In both the EU and the UK, banks are increasingly impacted by non-financial services regulations that apply horizontally across economic sectors.
Examples include the EU Cyber Resilience Act (CRA) and new UK rules around prohibitions on payment and processing of ransomware payments.
Given the already high regulatory standards in financial services, it is important to avoid duplicative and contradictory requirements that offer no additional security while causing significant operational burdens which can hinder banks’ risk management.
AFME therefore advocates for sectoral exemptions where financial-sector requirements remain in place enabling a single, high-standard framework to govern financial services.
