CySEC’s Supervisory Priorities for 2024

On the 27th of March 2024, the Cyprus Securities and Exchange Commission (CySEC) has announced its Supervisory Priorities for 2024, to reinforce investor protection, targeting Cyprus Investment Firms (CIF) that provide services on a cross-border basis.

Dr George Theocharides, Chair of CySEC warned: “Regulated entities that do not have adequate governance structure and effective control functions around compliance, internal audit and risk management will not survive in the current regulatory environment. There can be no last chances when investors are being put at risk.” In this respect, the detailed list of CySEC’s Supervisory Priorities 2024 for investment firms and asset managers is outlined below, for

1. Investment Services Firms
2. Asset Management Firms

We regularly share bite-sized insights on LinkedIn such as those found in this release

1. Investment Services

CIF regulated entities must take a more scrutinized supervision approach by: 

  • Applying a functional organisational approach, including effective governance, compliance, internal audit, and customer asset protection arrangements. 
  • Following professional conduct rules regarding information addressed to customers or future customers, including:  
    • marketing communications,  
    • onboarding customer processes, such as categorization, appropriateness, and target market assessment,  
    • personnel remuneration,  
    • conflicts of interest,  
    • product monitoring, 
    • national intervention measures regarding the distribution and sale of Contracts for Differences (CFD), and  
    • provision of cross-border provision of services. 
  • Evaluating potential negative investor and market practices, encompassing:  
    • offering services in fractional shares,  
    • communicating to investors about applicable costs or charges,  
    • implementing sustainability requirements,  
    • the application of pre-trade controls, and  
    • the use of copy trading. 
  • Assessing the resilience of CIF business models, focusing primarily on the arrangements put in place for monitoring their capital adequacy, Pillar I, and II, and ensuring compliance with reporting requirements and disclosing relevant information, Pillar III. 
  • Ensuring the sustainability of CIF entities by establishing and enforcing measures to be taken where early signs of financial distress exist. 
  • Analyzing the firms’ governance framework adequacy, emphasising the effective procedures for identifying, monitoring and managing the risks, to which they are exposed or potentially exposed and the remuneration policies. 
  • Administering initiatives to address risks in the Information and Communications Technology (ICT) field and preparing for the Digital Operational Resilience Act (DORA) implementation. 
  • Preparing for the Markets in Crypto-Assets (MiCA) implementation. 
  • Enhancing the quality and oversight of data, as referred to under: 
    • Markets in Financial Instruments Regulation (MiFIR),  
    • European Market Infrastructure Regulation (EMIR),  
    • Central Securities Depositories Regulation (CSDR),  
    • Securities Financing Transactions Regulation (SFTR), and  
    • Securitisation Regulation. 

2. Asset Management

The CySEC 2024 supervisory priorities for asset managers include the following: 

  • Ensuring compliance with regulatory requirements, concerning:  
    • sustainability risks and relevant disclosure obligations,  
    • asset valuation processes,  
    • effective liquidity management, as well as  
    • leverage levels monitoring and management.  
  • Conducting extensive data collection and analysis regarding investment funds’ exposure in Commercial Real Estate. Implementing supervisory measures, if necessary, to strengthen the resilience of investment funds and mitigate any vulnerabilities arising from the real estate sector that could threaten the financial stability of Cyprus. 
  • Bolstering the quality and oversight of data pertaining to transactions and derivative contracts as reported in accordance with the Alternative Investment Funds Managers Directive (AIFMD). 

In this way, to ensure compliance, regulated firms must have the appropriate internal policies and tools in place as well as implement prudent governance practices with active oversight by the management body. Furthermore, obliged entities shall assess the competence of governance structures, and the functionality of monitoring practices including compliance, internal audit and risk management.  

In addition to these enhanced measures, CIF entities and asset managers should observe and improve their marketing communications and enforce measures to identify threats in the ICT field. It is also important to note that DORA compliance preparation is essential and as CySEC’s Chairman emphasised, they should “consider investing in technology solutions/tools that complement firms’ efforts to ensure business resilience and regulatory compliance.” 

To this end, Investment Firms should expect to be subject to ongoing engagement from supervisory teams and specific feedback on the analysed additional measures, including communication with the board of directors. 

Final Thoughts

Considering all the above, CySEC’s supervisory agenda remains centered on the existing approach. However, due to the introduction of new financial technologies and increase of social media usage, enhanced supervision and strategies are needed to ensure investor protection and market integrity. CySEC’s outlined priorities are subject to possible changes if necessary, depending on regulatory developments or events 

At SALVUS we have a determined Regulatory Compliance team ready to support your business with the regulatory and compliance challenges you face. Please contact us at i info@salvusfunds.com or call us at +357 7000 7898 to discuss how we can be of value. 


Share this post