Complying with new regulation is a challenge in its own right, that may require firms to have to rethink the way in which they conduct their business processes to meet these new expectations. However, far harder still is the need to prepare for a regulation that hasn’t yet been fully defined and, at the time of writing, this is the position which firms find themselves in as regards MiFID2.

The headline items, which certainly score highly on the “scary spectrum”, are the new rules around research, transaction reporting and management fees. However, whilst these items have, not surprisingly grabbed people’s attention, it is extremely important not to overlook some of the topics that, superficially at least, sit slightly lower down on the scale. A key area here is product governance which, whilst it seems relatively simple at first glance, actually has some much more complicated elements that will be far from a formality to address.

Added to this, as mentioned earlier, there are still a lot of “Rumsfelds” to consider – the known unknowns which firms will need to think about, whilst planning for the various scenarios that may make up the final position. There are quite a few clues around how this landscape may look, following on from the basic MiFID2 level 1 documentation and subsequent level 2 guidance provided by the EU Commission, but this is far from the full picture. Indeed, ESMA is still expected to provide some additional clarity as we move into the fourth quarter of 2016. However, whether this will be a consultation or Q&A exercise is unclear, as is the ultimate level of information that will be provided. What does seem certain is that, whatever happens, financial services firms will need to have their solutions in place by January 2018 as a further delay to the deadline is exceptionally unlikely.

As if this situation wasn’t complicated enough, we also need to consider that different EU member nations may choose to interpret the requirements of the Directive in different ways, as they integrate them into their national laws. We know that some countries see this sort of change as an opportunity to “gold plate” a regulatory Directive, and introduce additional requirements of their own at the same time. Other nations may choose to apply these new rulings to UCITS and AIFM products, whilst others will not on the assumption that they are already governed by their own existing regulations. How this could work in reality for cross border transactions is really quite “exciting”!

However, what we do know is that, in little more than twelve months time, firms will be expected to be able to demonstrate clear product approval processes, defined target markets, a segregation between ‘complex’ and ‘non-complex’ products, and a full understanding of where their products have been sold – amongst many other things. How this should be achieved, what level of reporting must be available, and when this information will need to be provided back to regulators is, again, still unclear. Direct requests to regulators for an explicit approach to this will not prove to be particularly fruitful, and so it has been necessary for several market groups to form, with a view to producing a critical mass of firms who are adopting the same practices.

In reality, this is not particularly different from the challenges seen when previous new regulatory requirements have been rolled out into the market. Historically, the safest approach, aside from the safety in numbers gained from being in a market group, is to adopt a policy of ensuring that you are responding to the spirit of the regulation, and creating a business model that allows you to adapt to the various scenarios that may eventually be put in place. In the case of product governance, what this really means is being able to tick the following checklist:

1) Do we have clear product processes in place for the creation of new products?

2) Do we retain a record of why particular decisions were made when creating products?

3) Do we have a clear record of why we thought each product was suitable for a client type?

4) Do we have a clear communication flow with our sales and distribution teams/partners?

5) Do we understand what is being sold, where, by whom, and to whom?

6) Above all, can we easily obtain proof of all of the above if, and when, asked to do so?

A key part of meeting these requirements, then, is having a good system in place which will ensure that the appropriate data is gathered and stored throughout your product management process on an ongoing basis. With this sort of solution in place you should be confident that, whatever the regulators may come looking for, you will have comprehensive records ready and waiting for their review. In the absence of any clearer pronouncements, and given the likelihood that there will be differences between the requirements of different nations anyway, this is the “insurance policy” that every professional institution should be investing in.