A year on from the General Data Protection Regulation (GDPR) implementation, and eighteen months after the second Markets in Financial Instruments Directive (MiFID II) was put into place, how has the industry fared with such an intense level of change?
What still needs to be done and how can the changes that still need to be made be carried out efficiently without hindrance or at a significant cost? What lessons have been learned from such
consequential regulations?
As Alex Foster, head of insurance and strategy at BT Global Banking and Financial Markets, explains: “Last year we saw a tsunami of new regulations coming into force, and the biggest challenge for industry participants has been maintaining their ability to oversee and manage all of the moving pieces.”
The year 2017 was a time fraught with urgency to meet the 3 January deadline of MiFID II implementation. MiFID II regulates firms that provide any services to clients linked to financial instruments and venues where these instruments are traded.
Firms prepared for its implementation through 2017 and adapted their business models throughout 2018—but what has been achieved so far in 2019?
Yann Bloch, senior pre-sales and product expert at NeoXam, emphasises that MiFID II is still causing “some serious headaches”.
He says: “While the majority have gotten the correct reporting processes in place, too few have done enough to address the quality of the underlying data. As a result, the reports produced simply won’t be of the quality that the regulators require.”
However, Sean Tuffy, head of market and regulatory intelligence at Citi custody and fund services, says: “The increased transparency [of MiFID II] has aided price discovery and revealed that the EU exchange-traded funds (ETFs) market is more liquid than previously thought. This has led to increased investor appetite for EU ETFs.”
Though Daniel Carpenter, head of regulation at Meritsoft, says it’s not all plain sailing when it comes to billing, in particular.
“In a post-MiFID II world, where transparency into pricing is paramount, there is a fundamental problem when it comes to billing. While the costs to execute transactions have been declining, they can only be fully reconciled versus the broker rate once the bill comes in upon completion of a trade.”
He adds: “This is hard enough when every bill comes in monthly without having being validated on a daily basis. But the issue is that some houses could be invoicing only quarterly, creating a
remediation nightmare.”
GDPR
Hot on the heels of MiFID II was GDPR, which replaced the EU Data Protection Directive, originally established in 1995. The new rules, which kicked in on 25 May 2018, cover how organisations process personal data and extend to the activities of non-EU organisations that offer goods or services to people located
in the EU.
Carsten Kunkel, head of regulatory centre of excellence at SimCorp, indicates: “European firms who have prepared themselves for GDPR in Europe are, in our view, well prepared for any other data privacy regulation that they might face in other markets.”
Alex Scheinman, director of privacy, cybersecurity and risk at ACA Compli, says: “As we reach the one year anniversary since GDPR went into effect, there are still firms in Europe that are only now beginning to implement the procedures and functionality to their systems. When in fact, at this stage, they should be maintaining and revisiting these processes.”
But Foster cites the opportunities regulation has given market participants. She indicates: “Both MiFID and GDPR have acted as a positive push for firms to take a critical view at their underlying processes and systems and to assess where
inefficiencies exist.”
Taking a gap year? Not quite...
As 2017 and 2018 were spent concentrating on MiFID II and GDPR, there was also the referendum result of Brexit to consider.
After May 2018, when the GDPR deadline hit, it would seem the two major deadlines had passed. But that certainly didn’t mean 2019 would be a year of respite or pause.
As Tuffy indicates: “The slowdown in regulatory implementation gives the buy-side industry a chance to take a holistic look at all the recent regulatory changes and see if there is scope to redesign some processes to do things more efficiently.”
Scott Chace, CEO, co-founder and managing partner of CF Global Trading, highlights that overnight, MiFID II changed how asset managers pay for and consume research.
“More recently, funds are looking more closely at what it costs to maintain an internal trading desk and demonstrate compliance around best execution and trade monitoring to both end investors and regulators.”
AIFMD
The Alternative Investment Fund Managers Directive (AIFMD) was broadly transposed into national law across the EU in July 2013, and since then asset managers have steadily adjusted to life under the new regulatory regime.
As Tuffy stipulates: “AIFMD has established a harmonised regulatory regime for alternative funds in Europe and has brought greater supervision to the hedge fund sector, both of which were key goals of the directive. That said, there are certainly areas where it could be improved–such as the cross-border passport, which has not been as successful as hoped.”
He adds: “The EU Commission review of AIFMD is already underway and will likely lead to a formal AIFMD II consolation later this Autumn.”
Paul Ellis, global head of regulatory product development at HSBC Securities Services, highlights: “I think it’s fair to say the industry view of AIFMD is still mixed”.
“Some firms still believe the regulation is excessive for sophisticated institutional investors and some are not supportive of their funds being classified as alternative investments because they are
not UCITS.”
CSDR
The Central Securities Depository Regulation (CSDR) is a European Parliament regulation entered into force in September 2014 to regulate central security depositories activities of EU
member countries.
The new regulations imposed by CSDR carry implications for the wider securities industry in Europe and will mandate changes in a number of the steps in the process lifecycle.
Carpenter surmises: “When it comes to challenging regulations facing clients, look no further than CSDR. This most convoluted of regulations will require European security depositories to impose financial fines on all institutions failing to complete transactions on the contractual settlement date on all European securities or through the European infrastructure.”
Carpenter recommends: “All participants need to try and figure out a way to manage these new processes and share information around penalties and buy-ins sooner rather than later.”
Ellis cites: “MiFID II reaffirmed the need for our rigorous process to run regulatory driven product development in a manner that recognises the iterative release of regulatory requirements. The implementation next year of CSDR’s mandatory buy-in rules will similarly require such an approach as the industry similarly grapples with uncertainty.”
Looking forward
Kunkel advises: “Keeping firms in continuous compliance requires the right mindset and the right partner that enables the firm to focus on their core business. With a raft of regulatory changes taking effect in 2018 and 2019, operational transparency forms the antidote needed to counteract this continually complex investment management landscape.”
Ellis indicates: “The forward pipeline of regulation is likely to be more evenly weighted to updates of post-financial crisis regulation, with a dual objective to respond to changes in the industry, for example, digital technology, and to remove unnecessary obligations that do not in practice further the policy objective.”
“Securities services firms are seizing the opportunity to bring such cutting edge technology into their product suite, in turn easing the regulatory reporting challenge for clients.”
Foster voices: “Artificial intelligence and programmable automation are two of the most exciting areas and will likely lead firms to evolve their risk assessment models and compliance processes.”
She adds: “Having an agile technology foundation enables firms to easily comply with regulatory requirements as they evolve without having to actively respond to every change.”
