Uncertainty on MiFID II and other financial regulatory compliance issues
continue
For MiFID II implementation there remains an enormous
amount of work left to be done because it primarily affects all stakeholders.
At the 10th annual European GRC Summit, we will provide an update to the
proprietary trading community on MiFID II and other financial regulatory
compliance mandates.
After the implementation deferral in
about a year The European financial watchdog, ESMA, is expected to release
final technical standards. One of the big concerns for all financial institutions
is the uncertainty regarding firms dealing with the legislation in such
a significant compliance package as MiFID.
The concern most financial services companies have is that regulatory
compliance is a greater burden than it needs to be. The worry is not just
about getting ready to comply with new rules and regulations that all
financial companies are subjected to. The current predominant approach
is the simple processing of documentation that satisfies the national
regulator and oversight authorities. It is a cumbersome affair due to
the fragmented and unstructured approach to compliance and all applicable
rules.
Those institutions that started on the 'automation' journey were set aback
with the deferral, and later in the year will not have a huge amount of
time to get the work done by year end 2016. Here are some of the real
compliance issues that most companies have to deal with during the current
impasse to achieve some structured framework approach to complying;
- For all financial services institutions, risk management is paramount.
Lack of structured and documented risk management will keep regulators
unaware of the business mechanics and disclosures. Therefore, companies
must clarify what will be explicit or implicit regarding what needs
to be prepared to comply with the risk management components.
- If the regulatory risks ultimately result in a "tick box and documentation
exercise" - it is going to be an expensive one.
- There has to be some effort in the technical standards to build
in a degree of proportionality. The listed derivatives industry in
Europe is populated by some smaller firms. However, the regulators
still do not question whether the requirements are more suited to
the banking sector in general, or investment companies with many clients.
Outsourcing some of the regulatory issues can be an option to look
into.
- In spite of the efforts, technical standards and the degree of proportionality,
some of the regulatory compliance obligations are binary in nature,
that everyone will have to comply with.
- There must be a built-in measure of "future-proofing" the current
regulation because prescriptive rules such as those related to technology
development become obsolete. Forward integration is a preferred option.
- Everybody in the business is somehow caught in the compliance net
and will profoundly change the counterparty relationship with third
parties. The complication is that some vendors are unregulated, and
can modify the way the industry works together.
Those companies that are newly regulated under the MiFID II regulation
cannot take the recent implementation delay for granted. First, you are
required to be authorized if you are not already covered by MiFID, and
are a direct participant of a venue, or a market maker, or have direct
electronic access.
To have an effective compliance program, an organization must establish
and maintain an organizational culture that "encourages ethical conduct
and a commitment to compliance with the law. Therefore, structure the
MiFID and other implementation by ensuring that senior management with
can exercise effective oversight with direct reporting authority to the
governing body or appropriate subgroup has provided that written policies
and procedures, training and education and effective lines of communication
are established, followed by GRC standards, disciplinary guidelines, internal
compliance monitoring and the right response to detected offenses with
corrective action plans, including assessment and modification of the
compliance and ethics program, with periodic Risk Assessments.
More on the above and related subjects at the Financial Services workshop
at the 10th annual European GRC Summit. www.grcassembly.com