching legal and regulatory principles that UK banks must consider in the conduct of their business, such as the FCA's Principles for Businesses, which include a principle that firms must treat their customers fairly (the TCF principle). The TCF principle applies to services provided to retail and professional clients, although it is recognised that these client types require different levels of protection. The principle extends beyond the direct treatment of those customers to all the activities of regulated firms that affect customer outcomes.
UK banks should also be aware that consumer protection legislation will render certain unfair or unreasonable terms in consumer and certain other contracts void or unenforceable. FCA rules also contain restrictions that effectively prevent regulated firms from seeking to exclude or restrict, or to rely on any exclusion or restriction of, certain duties and liabilities that they may otherwise have to customers under the UK regulatory regime.
Further, the FCA's Banking Conduct of Business Sourcebook contains a set of reasonably high-level FCA rules that apply in relation to deposit-taking activities, and relate to matters such as communications with customers, financial promotions, post-sale requirements and cancellation rights in relation to banking products.
The Financial Ombudsman Service operates an independent alternative dispute resolution service for certain customers of PRA and FCA authorised firms.
i Regulated lending
While corporate lending is generally unregulated in the UK, consumer lending is subject to detailed conduct of business requirements.
The Mortgage and Home Finance Conduct of Business Sourcebook contains FCA rules in respect of activities associated with regulated mortgage contracts. A regulated mortgage contract is, broadly, a loan secured by a mortgage on land in the UK where at least 40 per cent of that land is used, or intended to be used, as or in connection with a dwelling by the borrower where the borrower is an individual or a trustee.7 Since March 2016, this has included second charge mortgages and certain buy-to-let mortgages. The lenders of consumer buy-to-let mortgages have also been subject to a separate registration and conduct regime since that date.
The regulatory framework for other regulated consumer lending is complex, and is split between requirements under the Consumer Credit Act 1974 (as amended) (CCA), secondary legislation made under the CCA and the FSMA, and the FCA's own consumer credit rules. Firms carrying out consumer credit activities are subject to various parts of the FCA Handbook (including the FCA's Principles for Businesses and its Consumer Credit Sourcebook).
ii Investment business
Investment business, in this context, includes activities such as dealing in investments (whether as principal or as agent), managing investments and providing investment advice. If a bank, or another entity within its group, intends to carry on these regulated activities in the UK, it must be appropriately authorised by the PRA or FCA (as applicable). These activities are subject to their own detailed conduct of business rules, including the rules in the FCA's Conduct of Business Sourcebook and its Principles for Businesses.
The provision of various investment services and activities in relation to certain financial instruments is also subject to UK law and regulation implementing the Markets in Financial Instruments Directive II,8 which came into force on 3 January 2018, including the retained EU law version of the Markets in Financial Instruments Regulation9 and applicable FCA rules.
iii Payment services and electronic money
The Payment Services Regulations 2017 (PSRs) and Electronic Money Regulations 2011 (EMRs), in each case as amended, set out an authorisation and prudential supervisory regime for payment service providers and electronic money institutions. UK banks carrying on payment services activities are exempt from authorisation under the PSRs, but must be authorised under the FSMA to issue electronic money. In both cases, UK banks carrying on such activities are subject to conduct of business supervision by the FCA under the PSRs and EMRs (as applicable).
UK banks raise funding from a number of different sources. In addition to deposits, interbank lending and wholesale funding, receipts from securitisations are gradually becoming more important as the securitisation market continues to recover. The Bank of England also makes available certain liquidity facilities to UK banks, in particular through its discount window facilities and open market operations.
The ability of UK banks to rely on sources of funding from within their group to meet liquidity requirements is limited under the PRA's rules, as noted in Section III.iv.
Control of banks and transfers of banking business
i Control regime
Outline of the regime
Any person who decides to acquire or increase 'control' of a UK-authorised person must first obtain the approval of the appropriate regulator (which is broadly the PRA in relation to control over UK banks and insurance companies, and the FCA in relation to control over other FCA-authorised firms).
