Blog article

See all stories »

Channels

Group

Unified Communications in Financial Services

External | what does this mean?

This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.

How banks can avoid falling foul of MiFID II reporting requirements

The red light is ‘blinking’ – but are you sure you’re recording?

Investment banks know they need to record their trades or face the wrath of the regulator. However, too often it is taken for granted with everyone assuming the recording is happening … until the regulator asks for it and they can’t find it. In this blog I’ll examine why it is essential that banks integrate recorder checks into their test plans.

First up, let’s look at the motivating factors, the drivers, behind call recording on the trading floor. It emphatically is not simply a “nice-to-have” – it is fundamental to banks’ compliance.

In a great overview of ‘everything you need to know about MiFID II’, A-Team Insight explains the communications recording requirements thus:

“MiFID II includes provisions governing the recording of trading-related electronic and voice communications… In line with other requirements of the regulation, recording applies across all asset classes. Recording from mobile devices includes voice, text messaging and any phone- or tablet-based instant or other messaging application used in trading-related conversations, such as chat, email, Bloomberg Messaging, WhatsApp or Skype. Regulators require firms to store and archive records so that they can be easily accessed in response to regulatory enquiries to reconstruct trading communications. Records must be kept for five years or up to seven years if requested by a competent authority. MiFID II also specifies a timestamp granularity for voice-based trading of one second, with a maximum divergence from the benchmark Coordinated Universal Time (UTC) of one second.”

In practice, this requirement for comprehensive and evidence-proof recording and archiving of all communications relating to a trade means that every bank must record all calls which will/may result in transactions, notify the customer that the conversation is being recorded, store all these recordings, and then be able to quickly retrieve upon request from the regulator all communications leading up to a specific transaction or in a given time period.

So, we know this is compulsory, so we’d expect every bank to have all their tools, systems and processesin place, right? Wrong.

In the UK alone, the FCA found that more than 1,000 investment firms were falling short of transaction reporting requirements under MiFID II in 2018; with the true figure being possibly "many thousands more" as regulators become ever more vigilant. The rather uncomfortable truth is that this 1,000+ figure only counted firms that "noticed they were in breach" of the new rules while "many thousands more firms are likely submitting inaccurate reports, but are not catching them and informing the regulator".

And what happens if the eagle-eyed regulator uncovers a reporting failure? Well, as Goldman Sachs found out earlier this year, it can be very expensive. Fined over £34,000,000 by the FCA, their lack of "accurate and timely reporting" related to some 220 million transactions over a decade.

It’s not enough THINK you are recording all the comms around transactions, you need to be CERTAIN your recording is functioning properly. As the title of this blog suggests – just because the proverbial ‘red light’ is flashing on the call recording system, it does not automatically follow that the system itself is recording properly.

What’s more, with the requirement for a timestamp granularity for voice-based trading of one second, banks must be able to proactively identify if it is about to fail so you can fix it before business-critical voice trading has to be halted.

To ensure compliance, testing must be done daily and cover every Turret on the trading floor. Periodic sampling can no longer be seen as a ‘every reasonable effort’ by the regulator, and leaves the bank exposed to significant compliance risk.

This daily testing of live systems would be a time-consuming and costly operation – were it not for automation.

Augmenting and enhancing the testing of these high-leverage systems can dramatically mitigate risk and reduce the cost while increasing the coverage of testing. Automated and proactive testing every night mean that issues are identified before they impact a trader and the bank’s senior management are kept fully informed together with the steps that are being taken to quickly correct the issues.

This isn’t only about giving the bank peace of mind from knowing it has the data to quantify the outages to the regulators and mitigating greatly the risk of potential fines for non-compliance, having to suspend trading because a call recording system has gone offline will cost a bank millions.

So, don’t just trust that blinking red light – that will be no defence when confronted by an angry regulator, and even more angry shareholders and clients.

6764