January 2018 welcomes a new regulatory regime that will change the landscape of the financial services industry. The Markets in Financial Instruments Directive II (Mifid II), which comes into force on 3 January, is set to have a profound impact on investor protection, transparency, and data recording, among many other areas. With less than six months until its implementation date, the clock is ticking for financial firms to be prepared.
Recent research from Rsrchxchange reveals that 54 percent of asset managers believe they still have not received enough information from their relevant regulator, despite Mifid II being several years in the making. With the threat of being unable to trade and significant penalties hanging over them, the pressure is on fund managers to implement compliance measures ahead of the January deadline.
Understand and meet deadlines
There are two deadlines firms must meet prior to implementation of the new rules in January: authorisations and passporting. The deadline for firms to apply to the FCA for authorisations and variations was 3 July 2017, so fund managers who have not yet made these applications should contact their regulator as a matter of urgency. However, while the FCA is still accepting applications, there is no guarantee that applications made after the due date will be processed in time for the January deadline.
In addition, any firms planning to undertake Mifid II-regulated business in another European country have until 2 December 2017 to apply for a passport that provides the necessary authorisation. As with the previous deadline, firms that miss the deadline risk not having a passport in place in time for Mifid II’s implementation, which will leave them unable to trade with their counterparties in the European market.
Undertake assessment procedures
Under Mifid II, fund managers must assess their current business activities and systems, identify any potential areas that risk non-compliance and devise and adopt appropriate policies to ensure that their systems and procedure are aligned with the new requirements. Due to Mifid II’s complexity and the short time frame until the regulation goes live, fund managers who don’t have the resources in-house should seek to use an external consultant to ensure the regulation is correctly interpreted and that they are fully compliant with their new obligations.
At this stage, fund managers would be well advised to ensure that data security is at the heart of any policy changes, as the General Data Protection Regulation (GDPR) follows closely behind Mifid II – coming into effect in May 2018 – and carries substantial penalties for non-compliance.
Devise implementation strategies
Expert regulatory consultants will help to devise and implement appropriate procedures that will ensure compliance with Mifid D II requirements. A comprehensive Mifid II implementation plan should include policies on transaction reporting, record keeping, investor protection, transparency and trading controls. For many firms, simply upgrading their computer systems will be a minimum step toward compliance. Incorporating improved data storage and reporting systems will leverage this investment to also provide valuable insights into patterns and trends, enabling financial firms to optimise their business and drive efficiencies.
Provide communication and training to staff
Prior to the implementation date, management teams should ensure any new policies and systems are properly communicated and that all staff receive comprehensive training in any new business practices, protocols and internal procedures. Failure to properly brief both front and back office staff may result in staff not understanding what is expected of them under the new regulation.
Introduce contingency measures
The FCA has warned that companies who continue to trade without appropriate authorisation after failing to apply for waivers in time will face civil, regulatory or even criminal penalties. Fund managers should also be proactive by continuously reviewing organisational practices, have a contingency plan in place in case they fail to meet the deadline and make sure the regulator is notified in a timely matter of any compliance issues.
Matt Smith is the CEO of compliance tech and data analytics firm SteelEye