Background

On 29 February 2024, the Central Bank of Ireland (Central Bank) published its first Regulatory & Supervisory Outlook (Report) in which it sets out the Central Bank's perspective on key trends and risks, as well as outlining its supervisory priorities for the next two years.

Key Risks and Areas of Focus for 2024/5

While the Report identifies key trends and risks applicable to the Irish financial sector more generally, it also provides a sector by sector view of trends and risks for each sector that it regulates, including the funds and securities markets sector. The Report also outlines the Central Bank's key supervisory activities for the next two years for each individual sector.

For the purposes of this briefing, we focus on the key risks relevant to the funds and securities markets sector, and more specifically in relation to Irish fund management companies (FMCs), the funds that they manage and outline certain suggested actions that should be taken to manage such risks.

Delegation and Outsourcing

Suggested Action to be taken

The Report reminds FMCs that the ultimate responsibility for any activities delegated and outsourced rests with the regulated FMC.

The Central Bank also notes that it has observed a lack of oversight and scrutiny by 'White Label FMCs'1 (also referred to as "third party management companies") of their business partners' structures where such partners have been appointed as investment manager.

Review and ensure compliance with the Central Bank's Outsourcing Guidance.2

White Label FMCs should ensure that they exercise sufficient oversight and scrutiny over their delegate investment managers/advisors.

Sustainable Finance

Suggested Action to be taken

In the Report, the Central Bank notes that in order to support the transition to net zero, it is essential that investors are fully informed on the stated sustainability credentials of financial products and are in no way misled.

ESG Disclosures

As well as identifying the risks posed by greenwashing3, the Report highlights the emergence of the occurrence of "green bleaching" which the Central Bank notes can occur when an FMC does not want to risk non-compliance with the more onerous requirements of Article 9 of the SFDR, and so instead opts to categorise the relevant fund as an Article 8 fund, or, in certain cases, as an Article 6 fund. The Report notes that such actions can result in inaccurate disclosures being made.

The Report also highlights ESMA's Common Supervisory Action (CSA) on Sustainability and Disclosure Risk which was launched in July 2023 with the objective of investigating compliance with sustainability and disclosure requirements.

Poor ESG Data Quality

The Report notes that the Central Bank has identified that FMCs are struggling to obtain adequate data on the sustainability of their own investments, and when sustainability related data has been provided to the Central Bank, it has generally been low in quality. The Report notes that this may result in investors being poorly informed and perhaps misled.

Climate Change Resilience

In "Section 3 – Supervisory Priorities" of the Report, the Central Bank also outlines that it expects FMCs to improve their response to climate change, and to enhance their role in the move to a Net Zero economy.

The Report notes that this includes an expectation that FMCs improve their risk management practices for physical and transitional risk and that they enhance their role in supporting sustainable finance.

Review existing disclosures for "sustainable" funds to ensure that they comply with applicable requirements and to ensure that investors are in no way misled.



FMCs should ensure that ESG disclosures provided to investors are accurate and complete in order to mitigate the risks of both greenwashing and green bleaching.






Once the CSA on Sustainability and Disclosure Risk has been completed, FMCs should consider and address any findings, as relevant, arising from the CSA.




A robust ESG data governance framework should be implemented by FMCs to ensure that data relied upon to assess the sustainability of investments is adequate and of high quality.



In order to compile with the Central Bank's expectations in relation to climate change, it expects that FMCs: (i) integrate climate change and sustainability consideration into their business planning and strategy; (ii) adequately assess the materiality of their climate risk exposures, including direct and indirect exposures to physical and transition risks; and (iii) mitigate the risks of potential consumer or investor detriment from greenwashing.

Leverage and Liquidity

Suggested Action to be taken

The Central Bank notes in the Report that "the way investment funds manage their leverage, liquidity, pricing and fund entry-exit mechanics has implications for the financial system as a whole", highlighting the fact that, since Ireland is one of the largest fund domiciles in the world, if leveraged exposures are not managed appropriately, they can have systemic consequences to the wider financial system.

