100 days to MiFID II : Are You Ready to Record?

This week marks 100 days until Europe’s banks, brokers, asset managers and the wider financial advisory community have to implement the much-vaunted MiFID II directive.

The current MiFID regulations date back to 2004, but are being revised to improve the functioning of financial markets following the financial crisis of a decade ago, while further strengthening investor protection.

MiFID II brings a whole plethora of changes to bear for financial firms, which will force investment services providers to significantly change their organisational and compliance policies and procedures.

At the heart of the recent coverage surrounding the implementation of MiFID II in January 2018 has been the extent to which asset managers make clear to investors how much they are being charged for research, whether they absorb the cost of research, such as analyst notes and calls with experts, or pass this expense on to investors.

But the scope of MiFID II is much greater and a large number of organisations remain ill-prepared for the changes just 100 days away.

That MiFID II requires firms to record a wide range of telephone and electronic communications with clients, and to archive and supervise them in a timely manner upon request from the regulator, will come as a surprise to many.

What will come as an even greater shock to many is that personal computers, phones and tablets used in day-to- day working, also fall under the auspices of the new regulations.

Depending on the business and the country, some firms will need to make more significant changes than others. But even in the most heavily regulated countries, the MiFID II requirements on recording of order-related communications and associated record-keeping, bring the need for new policies and procedures.

The recordkeeping requirement of MiFID II applies to all telephone calls and electronic communications (as well as face-to- face communications) which do, or are intended to, result in a trade. The purpose of the requirement is to foster market integrity, enhance security and encourage employees to act in an ethical manner that works in favour of their customers and their firm.

Firms must retain records, including recordings of phone conversations on fixed line or mobile devices, and all electronic communications, including email, social media, instant messaging, text/ SMS messaging and so on. The recording requirement applies to internal communications as well as external ones, and to a firm’s own account dealing as well as its client-related activities.

Because of the wide-ranging nature of the legislation – covering all businesses which provide services to clients linked to ‘financial instruments’ – the recording requirement will apply, for example, to investment banks, private banks, asset managers, custodial services providers, retail banks, broker-dealers, financial advisers and market infrastructure providers are all affected.

Some of these requirements will be familiar to some firms, either because their national EU regulator already has similar rules in place, or because their firms have implemented the requirement by way of best practice. To other firms, the requirements will be completely new and they will be cutting it fine if they have not thought about the record-keeping requirements with just 100 days to go until implementation. That said, there is time to get one’s house in MiFID II order and the four-step check point plan below can act as a basic guide for those unsure of where to go next:

• Firstly, check whether your business falls under the regulations – you can usually find out by visiting the website of your local financial regulator (e.g. the Financial Conduct Authority in the UK).
• Secondly, conduct an audit of your wider communications – think about how you and your employees use their business and personal devices in their work. It’s not just their desk phone that may need to have recording capability, if you use an internal networking platform like Yammer or Slack, messages hosted there are also likely to fall under the recording requirements
• Speak to your staff – be open about the regulations, what additional processes might be in place because of recording requirements, and why you as a business are making the changes
• Seek support when and where you need it – it may be that you don’t have the internal capability to implement the changes needed to ensure your business is compliant, but there are a lot of options for external support. Businesses like Smarsh, who recently acquired Cognia, a worldwide leader in cloud-based voice archiving, audio search and analytics, are able to offer their global customer base enhanced capabilities around mobile and fixed-line voice communication within an Archiving Platform.

100 days might sound quite a lot but it isn’t. The time to understand MiFID II in its entirety is now.

Ian Hook, VP of European Business Operations at Smarsh