UNITED KINGDOM Trends and Developments Contributed by: James Burnie, Chris Elwell-Sutton, Tom Goff and Thomas Hulme, gunnercooke llp
entities agreeing to contractually bind themselves to UK law contracts in order to benefit from the cer - tainty that this provides. This development has been further supported by recent work led by the UK Law Commission regarding the formal legal recognition of crypto-assets as a form of property, in contrast to the view that purely digital data cannot constitute prop - erty. This shift has strengthened market confidence in the UK as a stable and predictable jurisdiction in which to operate, reflecting a move towards treating crypto-assets in a manner consistent with established legal and societal principles. The bad While the UK has positioned itself as a hub of inno - vation, it is worth noting that it is equally capable of employing the stick rather than the carrot in pursuit of that goal. This is particularly demonstrated by the extension of the so-called general prohibition, set out in Section 21 of the Financial Services and Markets Act 2000, to include unregulated crypto-assets that are fungible and transferable (noting that securities tokens are already generally in-scope). The impact of this has been to prohibit an invitation or inducement to engage in investment activity (a “financial promotion”) in relation to in-scope crypto-assets unless either (i) such financial promotion has been approved by an FCA-authorised firm with the competence to sign off the financial promotion; or (ii) the financial promotion is made in accordance with one or more of the clearly defined exemptions from the general prohibition. The exemptions to the restriction on in-scope unregulated tokens are narrow, and the two most used are those in relation to fund managers and corporates of a certain size. A breach of the general prohibition is a criminal offence in the UK, and the FCA has flagged that banks and payment service providers that support firms in breach are handling the proceeds of crime, which in itself is a criminal offence if the appropriate steps are not taken. The consequence of this is that, even if a crypto-asset firm locates itself outside of the UK, in an attempt to make it practically harder to take action against the project directly, the banking providers will cease to support the firm in breach, meaning that, in practice, it cannot operate.
The financial sector has been familiar with KYC (know your customer) for many years. More recently, they have been getting to grips with KYT – “know your transaction”. A response to the explosion of increas - ingly sophisticated payment fraud, this principle has driven a strong focus on robust due diligence on pay - ment transactions. Favoured techniques for imple - menting KYT include AI-driven transaction monitoring and enhanced analysis of transactional behaviours. An alternative interpretation of this acronym could be “KYT” (know-your-tech). Rather than focusing on detecting external bad actors, this principle is inward- looking and requires firms to ensure that they handle innovation with due care and consideration of the risks involved. This concept aligns closely with the GDPR principle of Privacy by Design as well as Article 10 of the EU AI Act, both of which require firms to bake data and privacy risk considerations into tech initiatives at the design phase – not as an afterthought. Whether we call it KYT, Privacy by Design or just good old- fashioned common sense, this issue is moving up the agenda for boardroom decision-makers in financial services, especially in the context of AI. When deployed in a targeted, strategic manner, AI undoubtedly drives business efficiency. Nonethe - less, its use presents several major potential pitfalls in terms of privacy, human rights, IP and accuracy. These challenges apply to all sectors but involve an additional layer of risk for regulated financial services entities. One key risk factor relates to accuracy. AI-driven pro - cesses often give the impression of 100% accuracy but are prone in certain circumstances to significant errors through hallucination or bias. This means that, even if AI has a better statistical outcome rate than humans, the use of AI may also involve the accept - ance that mistakes can be made. In the retail space in particular, this is driving risk controls aimed at mitigat - ing the potential impact of AI errors. For example, in the context of developing retail insurance products, kill switches and other forms of human intervention are being inserted into the relevant processes to protect against inaccuracy, bias and violation of the GDPR prohibition on fully automated decision-making producing significant effects for individuals.
955 CHAMBERS.COM
Powered by FlippingBook