Asset ManagementMarch 2020 to 15 April 2020 Edition

02

Fund Management Companies - Thematic Review Update

Six new PCF roles aligned to the specific managerial functions

Cybersecurity arrangements at Asset Management firms

Coronavirus (COVID-19)

ESMA CP - Standardised information to facilitate cross-border

funds distribution

ESMA CP – Leverage risk in the AIF sector

ESMA publishes guidance on performance fees in UCITS and

certain AIFs

Public Statement for the publication of fund managers periodic

reports

Q2 2020 Compliance Deadlines

Meet the Team / Contacts

03

As you will be aware, in 2019 the CBI commenced a thematic review to assess how the Fund Management Companies Guidance - commonly known as CP86 (CP86) - has been implemented within Fund Management Companies and self-managed funds, including UCITS management companies, AIFMs, self-managed UCITS, and self-managed AIFs (“ManCo’s and SMIC’s”). The aim of the CBI’s reviews was “to identify standards of industry compliance in order to inform our supervisory approach and ensure that the required effectiveness and systems of governance are in place to protect investors’ best interests”

The CBI conducted 3 forms of reviews, whereby they initially wrote to over 300 ManCo’s and SMIC’s with a questionnaire followed by an analysis of questionnaire responses. They conducted in-depth desktop review and carried out on-site inspections of a selected number of ManCo’s and SMIC’s, which included face-to-face interviews with selected designated persons and the director responsible for organisational effectiveness.

The CBI aim to communicate their findings with regard the thematic review in the second half of 2020.

Fund Management Companies - Thematic Review Update

04

On 25 February 2020, the CBI issued a notice of intention. It was proposed to split the existing PCF-39 DP role into six separate PCF roles. The six separate PCF roles would be aligned to the six managerial functions / obligations as set out in the UCITS Regulations, AIF Rulebook, and CP86. The six proposed PCF roles are anticipated to look like the following:

The CBI have advised that existing PCF persons will not require re-approval or approval to continue to perform existing PCF roles. Fund boards are required to assess existing PCF DPs under Section 21 of the Central Bank Reform Act 2010 in respect of persons in situ and submit confirmation of such an assessment to the CBI. Fund Boards have a period of six weeks after the Regulations come into effect to make this confirmation.

Should the DPs role change after the new PCF roles have been introduced, he/she will be required to seek CBI prior approval in writing to that appointment by means of a new individual questionnaire submission.

Comments on the above mentioned proposed split were to be submitted to the CBI by 26 March 2020.

Six new PCF roles aligned to the specific managerial functions

PCF-39A DP with responsibility for Capital and Financial Management

PCF-39B DP with responsibility for Operational Risk Management

PCF-39C DP with responsibility for Fund Risk Management

PCF-39D DP with responsibility for Investment Management

PCF-39E DP with responsibility for Distribution

PCF-39F DP with responsibility for Regulatory Compliance

05

06

On 10 March 2020, the CBI published their findings from the thematic inspection of cybersecurity risk management at Asset Management firms.

The aim of the inspection was to determine the adequacy of cybersecurity controls and cybersecurity risk management practices. Whilst acknowledging that good progress had been made from the CBI’s 2016 Cross Industry Guidance on IT, there many weaknesses still remained 3 years on. This has lead for concern for the CBI with regard to IT arrangements in place at firms.

The key findings of their Inspection are as follows:

1. Cybersecurity Risk

It was found that there is a lack of Board and Senior Management focus with regard to fostering a culture of cybersecurity. Such a culture would allow for the effective identification, monitoring, reporting, and mitigation of cybersecurity risks and these practices should be embedded into the organization.

2. Cybersecurity Risk Management

It was found that limited, and in some cases no defined quantitative metrics were in place for monitoring, reporting, and measuring cybersecurity risk exposures against what was documented within the approved Risk Appetite Statement. It was also noted that Boards were typically not in receipt of sufficient reporting on cybersecurity and other technology risks.

3. IT Asset Inventories

Firms were unable to demonstrate that there was a single, competent IT asset inventory solution in place, classified by business criticality, which would allow for effective IT Risk Management.

4. Vulnerability Management

Firms had deficient vulnerability management processes in place which would allow for identification of internal and external vulnerabilities.

The deficiencies included the following:

• Inadequate vulnerability management and mitigation procedures;

• Incomplete or unknown coverage of vulnerability scans; and/or

• Failure in the use of vulnerability scanning tools to identify devises that deviate from the security baseline.

