By Yasmin Zarabi, vice president of legal and compliance, Hearsay Social
Even with the recent Brexit decision, it is still highly likely that UK financial advisers will be required to comply with the European Commission’s updated rules for Markets in Financial Instruments Directive (MiFID II) when it comes into effect on 3 January 2018. The reasons are twofold. Firstly, it’s going to take two years for the UK to untangle itself from EU regulation, which takes us beyond the January 2018 deadline. Secondly, the UK Financial Conduct Authority (FCA) has traditionally taken a tough stance on regulation, so it’s unlikely that it will scrap these rules even if it has the power to do so.
Of course, UK firms are no strangers to MiFID. The original rules were introduced in 2007. However, these rebooted regulations are expected to have far-reaching implications on the way financial services firms operate and enforce governance in the future. While the deadline may still feel like it’s a long way off, savvy firms should start making preparations now in order to make sure they comply on time. MiFID II will impact a number of different functions, from training to IT processes; any firm leaving it to the last minute to start the transition process may find itself at risk of non-compliance.
MiFID becomes MiFID II: Spot the difference
In comparison to its predecessor, MiFID II places considerably more emphasis on improving investor protections. This is achieved via the introduction of stricter measures governing client communications, disclosures and transparency requirements.
There will also be a greater scrutiny around the alignment of product and customer profiles, as well as ensuring compliance controls are in place. Financial advisers’ digital communications with clients and prospects will find themselves particularly under the microscope.
Ensuring MiFID II compliance: Getting ahead of the game
These are the four actions financial firms are advised to undertake now, in advance of the Directive taking effect:
Action no. 1: Update employee policies and training
Articles 16 and 45 of the Directive stipulate that firms must provide employees with adequate training so they can a) understand the rules, and b) maintain an audit trail of the controls and processes that address the regulation. The team responsible for training and policy should include representatives from legal, compliance, IT, sales, marketing and any other teams which have a role to play explaining the distinctions between MiFID and MiFID II for their firm.
Action no. 2: Establish proper content approval processes
Under articles 13 and 24, firms must ensure that their digital marketing content is fair, clear and is in no way misleading. To achieve this, it is strongly recommended that firms adopt technology that prevents advisers from sharing online content with their clients unless it has first been vetted and approved by the firm’s compliance and supervision departments.
In addition, article 25 requires firms and advisers to ensure the “suitability” of their client’s needs in order to make appropriate product or services recommendations. This can only be achieved by having proper compliance technology and efficient workflows in place.
Action no. 3: Reassess supervision technology
Article 16 of the Directive sets out the need for a robust monitoring system that is capable of ensuring all of an advisers’ digital communications with a client are appropriate and in line with the client’s best interests. As a starting point, firms should assess their current data capture and supervision capabilities to identify any gaps in processes and technology. Firms are advised to consider introducing technology that can be customised to their supervisory needs. Options could including having all the content pre-approved before an adviser can use it, or to have pre-approvals or post-approvals mandated based on the type of content and/or digital channel.
Action no. 4: Ensure recordkeeping across all digital channels
Finally, to be compliant with Articles 6 and 69, firms will be required to keep records of all electronic communications between an adviser and client or prospect. This includes social media, email and text messages from any device. They must ensure that they maintain adequate records of disclosures of potential conflicts of interest. The records should be easily obtainable and available to clients for up to five years. For regulators, this window is extended to seven years. It is also important to record communications in a linear manner; this avoids the complication of having to piece together communications from different devices if audited.
Firms may have until January 2018 to comply with the rules, but a swift and systematic approach to MiFID II is strongly recommended. MiFID II is just one of several new regulations that are being considered to address the gaps in European capital markets operations which became apparent at the time of the 2008 financial crisis.
Firms that are able to plan and implement robust MiFID II-compliant technology platforms for digital client communications and recordkeeping will put themselves in pole position to deliver new and important data insights to their front office advisers.