Driving evolution in compliance and impacting future reforms
Risk & Compliance Magazine talks with Gary Stone, Bloomberg's Market Structure and Regulatory Policy Strategist, Janos Renz Hotz, Bloomberg's Global Head of Product - BTCA and Rachael Hutchins, Bloomberg's Product Manager, Regulatory Reporting.
Stone: To some extent, the revised Markets in Financial Instruments Directive (MiFID II) can be viewed as seeking to determine where transparency may impact liquidity. The regulation provides a framework for incremental assessments of how greater transparency impacts liquidity, with the objective to strike a good balance between both. Immediate impacts of MiFID II include regulators receiving a considerable amount of non-public transaction information from approved reporting mechanisms (ARMs). This enables regulators to gain a greater appreciation of what is happening in the market, who is making decisions and potentially why certain decisions are made.
Over the next four years, regulators will provide annual recalibrations with the objective to increase the transparency of the marketplace, not only with pre-trade quotes, but also with post-trade data. Based on this, industry and regulators will hopefully be able to work together to establish where the inflection point is.
Hutchins: MiFID II is particularly important for the fixed income and derivatives market. MiFID I, while it covered broadly the same asset classes, mostly focused on equities. Under MiFID II, transaction reporting has been expanded, particularly for fixed income and derivatives. It really is a watershed moment.
Stone: I am unsure whether I would characterise the European Union (EU) as being the most heavily-regulated. Generally, MiFID II can be seen as doing three things. First, as an extension of MiFID I, it seeks to address certain perceived conflicts of interest by applying principles of disclosure and transparency to all asset classes, not just equities.
Second, it also seeks to further harmonise capital markets into a union. Finally, MiFID II, together with other regulations such as EMIR, implements the G20 response to the financial crisis.
Hutchins: When it comes to further reforms on the horizon, the EU is also finalising the Securities Financing Transactions Regulation (SFTR), which will apply to instruments that are not covered by MiFID II. However, it is important to remember that all these EU regulations will be regularly reviewed to ensure they keep pace with advancements in the industry – such as cryptocurrencies and business models such as shadow banking – or minimise the impact of the latest forms of market manipulation. This is the new reality.
While it would make Europe one of the most regulated jurisdictions, it applies proportionately to the nature and complexity of the activities being undertaken. It is difficult to compare one regulatory environment to another. The issue is that regulation needs to be comprehensive and proportionate to activities that are being undertaken. This is what the EU is attempting to do with MiFID II.
Hutchins: There is an absolute need to ensure consistency across different reporting channels. A good example of something that can go wrong is execution time. Different systems capture time stamps in different places. Firms need to ensure that execution time stamps in trade reports are the same time stamps that are in transaction reports.
What we are seeing, particularly with big firms, are standalone projects where one department is working on transparency while another is working on transaction reporting.
Firms need to look at data and verifying compliance across the obligations. Several months into MiFID II, that is what we are seeing in the industry, as everyone is trying to verify information in their reports in order to ensure it is consistent with expectations. There is also the issue that OMS were not necessarily built to capture the firm’s legal entity structure. This is what is needed to correct transaction reports.
Different legal transactions need to be considered, such as internal trades and back-to-back trades. If not, you may have an OMS that may well be capturing the transaction and the interaction with a trading venue or broker, but not capturing the internal legal flow and its associated complexity. It is very difficult to overlay the two and make sure reports are correct.
Renz Hotz: In order to build the right tools to be able to address the compliance and regulatory pressures of MiFID II, you need to start with the data. The regulation has made the industry think about data in a completely different way. Preserving the integrity of data throughout the workflow of firms is easily the most challenging aspect of MiFID II. Data means infrastructure. It means systems. It means finding ways to retain and eventually store information in a form that cannot be tampered with.
Stone: MiFID II is a journey and, fortunately, regulators are placing the emphasis on getting it right. Regulators have provided a certain amount of forbearance and also staggered compliance obligations throughout 2018 and, in some cases, into 2019. When you look at the systematic internaliser (SI) regime for example, regulators wanted to ensure they had enough good data before requiring brokers to calculate whether they have hit a threshold and need to declare they are systematic internalisers.
The regulators also decided on a six-month phase-in for the ‘No Trade No LEI’ requirement. This prevented non-EU clients from waking up on the 3 January without access to liquidity because they did not have an LEI.
Stone: Many firms are looking at data flows and technology solutions that integrate into their existing infrastructure, enabling them to lower operational costs and mitigate risk. A regulatory reporting hub, for example, might assist with data integrity by ensuring that the same data flows seamlessly through the post-trade workflow.