The term 'control' is broadly defined, such that a person (A) will have control over a UK bank (B) for the purposes of the regime if A holds 10 per cent or more of the shares or voting power in B or a parent undertaking (P) of B, or holds shares or voting power in B or P as a result of which A is able to exercise significant influence over the management of B. Voting power held by a controlled undertaking of A (i.e., broadly, an undertaking in respect of which A exercises majority voting control) is also attributed to A.
A will be treated as increasing its control over B, and requiring further approval from the PRA (or the FCA, as appropriate) if the level of shareholding or voting power in B or P, as the case may be, increases through any threshold step. In addition to 10 per cent, threshold steps occur at 20 per cent, 30 per cent and 50 per cent, and upon becoming a parent undertaking.
A controller's (or proposed controller's) shareholdings or voting power are aggregated with those of any person with whom it is acting in concert. There is no statutory definition of acting in concert for these purposes, although both the Joint European Supervisory Authorities (ESAs) and the United Kingdom have issued guidance indicating, broadly, that persons will be acting in concert when each of them decides to exercise his or her rights linked to shares acquired in accordance with an explicit or implicit agreement made between them.
It should be noted that, unlike many EEA regulators, the PRA and FCA do not apply the provisions of the ESAs 'Joint Guidelines on the prudential assessment of acquisitions and increases of qualifying holdings in the financial sector' relating to the identification of indirect qualifying holdings. As a result, a person may be identified as holding a qualifying holding in an EEA institution without also being a controller of UK-authorised entities within the same structure.
The approval process
The PRA is required to consult the FCA before finalising its determination in respect of an application for approval of a change of control, and the FCA is permitted to make representations to the PRA in respect of certain matters prescribed by the FSMA.
The PRA has an assessment period of 60 working days to make its determination, commencing on the date on which it acknowledges receipt of a complete change in control application. The PRA may, no later than the 50th working day of the assessment period, request further information to complete its assessment, and can interrupt the assessment period once for up to 20 working days while this information is provided (30 working days if the notice-giver is situated or regulated outside the UK or Gibraltar, or is not subject to supervision under UK or Gibraltarian laws implementing certain EEA financial services directives). The process can be completed well within the maximum time allowed, but it can never be assumed that this will be possible.
The PRA has published standard forms (available on its website) that must be used to apply for change in control approval. If a proposed controller proposes to become a parent undertaking of a UK bank, it must also prepare and submit a business plan that includes a strategic development plan, estimated financial statements and information about the anticipated impact of the acquisition on the corporate governance and organisational structure of the UK bank (and any other UK regulated firms) subject to the change in control. The PRA attaches great importance to the business plan in its assessment of a change in control application.
In assessing a change in control application, the PRA must take into account the suitability of the acquirer and the financial soundness of the acquisition to ensure the sound and prudent management of the UK bank. The PRA may object to an acquisition of a bank only if there are reasonable grounds for doing so on the basis of prescribed assessment criteria or if the information provided by the applicant is incomplete.
The PRA may impose conditions on its approval where it would otherwise object to the acquisition, but may not impose conditions requiring a particular level of holding to be acquired. The FCA can, where it has reasonable grounds to suspect financial crime, direct the PRA to object to an acquisition of control, or not to approve an application for the acquisition of control unless it does so subject to conditions that the FCA specifies.
Acquiring or increasing control in a UK authorised person without prior approval from the appropriate regulator is a criminal offence, and may result in the acquirer's shareholding rights being restricted or a court ordering the sale of the shares.
An existing controller of a UK-authorised person that decides to reduce its control over that person is required to give notice of that intention to the appropriate regulator (although no formal consent is required for such a reduction).
Every UK bank is also required to take reasonable steps to keep itself informed about the identity of its controllers, and to notify the PRA as soon as it becomes aware that any person has decided to acquire, increase or reduce control of the bank.
It is important to note that the control regime described above also applies with respect to intra-group reorganisations in banking groups where there are intra-group changes in control of UK banks.
ii Transfers of banking business
It is possible to transfer banking business in the United Kingdom by way of a court-sanctioned banking business transfer scheme under Part VII of the FSMA (referred to as a Part VII transfer). This does not, however, prevent the use of other mechanisms for the transfer or assumption of assets and liabilities relating to banking businesses by other means, such as assignments or novations.
