Updates to our 2025 supervisory risk data collection

Glossary

Defined terms are indicated throughout this document as follows:

ACR

annual compliance return

AMLSP

anti money laundering service provider

DNFBP

designated non-financial businesses and professions as defined in part 3 of Schedule 2 of the Proceeds of Crime (Jersey) Law 1999

JFSC

Jersey Financial Services Commission

JPF

Jersey private fund

independent registered NPOs

an NPO registered under the Non-Profit Organizations (Jersey) Law 2008 that does not use the services of a TCB registered person

NPO

non-profit organisation

Prescribed NPO

an NPO as defined under Article 1 of the Non-Profit Organisations (Prescribed NPOs – Additional Obligations) (Jersey) Order 2022

registered person

a person who is registered, or holds a permit or certificate, as applicable, under one or more of the regulatory laws

reporting entity

either a registered person or a supervised person

TCB

Trust company business

TCB administered NPO

an NPO that uses the services of a TCB Registered Person

SRDC

supervisory risk data collection

SBL

Proceeds of Crime (Supervisory Bodies) (Jersey Law 2008

supervised person

a person that is subject to supervision by the JFSC in accordance with the SBL

1 Executive summary

1.1 Overview

1.1.1   This guidance note outlines key developments and future plans for our supervisory risk data collection (SRDC) process. The SRDC is a critical tool used to inform our risk-based supervisory model and support national risk assessments (NRAs), including obligations under MONEYVAL and other international standards.

1.2  Purpose and strategic direction

1.2.1   The data collected through the SRDC allows us to identify key risk areas and will form the basis of a strategic review of the data we collect for our supervisory risk purposes. We aim to reduce regulatory burden while enhancing the quality and relevance of data collected.

1.2.2   The SRDC provides valuable data for benchmarking sector risks, both through our risk model and via industry publications of sector-based aggregated data.

1.2.3   In addition, the data forms a valuable source of information for external agencies, on an aggregated basis, and contributes to Jersey’s broader financial stability and economic growth objectives.

1.3  Key updates for the 2025 SRDC

1.3.1   Submission timeline: the 2025 SRDC will be issued on 2 February 2026, with a 3-month submission window, ending 30 April 2026. This change accommodates industry feedback and aligns with UK tax year-end pressures.

1.3.2   Data validation enhancements: improvements to myJFSC upload validations and email notifications will clarify mandatory questions and reduce submission errors.

1.3.3   Sector-specific changes:

  • Sound Business Policy: updates reflect a streamlined list of sensitive activities, reducing from 11 to 5.
  • Prescribed NPOs: annual data collection will continue via Excel workbooks and online surveys, depending on administration type.
  • DNFBP group structures: data under review and no further collection is planned until conclusions are drawn.
  • AMLSP supervised persons: continued data collection confirms most entities are low to standard risk, potentially informing future collection frequency

1.3.4   A comparison document will be published alongside the guidance issued with the 2025 SRDC next year. This will highlight changes and allow industry to make comparisons against last year’s data request.

1.4  Planned future changes

1.4.1   Fund statistics: transitioning to annual reporting, with the first cycle due 30 June 2026.

1.4.2   Jersey private fund annual compliance return (JPF ACR): proposal to integrate compliance confirmations into the SRDC workbook to streamline submissions.

1.4.3   Wire transfers: Purpose of payment data delayed until 2028, pending ISO 20022 implementation across payment systems.

1.4.4   Jersey Resolution Authority (JRA): No additional prudential questions for 2025; consultation ongoing.

1.4.5   MONEYVAL recommendations: we are exploring existing data sources to meet granular data needs without expanding 2025 SRDC requirements.

2  2025 supervisory risk data collection

2.1  Submission timeframe

2.1.1   Next year’s SRDC, requesting data for the 2025 reporting year, will be issued on Monday 2 February 2026.

2.1.2   The submission timeframe will be 3 months from the date of the request, with a submission deadline of 30 April 2026.

2.1.3   This supports feedback received from the TCB sector that this year’s deadline of 11 April 2025, came at a time when the sector was under additional pressures to prepare client information for the UK tax year end of 5 April.

2.1.4   We are implementing new software technology that allows us to integrate the data we receive from industry much faster. This supports our ability to push the submission deadline back to the end of April. While this update will not affect our external technology interface, it will enable us to process and review data more efficiently. This means we can communicate data exceptions to industry in a more timely manner and incorporate insights into our supervisory risk model more efficiently, allowing us to react quicker to changes in entity risk profiles.

2.2 Data validation and integrity checking

2.2.1   For the 2024 SRDC we introduced additional portal validation to check for completion of certain mandatory questions within the Section I – Global Footprint Excel Workbook, these are set out in section 2 of our Guide to integrity checking your Section I risk based supervision data.

2.2.2   Failure to complete the questions triggered a ‘validation failed’ email to be sent to submitters. Feedback from industry during this process highlighted that the email notifications were not clear on the reasons for the submission failure. Specifically, they referred to cells numbers rather than question numbers.

2.2.3   We have taken this feedback on board and will be amending the validation emails to include reference to the specific questions.