Hutchins: Firms are analysing their data and making sure the right data points are being reported to regulators. Ongoing compliance monitoring is a constant challenge. Post-MiFID implementation, monitoring compliance with MiFID obligations must become a business as usual (BAU) process. Firms will take a risk-based approach and prioritise their compliance resources and activities where the risks are greatest.
Obviously, regulatory reporting, especially transaction reporting, is high on everyone’s agenda. To monitor effectively, firms must understand how their reports should be populated and confirm reports are consistent with that expectation. Where there are issues, firms need to have an action plan to address the root cause. It should be a regular process of review; a constant review of what is going on and what is being reported. So, it never ends.
Renz Hotz: The role of the compliance officer (CO) is changing to a quantitative job which consists of reviewing sets of data points, creating metrics around them and reporting results. This leads to a change in business practices. Traditionally, COs have had a supervisory role while the trading desk has been ascertaining best practice based on the guidance of a compliance test. However, this has changed.
Firms are now looking to fuse part of the compliance function into the trading desk – to handle what fell out of scope from tolerances that were set between the trading desk and the CO. And this requires a completely new kind of CO: one that not only understands but is able to articulate trading workflows as well as metrics, and is able to encapsulate metrics around that and then report on those.
Stone: MiFID II can be thought of as a series of integrated workflows. In our experience, many firms initially sought to address MiFID II as a series of discrete tactical solutions – as many as 13 discrete obligations. Some are finding that the challenge with that approach is data consistency, especially post-trade. Having an integrated approach, with the same solutions provider for trade and transaction reporting and immutable storage, may preserve integrity.
Hutchins: Investing in data, systems and workflow is the most important thing. It is never too late to make changes. Although it has been eight months since MiFID II came into force, that does not mean changes cannot be made. It comes back to what monitoring has been done and what issues have arisen. What is the root cause of inaccurate reporting and how will it be fixed? When data or systems are lacking, this has significant implications for the quality and accuracy of reporting. Our feeling is that regulators would welcome firms looking again and making changes if required – essentially, a re-engineering of the MiFID II process to ensure it is right.
We recently heard from the Financial Conduct Authority (FCA) that it expected, after a period of six months since MiFID implementation, that reporting should be accurate. It advised firms to notify the FCA if any systemic issues arise. It is important to keep regulators informed of issues and what is being done to fix them. Similar to any regular compliance monitoring or risk function, MiFID obligations require regular review and, where issues are identified, a plan implemented to correct them; but it has to be done constantly.
Renz Hotz: Regulators will continue to invite firms to improve processes and review what has been implemented. There has to be built-in elasticity. In order to make the review and ultimately the output of said processes more meaningful, a quantitative approach is paramount. Otherwise, you run the risk of being flooded by an insurmountable volume of data.
Another challenge firms are facing is creating an integrated set of processes and outputs, with data originating from disparate workflows and systems.
The natural conclusion is that to capture the data around all trading workflows, a sustainable and evolving data model and architecture needs to be deployed. Vertically integrated OMS and execution management systems (EMS) deployments have helped, but for more complex workflows, centralised data warehouses might be necessary.
Hutchins: Invariably, improvements will need to be made as MiFID II is a complex regulation. MiFID II obligations apply in accordance with the activities undertaken by the firm, so how the firm implements the regulation requires a review of the firm’s activities; over time, they will find ways to do it better.
In practice, 100 percent of all obligations will not be monitored, and firms will instead take a risk-based approach in terms of what they focus on, and the time and resources they allocate.
No doubt there will be a strong focus on areas that are deemed high risk, such as transaction reporting. In addition, the more complex an organisation, the more complex ensuring and evidencing compliance will be. This is where time is being spent and firms are still uncovering issues. To counter this, firms need to invest in good technology and be clear on workflows and legal structures.
Renz Hotz: If you are not where you need to be right now on MiFID II compliance, it is probably because of upstream data issues. Consistent data integrity is probably one of the hardest things to achieve, but it provides both immediate and long-term benefits.
Upstream data issues mean downstream processes, such as RTS 27 and 28 reports, as well as the review of order execution arrangements and policy, which are likely to be affected. The way to get up to speed is to invest in data infrastructure and find a trusted partner to manage your downstream complexities.
Stone: Compliance is beginning to move from the collection of data, to using the data that was collected for compliance purposes, to reduce operational risk and costs. One of the ways data is being used is in feedback loops – and not just internally.
What does the data tell us about how we operate? How can things be done better and organisational processes improved? To what extent can we reduce operational risk from the new data that we have collected? To answer these questions, firms have started to look at execution metrics and evaluate their processes and technology. Some are using the data as part of a feedback tool and are making adjustments amid a fluid market structure.
