To the extent that they have not done so already, firms should look to start working on implementation. A useful starting point is the consideration of MiFID I requirements alongside MiFID II. In organisational and governance terms, when preparing for MiFID II, it is important to note that requirements generally carry over from MiFID I, albeit enhanced and spelt out in stronger terms.
Part of the MiFID II package is a directive and MiFIR is a regulation. It is likely that most, if not all, of the implementing measures will be regulations. While directives have to be transposed, regulations are directly applicable and the FCA will take the lead in removing any UK regulatory provisions that conflict with directly applicable MiFID II-derived measures. HM Treasury will also make consequential changes (e.g., to FCA legislative powers).
MiFID II will be transposed in the UK primarily through the current legislative architecture. However, MiFID II imposes certain obligations on market participants outside the current regulatory perimeter (i.e., neither authorised persons, nor recognised investment exchanges) that do not readily fall into the existing structure (for example, under the Financial Services and Markets Act 2000 the FCA does not have powers to make rules for such persons). The Treasury Consultation on theTransposition of the Markets in Financial Instruments Directive II covers the specific secondary legislation required. The FCA Discussion Paper (DP15/3) on the areas of MiFID II where it has discretion on how it is implemented within the UK, which closed to comments on 26 May 2015 is also relevant. HM Treasury's consultation closed on 18 June 2015.
The FCA states that it aims to meet the legislative deadlines for transposing MiFID II into domestic laws and regulations (3 July 2016) as well as the MiFID II and MiFIR effective date (3 January 2017). Firms can anticipate Handbook changes to current rules in areas that will be covered by MiFID II provisions as well as modification required by some profound changes to regulatory processes and systems (e.g., for reporting requirements, authorisation applications and variations of permissions etc).
The MiFID I Directive (2004/39/EC) and its related measures address three main areas:
- market fragmentation and inefficiencies;
- investor protection; and
- harmonisation necessary for passporting.
MiFID I built out these broad themes by talking to conduct of business and organisational requirements across topics that in retrospect look narrow. It requires firms to have:
- A permanent, independent and effective compliance function with policies and "appropriate and proportionate systems, resources and procedures" to ensure continuous and regular services.
- Systems and controls (e.g., administrative, control and risk assessment procedures) to limit risks when outsourcing critical functions.
- Measures to:
- prevent and manage conflicts of interest (particularly emanating from investment research); and
- safeguard clients' assets.
- Sound record keeping practices – so regulators can track compliance.
MiFID I was driven by the challenge of achieving a fully-integrated and open-access securities market alongside an effective passporting regime, with the presumption that once the architecture was in place, compliance and investor protection would follow.
The MiFID II package of measures, made up of Directive 2014/65/EU and Regulation (EU) 600/2014 as well as a range of implementing materials, is the reaction of a legislature that, almost immediately, realised at least two major failings around MiFID I:
- keeping up in the face of rapidly innovating markets; and
- widespread non-compliance.
This discussion is based on European Securities and Markets Authority (ESMA) consultation papers and technical advice to the European Commission from 19 December 2014 (the "Final Report"). The final requirements are not available at the time of writing.
Conflicts of Interest – General Requirements
The relevant provisions of MiFID II are in the Directive at Articles 16(3) and 23. In the Final Report, ESMA recommends clarification and supplementation of Article 22 of the MiFID I Implementing Directive (2006/73/EC) (the "Implementing Directive").
Firms' primary obligations will remain centred on effective organisational arrangements to prevent conflicts of interest from arising in the first place, with disclosure as a tool of last resort. When there is an insurmountable conflict, ESMA recommends that Article 22 is clear that disclosure must include a statement that the firm's organisational and administrative measures are insufficient to prevent risk of damage to client interests.
Disclosure must take into account the nature of the client receiving it and be in a durable medium, regardless of the client's categorisation. It must include a specific description of the conflict as well as the risks it engenders and steps taken to mitigate that risk. These more detailed requirements mean that disclosure is unlikely to satisfy MiFID II's standards if it takes the form of a template notification of generic conflicts.
In the Final Report, ESMA recommends that firms review their conflicts policies at least annually. ESMA conflates this requirement with its Final Report's advice that firms' compliance functions report annually (see below), which works alongside other, enhanced areas of responsibility for that function (see Product Governance below).