The Central Bank also identifies a number of potential drivers of instability in the sector which FMCs should be aware of which include: (i) repaid deleveraging; (ii) synthetic leverage obtained via derivatives; (iii) liquidity mismatches and forced asset sales and; (iv) valuation issues.

The Central Bank also cites the recent ESMA CSA on Asset Valuation in which it identified certain deficiencies with asset valuation, including: (i) the use of global, rather than local valuation policies; (ii) poor valuation policies and procedures; (iii) a lack of evidence of valuation procedures being reviewed; and (iv) a lack of both formal pricing error procedures and liquidity stress testing scenarios.

FMCs to ensure that they have an appropriate risk management framework in place to identify, manage and mitigate the potential risks arising from the use of leverage within a fund's portfolio (including liquidity stresses which may result from increased margin calls).

FMCs should also satisfy themselves that investment funds under management are established and operated in such a manner that their redemption profiles align with the liquidity profile of the constituents of their portfolios. To ensure this is the case, portfolios should be reviewed over time and regularly stress tested. Appropriate liquidity management tools should also be available for use if needed.

FMCs should conduct a review of their asset valuation frameworks by the end of Q2 2024, to ensure they continue to be fit for purpose and adhere to all relevant legislative requirements, including the expectations outlined in the Central Bank's December 2023 Dear Chair Letter.

Conflicts of Interest

Suggested Action to be taken

The Report highlights the risk that conflicts of interest can lead FMCs and their employees to prioritise their own interests over the interests of their clients or others. In particular, the Central Bank notes that transactions between related parties are common in fund structures in Ireland and they can provide scope for potential conflicts of interest.

FMCs should ensure that conflicts of interest are carefully identified and managed in accordance with a documented conflicts of interest policy which is regularly reviewed and updated as necessary. All related party transactions should be effected in accordance with rules imposed by the Central Bank.

Cyber Security

Suggested Action to be taken

The Central Bank notes in the Report that cyber-attacks are a constant threat due to the extensive use of interconnected IT systems in the securities markets sector which could result in a successful cyber-attack having widespread effects across the sector.

Risks of disruption to FMCs and their funds under management as a result of cyber-attacks (which include for example ransomware, phishing and distributed denial of service or DDoS) are also identified in the Report as key risks faced by FMCs.

Having regard to applicable Central Bank guidance and the Digital Operational Resilience Act (DORA),4 which will apply from January 2025, ensure that appropriate governance frameworks and tools are in place to identify, measure, manage, monitor and report ICT/cybersecurity risks so that the FMC is made more resilient to possible disruption from cyber and operational risks.5

Data Quality

Suggested Action to be taken

The Central Bank notes in the Report that "the quality of fund and securities market-related data received by the Central Bank, while improving, remains a concern."

The Central Bank highlights in the Report that poor data quality can be indicative of poor governance in FMCs and can result in investors potentially receiving incorrect information relating to funds under management.

Ensure that accurate data is submitted to the Central Bank on a timely basis and have appropriate oversight of data reporting from board level down (including where data reporting is outsourced).

Artificial Intelligence and Fintech

Suggested Action to be taken

Artificial Intelligence (AI)

The Central Bank warns in the Report that the use of AI by market participants, if not governed correctly, may result in certain risks being created or amplified.

The Central Bank also notes that misaligned AI systems may also malfunction and cause potential harm to investors.

FMCs should ensure that, if they are using AI for any of their functions, that they have an appropriate AI policy in place.

FMCs should also keep up to the date with developments relating to the proposed EU Artificial Intelligence Act.

Market Integrity

Suggested Action to be taken

Algorithmic Trading

The Report notes that algorithmic trading now accounts for the majority of trading on many Irish and European marks and that the use of poorly controlled algorithms increases the risk of manipulation or disorderly market conditions.

