We’re now 15 months into MiFID II and many firms, especially those who found themselves with a transaction reporting obligation for the first time, have been breathing a collective sigh of relief at a job well done. But that relief may be premature at best, and dangerously unfounded at worst.
Numerous firms who have undertaken complex, expensive and burdensome projects to build their reporting frameworks, have mistaken the light at the end of the implementation tunnel as the end of the MiFID II challenge. Some firms are looking the wrong way down the tunnel, and others might well be watching the FCA enforcement train leaving the station.
There is a common misconception that as long as the reporting process appears to be working and validation errors are being cleared, that everything is as it should be. This could not be further from the truth. The FCA has been saying for many months that they are losing patience with reports which are ‘valid but wrong.’ Such reports are populated with values which pass validation, but which are incorrect (and in some cases clearly fabricated to force a report through the validation checks).
The systematic submission of wrong reports may go unnoticed by firms and the regulator for months or years, but with each day that passes firms are feeding an ever growing fatberg of reporting failures. The longer it takes to identify and tackle the problem, the larger and more expensive the remediation will become. And if the FCA finds it first, then they will be less understanding than if firms had done so themselves.
A fundamental root cause of this is reminiscent of the 16th century proverb that “there comes nothing out of a sack but what was in it.” Or in modern IT parlance, “Crap In, Crap Out”. Flawed assumptions, misunderstandings of requirements and poor process design can all contribute to incorrect or incomplete data being force fed to ARMs and vomited thereafter upon the disapproving lap of the FCA. But the problems don’t stop there. Governance is often weak with senior management starved of the metrics and information they need to identify potential problems. Change management procedures frequently fail to be updated or adhered to in order to protect the integrity of reporting processes. Reliance is routinely placed on third party service providers without meaningful oversight or an appreciation for the limitations of their services.
To add insult to injury, monitoring of the completeness, accuracy and timeliness of reporting is routinely inadequate, which prevents firms from taking corrective action. This needs to change, but many firms lack the resources to undertake the kind of meaningful testing that would identify even the most basic errors. Others lack the expertise. Overcoming either of these obstacles can require considerable internal investment which can be difficult to justify particularly for smaller firms.
Although reporting is a largely binary process, it is positively riddled with complexity. Complexity of the rules, complexity of IT systems and their relationships with one another, and in some cases the complexity of the instruments involved. To add a bitter cherry to this complexity cake is the fact that sometimes, even when a firm has reported in a way that is to all intents and purposes correct, their data is being corrupted by their service providers, resulting in an unholy mess that can only be discovered through regular reviews (which many firms forget is a regulatory requirement) of data extracted from the FCA’s Market Data Processor.
This may all sound like doom and gloom, particularly when from what we have seen there are few if any firms who have not taken their obligations seriously or who have failed to appreciate the importance of correct reporting. And the need to do more is going to be a hard pill to swallow for those firms which have poured blood, sweat, tears and sparse capital into their implementation projects. But firms have a slowly shrinking window of opportunity to take the initiative and get their houses in order. As Sylvia Plath suggested: “Read widely of others’ experiences…even though it hurts and strains and would be more comfortable to snuggle back in the comforting cotton-wool of blissful ignorance.”
A substantial reason behind the eye-watering scale of recent fines (albeit under the MiFID I regime) is the number of transactions which were incorrectly reported. So firms need to act now. If they are prepared to peel back the veil and find out what might be lurking behind their reporting frameworks they could be saving themselves the pain, cost and embarrassment of future scrutiny and, potentially, enforcement.
The failings that we see, their causes and their contributing factors are nothing new – we have seen them under MiFID I, we have seen them (and continue to see them) under EMIR, and we are seeing them play out again under MiFIR.
How ACA Can Help
ACA can help firms with both one off and regular, ongoing assurance in the form of our ACA Regulatory Reporting Monitoring & Assurance (‘ARRMA’) service covering MiFIR transaction reporting, MiFIR post-trade transparency reporting, and EMIR reporting.