|
A short guide to MiFID
by Kyra Paraschaki, Associate Institutional Business Policy Division FSA
Background and profile
The Markets in Financial Instruments Directive (MiFID) is a key plank of the Financial Services Action Plan (FSAP) of the European Union. The main goal of the FSAP is to achieve an integrated financial market in Europe. The FSAP is the umbrella for a wide - ranging EU financial legislation programme, including the Market Abuse Directive, the Prospectus Directive, the Transparency Directive, the Capital Requirements Directive, the Savings Directive - to name but a few. MiFID will become part of national legislation in January 2007 and firms will have to comply by November 2007.
MiFID, like its predecessor the Investment Services Directive (ISD), enables investment firms to passport their services to other EU countries on the basis of authorisation in their Home State; branches, however, will be authorised in the Host State.
It covers most investment firms currently under ISD: investment banks, portfolio managers, stockbrokers and broker dealers, corporate finance firms, futures, options and some commodities firms. Under MiFID, firms are subject to specific organisational and conduct of business requirements. While the measures it introduces are not much different to the existing regulatory modus operandi, the breadth of its coverage makes conversion to the new regime a challenging, time consuming and potentially costly task. MiFID also covers financial markets, setting particular requirements for exchanges and other trading and execution facilities.
MiFID and Organisational & Systems and Controls requirements - the Common Platform
MiFID overlaps here with another directive due to be implemented in January 2007, the Capital Requirements Directive (CRD). In order to avoid duplication and confusion by firms which would otherwise have to follow two parallel sets of similar measures, the FSA proposed in its CP 06/9 of May 2006 a common application, the 'common platform' for firms.
CP 06/9 sets out corporate governance requirements aiming to ensure that firms have appropriate internal systems and controls and effective risk management for the protection of the interests of its clients. The arrangements a firm makes towards this end should be under senior management oversight and responsibility and be proportionate to the nature and complexity of the business of the firm. This means that small firms do not have to adopt the same complex arrangements as large ones; they do have to prove however, that their arrangements serve the purpose they are designed for and bring the results they aim to achieve. The practical way of doing so is by setting down relevant procedures together with monitoring and control functions to ensure that these procedures are followed, are up to date with the evolution of the firm and adaptive to the complexity levels of its business.
Most UK based companies are familiar with such requirements, as similar standards currently exist in the FSA regime. Therefore, the impact of the proposals in the 'common platform' will not be great on them. The main requirements are listed in CP 06/9 as follows:
• Robust governance arrangements;
• Sound administrative and decision making procedures;
• An organisational structure which clearly, consistently and in a documented manner specifies reporting lines and allocates functions and responsibilities;
• Adequate internal control mechanisms;
• Effective internal reporting and communication of information;
• Adequate safeguards for the security, integrity and confidentiality of information and for the firm's information processing.
The proposed measures in the common platform aim to ensure that firms will achieve an environment which would be expected by clients entrusting their interests with the firm . In particular, 'firms have a responsibility to ensure that their staff and agents do their jobs properly, are aware of and follow the internal procedures, are competent to perform the tasks they are given and are not given multiple duties which might compromise their ability to act properly.' Key concepts here are the segregation of duties and the prevention of conflicts of interest. Firms are broadly required to employ personnel with the skills, knowledge and expertise to discharge their responsibilities .
The key tasks for Compliance requirements are outlined in CP 06/09 as follows: to establish and maintain policies and procedures aiming at ensuring effective compliance and which will be able to identify the risks associated with a failure by the firm to comply with its obligations; to establish a compliance monitoring programme; to have an independent compliance function; to appoint a compliance officer who will report to the governing body. Small firms might not be obliged to establish an independent compliance function but will nevertheless have to show that their compliance arrangements continue to be effective .
The internal audit function - when the nature and complexity of the business of the firm calls for one - will be responsible for issuing the audit plan and verifying that it is followed.
Where firms have internal audit, compliance and risk management functions, these should be independent from each other and report to the governing body and the senior management.
