ROMANIA Law and Practice Contributed by: Sergiu-Traian Vasilescu, Luca Dejan, Bogdan Rotaru and Ana-Maria Bută, VD Law Group
2.11 Implications of Additional, Non- Financial Services Regulations The implementation of additional non-financial services regulations related to privacy, cyberse - curity, social media content, and software devel - opment has significant implications for industry participants. Companies will need to adapt to stricter data protection laws and comply with enhanced cybersecurity requirements, impos - ing an additional burden on newer tech-driven companies to ensure robust security measures. Outdated firms with existing systems may find it quite complicated to update to the changing standards, while new-age players often have the upper hand by designing their systems in compliance with such requirements. Added to this, increased scrutiny from legislation regard - ing social media content has resulted in many more compliance obligations for digital services in preventing the spread of harmful material. This makes the entire regulatory landscape for compliance more complex, especially for those businesses that either have to modernise their operations, or realign their practices with the increasing number of compliance laws. 2.12 Review of Industry Participants by Parties Other than Regulators Besides regulators, the industry is also reviewed by accounting and auditing firms, vendors and industry bodies. Such firms make certain that a set of financial reporting standards is followed, and independent audits are carried out to ascer - tain the truthfulness and integrity of financial statements. In particular, tech and supply chain vendors perform assessments to determine compliance with contractual obligations and industry standards. Various industry bodies and trade associations monitor actions as well, set - ting ethical standards and ensuring sector mem - bers adhere to sector-specific guidelines. Such requirements – while usually complementary to
ling critical financial infrastructure (eg, major payment gateways) could fall under its scope. For crypto-asset services, the MiCA imposes gatekeeper-like obligations on platforms, man - dating transparency, custody safeguards and accountability for activities on their platforms. Similarly, under the Digital Services Act (DSA), fintechs hosting third-party financial services (eg, P2P lending platforms) must monitor illegal content and comply with due diligence require - ments. In Romania, fintech providers must align with these EU rules. While smaller firms may avoid “gatekeeper” status, larger platforms face heightened responsibilities, including anti-mon - ey laundering compliance, data protection and operational resilience. 2.10 Significant Enforcement Actions Romanian regulators have taken significant enforcement actions in several key sectors. These include in respect of market manipula - tion and price regulation, for which large fines have been imposed in the energy sector; non- compliance with consumer protection legislation and transparency requirements in banking prac - tices leading to sanctions in the financial sector; violations of data protection principles and the practice of unfair competition in telecommuni - cations and IT; and misleading advertising far in excess of accepted standards and other unfair commercial practices by the retail sector. These actions reflect the active efforts of the regulators, aimed at maintaining a solid regulatory frame - work and safeguarding integrity in the markets and safeguarding consumer interests in the top business sectors in Romania.
723 CHAMBERS.COM
Powered by FlippingBook