5. Security Event Monitoring

Firms were unable to demonstrate that security events from all systems and devices were appropriately analysed nor were they able to demonstrate sufficient oversight of outsourced security operations services.

6. Security Incident Management

It was also noted that security incident response and recovery plans were incomplete, not actioned when required and not embedded within a formal incident management framework. In some cases, the incident response and recovery plans were in draft format or incomplete and did not address key scenarios.

These findings are required to be brought to the attention of all board members and senior management before 30 April 2020.

Cybersecurity arrangements at Asset Management firms

07

Due to the ongoing uncertainty with regard to COVID-19 pandemic, many industries, communities and organizations have had to adapt to new practices as the ever changing situation unfolds. As you will be aware COVID-19 is having an impact on global supply chains, causing market volatility and affecting the way we carry out our daily working and personal lives.

Themes to consider include:

A. Regulatory Communications

CBI

Announcement

On the 4 March 2020, the CBI made an announcement that it is monitoring closely developments with regards COVID-19 and to assess the impact on the economy and the financial system. The CBI have an expectation that firms have appropriate contingency plans in place that can manage with remote working arrangements.

In line with the above CBI announcement and subsequent to the date of this newsletter, the CBI issued an update on 17 April 2020, with regards the challenges facing firms and their expectations regarding regulatory returns, risk mitigation programmes and a number of other topics during the COVID pandemic.

ESMA

Public Statement

On 11 March 2020, ESMA issued a public statement on the expected actions by financial market participants. They stated that they are, alongside NCAs,

is closely monitoring the situation in view of the continuing impact of the COVID-19 outbreak on financial markets in the EU. ESMA also made the following recommendations to markets participant with regard to the following themes:

• Business Continuity Planning - All financial market participants, including infrastructures should be ready to apply their contingency plans, including deployment of business continuity measures, to ensure operational continuity in line with regulatory obligations

• Market Disclosure - issuers should disclose as soon as possible any relevant significant information concerning the impacts of COVID-19 on their fundamentals, prospects or financial situation in accordance with their transparency obligations under the Market Abuse Regulation

• Financial Reporting - issuers should provide transparency on the actual and potential impacts of COVID-19, to the extent possible based on both a qualitative and quantitative assessment on their business activities, financial situation and economic performance in their 2019 year-end financial report if these have not yet been finalised or otherwise in their interim financial reporting disclosures

• Fund Management - asset managers should continue to apply the requirements on risk management, and react accordingly

Coronavirus (COVID-19)

08

Net Short Positions

On 16 March 2020, ESMA issued a decision temporarily requiring the holders of net short positions in shares traded on an EU regulated market to notify the relevant NCA if the position reaches or exceeds 0.1% of the issued share capital after the entry into force of the decision – available here.

ESMA stated that this was a precautionary measure to ensure the orderly functioning of EU markets, financial stability and investor protection.

Short Selling Ban

In March 2020, ESMA issued an opinion agreeing with the National Competency Authorities of France, Austria, Greece, Spain and Belgium for emergency restrictions on short selling. These restrictions were due to be lifted in April 2020.

On 15 April 2020, ESMA agreed with the extension period of these restrictions for these markets until 18 May 2020, at which point this date will be reviewed – available here.

SFTR Reporting Requirements

On the 26 March 2020, ESMA made a public statement with regard to the postponement of the reporting obligations related to securities financing transactions, under the SFTR and Markets in Financial Instruments Regulation

ESMA stated that the operational impacts on personnel due to increased market volatility as a result of COVID-19 had compromised the SFTR implementation programme. ESMA continues to monitor the impact of the measures taken by firms with regards to COVID-19 to ensure the alignment of SFTR requirements and that supervisory practices in the EU can be satisfied.

B. Fund Liquidity

The effects of COVID-19 is having a direct impact on the performance of funds. As always, fund liquidity is an area of focus for managers but with the impact of COVID 19 this has been given increased importance. Due to the COVID-19 effect, funds are having difficulty meeting redemption requests where the fund offers daily liquidity (daily redemptions), asset prices are falling, or where the fund holds illiquid underlying assets.

With this increased focus on fund liquidity, mangers must monitor fund liquidity closely using the various liquidity management techniques available to them.

