The role of a financial regulator

When must a global business approach a financial regulator?

Stuart Davis: The following two key situations would warrant this:

A company wanting to pursue a regulated activity in a jurisdiction may need to apply for a licence.  

Example: To provide payment services in the UK, the company needs a licence from the Financial Conduct Authority (FCA).¹  

A company planning to invest in a licensed business may need to obtain regulatory approval before completing the investment. It is important to be aware that, in regulatory terms, approval may be triggered at relatively low thresholds — for instance, in the UK and many EU countries, approval is required for acquiring 10% of equity or voting rights in a regulated business.

Example: If a pension fund acquires 15% of the shares in a European bank with licensed entities across multiple countries, it will likely need to submit controller applications to regulators in several jurisdictions before completing the transaction (and the transaction may also be subject to the approval of the European Central Bank).  

‍How geopolitics (don’t) affect financial regulatory approvals

‍Do geopolitics affect the regulator’s decisions?  

‍Stuart Davis:Not directly.

Regulators typically focus on ensuring regulatory compliance rather than pursuing (geo-)political agendas.

For example, in the UK, the financial services regulators, the Financial Conduct Authority (FCA) and Prudential Regulation Authority (PRA), operate under statutory objectives set out in the Financial Services and Markets Act 2000.² Protecting national or economic security — policy areas heavily influenced by geopolitics — are not within their mandates, which focus on matters such as the functioning of market, consumer protection, and micro-prudential issues. Geopolitics typically matter only if they impact compliance with such requirements.  

‍Brexit was a geopolitical event of the highest magnitude in Europe. How does its impact on financial regulation compare to that of the Russo-Ukrainian war, the on-going wars and conflicts in the Middle East, or rising U.S.-China tensions?  

‍Stuart Davis: Interestingly, Brexit can be said to have had a greater practical impact on financial regulation than those other geopolitical situations. This is because, before Brexit, the UK and EU financial markets were deeply integrated. Geopolitical shifts between less interconnected countries typically have a smaller impact, as there is less to disentangle from a regulatory standpoint.  

Brexit effectively divided Europe into two distinct financial service zones: the UK and the EU. This “bipolar Europe” for financial services led to regulatory fragmentation. Since Brexit, regulators on both sides of the English Channel have had to prioritise policing their regulatory perimeters.  

EU regulators, in particular, were concerned that financial service providers might retain most of their operations in London while establishing only letterbox entities within the EU. In response, stricter localisation requirements were introduced to ensure businesses could be effectively supervised within the EU.  

‍The indirect effect: localisation

‍You mention stricter location requirements resulting from regulatory fragmentation. How much “local substance” must the domestic entity have to qualify for a licence?  

‍Gabriel Lakeman: Regulators generally focus on a range of issues of ‘substance’, including having a locally licensed entity in the jurisdiction with:

• Staff physically present in the jurisdiction engaged by the local entity.
• Capital requirements fulfilled locally.
• Local management, including board members and senior executives.

Global players often seek to outsource key functions, particularly when they are new to a market and face the risk of failure. However, regulators are now subjecting such arrangements to greater scrutiny.  

Businesses must show they can manage risks locally and maintain local operations during disruptions.

‍What must companies provide to demonstrate such operational resilience at a country level?  

‍Gabriel Lakeman: Firms must maintain sufficient local expertise to effectively supervise outsourced functions, and ensure they can manage disruption to the provision of outsourced services, including in an intra-group context. For example, the EU’s Digital Operational Resilience Act (DORA),³ which is going to take effect this year, marks an increased regulatory focus on IT risk management and digital operational resilience, intended to ensure businesses can operate and continue to provide financial services through disruptions.  

Resilience is a priority for UK regulators and those outside Europe as well. The necessary overhead is especially costly for regulated financial service providers that rely heavily on technology.  

‍Stuart Davis: Regulators expect to be able to effectively supervise business. Today, this typically results in the following demands from regulators:

• Keeping critical data and functions accessible within the jurisdiction.
• Showing that systems can handle disruptions, whether due to financial, technological, or geopolitical events.

This requires significant investment in local operations.  

‍Localisation: compliance systems

‍Sanctions have risen significantly in numbers and scope due to geopolitical events, e.g., the Russo-Ukrainian war. Are they affecting compliance requirements for licensed entities?  

‍Stuart Davis: Yes. The UK FCA’s level of focus on sanctions, AML, and terrorism financing (CTF) policies and procedures has significantly increased, and areas such as transaction monitoring systems are coming under increased scrutiny to ensure that they work well enough to detect financial crime risks.  

