Navigating Regulatory Compliance Post-Brexit: What Have We Learned So Far?


2021 has already brought with it a great deal of change, not least the end of the Brexit transition period.

Financial services firms in the UK started this new phase with more questions than answers, in large part because the EU-UK Trade and Cooperation Agreement (TCA) did not particularly consider financial services. An additional layer of complexity now exists, no matter which country a firm calls home.

UK firms must still comply with EU regulations for AML & KYC protocols if they want to continue doing business there. And because the reverse is also true, it’s unclear whether the City of London will continue its legacy as the financial centre of Europe.

In April of this year, the UK passed the Financial Services Act 2021, which laid out future regulatory requirements for the UK. These include opportunities to bypass red tape as much as possible, maintaining active commerce between the UK and Europe.

Not much time has elapsed since then—but in the six months since the Brexit transition was complete, firms have experienced both challenges and successes.

Here’s a look at the lessons we’ve learned so far.

Post-Brexit Financial Services Challenges

The list of challenges is (unsurprisingly) long, particularly for the City of London. The financial services sector contributes 7% of the UK’s total GVA, so continued activity in the industry is vital to the UK’s economy.

But in a recent report, New Financial identified 440 banking and finance firms that are moving or have moved part of their business, staff, or assets out of the UK and into the EU. They further estimate that many firms likely slipped past their radar, implying that this figure minimises the actual impact.

While this is sobering news in some respects, it’s also an opportunity for UK firms to look further afield for opportunities to expand their impact. (More on post-Brexit opportunities in the following section.)

The UK is not the only entity struggling to find new footing after Brexit. Here are some challenges that have had ripple effects on both sides of the split:

  • Passporting: Passporting has traditionally allowed financial firms to establish a branch in EU member states. They could provide direct cross-border services, with regulatory supervision carried out by the firm’s home country. Now that passporting does not apply to the UK, firms will need to meet authorisation requirements from EU member states to access the EU market. They’ll have to comply with both UK and member state regulations to conduct business. By the same token, EU firms will need to be explicitly authorised by the UK.
  • AMLD5 and AMLD6: UK firms now have three sets of regulatory requirements to contend with while conducting business in the EU: UK requirements, local AML regulatory requirements, and the EU’s AML requirements. AMLD5 has already been transposed into British law, but AMLD6 has not. While dictates are viewed as largely consistent between the two, this distinction creates an additional layer of complexity. As does the fact that national AML laws can vary within Europe, so UK businesses now must keep an eye on member state requirements. This forces any compliance programme to account for the differences in each system and how it will affect their obligations.
  • Cross-border restructuring and relocation: Cross-border entities have been forced to restructure and will continue to do so, as the New Finance study demonstrated. Banks have already begun transferring parts of their UK-based business interests to locations in the EU. EU-based firms that want to operate within the UK have to face more challenges in building a presence there, prompting many to reconsider.
  • Data privacy and GDPR: At the time of writing, the UK has given data adequacy to the EU, and the EU has voted to extend “adequate” status to the UK as well. Europe’s General Data Protection Regulation (GDPR) has become the global standard in data privacy, and UK regulators will have to ensure that firms continue to comply with GDPR protocols and those in the UK to ensure smooth data transfer. Although the UK’s data protection protocols currently mirror GDPR, there is concern that laws will diverge over time, complicating cross-border data flow.

Post-Brexit Financial Services Successes

It’s not all an uphill climb following Brexit, and there are genuine silver linings to be found—especially for firms ready to implement change.

For one thing, the UK has announced the intention of deeper cooperation with Switzerland, another well-known financial hub in Europe. A mutual recognition agreement is in the works, and would lower barriers to entry for UK firms looking to conduct business in the Swiss market (and vice versa).

The brightest post-Brexit opportunities, however, lie in financial technology (or “fintech”).

Cybersecurity provider ESET conducted a study showing that nearly two-thirds of UK business leaders intend to invest in fintech in 2021-2022.

The majority of senior managers report that fintech solutions are easier to set up, configure, and use than traditional methods, and that investing in fintech will make it easier for businesses to operate across borders in a post-Brexit world.

Automated compliance systems can respond in real time to changes in regulatory requirements, and adjust protocols based on local regulations as required. In addition, these systems generate alerts if documentation is missing or if processes were out of compliance, and they can do so retroactively.

Manual onboarding, verifications, and monitoring processes for AML/KYC compliance are still the norm for thousands of firms, and Brexit poses significant challenges to that traditional framework—not to mention the challenges post by advanced fraud and money-laundering techniques. Brexit aside, manual management is no longer a viable option for firms taking a risk-based approach.

Fintech companies have also begun to collaborate like never before on truly transformative end-to-end solutions.  

Cross-border collaboration means software that is flexible, configurable, and scalable, and not married to a single country or technology system.

And there are other hopeful signs that fintech is here to stay, and won’t be weighed down by bureaucracy. Chancellor Rishi Sunak’s 2021 Spring Budget includes fast-tracked visa accommodations specifically for fintech specialists, a recommendation from the Kalifa Review of UK Fintech intended to keep the post-Brexit fintech industry alive and humming in the UK.

Despite the challenges, there is opportunity to be found in Brexit—the opportunity to expand to new markets, adjust regulation to welcome fintech, and redefine the UK’s relationship to global capital.

We look forward to seeing what the rest of 2021 (and beyond) has in store.

In the meantime, stay competitive and adaptable with a compliance framework that is ready for anything. Click here to download our Guide on How to Future-Proof Your Regulatory Framework.