The outsourcing proposals of the common platform differentiate between material and non material outsourcing and the key message is that important operational functions should not be outsourced if this will impair the quality of the firm's internal control. There are certain functions which cannot be outsourced either because this could alter the relationship and obligations towards the clients or because it would undermine, remove or modify any conditions subject to which regulatory authorisation was granted. For example, senior management responsibility cannot be delegated.
When a firm is outsourcing it must put in place procedures to ensure that the service provider has the ability, capacity and authorisation required to perform the outsourced function. There is a requirement for a written agreement setting out the respective rights and obligations of the investment firms and the service provider. Intra group arrangements are treated in the same way, with the effect that formal intra-group outsourcing contracts may be required where perhaps only service level agreements are currently used. Tighter controls may apply to outsourcing of investment services outside the EU to unregulated entities.
For conflicts of interest, a firm must put in place measures to identify and manage conflicts between the firms and its clients or between its clients in an effective way. The objective is to prevent damage to the client's interests, not to prevent the conflict from arising. A firm must have a policy where it states the measures for identifying and managing conflicts. Disclosure as a mechanism for managing a conflict is not sufficient and the onus is placed on firms to use internal controls such as Chinese walls or segregation of duties.
The common underlying philosophy for organisational and systems and controls requirements is to assign to firms and its senior management the responsibility of finding practical ways of applying these measures and be able and defend their choices if required. These measures are outcome focused and there are many paths that can lead to the outcome. The means however will have to be justified as well as the end.
MiFID & Markets
MiFID prescribes pre- and post-trade transparency requirements which apply to regulated markets, Multilateral Trading Facilities (MTFs) and Over the Counter (OTC) trading.
The pre-trade transparency requirements, despite being new as requirements, are compatible to the current market practices of UK regulated markets and Alternative Trading Systems. There are new requirements, however, for so-called Systematic Internalisers (SIs) - firms which 'deal on their own account on an organised, frequent and systematic basis by executing client orders outside a regulated market or an MTF'. Under MiFID, SIs must provide firm bid or offer quotes in certain 'liquid' shares on a continuous basis. These quotes are binding for trades up to certain thresholds.
Post-trade transparency requirements are extended to all trading venues - not only regulated markets. Information on completed transactions should be made public, as close to real-time as possible and firms not being regulated markets or MTFs can choose the channel of making this information public.
Post-trade reporting to the regulator (transaction reporting) is now required on any financial instrument admitted to trading on a regulated market.
MiFID and the Conduct of Business
The MiFID Conduct of Business requirements (COB) are generally compatible with the FSA's COB. There are however some differences and the FSA will consult in October for an updated sourcebook for MiFID firms, which will also take into account the results of the work on simplification of the current COB sourcebook.
One key area is the client classification regime. The 3 categories of clients in MiFID - Retail, Professional and Eligible Counterparties - are broadly similar to the current client categories: Private, Intermediate and Market Counterparties; there are however differences in the thresholds for each category as well as in the criteria for opting up or down a category.
Other conduct of business areas include know-your-client and Suitability requirements for investment advice and portfolio management. Also, specific circumstances are introduced under which execution-only services can take place . For all other services to customers MiFID introduces the requirement for firms to assess Appropriateness and in order to do so, the firm must obtain information from the customer on their knowledge and experience in relation to the particular service. One difference between Appropriateness and Suitability is that the latter should take into account the financial situation of the client in addition to knowledge and experience.
MiFID introduces the obligation to provide Best Execution of client orders and it states that a firm should 'take all reasonable steps to obtain the best possible result, taking into account price, costs, speed, likelihood of execution and settlement, size, nature or any other consideration relevant to the execution of the client's order'. Firms are also required to establish and implement an order execution policy.
MiFID also covers the areas of Client Order Handling, Marketing, Client Agreements and information about the firm and its services.
Background information and implementation notes
The predecessor of MiFID, the ISD, needed revising to catch up with continuously evolving financial markets and products. Compared to ISD, MiFID expands the range of core investment services and activities within its scope; for example, the provision of advice is captured, as well as the operation of MTFs. In the markets area, the aim is to enhance competition, efficiency and consistency. Transactions do not have to be executed on a regulated market any more, so countries can no longer impose the so-called 'concentration rule'. MiFID also captures within its scope complex financial instruments such as credit and commodity derivatives and contracts for differences.
