MANAGING eCOMMS COMPLIANCE.
From tactical to strategic, from compliance to efficiency, from data capture to best execution. By Shiran Weitzman, Shield Financial Compliance.
Under MiFID II rules all communications that support the processing of order management and investment decision-making must be captured for the express purpose of understanding how and why decisions were made, regardless of whether those communications actually resulted in a trade.
This means that compliance officers have to sift through a haystack of digital information for the needles that indicate patterns of market abuse or misbehaviour. However, identifying those patterns is no small task. There are three operational hurdles that have to be overcome.
The first hurdle is to bring all associated communications into scope, across both approved and non-approved channels. As technology is constantly evolving, firms must acknowledge that traders, investment managers and advisors can use multiple routes to interact with other parties. These channels may not have been defined in the rules previously, but are certainly in scope for the new requirements.
If there is any gap in data capture, the firm may find it has missed activity which has been deliberately designed to bypass the compliance checks, leaving the business open to punitive action.
The second challenge is to recognise that each communication channel may provide data in a different format, all of which will need to be aggregated, standardised and correlated in order to be assessed effectively. Voice, text, email and a variety of messaging models must be brought together, whether they are internally or externally managed. Despite the technical challenges posed, the firm will still be liable for abuse if data has been misinterpreted.
The third challenge is to identify patterns of abuse and discern them from non-abusive activity. Just as communications channels are multiplying, changing market structures can create fresh potential for gaming and other malicious activity. That can make the role of the compliance team especially hard.
MiFID II formalises rules for an enormously complex set of market structures in a legal framework. Compliance requires a data management platform that can both gather and interpret communications that sit behind these markets and store, manage, and analyse all relevant data, to enable the ‘needles’ to be easily picked out and the trading activities under question to be reconstructed.
From a technology perspective, firms will benefit from a centralised system that can interface in a flexible way with a broad range of technologies and take a holistic approach to data management, where all types of data can be structured, categorised and/or correlated in a way that makes it accessible and meaningful to a variety of management, compliance and IT functions.
This must now be an essential part of a firm’s strategy. The temptation to use siloed, tactical, point solutions to solve smaller problems as they occur, will create gaps both in interpreting data and understanding patterns of behaviour, increasing the risks of non-compliance.
However, by taking a more strategic approach and deploying the right kind of enterprise-grade technology, a firm will not only support its compliance requirements, but also enable ongoing business and efficiency benefits, such as drawing on eComms data to better facilitate areas such as best execution, for example.