A Part VII transfer is, broadly speaking, a scheme whereby the whole or part of the business carried on by a UK bank is transferred to another entity and where the whole or part of the transferred business includes deposits. Deposit-taking must form an integral part of the business to be transferred under a banking business transfer scheme, but need not be the sole or predominant business carried on.
A Part VII transfer takes effect without the consent of the depositors or other counterparties, although any person who alleges that he or she would be adversely affected by the carrying out of the scheme may be heard in the court proceedings required to sanction the scheme. The court may require assurance that those persons have been fairly treated. Both the PRA and the FCA are entitled to be heard in the proceedings and typically participate in them by counsel.
FSMA also provides for a modified version of the banking business transfer scheme specifically for ring-fencing purposes, referred to as a ring-fencing transfer scheme (RFTS). A number of UK banking groups subject to ring-fencing requirements (see Section III.iii) used RFTS to effect the internal reorganisations necessary to comply with those requirements from 1 January 2019.
This, combined with a number of Part VII transfers made in anticipation of Brexit, has placed considerable pressure on the capacity of the regulators and the courts in recent years, which has in turn caused delays to the overall Part VII process. Jurisprudence in this area also continues to evolve, largely as a function of the number of Part VII transfers (and equivalent processes in the insurance sector) effected in response to Brexit, and it remains to be seen how this might affect future Part VII transfers pursued for entirely commercial reasons.
The year in review
The UK formally withdrew from the EU on 31 January 2020, subject to an implementation period that expired on IP Completion Day. During that implementation period, the UK was required to continue to apply EU law, and continued to enjoy most of the benefits of EU membership.
With effect from IP Completion Day, the European Union (Withdrawal) Act 2018 (as amended) (the Withdrawal Act) repealed the European Communities Act 1972 (as amended) and the UK domestic legislation that provided for the supremacy of EU law in the UK, and 'onshored' the body of EU law existing on that date into UK domestic law, such that:
- UK domestic legislation that previously implemented non-directly applicable EU law (such as EU directives) was preserved;
- directly applicable legislation (such as EU regulations, decisions and certain tertiary legislation) was converted into UK domestic legislation (referred to as 'retained EU legislation'); and
- any EU rights (such as directly effective EU treaty rights) that were not otherwise captured by the provisions referred to in points (a) or (b) was preserved as UK domestic law.
Since IP Completion Day, the UK government has been able to amend or revoke any provisions of retained EU law (see Section VII.ii for details of how the UK government proposes to amend the prudential regime that applies to UK banks under the UK CRR). The Withdrawal Act also gave HM Treasury the power to remedy (by subordinate legislation) deficiencies in retained EU law arising from its domestication under the Withdrawal Act. HM Treasury has exercised this power in numerous statutory instruments that came into force on IP Completion Day.
The PRA, the FCA and the Bank of England have similar powers in relation to domesticated EU implementing technical standards and regulatory technical standards. The PRA and the FCA have also made a number of changes to their rules and guidance to reflect the UK's withdrawal from the EU and the legislative changes referred to above. Guidance and other non-binding materials issued by the ESAs before IP Completion Day also continue to be relevant unless, prior to that date, the Bank of England, the PRA or the FCA had already notified the relevant ESA that it did not intend to comply with the relevant provisions.
Subordinate legislation made under the Withdrawal Act also gave the PRA, the FCA and the Bank of England powers to make transitional directions delaying or phasing in requirements that have changed, or that apply to firms (including UK banks) for the first time, in each case as a result of the onshoring of EU law under the Withdrawal Act. Each of the PRA, the FCA and the Bank of England have exercised those powers to grant transitional relief in relation to such requirements until 31 March 2022, subject to certain exceptions.
