How to attract the attention of the regulator
By Michelle Zak, Qomply
Published: 23 September 2024
Over this past year, there has been a notable increase in regulators approaching firms about the quality of their Markets in Financial Instruments Directive (MiFID) transaction reports. It starts innocently enough with a gently phrased email from the regulator inviting the recipient investment firm to have a look at a specific area of their reporting.
The email may seem harmless—perhaps suggesting that a particular field or area in the report wasn’t quite right. There’s no immediate sense of urgency in its tone or phrasing. Most firms might interpret it as a gentle nudge, signalling that something may have gone slightly off. The firm’s initial response might be, “How thoughtful of the regulator to reach out,” followed by a casual response like, “We’ll take a look,” or even, “Thanks for letting us know.”
A critical mistake would be to respond with a tone that conveys a lack of urgency, or intent to thoroughly review the specific field or the entire reporting scope. The real misstep would be omitting clear timelines and concrete actions from the reply. That would be the nail in the coffin.
More often than not, the firm will go off, correct that “one little issue” in their reporting, communicate with the regulator that the corrections are on their way, and consider the job done.
That’s when things escalate. The regulator, sensing a relaxed attitude towards simply correcting that one area of reporting, may re-approach with another tap to the firm. “Maybe the firm would like to look at this other area of their reporting” might be the next email. And so, it goes on.
This is how the rapport set by the regulator and the response of the firm sets the scene for how things escalate.
If the firm does not take things seriously from the point of initial contact, if an internal investigation isn’t launched into the quality of reporting and internal controls, and if communication to the regulator is sparse and vague, then eventually there will be the proverbial ‘phone call’ from the regulator that conveys, in no uncertain terms, that a more formal review is ensuing.
Our firm sits on the other side of that phone call.
Transaction reporting and market surveillance represent two of the weakest points of entries for a regulator to approach a firm. The very nature of a transaction report being submitted daily to the
regulator invites trouble if the house is not in order.
Over the course of the last few years, we have had a front row seat into regulatory activity mostly
because we are approached when things go wrong in reporting.
Whilst there are a number of reasons a regulator may get in touch, the below are the best ways to
attract the regulator’s attention:
Not regularly requesting data from the regulator’s MDP portal
This one is incredibly simple to resolve yet we still see issues. Evidence released by the Financial Conduct Authority (FCA) suggests that three years after Go LIVE, firms were still not conducting periodic reconciliation of their data.
How did they know? Simple- they were monitoring their Market Data processor (MDP) portal for activity. If there was no activity from your firm, it is a strong indication that you are not fulfilling one of the core MiFID transaction reporting obligations- periodic reconciliation. After all, if you haven’t made periodic requests for the MDP file, then you are not conducting reconciliations. Low-lying fruit for a regulator.
Firms appear to have caught on to this – mostly because those firms were contacted directly by the regulator about their reconciliations. In fact, we see firms routinely requesting the regulator’s data and storing it until they are ready to conduct a reconciliation just to hedge against any uninvited consequences.
Counterparty LEI Is a different counterparty than the one you’ve traded with
This particular item occurs quite frequently and if you are one of the unlucky reporting parties, then you understand how this could trigger a lot of pain.
The scenario is that you onboard a counterparty, conduct Know Your Customer (KYC), capture Legal Entity Identifiers (LEIs) and notify the traders that they are good to trade. In heated moments, when keying in trade details, traders or front-office staff are swamped for choice of which LEI to choose as their counterparty appears to have numerous identifiers. The default behaviour appears to have been – “take a guess”. This approach has not boded well for those firms.
The simple truth is that regulators have a view of the entire UK market and can conduct market surveillance with relative ease. Regulators routinely match-up counterparties across firm’s reports.
Therefore, if the counterparty that you said you traded with, in the report, doesn’t appear in their report, then it gives the regulators a reason to follow the thread.
They then start cross-referencing other counterparties within your reports – maybe even follow more threads as they build a case to contact you.
Bottom line – the whole jumper can easily become unravelled. If your counterparties that were onboarded are not aligning with those reflected in the transaction reports, then you will have to trigger a complete retrospective investigation to ensure the LEIs shown to your traders are, indeed, the counterparties they are cleared to trade with them.
Counterparty personal sensitive data is not expressed correctly
Erroneous construction of identifier data pertaining to individuals was a real problem when MiFID went live. So much so, the regulator’s posted a MarketWatch to remind market participants how to concatenate identifiers or which identifiers to use – passport versus national identifiers. Then, after Brexit, less-than-vigilant regulatory reporting teams forgot to audit UK and EU nationals to adjust for the new expectations in using identifiers. This still haunts firms and we routinely see back-reporting exercises undertaken to correct the pesty legacy of Brexit.
The timestamp for executing a trade on a venue reflects a time when venue is closed
Sloppy trade capture systems or relaxed mechanisms for capturing execution times means that you are effectively notifying the regulator that you are trading on a venue when it’s closed.
This can also occur twice a year when adjustments to the clock aren’t accounted for. Easy to catch, annoying when it happens, yet surprising how it continues to occur across the industry.
You aren’t sending all transactions to the regulator
This effectively means you are under-reporting transactions. When means, the regulator does not have a full view of market activity and will impede their ability to conduct effective surveillance. Therefore, this should be taken seriously.
A common reason for under-reporting is that a ‘flag’ has been ‘ticked’ somewhere which is stopping transactions from flowing downstream into the daily reports. Believe it or not, this occurs frequently. Certain Trade Capture Systems have a nifty MiFID Reportable Flag which, when ticked, will exclude all transactions that come its way.
We see it sting firms from time-to-time and many firms only discover it when contacted by the regulator. It is a big clue to the regulator that systems & controls need tightening. Definitely want to ensure you are conducting reconciliations (see point above) to close this gap.
To stay off the regulator’s radar, ensure your internal controls are robust, you are conducting routine reconciliations, you are capturing accurate details and are training your staff to do the same. Remaining vigilant always helps but greasing the wheels with formal procedures makes it a whole lot easier to execute daily.
Sloppy trade capture systems or relaxed mechanisms for capturing execution times means that you are effectively notifying the regulator that you are trading on a venue when it’s closed.