2.2.4   In addition, we will be including new prompts within the workbook to make it clearer which questions are mandatory.

2.3  Customers conducting Sound Business Policy activities

2.3.1   A new question was introduced to the 2024 SRDC asking for the number of customers that carry out any activity listed in Table 2 of the JFSC’s Sound Business Practice Policy.

2.3.2   Following the consultation on changes to the Sound Business Practice Policy, the Sound Business Practice Policy has been relabelled the Sound Business Policy and Table 2 removed, with a shorter list of sensitive/reputational risks. We will be updating the Sound Business Policy questions in each of the sector workbooks to reflect this change. The intent of the question will remain the same, with the list of activity numbers changing from 11 to 5.

2.4  Schedule 2 supervised persons using an AMLSP

2.4.1   The 2024 SRDC exercise was the first year we collected supervisory risk data on supervised persons serviced via an AMLSP.

2.4.2   We will continue to collect the same data in the same format for the 2025 SRDC.

2.5  DNFBP groups data collection

2.5.1   This year, we collected data from DNFBPs to understand their group structures and how FATF Recommendation 23, regarding the applicability of AML/CFT controls in DNFBP financial groups, may impact the local DNFBP sector.

2.5.2   The output of this data is still under review. As a result, there is no intention to seek any further data requests on this subject until the review has been concluded.

2.5.3   There will be no DNFBP groups data request as part of the 2025 SRDC.

2.6  Non-profit organisations (NPO) data collection

2.6.1   We first collected NPO data as part of the 2023 SRDC exercise to inform our supervisory risk model and future national risk assessments.

2.6.2   We will continue to collect NPO data (only in respect of prescribed NPOs) in the same format as we did earlier this year for the 2024 SRDC:

2.6.2.1 Data to be collected from all TCB administered prescribed NPOs via one Excel workbook. The names of the relevant NPOs will be listed in the workbook based on the data held in our records. The questions will remain the same.

2.6.2.2 Data will be collected from all independent prescribed NPOs using an online survey tool, in the same way as the 2023 and 2024 SRDCs.

2.6.3   We intend to collect supervisory risk data from TCB administered Prescribed NPOs on an ongoing annual basis.

2.6.4   For clarity, this does not apply to independent registered NPOs (those that are not Prescribed NPOs).

3  Future changes

3.1  Fund statistics

3.1.1   Following the Government of Jersey’s announcement at the Mid-Year Financial Services Update: Strengthening Jersey’s Competitiveness, we informed industry[1] that we will be transitioning from a quarterly to an annual reporting cycle for fund statistics.

3.1.2   The new annual reporting cycle will be 30 June each year. The submission period will be one month after the reporting period with a deadline of 31 July.

3.1.3   The process will follow the same format and reporting mechanism as in previous years, using the Q4 workbook template that includes the asset location.

3.1.4   The nature of these questions and the method for collecting them will form part of our wider review of data.

3.2  Jersey Private Fund Annual Compliance Return (JPF ACR)

3.2.1   To streamline the frequency of data submissions, we are considering adding the confirmations required in the JPF ACR, usually provided to us in August each year, within the SRDC JPF workbook. We will consider this in 2026 with the aim of implementing it in the 2026 SRDC. We welcome industry feedback on this proposal which can be sent to datacollections@jerseyfsc.org

3.3  Wire transfer purpose of payments

3.3.1   As set out in our 2024 SRDC guidance note, there is no intention to add purpose of payment questions to our wire transfer supervisory risk data collection workbook until at least the 2027 SRDC, collected in 2028, and only for higher risk jurisdictions.

3.3.2   The UK’s main payment system providers continue to work on implementing the ISO 20022 standard, which will introduce standardised purpose of payment information.

3.3.2.1 CHAPS started mandating use of ISO 20022 in May 2025 for payments between financial institutions and will continue to phase its approach to mandated use of purpose codes for all CHAPS payments by November 2027.

3.3.2.2 BACS is yet to announce a date for mandatory use, expected sometime between now and 2027.

3.3.3   Financial messaging network SWIFT remains on track to mandate ISO 20022 use from November 2025.

3.4  Jersey Resolution Authority (JRA) questions

3.4.1   In October 2023[2], we consulted on the potential to include additional prudential questions for banks and investment businesses to support the JRA’s risk understanding of banks’ critical functions. The JRA is still considering what data it needs and how best to collect this. Therefore, no additional prudential questions for JRA purposes will be collected in the 2025 SRDC.

3.5  MONEYVAL Mutual Evaluation Report

3.5.1   In our 2024 updates to our supervisory risk data collection paper we referenced the MONEYVAL fifth Round Mutual Evaluation Report[3] which recommended obtaining more granular risk data pertaining to key areas, such as products or activity risks, transactional activities by customers (including links to certain products or services) and high-risk customer groups.

3.5.2   We are reviewing how we can obtain the data needed from existing data sources, and there is no intention to collect any additional product, service or activity data as part of the 2025 SRDC.

 

[1] Fund statistics move to annual reporting cycle — Jersey Financial Services Commission

[2] Additional supervisory risk data consultation paper No. 9 2023 — Jersey Financial Services Commission

[3] FATF and MONEYVAL (gov.je)