Market access and future relationship
The 'passporting' of financial services between the UK and EU ended on IP Completion Day and, as a result, UK firms (including banks) are no longer permitted to carry on business in the EEA unless separately authorised in the relevant EEA Member States. Equally, EEA firms now require authorisation to carry on business in the UK, whether on a cross-border basis or through a branch established in the UK. This requirement is, however, subject to temporary permission regimes established by the PRA and the FCA that permit EEA firms that relied on passporting rights to carry on business in the UK prior to IP Completion Day to continue doing so for a period of up to three years following IP Completion Day, pending their authorisation under the FSMA. There is no EEA-wide equivalent for UK firms carrying on business in the EEA, although some jurisdictions have introduced their own domestic transitional measures.
The extent of any future reciprocal market access between the UK and EU in financial services remains unclear. It is, however, now relatively certain that any arrangements agreed between the parties will not offer the same breadth and depth of access as the passporting arrangements that applied before IP Completion Day. The UK–EU Trade and Cooperation Agreement concluded between the UK and EU in December 2020 contained only a few brief paragraphs relating to financial services. The accompanying political declaration, meanwhile, affirmed both parties' intentions to establish a durable and stable framework for cooperation in financial services regulation; this, rather than the terms and extent of any future market access, has been the focus of ongoing negotiations between the EU and the UK to date.
In the absence of passporting rights, new emphasis has been placed on determinations of 'equivalence' between the UK and EU regulatory regimes. The UK has made a number of unilateral declarations of equivalence in relation to the EEA, but this is yet to be reciprocated by the relevant EU institutions, which have insisted that they will not consider such matters until the EU has concluded a memorandum of understanding with the UK as regards regulatory cooperation. While determinations of equivalence may be helpful to UK banks, particularly as regards the treatment of exposures to EEA institutions under the UK CRR, it should be noted that they do not facilitate any greater degree of market access than is available at present, and cannot therefore be regarded as a replacement for the loss of passporting rights.
ii The Financial Services Bill 2019–2021 and Future Regulatory Framework Review
The Financial Services Bill 2019–2021
In October 2019, the UK government announced its plans to introduce legislation to implement Basel standards in the UK independently of the CRD IV framework. The FS Bill was subsequently introduced in October 2020 and, at the time of writing, is being scrutinised by the House of Lords.
If enacted in its current form, the FS Bill will, among other things, make significant changes to the UK regime for the prudential regulation of banks and investment firms. The changes are intended to implement the final Basel III standards, and to create a new regime for the prudential regulation of FCA-authorised investment firms (PRA-authorised investment firms will continue to be subject to the same prudential regime as UK banks). These changes reflect similar developments at an EU level, but the UK has adopted its own approach to the implementation of those changes and will not implement the Investment Firms Directive,10 the Investment Firms Regulation11 or the relevant provisions of the EU Banking Reform Package.
To implement the Basel III standards (as they apply to UK banks and PRA-authorised investment firms), the FS Bill will give HM Treasury the power to revoke (by subordinate legislation) certain existing provisions of the UK CRR, with the PRA empowered to make rules replacing those provisions and updating them to take account of the Basel standards. Both HM Treasury and the PRA have recently published consultations on how they propose to use these powers to implement those standards. In both cases, the proposed changes are broadly aligned with the amendments to be made to the CRR by CRR II,12 subject to certain differences in approach that are intended to achieve closer alignment with Basel III standards, enhance proportionality and ensure that the division of requirements between the PRA Rulebook and the UK CRR operates in a coherent and consistent manner.
These include a proposal that institutions should be required to deduct intangible software assets from their CET1 capital in full, which reflects the requirements of the Basel III package, but represents a more conservative approach than that taken by the EU under CRR II.
Future Regulatory Framework Review
HM Treasury is also considering various changes to the UK regulatory framework through its ongoing Future Regulatory Framework Review, which was announced in 2019 and is expected to feed into further legislative proposals during the current Parliament. The stated aim of this review is to develop a more coherent, agile regime that is better equipped to meet the specific regulatory needs of UK firms, markets and consumers. Phase I of the review (which reported in March 2020) considered cooperation arrangements between the regulators responsible for the supervision of financial services firms in the UK. Phase II of the review, which is ongoing, is examining possible changes to the current UK regulatory framework in the light of the UK's withdrawal from the EU. These include proposals to hand more rule-making powers to the PRA and the FCA, and may eventually result in changes to the regulatory environment in which UK banks operate.
