Financial Markets Regulatory Outlook 2023
Confronting the polycrisis
Deloitte's 2023 Financial Markets Regulatory Outlook explores how major regulatory trends will affect the financial services industry across UK and Europe in the year ahead, and how leaders can anticipate and respond to them effectively. The report identifies nine cross-sector regulatory themes of strategic significance and three related spotlight topics.
Regulatory Outlook 2023 — Key findings
Nine key themes and three related spotlight topics identified:
1. Strengthening transition plans and disclosures – tackling climate change for real
- Firms need to change gear on transition planning, from stating ambitions and setting targets to taking action.
- The foundational structure of corporate sustainability reporting requirements and the schedule for future developments is largely set, but substantial areas of detail remain to be elaborated or agreed, and there is much to do to implement the requirements.
- The EU Corporate Sustainability Due Diligence Directive is expected to be finalised this year and will bring to the fore explicit and binding requirements around supply chain due diligence.
2. Climate risk and the climate-nature nexus – making managing environmental risk business as usual
- Use of Pillar 2 framework (for banks) is now established and will likely become more widespread in 2023.
- Supervisors expect banks and insurers to be able to demonstrate that climate risk management is having a consequential impact on business decisions.
3. Digital assets and payments – policy implementation begins
- New EU and UK regulatory frameworks will increase the oversight of digital asset firms and enable regulated firms to develop their medium-term strategies, although some detailed requirements will only emerge later in 2023.
4. Operational resilience and critical third parties – a year of real tests
- With policy work largely complete, firms need to focus on the implementation of operational resilience requirements, with supervisors set to be on the lookout for tangible evidence of progress in building resilience.
- The Digital Operational Resilience Act’s (DORA) January 2025 implementation deadline requires EU firms to make rapid progress in 2023 across new IT risk management, reporting, testing and third-party (TP) risk management requirements.
Financial Markets Regulatory Outlook 2023
Figure 1. Number of publicly disclosed global cyber attacks over time
5. Credit risk – storm clouds forming
- Borrowers are facing significant pressure: retail borrowers primarily from increased interest rates and the cost-of-living crisis; commercial borrowers from increased input costs, higher interest rates and demand side challenges due to purchasers trying to trim their budgets as much as possible.
6. Capital framework – more to come
- We expect the EU and UK to finalise their approaches to implementing Basel 3.1.
- The Solvency II reviews in the EU and the UK will continue developing over the course of 2023.
7. Capital markets – renewed focus on market resilience
- In the wake of very serious disruptions to market liquidity and extreme price volatility in the course of 2022, we expect supervisors to focus their efforts on firms’ counterparty credit risk management frameworks, margining practices and booking arrangements to ensure that firms remain resilient to any future market dislocations.
8. Model risk management – do you know what you are looking for?
- Climate risk and the use of artificial intelligence (AI) / machine learning (ML) have emerged as specific areas of supervisory concern in the EU and UK, each of which creates novel challenges from a MRM perspective. Supervisors will expect firms to be able to demonstrate that they are not beholden to “black boxes” for climate risk modelling, and to demonstrate that people, not AI/ML tools, are ultimately responsible for understanding and taking business decisions.
9. Financial crime – running faster just to stay in place
- Many firms’ financial crime operating models continue to fall short of expectations. Fixing these issues requires significant organisational change to eliminate silos, to change resourcing models, and to leverage new technologies, in economic conditions where firms will be under pressure to control costs.
- EU Digital Markets Act – the implications for financial services: The Digital Markets Act (DMA), which entered into force on 1 November 2022, introduces measures to limit the anticompetitive behaviours of designated “gatekeepers”.
- New UK Consumer Duty – rolling out new protections: The UK Consumer Duty (the Duty) is the most material piece of cross-sectoral conduct regulation in the UK of the last decade. It will require firms first to define good outcomes and then design the metrics to measure and monitor them.
- The future UK regulatory framework – significant change ahead: The UK Government is proposing widespread changes to its financial services (FS) regulatory system, having set out its “Edinburgh Reforms” in December, aimed at making the UK FS sector “open, sustainable and technologically advanced”. The package represents the most significant and extensive package of regulatory change since the UK left the EU.
About the EMEA Centre for Regulatory Strategy (ECRS)
The Deloitte EMEA Centre for Regulatory Strategy is a powerful resource of information and insight, designed to assist financial institutions to manage the complexity and convergence of new regulation. The Centre combines the strength of Deloitte's regional and international network of experienced risk, regulatory and industry professionals.
About the ECRS Nordics Hub
The Nordics Hub draws on the ECRS’ breadth of regulatory analysis to bring relevant insights to financial institutions in the Nordic countries. The Nordics Hub helps broaden and deepen connectivity between Deloitte practitioners across the region on regulatory strategy topics.