MiFID II: New Compliance Tech Needed For Finserv In EU And US. Even Post Brexit

Share with your network!

Financial services firms in the European Union (EU) have followed a common regulatory framework, Markets in Financial Instruments Directive (MiFID), since 2007. However, in response to the financial meltdown and recognized gaps in the legislation, those rules were recently revised to strengthen the markets and better protect the investor. These updates take place in January 2018 and are collectively referred to as MiFID II.

To learn more about the rules and how they will impact financial services firms, I spoke with UK-based Robert Powell, Director of Compliance, IPC Solutions Inc. Powell has worked in and around the financial markets for nearly 30 years. Initially at banks and financial institutions, in the last ten years, he’s focused on the records retention space. Below is an edited conversation we had over video and email.

Belbey: For those who are unfamiliar with MiFID II and its impact on financial services both in the EU and here in the US, please provide us with an overview.

Powell: In a way, MiFID II is similar to the aims of the Dodd-Frank Act in the US. The goal is to enable better transparency and the support and promotion of a safer, sounder, more transparent and more responsible financial market with better access to all classes of investors. However, it differs from Dodd-Frank in two areas. First, the rules are intended to remove some of the discretion that individual member states’ regulators previously had over their market. Whereas previously member states could opt in, or out, of certain parts of the rules, MiFID II removes that flexibility. Secondly, it has been agreed that the stability of the financial markets is more important than the privacy of the individual. This is significant because of some of the changes to the rules that are coming soon, in January 2018.

Belbey: Tell us about the major provisions pertaining to electronic communications, such as rules around Record keeping, Investor Protection, Supervision, Trade Reconstruction, Retention and Storage?

Powell: MiFID II harmonizes the rules for all of these rules and regulations across the 28 member states of the European Union . The idea is that investors receive the same level of protection regardless of which member state they choose to invest in. This is important because with the single currency, it’s just as possible for a Spanish investor to invest in a French fund as in a Spanish fund. Record keeping and surveillance will now be almost the same as the current requirements in the United States. Data must be retained for five years and firms must conduct surveillance on their employees’ communications. Any communication “intended to lead to a transaction” must be stored so that transactions and behavior can be analysed by the firm or the regulator in the future.

Belbey: We know that regulators tend to be neutral about the channel of communications and that “content is determinative”. Could you talk about how firms will need to supervise their employees’ communications across multiple platforms? Are there any specific challenges firm face when supervising social media or voice?

Powell: This is an interesting area. Previously, many countries in the European Union had not been conducting surveillance on financial markets communications. This was mainly due to the privacy rules that prevented compliance teams from looking at the messages of their employees. The new rules require a risk-based approach that is determined according to the size, scale and scope of the business. Communications should be periodically examined to allow the firm to be certain that their employees are compliant with the financial markets’ rules and the firm’s internal rules. Social media is not used in the European financial markets as much as it is in the United States, however, many expect it to increase over time, so that will need to be supervised as well. The surveillance of voice calls from desk phones or mobiles represents a particular challenge that is probably only solved with technology. Where written communications can be searched for words, phrases and intent quite easily, doing the same for voice calls requires specialist software and understanding of how conversation is different than text along with good quality calls to work on. The ability to capture, archive and analyze various types of communications media via an integrated information governance solution, will be a strategic advantage for financial service firms seeking to deal with regulatory requirements efficiently.

Belbey: In other words, firms will need robust supervisory technology to make sure they are compliant with MiFID II. In light of this, how are firms preparing? What should they be doing? Will there be enough time to meet the January 2018 deadline?

Powell: MiFID II was originally due to be implemented in January of 2017. That has now been delayed to January 2018 to allow firms more time to comply with the changes to transparency, trade reporting and other changes. As with any deadline, when it was extended there was a collective sigh of relief that was quickly followed by the realization that the extra year may still not be enough time to put in place all of the requirements. There will likely be a settling in period where regulators are more relaxed about the strict implementation, provided that firms are well on the way to being compliant. That said, the trade reporting, transparency and best execution rules will not receive that leeway.

Belbey: How has Brexit impacted the preparations for MiFID II?

Powell:  This is probably the question that I’m asked most nowadays. The UK regulator, the Financial Conduct Authority (FCA), issued a press release on the day after the result was announced. They have made it very clear that there is no “bonfire of legislation” for UK participants of the financial markets. Firms will be expected to comply with the current rules and continue to prepare for the new rules of MiFID II. The MiFID II rules will come into effect at least a year before the UK leaves the European Union. The UK has been a willing and prominent participant of the creation of the new rules along with their colleagues from regulators in all of other EU member states. One of the main aims of the original MiFID was to allow firms in each member state “passport” rights to sell their financial markets products in other member states. This has been a hot topic of the Brexit discussion in Europe as many in Europe see it as being linked to the principal of the “Free movement of people”. It’s hard to believe that the European Union or the UK want to loosen market access, but the negotiations have not even started yet.

Belbey: Are US firms impacted?

Powell: Any US firm that operates an office in the EU will be affected by these changes. From the simplest change, and understanding how they apply, to the most complex in transaction reporting or in how they pay for research. Regulators such as the Financial Conduct Authority (FCA) have been diligent in publishing consultation papers and fueling discussions with firms so there is a lot of information on what firms need to do to be compliant. Industry associations are also playing a significant role in helping to prepare these businesses for potential changes. Fortunately, many US firms are already compliant with some aspects of the rules because of the regulations of the Securities and Exchange Commission, and other regulators in the US.

Contributor’s note: From all accounts, firms need to begin to design processes and deploy technology they will need to meet the new MiFID II requirements now. An excellent start is to read the Financial Conduct Authority (FCA) MiFID II Consultation Papers here:

Note: This article previously appeared on Forbes.