The PRA, the Bank of England and the FCA responded swiftly and decisively to the early stages of the pandemic by introducing a range of measures intended to support the real economy (and encourage UK banks to do so) and, where possible, alleviate the regulatory burden on UK financial services firms.
Macroprudential measures adopted by the Bank of England (including the cutting of the CCyB to zero, the Bank of England Base Rate to 0.1 per cent and the introduction of a new term funding scheme) were accompanied by the PRA's postponement of various regulatory initiatives planned for 2020, including the 2020 stress test. As might be expected, the FCA's response focused on areas of possible consumer harm and the proper functioning of UK markets, including a particular focus on customers experiencing financial difficulties as a result of the pandemic.
Notwithstanding growing optimism as to the end of the pandemic, and the apparent success of the UK's vaccination programme, the long-term outlook for the UK economy remains uncertain. As such, further regulatory, fiscal and macroprudential interventions seem likely, as signalled by the Bank of England's announcement in February 2021 that UK banks should prepare for the potential adoption of negative interest rates later this year.
iv Regulatory change
Notwithstanding the deferral of a number of key regulatory initiatives in response to the pandemic, UK banks continue to grapple with various regulatory change projects affecting the sector as a whole, and 2021 looks set to be a particularly busy year.
The PRA and the FCA have, for a number of years, urged firms to proceed on the basis that the London interbank offered rate (LIBOR) will be discontinued from the end of 2021, and in March 2021 the FCA confirmed that most LIBOR settings will either cease to be provided (or will no longer be representative) immediately after 31 December 2021. Certain US dollar settings will continue until 30 June 2023.
Reflecting the practical difficulties in retiring or replacing certain legacy instruments referencing LIBOR, the FCA announced in March 2021 that it will consult in the second quarter of 2021 on proposals to require ICE Benchmark Administration (which administers LIBOR) to publish certain sterling, dollar and yen LIBOR settings on a synthetic basis. It is hoped that this will protect market integrity and reduce the risk of consumer harm that might otherwise arise in relation to such instruments as a result of the cessation of LIBOR.
UK banking groups have also been preparing for the end of the grandfathering of certain legacy capital instruments under the UK CRR, which will cease on 31 December 2021. Following the publication of an opinion by the European Banking Authority on the prudential treatment of such instruments in October 2020, the PRA published a 'Dear CFO' letter in November that year requesting firms to share an action plan for dealing with such instruments by 31 March 2021. The cessation of grandfathering has given rise to a number of complex legal and commercial issues for a number of UK banking groups, including the risk that legacy instruments left outstanding after 31 December 2021 could cause other capital instruments to cease to meet the relevant eligibility criteria under the CRR (in particular, as regards subordination). This has prompted a number of groups to take steps towards the repurchase or redemption of such instruments or the reorganisation of their capital stacks, or both.
The introduction of the approval requirement for the holding companies of banks and PRA-authorised designated investment firms under Part 12B of the FSMA (see Section III.iv) will inevitably also take up regulatory bandwidth during the first half of 2021 as the deadline for the submission of approval applications approaches.
UK banking groups with retail deposits over £50 billion are also preparing for the first assessment exercise under the resolvability assessment framework (RAF) adopted by the PRA and the Bank of England in August 2019. The RAF requires banks to assess their preparations for resolution, any risks to a successful resolution and their plans for dealing with those risks. Affected banks must report to the PRA on this assessment by October 2021, and publish a summary of this report by June 2022. The initial reporting requirement was originally due to apply from October 2020, but the PRA offered firms a one-year delay (via a modification by consent to the relevant PRA rules) in response to the pandemic.
v Climate change
Climate change, and the transition to a greener economy, continue to be key areas of focus for UK banks, regulators and legislators. In July 2019, the UK government published its Green Finance Strategy, which set out the government's proposals to ensure that, among other things, climate-related risks are integrated into mainstream financial decision-making.
To date, the FCA's work has been focused on climate-related disclosures (in line with the Financial Stability Board's Task Force on Climate-related Financial Disclosures recommendations), while the PRA has focused on climate-related financial risks and the embedding of climate-related considerations in firms' governance processes.