C. Outsourcing Arrangement

It is important to understand the outsourcing arrangements (third, fourth, and fifth party relationships) that are in place with the Outsource Service Providers (OSP), particularly with regard to governance / oversight of critical services, identifying critical services dependencies and the effect these arrangements have on the business.

Actions to consider include:

1. Identification of business-critical activities;

2. Refreshing of critical business OSP listings;

3. Active engagement with the OSP and their ability to continue to provide the outsourced service;

4. Development of contingency plans for OSP’s that are functioning at lower capacities or where a change of OSP is required to the extent that the service may require to be taken back in house; and

5. Should any additional service be provided by the OSP due to the current environment, prior CBI approval is received for these additional services.

D. Business Continuity Planning (BCP)

As per the CBI and ESMA commentary above, there is an expectation that firms have appropriate contingency plans in place that can manage with remote working arrangements. It is critical to assess the efficiencies of these arrangements. Should there be any deficiencies in the BCP process, these deficiencies need to be communicated to the CBI right away.

Other themes to consider, include:

• Board meetings – are there arrangement in place for virtual board meetings, sufficient directors in jurisdiction to comply with the local regulation requirements

• Operational practices – has the BCP the capacity to absorb the additional volume of employees working from home

• Outsource Service Providers – as mention above in 5.3

At Deloitte, we are assisting our clients as how best to adapt to these changing conditions. For further information please click to view Deloitte’s Global COVID-19 page.

09

On 31 March 2020, ESMA issued a consultation paper on the standard forms, templates, and procedures that NCA’s should use to publish information on their websites to facilitate cross-border distribution of funds.

Standardised information should include:

• National laws, regulations and administrative provisions governing marketing requirements for AIFs and UCITS and the summaries; and

• Regulatory fees and charges they levy for carrying out their duties in relation to the cross-border activities of fund managers.

Feedback to the above consultation paper should be submitted to ESMA by 30 June 2020 with the aim to finalise the implementing standards by 2 February 2021.

ESMA CP - Standardised information to facilitate cross-border funds distribution

10

On 27 March 2020, ESMA issued a consultation paper to address leverage-related systemic risk in AIFs and with the aim to ensure that NCA’s adopt a consistent approach when assessing whether the condition for imposing leverage-related measures are met.

In order to ensure that NCAs take a consistent approach in the assessment of leverage-related systemic risk, the draft guidelines include:

• A common minimum set of indicators to be taken into account by NCAs during their assessment;

• The instructions to calculate such indicators based on the reporting data under Article 24 of the AIFMD; and

• Qualitative and, where appropriate, quantitative descriptions of the interpretation of the indicators.

Feedback to the above consultation paper will be considered by ESMA by 1 September 2020.

ESMA CP – Leverage risk in the AIF sector

11

On 3 April 2020, ESMA published its guidance on performance fees in Investment Funds applicable to UCITS and certain types of AIFs.

Within the guidance there is comprehensive guidance for fund managers when designing performance fee models for the funds they manage, including the assessment of the consistency between the performance fee model and the fund’s investment objective, policy and strategy, particularly when the fund is managed in reference to a benchmark.

ESMA’s guidelines aim to harmonise the way fund managers charge performance fees to retail investors, as well as the circumstances in which performance fees can be paid. The common requirements will allow convergence in how National Competent Authorities supervise performance fees models and disclosure across the European Union. The guidelines are applicable to both UCITS and certain types of AIFs, in order to ensure a level playing field and a consistent level of protection to retail investors.

On 9 April 2020, ESMA issued a public statement with regard to the impacts COVID-19 may have on fund manager’s ability to publish their periodic reports.

ESMA have highlighted that whilst they expect Fund Managers to apply a best efforts approach to prepare their annual/ half-yearly reports and publish them within the relevant legislative deadlines, they are encouraging National Competent Authorities to apply a risk based approach in their supervisory powers concerning the publication deadlines of the annual/ half-yearly reports due to the impacts of COVID-19.

ESMA publishes guidance on performance fees in UCITS and certain AIFs

Public Statement for the publication of fund managers periodic reports

12

Please take note of the following upcoming compliance deadlines for Q2 2020.

1) 1 April 2020 - Depositary Safe-Keeping of Assets Rules

On 19 November 2018, the AIFMD Delegation Regulation and UCITS Delegation Regulations were published. Amendments with respect of the following were introduced:

• Record Keeping;

• Reconciliations;

• Contractual Terms;

• Asset Segregation; and

• Third Country Depositary, with regard to insolvency laws of the third country.