Although by 'MiFID' we mean the original directive of 73 Articles published in the Official Journal of the European Union on 21 April 2004 - also called the 'Level 1' text - it is also a legislative package of subsequent interpretative and implementing text known as 'the Level 2' text. This has been drafted after a long consultation with regulators and key stakeholders of each member state, led by the European Securities Committee (ESC). The Committee of European Securities Regulators (CESR) coordinated the drafting of the text during the early stages.
The EU process of writing a framework legislation (Level 1) upon which other implementing measures follow is called the 'Lamfalussy' process. Altogether, it comprises of four levels. In Level 3, CESR will help in achieving consistent implementation in Member States and Level 4 is the ongoing conclusion of the process where all parties (Commission, Member States, regulators) cooperate with each other for enforcement and post-implementation work.
The Level 2 MiFID text is more or less in its final form (a Directive and a Regulation) and is expected to be published in the Official Journal of the European Union in mid-October. Countries will transpose the measures to national law by January 2007 and by November 2007 firms should comply with the new measures
The approach taken by the Commission towards implementation is that of maximum harmonisation which means that Member States should try to avoid any unnecessary and unjustified goldplating - or superequivalence - by adding new requirements or retaining current measures not included in MiFID. As a result, the Level 2 Directive states that Member States should only retain or impose requirements additional to those in the Directive only in exceptional cases and provided they meet the conditions of addressing specific risks to the Member States' markets or they address risks that become evident after implementation. The Commission needs to be notified of the material proposed for retention and the notification should be accompanied by a justification.
The practice of applying a common set of requirements on countries where a degree of diversity is inevitable is the backbone of the EU philosophy: integration and convergence. And participants will inevitably either have to lower the bar or raise it. Absolute matching is difficult to achieve in reality.
This raises the question whether countries with a longer history in regulation are in a better position to copy out the requirements, since these countries usually tend to have mature and complex financial markets. The activities or products in these countries may not be easy to tame to follow prescribed behaviours under a quasi maximum harmonising approach. Countries with established regulatory culture and practices will have to modify a larger number of existing arrangements - often detailed - and will have to create a plethora of maps matching the old and the new. On the other hand these countries are in a better position to understand what these requirements mean in practice and as a consequence are active players in shaping the legislation during consultation periods.
Regardless of the regulatory reality of each country, a main ingredient of the recipe of making this work is to be involved in the consultation process either actively or by being a quiet but keen follower, observing all developments in the pre-implementation period and at the same time creating the infrastructure to support the forthcoming inevitable legislation. This will be easier for countries where consultation is integral and sine-qua-non part of their policy making. The need to follow developments closely goes both for member states and companies, as both share the aim of making things work whilst minimizing disturbances in their economies and processes. The bottom line is that none of the participants have an easy task here. Member states, their finance ministries, regulators and industry, have to work full speed to ensure that they will be ready for implementation.
Essential reading
MiFID, Level 1 text:
http://europa.eu.int/eur-
lex/pri/en/oj/dat/2004/l_145/l_14520040430en00010044.pdf
MiFID, Level 2 proposals:
http://ec.europa.eu/internal_market/securities/docs/isd/dir-
2004-39-implement/dir-6-2-06-final_en.pdf
http://ec.europa.eu/internal_market/securities/docs/isd/dir-
2004-39-implement/dir-6-2-06-final_en.pdf
FSA, Planning for MiFID, November 2005:
http://www.fsa.gov.uk/pubs/international/PLanning_mifid.pdf
FSA & HM Treasury, Joint implementation plan for MiFID, May 2006:
http://www.fsa.gov.uk/pubs/international/joint_mifid.pdf
FSA, CP 06/9, Organisational systems and controls – Common platform for firms, May 2006:
http://www.fsa.gov.uk/pages/Library/Policy/CP/2006/06_09.shtml
|
|