At a macroprudential level, the Bank of England proposes to use its 2021 Climate Biennial Exploratory Scenario to explore the financial risks posed by climate change, and the resilience of the largest UK banks to those risks. These supervisory and legislative actions, together with the broader political environment, mean that banks can no longer treat issues relating to climate change as an afterthought, and will increasingly have to place them at the centre of business and risk decisions.
While the UK fintech sector is generally regarded as something of a home-grown success story, this does not acknowledge the diversity and strong international base of the companies and individuals that have driven its growth. Responding in part to concerns about the UK's ability to attract talent and investment post-Brexit, and London's future competitiveness as a global financial centre, UK policymakers are now focused on measures to ensure the continued success of the sector.
In July 2020, HM Treasury commissioned a review into the UK fintech sector. The review, which reported its findings in February 2021, contained a number of recommendations relating to the regulation of the sector. These included potential adjustments to the regulatory framework that applies to payment services firms and proposed enhancements to the FCA's regulatory sandbox.
While UK regulators continue to be enthusiastic about the potential for innovation in the sector, this has been accompanied by growing nervousness from both regulators as to the long-term viability of some new entrants' business models.
The FCA, in particular, is developing an increasingly conservative stance to payment services regulation. In July 2020, it adopted 'best practice' guidance relating to own funds requirements for payment services and electronic money institutions that impose a stricter approach to the deduction of certain assets than currently applies to UK banks carrying out the same activities. In the same month, the PRA published a consultation paper setting out proposals to formalise its expectations in relation to new and growing banks. The proposals aim to ensure that new market entrants adequately plan for, and invest in, life after authorisation. Both regulators also continue to scrutinise the funding arrangements of various regulated fintech businesses, leading to a developing shift away from typical venture capital and private equity funding models towards more vanilla capital structures.
Outlook and conclusions
The UK regulatory agenda over the past 12 months has been dominated by Brexit and the ongoing coronavirus pandemic. In both cases, the long-term effect on the UK will not become clear for some time to come, and each will likely make it more difficult to determine the true impact of the other.
The end of the implementation period has, however, brought some sense of closure in relation to Brexit. Equally, despite the devastating human, social and economic effects of the pandemic, the early success of the UK's vaccination programme does now offer some hope of a return to normality during 2021.
For UK regulators and legislators, normal service has to some extent already resumed, with a large number of regulatory reforms and other programmes postponed in 2020 now due to take place in 2021. The recent FS Bill also gives some indication of the UK's direction of travel post-Brexit, although it remains to be seen to what extent the UK will look to diverge from existing EU standards in the longer term. Equally, the nature and extent of the UK's future relationship with the EU remains unclear and fraught with political difficulties, which have been exacerbated by political miscalculations on both sides.
Given the turbulence of the past 12 months, it is perhaps unsurprising that there was relatively limited merger and acquisition activity in the sector during 2020, although deal-making did start to pick up during the second half of the year and may continue throughout 2021 as lockdown restrictions ease and the broader economy starts to recover.
Against this backdrop, UK banks continue to focus on perennial issues of conduct, remuneration and day-to-day funding of their operations. The broader outlook remains uncertain, but with Brexit largely now behind us, and an end to the pandemic potentially in sight, the prospects for the UK banking sector look less bleak than they did 12 months ago.
1 Jan Putnis and Nick Bonsall are partners and David Shone is an associate at Slaughter and May.
2 As at 12 March 2021. The names stated here are the listed holding companies of the banking groups concerned.
3 Regulation (EU) No. 575/2013.
4 Directive 2013/36/EU.
5 Directive 2014/59/EU.
6 Directive (EU) 2019/879.
7 For loans entered into between 21 March 2016 and IP Completion Day, the definition extends to mortgages over land in the EEA.
8 Directive 2014/65/EU.
9 Regulation (EU) No. 600/2014.
10 Directive (EU) 2019/2034.
11 Regulation (EU) 2019/2033.
12 Regulation (EU) 2019/876.