Amendment of the Financial Services and Markets Act 2000 (Disclosure of Confidential Information) Regulations 2001U.K.
6.—(1) The Financial Services and Markets Act 2000 (Disclosure of Confidential Information) Regulations 2001(1) are amended as follows.
(2) In regulation 2(2), insert at the appropriate places—
““capital requirements directive information” means confidential information received by the PRA—
before IP completion day in the course of discharging its functions as the competent authority under the capital requirements directive;
after IP completion day in the course of exercising its functions in or under the Act or retained EU law which functions are equivalent to the functions as the competent authority set out in the capital requirements directive;”;
““PRA worker” means—
a person who is or has been employed by the PRA; or
an auditor or expert instructed by the PRA;”.
(3) In regulation 9(3), after paragraph (4), insert—
“(4A) Paragraph (4) does not apply where regulation 10C applies to the disclosure of confidential information.”.
(4) After regulation 10B(4), insert—
“Disclosure of capital requirements directive information to International Financial Institutions
10C.—(1) Subject to the conditions in paragraph (2), the PRA or a PRA worker is permitted to disclose capital requirements directive information to an organisation specified in the first column of Part 6 of Schedule 1 for the purpose of enabling or assisting that organisation to discharge any of the functions listed beside it in the second column of Part 6 of Schedule 1.
(2) The conditions are as follows—
(a)the organisation must make an explicit request for the confidential information;
(b)the request is precise as to the nature, scope and format of the confidential information and the means of its disclosure or transmission;
(c)the confidential information requested is necessary for the performance of the specific tasks of the organisation making the request and does not go beyond the functions conferred on that organisation;
(d)the organisation making the request justifies it by reference to its tasks; and
(e)to the extent that the disclosure of confidential information involves processing of personal data, any processing of personal data by the organisation making the request complies with the UK GDPR.
(3) In this regulation, “the UK GDPR” has the same meaning as in Parts 5 to 7 of the Data Protection Act 2018 (see section 3(10) and (14) of that Act).”
(5) In Schedule 1—
(a)in the table in Part 3(5), after the entry commencing “An authority responsible for maintaining the stability” insert—
| “A financial intelligence unit in a third country | Its functions as such |
| An authority in a third country responsible for the application of rules on structural separation within a banking group | Its functions as such” |
(b)at the end, insert—
“PART 6U.K.
| Organisation | Functions |
|---|---|
| International Monetary Fund | Its functions in relation to assessments for the Financial Sector Assessment Program |
| World Bank | Its functions in relation to assessments for the Financial Sector Assessment Program |
| Bank for International Settlements | Its functions in relation to quantitative impact studies |
| Financial Stability Board | Its surveillance functions” |
Commencement Information
I1Reg. 6 in force at 29.11.2020, see reg. 1(4)
There are amendments to regulation 2 which are not relevant to these Regulations.
Paragraph (4) was inserted by S.I. 2010/2628 and substituted by S.I. 2013/3115. A further substitution by S.I. 2019/681 comes into force on IP completion day. There are other amendments to regulation 9 which are not relevant to these Regulations.
Regulation 10B was inserted by S.I. 2014/3348.
Part 3 of Schedule 1 was amended by S.I. 2014/3348 and 2019/681.