On the 28th of September 2015 the European Securities Markets Authority (ESMA) delivered their final set of technical standards to the European Commission. According to ESMA, these new technical standards will alter the functioning of European financial markets by increasing their transparency, safety and resilience as well as providing enhanced investor protection. The document, over the course of 446 pages, sets out ESMA’s view on the technical standards implied by the MiFID II directive, advice which was sought by the European Commission.
The records-keeping section of the advice is small, at a few pages, and has been one of the sections least marked by controversy, however it will instigate a great deal of change in the way that communication records are held in Europe. So, how will that impact your trading communications in 2016?
Global Head of Compliance at IPC, Robert Powell, looks at the five most significant reasons why you need to be thinking about MiFID II now:
Reason 1: Longer retention periods will be required for some.
In the UK the current rules are driven by the Conduct of Business Sourcebook (COBS §11.8.5), last amended in November 2014 to remove an exemption on mobile telephone recording. These rules currently require only 180 days of call and communications data to be retained. Most regulated UK firms already go beyond this and retain five or seven years of records, for best practice or to comply with Tax Authority rules. A mandatory increase to 5 years to meet MiFID II standards will not necessarily represent a large additional burden for regulated firms.
Reason 2: A wider scope of communications recordings is specified.
MiFID II will require all “communications that are intended to lead to a transaction” to be recorded, rather than the previous, narrower mandate of “client orders and transactions”. This will materially increase the scope of communications that are directed to be retained.
The addition of a Pan-European requirement to archive telephone calls, both mobile and fixed, represents a notable addition to the categories of media retained in those jurisdictions. Currently, only a few countries, including the United Kingdom and Norway, require mobile phones to be recorded.
No longer will a Bank’s policy that directs employees not to use their mobile phones for “client orders and transactions” be effective, or broad enough in scope to be satisfactory under the new regulatory framework. In many European countries, this means that solutions will need to be built to allow for the recording of mobile calls.
Reason 3: Firms must monitor the records they are collecting.
Firms must monitor the records they collect, so that they can ensure compliance with the wider regulatory requirements of 16(7) and Recital 57 of MiFID II. The monitoring is specified as risk-based and proportionate.
Monitoring has been in effect in the United States for many years, and Europe can look to learn from that American experience where they have navigated through the raft of issues associated with employee communications relating to privacy and confidentiality. As we move forward, I expect to see that the aspect of proportionality will be tested and re-tested until firms find the right balance. One thing that is certain is that all of the thousands of firms starting a monitoring program will find something that they will be obliged to deal with. It may not actually be market abuse or criminal activity, but rather the tone of an email, or the non-serious crossing of an information boundary.
Reason 4: Firm’s need to monitor the effectiveness of their trading communication recording process.
Firms must be aware of periods when they do not comply with the record-keeping requirements of MiFID II, and investigate all issues to understand why the records were not retained. Records of the investigation itself should be kept for the same duration as the original record’s retention period.
This is a roundabout way of saying that your records-keeping infrastructure should have built-in features geared around compliance assurance. If you sent 100 messages, then you should take steps to make sure you indeed retained 100 messages. If you made 10 mobile calls, then you must make sure that you retained records of 10 mobile calls. This kind of end-to-end reconciliation will become the new standard in compliance recording and retention. Solutions and practices must therefore adapt in order to provide these tools and reports to Compliance professionals as well as their more traditional Banking IT customers.
Reason 5: Management must have clear oversight of recording processes.
There is a much clearer message that a firm’s management body must have effective oversight and control over all policies and procedures relating to that firm’s recording of telephone conversations and electronic communications.
These combined changes are sure to impact regulated communications as firms continue their compliance journey in 2016.
The European Commission has three months to approve the technical standards, and the rules for MiFID II will be enacted by each member state by the 3rd of January 2017.