In what is a key FCA enforcement risk area, we study the common pitfalls firms encounter and the lessons firms can draw from the recent enforcement cases.
Why is transaction reporting a key FCA priority?
The transaction reporting regime goes to the heart of one of the FCA’s core operational objectives: to protect and enhance the integrity of the UK financial system. Transaction reporting provides the vital market data that the FCA needs to detect cases of market abuse and manipulation. From the Regulator’s perspective, it is imperative that transaction reports are accurate and complete. Anything less risks obscuring the FCA’s view of the market.
The FCA has repeatedly shown that it will not hesitate to take enforcement action for breaches of the transaction reporting rules. It has brought cases against 14 firms under the MiFID regime, ranging from small operations to some of the largest financial institutions in the market. The FCA’s drive to enforce the transaction reporting regime shows no signs of abating.
In 2015, the FCA said that its previous metrics for calculating penalties were not generating fines large enough to act as a credible deterrent to the market. Since then, there has been a significant increase in the size of the fines handed out, with several financial institutions receiving penalties in the tens of millions of pounds. By imposing fines of this magnitude, it seems clear that the FCA is signalling that it regards transaction reporting as a critical area of focus and that it will not tolerate breaches of the rules.
Where do firms tend to get it wrong?
The existing cases betray a number of common themes. Typical failings include reporting incorrect trade times, identifying the wrong counterparties, mixing up buy/sell indicators, and using incorrect instrument identification codes. These seemingly basic-sounding errors are often the result of operational systems issues, particularly for firms where transaction data must pass through a complicated series of front, middle and back offices systems before finally being sent to the FCA. One breakdown at any point in the chain can result in an inaccurate report.
We pick out four key areas from the recent cases where systems and controls were not up to scratch:
1. Assessment of reportability of transactions
At a foundational level, firms must be confident they have thoroughly assessed which of the transactions they enter into are subject to transaction reporting and which fall outside the scope of the regime. This is not always an easy determination to make, as it will depend (among other things) on the particular instrument being traded and which elements of the execution of the transaction take place in the EEA.
It is no solution simply to adopt a broad approach and over-report transactions where there is doubt. The rules and guidance make clear that over-reporting is not permitted and the FCA has fined firms for doing so on a number of occasions.
2. Accuracy and completeness controls
Firms need to have some means of ensuring that the reports sent to the FCA are accurate and complete. At a basic level, quality assurance processes might include periodic sample checking. For larger firms that submit a high volume of transaction reports to the FCA, sample checking is unlikely to be regarded as sufficient and end-to-end reconciliations are more likely to be considered appropriate.
3. Change management controls
Firms need to ensure that regulatory, business or systems changes do not lead to erroneous transaction reports. There have been numerous instances of changes in one part of a business not being picked up by other functions, resulting in inaccurate transaction reports. Robust change management processes often depend on there being good communication between different departments, including:
- the front office teams responsible for carrying out the relevant trading;
- the back office and technology functions responsible for maintaining the IT systems through which data must flow; and
- the regulatory operations or compliance functions with responsibility for reporting transactions to the FCA.
4. Reference data
Firms often populate various required fields in their transaction reports using static reference data imported from internal databases. This data might include information on the firm, its counterparties, or the instruments being traded. It is easy for this information to become outdated, and so firms need to ensure they have processes in place to regularly review and refresh their reference data.
All the cases brought by the FCA so far have related to the transaction reporting rules under MiFID. However, we are now well over a year into the new MiFID II regime.
The MiFID II transaction reporting requirements are an order of magnitude more complex than the previous rules: there is more to report, on more transactions in more instruments by more firms. The number of reportable data fields has leapt from 23 to 65.
So for an industry that found complying with the MiFID requirements difficult, the MiFID II rules pose even more of a challenge. Given the pattern of enforcement cases in this area under MiFID, it is clear the FCA will now be looking to make its mark in enforcing the MiFID II requirements.
In the recent past, the FCA has gone after the large financial institutions in bringing its transaction reporting enforcement actions. An obvious next step for the FCA would be to broaden its sights and target mid-market and smaller firms under the MiFID II regime.
We therefore recommend that all firms take steps to ensure their transaction reporting systems and controls are sufficiently robust. This would include conducting an assessment of how a firm is undertaking its transaction reporting under the MiFID II requirements, including assessing the performance of any outsourced third party service providers.