MiFID II comes into effect on January 3rd 2018. By then Financial Services providers will need to be able to –
1. REACT TO cases of (potential) malpractice
2. Implement procedures and COMMUNICATIONS’ AUDIT TRAILS that reduce the risk of such occurrences in the first place
The collation of data will also be broadened to INCLUDE ALL COMMUNICATIONS relating to actual and potential transactions.
The penalties for non-compliance will be severe!
In summary –
ORGANISATIONS MUST BE ABLE TO SUPPLY REGULATORY AUTHORITIES WITH ACCURATE, COMPREHENSIVE AND CLEARLY INDEXED DATA on specific trades and/or time-frames in an accessible medium on request. (TYPICALLY WITHIN 72 HOURS.) And of course, like its predecessor, MiFID II applies on an EU-wide basis, putting the onus on financial institutions to comply in all territories where they operate, whether that requires a complex, multimarket, multi-vendor solution or not.
Personal / Work Use Overlap
Financial institutions must BAN THE WORK-RELATED USE OF (CONSUMER-FACING) COMMUNICATIONS CHANNELS that cannot be recorded – for example, WhatsApp, WeChat, iMessage and similar. On a related note, employees are also prohibited from ‘advertising’ their personal mobile numbers in a work-related context. (While such measures may be sensible and necessary in compliance terms, they are extremely difficult to police by policy guidelines alone. And for companies looking to benefit from the cost-savings and convenience of BYOD adoption, such restrictions create a real headache on economic and employee-satisfaction grounds.)
Content & Catchment
Under the revised Directive, recordings must be made of any communications linked to an actual or potential trade. This means that ADVISORY CONVERSATIONS AS WELL AS ACTUAL DEALS are now covered by the legislation. In effect, anyone involved in the ‘advice chain’ connected to an actual or putative transaction should now have their communications recorded and retained. Simply put, basically, EVERYTHING NEEDS TO BE RECORDED.
The new Directive stipulates that ALL DATA RECORDS MUST BE RETAINED IN A DURABLE MEDIUM such as hard-copy, email, fax or audible recordings of telephone conversations and/or face-to-face meetings. Firms will be held responsible for the QUALITY AND COMPLETENESS of their data caches, ensuring that they are made available to regulatory authorities as required. (Typically within 72-hours.)
Previously held for six months, data must now be retained for a mandatory period of five years rising to a term of SEVEN years if so requested by the relevant marketplace authority.
Audit & Review
Under the new Directive, organisations not only have to record and retain communications’ data as described but undertake REGULAR REVIEWS TO ENSURE ON-GOING COMPLIANCE. This means that FS providers have to prove they have EFFECTIVE PROCEDURES IN PLACE AT ALL TIMES, rather than reacting to specific incidents of potential compliance abuse. This is one of the most important implications of MiFID II, reversing the current ‘burden of proof’ equation. Rather than regulators needing to find evidence of malpractice, financial entities must demonstrate –
(a) their innocence if challenged
(b) that they have the ability to safeguard against such non-compliance incidents in the first place
And this increased onus on proactivity by Financial Service providers goes well beyond ‘management by policy’ alone. Such corporate guidelines will have to be supported by employee training and the INTRODUCTION OF TECHNOLOGIES THAT ENSURE CLEAR AND COMPREHENSIVE CAPTURE of all electronic data relating to actual or potential transactions, INCLUDING THOSE MADE ON MOBILE DEVICES! (And as a footnote to the above, if shortcomings in data collation and retention procedures are apparent, companies must also retain records of such shortcomings and remedies for a further five years.)
Are you ready?
At VENNCOMM, we are…
VENNCOMM TALK can solve all of the above. It is a super-fast, OTT corporate dialer and chat app which puts YOU in control.
• Automates MiFID II call compliance
• Protects employees’ personal privacy
• Matches or outperforms native dialers
• Works globally
• Ensures eight degrees of separation between work and personal use of the same mobile device
So, if you’re looking to avoid compliance abuse fines, increase productivity and make significant cost-savings at CAPEX and OPEX levels…
It’s time to talk!
Call us on 03450 582 313 or email us at email@example.com