Local expertise and fully operational compliance systems in each area of financial crime are prerequisites for retaining a licence.

‍Gabriel Lakeman: To clarify, these are not new compliance requirements. What we are observing is a refocusing of regulatory priorities. Existing rules can remain unchanged but will become subject to stricter enforcement.

‍Localisation: cost implications & reverse solicitation

Localisation is costly. Are foreign clients reconsidering market entry due to higher regulatory costs?  

‍Stuart Davis: Yes, especially in the UK. Before Brexit, a UK licence granted access to all EU Member States through passporting. Now, businesses must weigh the benefits of a UK licence against those of an EU Member State licence, which provides access to 27 countries. Regulators are taking stricter approaches to provision of cross-border services without a local licence.

Despite this, many businesses still consider the UK market valuable enough to maintain alongside the EU, even if that requires holding two licences instead of one.  

‍Gabriel Lakeman: The EU’s Markets in Crypto-Assets Regulation (MiCA) framework⁴ for digital assets shows this trend. Although its application varies between jurisdictions, “reverse solicitation” is an established regulatory approach in many regimes. This allows a business without a local licence to offer services cross-border, provided it is not actively soliciting clients within the jurisdiction.  

‍Examples: A client requests a crypto or securities investment account without prior advertising, contacts a firm for wealth management advice, seeks cross-border banking services, or asks to invest in a specific fund not promoted in their jurisdiction.  

MiCA imposes legislative requirements significantly limiting the flexibility for individual EU Member States to interpret rules around “reverse solicitation” in a digital assets context. This represents a tightening of these rules, bringing in a pan-EU harmonised approach that deters providers from responding to unsolicited requests, thereby effectively raising trade barriers in financial services.  

More broadly, and beyond a purely crypto context, providers now increasingly risk penalties or exclusion from the EU market unless they set up onshore entities and apply for licences to serve EU customers. Similarly, in the UK, the FCA has narrowed its definition of unsolicited services and sought to take a broad approach to application of financial promotion requirements to limit the ability for firms to maintain services are being provided on a genuinely unsolicited basis.  

These regulatory trends push businesses to establish onshore operations with sufficient local substance.  

‍Regulatory uncertainty: predictability of decision-making

‍Have regulatory decisions become less predictable?  

‍Stuart Davis: Yes, they are less predictable now than they had been before the Global Financial Crisis.  

In the early 2000s, approvals for financial institutions were more straightforward. After the crisis, rules for banks and investment firms tightened. Smaller providers, like payment companies, still typically received licences with a lower level of scrutiny than we are seeing today.  

Today, regulators are much more cautious. Applications face higher standards and greater scrutiny. Even strong applications typically encounter delays.  

‍Are these delays a temporary or a structural problem?  

‍Stuart Davis: To some extent these delays reflect resource constraints. Geopolitical shifts, like Brexit, drive regulatory fragmentation. But markets do not fragmentate immediately. Demand does not localise overnight.  

So, more businesses submit more filings to continue serving the same customers. This increases filings and causes further delays. The high volume of applications can overwhelm regulators, and gives rise to concerns from regulators that markets may become harder to supervise.  

This shows how a geopolitical shift, like Brexit, indirectly impacts the performance of the regulatory system.  

‍Nationality & origin: do they matter?

‍Financial regulators may check whether senior managers and incoming board members of licensed entities are “fit and proper” for their roles.⁵ Does the nationality of citizens play a role in that assessment?  

‍Gabriel Lakeman: No, not directly. Financial regulators typically focus on factors such as expertise, time devoted to the role (including time spent in the relevant jurisdiction), and past reputational history (potentially including criminal record checks).  

However, if sanctions or visa bans begin to affect an individual’s ability to perform their duties as a member of the board or senior management, nationality may become a relevant factor.  

‍Do investors from certain jurisdictions face more challenges in obtaining approval?  

‍Stuart Davis: Not because of their origin per se. Challenges arise if investors, due to their origin and applicable laws, cannot provide sufficient information for the relevant approval filings. This may include information on funding sources, financial guarantees or information on the financial performance of their subsidiaries.  

The UK and EU regulators have mechanisms to extend timelines for foreign investors. This shows that these regimes are not averse to foreign investment, and acknowledge the higher hurdles foreign investors face providing required information.

‍

Stuart Davis and Gabriel Lakeman are partners at Latham & Watkins LLP in London.