Don’t take a break from your MiFID II compliance
With 2016 seen as a key year from a regulatory compliance standpoint due to the timeline of MiFID II / MiFIR, Oriol Pujol (Principal Consultant, GFT) analyses why it is crucial firms don’t take their foot off the gas when it comes to their compliance processes.
MiFID II / MiFIR is the giant that dwarfs its predecessor in complexity and scope; the monster piece of regulation with tentacles reaching out to virtually every other major directive or regulation: The Market Abuse Directive, the Capital Requirements Regulation, and the European Markets Infrastructure Regulation to name a few, with many of them overlapping and raising questions about unintended consequences that are still being discussed.
However, the year has started with pretty much unanimous expectation that the European Commission will shortly enact legislation delaying the entry into force of MiFID II / MiFIR; by how much is still unknown, but there is already talk that one additional year may not be enough.
Initially, the reaction to the first rumours of a possible delay was to assume that it might encourage market participants to “lift the foot off the gas”, but we believe that this is unlikely to be the case as, if anything, the delay underscores the enormity of the challenge that lays ahead for the market as a whole.
It’s uncertain whether any further announcement will be accompanied by changes in the provisions themselves, but this should be of little relevance at this stage. However, what is without questions is that firms will need to reassess their IT strategies and invest in technology infrastructure in order to satisfy a broad range of requirements, and that firms not addressing this now will be forced to do so under much less favourable circumstances.
Mastering Big Data
A crucial component of MiFID II / MiFIR is that the empirical approach it follows for the definition and update of key regulatory attributes (Standard Market Size, LIS thresholds, definition of Liquid versus Illiquid Markets, to name a few) has resulted in a complex and interrelated data circuitry. Trading venues, regulated firms, market participants, national and supranational regulatory bodies will all be required to receive, process, store, access and, in short, make sense of a huge number of complex and extremely large datasets in a timely manner.
MiFID II / MiFIR is definitely pushing the market as a whole into Big Data territory, with the mastering of Big Data disciplines becoming a de-facto requirement for which a number of actors, including regulatory bodies, will struggle to be ready.
Data-intensive regulatory requirements will spread across the front, middle and back office functions, and their effective implementation will require the streamlining of data architecture strategy, regulatory requirements and operational workflows.
For those who do not have a sound data architecture strategy as part of their regulatory programme, there will be the increasing pressure of technology debt. Just as the cost of financial debt compounds over time, so does the cost of technology debt with the addition of each sub-optimal process, a scenario that firms not having a sound data architecture strategy will be walking straight onto.
Regulatory authorities have also become concerned with the risks that firms operating under heavy burdens of technology debt pose to the financial markets as a whole, and have addressed this via BCBS 239.
In January this year, BCBS239 came into force, this is to technology debt what CRD IV is to financial debt; it makes it a regulatory requirement for Global Systematically Important Banks (G-SIBs) to have in place appropriate IT and data architecture policies to ensure, amongst other things, the integration of data taxonomies, the assurance of data accuracy, the minimisation of manual processes, and in short, the overall accuracy, consistency and reliability of data flows. Domestic Systemically Important Banks (D-SIBs) are next in line.
In addition, and by way of short introduction to the next topic, it points to senior management as being ultimately responsible for ensuring that all regulatory requirements are met.
Compliance from above and finding a solution
‘Compliance from the top’ is a prevalent theme across all major jurisdictions, requiring special attention especially in the UK, where the Senior Managers Regime enters into force in March 2016. This drive for accountability is designed to ensure that senior management, all the way up to board level, will become an integral part of the compliance function.
This will require the development of a set of tools to allow senior management to demonstrate their compliance with a much more stringent set of requirements, as well as provide them with the required insight to ensure they are making the right decisions.
Regulatory dashboards will become key tools in providing them with real-time information, ranging from the effective enforcement of current regulations to the status of remediation programmes or regulatory compliance initiatives, whether as a whole or at the level of specific provisions.
Regulatory compliance will therefore remain a top priority not just in 2016, but also through to 2017 and beyond. Given the sheer size and complexity of requirements that firms will have to fulfil, this is certainly not the time to take a break!