The regulatory framework, which had been completely overhauled in previous years, has been reviewed, rounded out and clarified, with the entry into force of several pieces of key European legislation, such as EMIR, on requirements for CCPs, and CSDR.
As for CCPs, in order to strengthen the prerogatives of the European authorities in their regard, additions to the regulatory framework initially covered the supervision of third-country clearing houses –deemed of systemic importance for the European Union (EU) – in the run-up to Brexit. They also concerned the framework applicable to recovery and resolution, so as to incorporate the principles laid down by the Financial Stability Board (FSB) into EU law.
With regard to settlement and delivery, CSDR has been revised to clarify and simplify the requirements applicable to the provision of services, including for cross-jurisdictional activities. The revision has also enhanced convergence in supervision between EU jurisdictions, facilitated the provision of bank-type ancillary services, reduced excessive costs arising from settlement discipline and enhanced the framework applicable to third-country central securities depositories (CSDs).
The regulations have also evolved to keep pace with market developments. The pilot market infrastructure programme regulation, based on distributed ledger technologies (DLT), came into force on 23 March 2023. It aims to create a derogatory regulatory framework to test the use of DLT in securities and post-trading activities, and to enable the issue, storage and transfer of securities (equities, bonds and units in investment funds – UCITS), where ownership and rights are represented by a digital token recorded in a distributed ledger. These are known as “tokenised” securities or securities issued natively on DLT.
As regards cyber security, against a backdrop of increasing threats, and in line with the relevant principles of the Committee on Payments and Market Infrastructures (CPMI) and the International Organization of Securities Commissions (IOSCO), the Eurosystem has also clarified its expectations regarding monitoring of the cyber risks faced by market infrastructures under its jurisdiction.