Market Surveillance

In the Report, the Central Bank has identified inadequate market surveillance frameworks as a key driver of risk.

Use of Social Media

The Central Bank acknowledges in the Report that, while it is welcome that social media is a key source of information for many investors, it can also lead to the risk of the swift spread of false, misleading and often unverifiable information.

Where relevant, FMCs, should ensure that they have clear governance frameworks around algorithmic trading in place, having regard to the Central Bank's expectations outlined in its May 2021 Dear Chair Letter.

FMCs should ensure that they have appropriate surveillance systems in place to monitor any potentially abusive practices.

FMCs should be aware of their obligations under the Market Abuse Regulation to the extent that they post investment recommendations on social media.

Assessments of Resilience

Suggested Action to be taken

The Central Bank in the Report warns that there are key exposures from external environments which may pose significant risks to FMCs, including:

Inflation and Higher Interest Rates

The Report notes the rapid transition to higher interest rates, which can be caused by high levels of inflation, can give rise to significant risks, especially to highly leveraged funds and FMCs managing portfolios of assets sensitive to interest rate changes.

Systemic Impacts of Failing International Firms

The Report also notes that the failure of international firms may have an impact of Irish FMCs as it may result in a build up of concentration risk as there becomes a greater reliance on certain firms to carry out certain tasks.

FMCs should ensure that they are financially resilient and mitigate key exposures from external environments. FMCs may assess their resilience to external factors by completing, among other tests, (i) severe but plausible stress testing and (ii) performance analysis.


Supervisory Priorities for 2024/2025

In the Report, the Central Bank also outlines its supervisory priorities for the Irish financial sector for the next two years. In listing its priorities, the Central Bank also outlines its expectations for FMCs in the funds and securities markets sector, which include:

  • Taking greater responsibility for the governance and risk management of their firms;
  • Ensuring that they are resilient and well-prepared for shocks arising from uncertainty in the areas of financial and geopolitical risk;
  • Addressing deficiencies identified in their governance, risk management and control frameworks to ensure they are effective, both in the current environment and in the future;
  • Demonstrating how their digital and business plans support and deliver transformation that is fully aligned with the FMC's business strategy and minimises any significant risk to financial stability; and
  • As outlined in the "Sustainable Finance" section of the above table, improving their response to climate change and enhancing their role in the move to a Net Zero economy.

Please refer to "Section 3 – Supervisory Priorities" on pages 29-33 of the Report for further detail on the above listed expectations of the Central Bank.

Next Steps

As a next step, we would encourage all FMC to scrutinise the risks and supervisory expectations outlined by the Central Bank in the Report and review same against their current business activities, practice, procedures and systems. Where required, FMCs should consider putting an action plan in place to address any identified gaps in their existing arrangements when assessed against the Central Bank's supervisory expectations outlined in the Report.

Should you require any assistance in carrying out a review of your existing framework and governance arrangements or have any queries in respect of the issues raised in this briefing, please get in touch with your usual contact in our Asset Management and Investment Funds Department.

Footnotes

1. In the Report, the Central Bank cites ESMA's description of White Label FMCs as those fund management companies that "provide a platform to business partners by setting up funds at the initiative of said partners and typically delegating investment management functions to them or appointing them as investment advisors

2. Our detailed analysis of the implications of the Cross-Industry Guidance on Outsourcing for FMCs is available here

3. Described by the Central Bank as the "principle of overstating green or ESG credentials".

4. See our latest briefing on DORA here.

5. Regard should be had to the Central Bank's expectation, as outlined in its Cross Industry Guidance in respect of Information Technology and Cybersecurity Risks, for boards and senior management to understand and recognise their responsibility relating to IT, cybersecurity governance and risk management and to maintain oversight of these responsibilities as a priority. In addition, FMCs should be mindful of the Cross Industry Guidance on Operational Resilience Cross Industry Guidance in respect of Information Technology and Cybersecurity Risks and the Outsourcing Guidance.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.