The Delegated Regulations will apply from 1 April 2020.

2) 17 June 2020 – Annual EMIR Calculations

On 17 June 2019, the European Market Infrastructure Regulation Refit regulation (EMIR Refit) was published. Under EMIR Refit, the definition of a Financial Counterparty was widened to capture all AIFs and their AIFMs.

EMIR Refit allows for an exemption for the clearing obligations of small financial counterparties (SFC) where the below thresholds are not exceeded:

• €1 billion in gross notional value for credit derivatives contracts;

• €1 billion in gross notional value for equity derivatives contracts;

• €3 billion in gross notional value for interest rate derivative contracts;

• €3 billion in gross notional value for foreign exchange derivative contracts; and

• €3 billion in gross notional value for commodity and other OTC derivative contracts.

In line with the annual calculation to check threshold limits, each Irish UCITS / Irish AIF should complete the following checks by 17 June 2020:

1. Perform their annual assessment to determine whether fund exceeds the above clearing thresholds; or

1. Determine that it does not wish to calculate the fund’s position against the clearing thresholds.

Any sub-fund which exceeds the clearing threshold or chooses not to calculate their positions will have to notify ESMA and the CBI.

3) Deferred – Money Market Fund Regulation (MMFR) Stress Test

On 31 March 2020, the CBI reported to have announced that the first filing of Q1 reports under the European MMFR shall be deferred until September 2020.

Although the objective of the deferral is to provide Irish Money Market Fund (MMF) managers with more time to prepare the reporting infrastructure, it should be noted that the quarterly reporting under the MMFR for Q2 2020 will also be due in September 2020, meaning that both Q1 and Q2 2020 reporting under the MMFR will be due in September 2020.

The CBI will validate the reports submitted by MMF managers to ensure that those comply with the requirements set out in the MMFR. Any reports that fail the CBI’s validation would be returned and, consequently, have to be re-submitted by the respective MMF manager once the validation issues have been resolved.

Q2 2020 Compliance Deadlines

At Deloitte, we make an impact that matters for our clients, our people, our profession, and in the wider society by delivering the solutions and insights they need to address their most complex business challenges. As the largest global professional services and consulting network, with over 312,000 professionals in more than 150 countries, we bring world-class capabilities and high-quality services to our clients. In Ireland, Deloitte has over 3,000 people providing audit, tax, consulting, and corporate finance services to public and private clients spanning multiple industries. Our people have the leadership capabilities, experience and insight to collaborate with clients so they can move forward with confidence.

This publication has been written in general terms and we recommend that you obtain professional advice before acting or refraining from action on any of the contents of this publication. Deloitte Ireland LLP accepts no liability for any loss occasioned to any person acting or refraining from action as a result of any material in this publication.

Deloitte Ireland LLP is a limited liability partnership registered in Northern Ireland with registered number NC1499 and its registered office at 19 Bedford Street, Belfast BT2 7EJ, Northern Ireland.

Deloitte Ireland LLP is the Ireland affiliate of Deloitte NSE LLP, a member firm of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee (“DTTL”). DTTL and each of its member firms are legally separate and independent entities. DTTL and Deloitte NSE LLP do not provide services to clients. Please see www.deloitte.com/about to learn more about our global network of member firms.

© 2020 Deloitte Ireland LLP. All rights reserved.

Meet the TeamLaura WaddingPartner | Risk AdvisoryDublinD: +353 1 417 2934lwadding@deloitte.ie

Noel MoloneySenior Manager | Risk AdvisoryDublinD: +353 1 417 2564nmoloney@deloitte.ie

Dublin29 Earlsfort TerraceDublin 2T: +353 1 417 2200F: +353 1 417 2300

CorkNo.6 Lapp’s QuayCorkT: +353 21 490 7000F: +353 21 490 7001

LimerickDeloitte and Touche HouseCharlotte QuayLimerick T: +353 61 435500F: +353 61 418310

GalwayGalway Financial Services CentreMoneenageisha RoadGalwayT: +353 91 706000F: +353 91 706099

Belfast19 Bedford StreetBelfast BT2 7EJNorthern IrelandT: +44 (0)28 9032 2861F: +44 (0)28 9023 4786

Deloitte.ie

Contacts