Lessons learnt for meeting SFTR

The deadline for compliance with the first phase of Securities Financing Transaction Regulation (SFTR) reporting obligations for sellside institutions is upon us, says Linda Coffman, EVP, SmartStream RDU, but some are still struggling to be compliant.

 

March 20th of this year saw a statement from the European Securities and Markets Authority (ESMA) – subsequently updated on March 26th – delaying the financial industry’s compliance with the first phase of Securities Financing Transactions Regulation (SFTR). Addressing the challenges firms were facing as a result of the coronavirus pandemic, and especially the lack of resources available to devote to meeting the compliance deadline, ESMA announced that it expected national competent authorities not to prioritise supervisory activity in relation to SFTR reporting obligations between April 13th and July 13th 2020.

While the actions of ESMA have given the industry a valuable breathing space, the new regulatory deadline is upon us. July 13th sees the implementation of phase 1 of compliance, encompassing credit institutions and investment firms. Phase 2 firms (central security depositories and central counterparties) also commence at this date. Timelines for the buyside (phase 3) have not been revised from the original October 13th go-live date, nor have those for non-financial counterparties included in phase 4.

 

Although sellside firms have been allowed three months’ grace, there are indications that some are still struggling to be compliant. And for the buyside, which is at present likely to be building solutions to answer the requirements of SFTR, there could be some useful lessons to be drawn from the sellside’s experience.

Clearly, banks’ efforts to prepare for SFTR have been hampered by the impact of coronavirus. In the early weeks of the outbreak, banks simply had to focus on maintaining business as usual, while the lack of resources available inevitably meant that developing new functionality took a back seat – even though meeting regulatory requirements is a priority.

Combining with the impact of coronavirus, however, and making the incoming reporting deadline even trickier to achieve, has been the inherent complexity of SFTR. Ensuring that SFTR reporting is carried out correctly is challenging: reporting is dual-sided, and both parties must make sure that the information they file matches. Reports, which must be submitted to a designated trade repository on a T+1 basis, contain over 150 fields. As a result, gathering and processing the data required is a potentially onerous operation.

To make matters worse, a lack of clarity around certain types of reference data – notably that relating to the legal entity identifiers (LEIs), security type, and security quality – has also been causing the industry a headache.

When submitting an SFTR report, counterparties must include the LEI for the issuer of the security or collateral that is the subject of the report. This is not a straightforward task, given the absence of a broadly adopted global system of LEIs. Indeed, as ESMA acknowledged in January 2020, some 88% of instruments issued by EU issuers have an LEI, while an average of only 30% of issuers from non-EU jurisdictions have one. ESMA announced in January that SFTR reports lacking an LEI for a non-EEA issuer would be acceptable for twelve months from the regulatory start date. While this has created a breathing space for the industry, it has not resolved the matter. Nor has the question of how firms should best deal with EU instruments lacking in LEIs been fully answered.

Banks have faced a further set of difficulties over the reporting of security or collateral type. Where an SFT relates to an equity, firms must state whether it belongs to a main index or not. To determine this, the reporting parties need index and constituent data. Obtaining this information, however, creates access issues, as well as added overheads.

Determining security quality is another source of bother. When assessing the quality of the security or collateral reported on, the data both parties submit must marry up. But what happens where the two counterparties derive their assessments from separate sources – for example, two different ratings agencies – and these assessments do not tally? Clearly, a break will occur, which must then be addressed, demanding further time and effort.

Preparing for SFTR reporting is a significant undertaking, so can the buyside draw any lessons from the experience of sellside institutions?

Firms in the first phase of compliance have handled the task in various ways. Some have installed specialist solutions, while others may be relying on people power, hiring large operational staffs to tackle areas such as data quality.

A number of financial institutions need additional help to get over the finishing line, for example, some of the banks that have installed specialist technology have discovered that these systems are not quite the panacea they had hoped for, and that gaps or other defects in their data still remain.

When preparing for compliance with SFTR reporting obligations it is vital – believes the author – that data quality is addressed as early on as possible, and is not simply treated as an afterthought. There are some indications that in preparing to meet the July deadline, sellside firms tended to focus more on the technical means by which data is transmitted to trade repositories and rather less on what is actually being sent. A parallel phenomenon was also observable during the approach to the MiFID II deadline. As financial institutions discovered then, regulators began – after an initial phase – to focus not just on whether reporting was occurring, but on the quality of the data transmitted – obliging some firms to review their practices in this area.

Gathering and processing the reference data needed for SFTR reporting is, potentially, a complex and time-consuming task. With the addition of the API within SmartStream’s RDU SFTR service, firms now have a helping hand. The RDU’s SFTR service removes the complexity of sourcing and deriving the instrument reference data needed for SFTR reporting purposes. It acquires instrument data from a range of industry sources, including ESMA, ANNA, GLEIF, ISO, ratings agencies and index providers, which is then normalised, enriched and mapped into the format demanded by regulators.

The RDU SFTR API is easily integrated with other systems and can be used very flexibly. Thus, it can be utilised either as part of a primary solution, or simply tapped into as an additional source of information. So, for example, if a firm has a solution in place that allows it to report transactions to a trade repository, but finds out that data is incorrect or missing, the API can be used to plug gaps – either in the UAT testing phase or beyond.

Usefully, the RDU SFTR API offers a very rapid onboarding process – firms can be up and running within a day, making it an excellent, alternative source of information for organisations facing a looming regulatory deadline.

Importantly, the API is extremely straightforward to use. Simply identify the instrument that is the subject of the SFT, make a call to a cloud-based API, and the required data attributes are returned in an easily digestible form.

In addition to filling gaps – for example, where an issuer LEI is missing, or accurate security types are lacking – the API can help verify that reference data is accurate. It also assists firms to prevent breaks between counterparties and to avoid rejected reports.

In conclusion, battling the complexities of SFTR while weathering the storm created by coronavirus has been a tough call for the financial industry. The sellside has reached the regulatory deadline, and some firms appear to be struggling to make themselves fully compliant. In the case of the buyside, ESMA seems unlikely to extend the period of forbearance, and so organisations should not be tempted to slacken off in their preparations for the phase 3 October deadline. For both the sell and the buyside, time is now of the essence. Ensuring data quality is vital, too. The RDU SFTR API can assist in both respects, providing accurate, reliable data, in an easily and rapidly accessible format, and which also aligns with regulatory requirements.

©BestExecution 2020