ECOVIS ProventusLaw invites you to its all-in-one essential compliance newsletter – Regulatory Compliance Update, which you should familiarise yourself with this month.
AML/CTF Regulation
EU Commission Requests ENISA to Support Certification of Digital Identity Wallets
The European Commission has tasked ENISA, the EU Agency for Cybersecurity, with supporting the certification of European Digital Identity Wallets. These wallets will enable EU citizens to securely identify themselves, store digital documents, and access services via mobile devices while enhancing privacy. In line with the Digital Identity Regulation, which took effect in May 2024, ENISA will assist in developing a cybersecurity certification scheme for these wallets, ensuring their secure use across Europe.
EMI/ PI Regulation
Bank of Lithuania Publishes Mandatory Disclosure Requirements for Electronic Money and Payment Institutions
The Bank of Lithuania has introduced a comprehensive list of standard information that electronic money and payment institutions must publicly disclose to enhance transparency and consumer protection. Key requirements include:
- Activity Information: Institutions must provide detailed descriptions of their core licensed services, including any partnerships with distributors or intermediaries, with links to the Bank of Lithuania’s website for verification.
- Contact Information: Websites must feature updated contact details to assist consumers in reporting fraud, lodging complaints, or blocking cards.
- Language Accessibility: Information on fees and services must be presented in a consumer-friendly language, including Lithuanian, for local residents.
- Complaints Handling and Customer Fund Protection: Institutions must offer clear guidelines on filing complaints and explain the legal frameworks safeguarding consumer funds, especially in case of insolvency.
- AML/CTF Measures: Public disclosure of anti-money laundering and counter-terrorist financing procedures is required to ensure compliance with regulatory standards.
Personal Data Protection and ICT Regulation
EDPB Publishes GDPR Data Protection Handbook in 17 Languages for SMEs
The European Data Protection Board (EDPB) has released translations of its Data Protection Handbook into 17 languages as part of its 2021-2023 strategy to support small and medium-sized enterprises (SMEs) in complying with GDPR requirements. The Handbook provides practical, easy-to-understand guidance on data protection, aiming to raise awareness and simplify GDPR compliance for businesses.
The Handbook includes various tools, such as examples, videos, infographics, and interactive flowcharts, to help SMEs navigate GDPR obligations. It covers key topics like data subject rights, personal data breaches, and other essential GDPR principles. Additionally, it features materials created by national data protection authorities, offering a comprehensive resource for SMEs across Europe to enhance their data protection practices. You can find the guide in English here.
Financial and Economic Sanctions
EU Council Updates Best Practices for Implementing Restrictive Measures and Sanctions
The Council of the European Union has published an updated version of its EU Best Practices for the Effective Implementation of Restrictive Measures, providing enhanced clarity on the ownership and control tests under EU asset freeze restrictions. Released on 3 July 2024, the updated guidance addresses key concepts related to sanctions enforcement.
Key updates include:
- Ownership Threshold: The ownership threshold for EU-designated persons or entities has been clarified. An entity is considered owned by an EU-sanctioned person if they hold 50% or more of the proprietary rights or have a majority interest.
- Control Test: The guidance provides new examples of scenarios where EU-sanctioned individuals or entities may exert control over non-designated entities, including large shareholdings, use of shell companies, and front persons.
- Dominant Influence: The update expands the notion of “dominant influence” to include de facto control over a legal entity, even without formal ownership.
- Acting on Behalf or at the Direction: The EU Council emphasises that acting on behalf of or at the direction of an entity is treated as equal to ownership or control for sanctions enforcement purposes.
These updates are intended to strengthen the effectiveness and enforcement of EU restrictive measures, ensuring greater compliance across the bloc.
European Commission Updates Dual-Use Items List for Export Controls
The European Commission has issued a Delegated Regulation updating the EU Dual Use List in Annex I of Regulation (EU) 2021/821. This update aligns with international export control regimes like the Wassenaar Arrangement and reflects technological advancements.
Key updates include:
- Nuclear Materials (Category 0): Changes to heavy water production specifications.
- Special Materials (Category 1): Updates to composite structures and catalysts.
- Telecommunications (Category 5): Revised cryptography definitions.
- Aerospace & Propulsion (Category 9): New specifications for rocket systems.
The updated list will take effect after its publication in the Official Journal of the EU later this year.
Consumer Protection Regulation
Bank of Lithuania Issues Guidelines on Payment Cancellation and Tracing Procedures
The Bank of Lithuania has addressed common misunderstandings between financial institutions and fraud victims regarding payment cancellation and tracing procedures. The key recommendations include:
1. Prompt Responses: Financial institutions should quickly respond to cancellation requests.
2. Clear Information: Provide clear details on the status of “reserved funds” and their recoverability.
3. Customer Communication: Inform customers about the payment process and steps for cancellation or tracing.
Best practices include 24/7 availability, real-time updates, and multiple submission channels. Poor practices involve limited service hours and unclear information about reserved funds.
Bank of Lithuania Proposes Amendments to Strengthen Consumer Rights in Payment Services
The Bank of Lithuania has proposed amendments to the Payment Law to prevent providers from bundling non-payment services without consumer consent. Key points include:
1. Consumer Choice: Customers should be free to select payment services that suit their needs without unwanted add-ons.
2. No Unilateral Bundling: Providers cannot impose additional products without consent.
3. Separate Services: Consumers must be able to use payment accounts independently of non-payment services.
4. Transparent Pricing: Clear pricing for bundled and separate services must be provided.
These changes aim to enhance transparency and consumer protection in payment services.
Labour Law
Employment Service Offers Subsidies for Skills Development and Hiring Highly Qualified Employees
The Employment Service provides subsidies to support employers and employees in enhancing qualifications and attracting talent. Key initiatives include:
1. High Value-Added Qualifications: Employees can receive subsidies for acquiring or upgrading qualifications. The subsidies are up to €8,316 for high-value qualifications and up to €4,620 for upgrading existing skills.
2. Hiring Highly Qualified Employees from Abroad: Employers can apply for a one-time subsidy of up to €6,652.8 when hiring highly qualified foreign employees, excluding Ukrainian citizens. This program has been in effect since July 2022.
These subsidies aim to boost workforce skills and attract international talent.
Crypto Regulation
EBA Publishes final report on guidelines on liquidity stress testing under MiCAR
The final report concerns the stress testing of asset-referenced tokens and electronic money tokens and is now available in all official EU languages. It also includes a list of regulators with their compliance timelines regarding these new requirements.
Subscribe now and get RegRally Regulatory Compliance Updates, an overview of the most significant monthly Regulatory news, and expert recommendations!