Existing firms need to refine their approach and newly in scope firms need to implement measures as part of authorisation and linked operating requirements. For example:
- consolidated tape providers and approved publication arrangements (APA) entities (such as an entity that publishes trade reports on behalf of investment firms) will be required to operate and maintain effective administrative arrangements designed to prevent conflicts of interest and APAs that are also market operators or investment firms will also need to consider how to maintain separate different business functions (see page 18 of the Treasury Consultation).
- Following Recital 39 and Article 1(4), MiFID II applies conflicts and organisational provisions to investment firms and to credit institutions when selling to or advising clients on structured deposits (see Article 9(3) management body oversight, Article 16(2), (3) and (6) organisational requirements and Articles 23-26: relating to conflicts of interest).
Conflicts of Interest – Analysts
While the Final Report concludes that the distinction drawn between true investment research and marketing communications in the Implementing Directive is sufficiently clear, and does not require any amendment, it does make two, potentially far reaching recommendations. ESMA suggests:
- marketing communications and those who produce them should be subject to Article 25(1) of the Implementing Directive, meaning firms should effect measures designed to ensure an appropriate level of independence for those producing marketing communications that come within the definition of recommendations in Directive 2003/125/EC; and
- amending the Implementing Directive to insert a new provision requiring the physical separation of analysts from those whose interests may conflict with the interests of the recipients of the research. Firms may, on proportionality grounds, establish "appropriate alternative information barriers".
It is important that ESMA's starting points for organisational requirements are physical separation and a wider application of concepts of independence. These put the onus on the firms to demonstrate it would be more proportionate to deploy less onerous "alternative information barriers". Firms should review and potentially revise their approach in these areas.
The Compliance Function
Again, at first blush, the provisions of MiFID II differ little from those of MiFID I (at Article 6). Article 16(2) of the MiFID II Directive requires the establishment of adequate compliance policies and procedures, and ESMA's Final Report recommends the integration and modification of existing Article 6 of the MiFID Implementing Directive. Article 6 mandates policies and procedures as well as the establishment of an independent compliance function, and ESMA recommends including an obligation to report to management at least annually on the overall control environment and identified risks, as well as to monitor and report on complaints handling (though note that the Implementing Directive at Article 9 already includes requirements that senior management must receive annual compliance reports showing remediated matters). ESMA also proposes that the monitoring obligation be "on a permanent basis", which is at least a more emphatic statement of the function's obligations.
For MiFID firms, regulators will expect that firms review the operational approach and effectiveness of their compliance function, in addition to overall firm governance, against the subtle adjustments required by MiFID II.
Responsibilities fall heavily on management and compliance personnel, indicating an era when regulators look to both practical compliance with rules as well as conduct, that is, how compliance is achieved. Although UK firms should now be well versed in this message they should still review and adjust their position.
For example, ESMA's Final Report suggests management should approve the remuneration policy after taking advice from the compliance function. Expanding on this, ESMA makes senior management responsible for "day-to-day implementation … and the monitoring of compliance risks related to the policy". Additional detail about the way the UK is likely to approach senior personnel responsibility and accountability following MiFID II implementation is provided in chapter 7 of the HM Treasury consultation.
MiFID II's direct intervention in both the manufacturing and distribution of financial instruments and responsibility for product governance marks a significant departure from MiFID I. Product governance obligations operate as distinct obligations that apply without prejudice to any assessment of appropriateness or suitability that is required during the sales process.
Looking at those obligations in Recital 71, Article 16 and Article 24, the MiFID II Directive requires firms to identify and understand the clients to whom products and services are to be provided, and, when manufacturing financial instruments, ensure that the needs of that target market are identified, understood and reflected within the product's design. In particular, Article 16 requires firms that manufacture financial instruments to maintain, operate and review a process for the approval both new financial instruments and "significant adaptations" of existing financial instruments before the product is either marketed or distributed. The product approval process must identify the target market and ensure that both the distribution strategy for and risks that attach to that market segment are assessed.
Article 16 places product design requirements within the context of a firm's obligations to organise and operate itself with a view to preventing conflicts of interest, and ESMA's Final Report suggests that management must have effective control over the product governance process. Further structural requirements include that the compliance function oversees the development and periodic review of product governance arrangements, specifically in order to detect any compliance failures by manufacturers. In the UK, when considering what may be a reasonable strategy, firms could look to guidance given by the FCA in its paper TR15/2: Structured Products: Thematic Review of Product Development and Governance.
While MiFID I does not specifically address remuneration, in June 2013, ESMA published "Guidelines on remuneration policies and practices (MiFID)" (ESMA/2013/606). MiFID II essentially codifies these Guidelines by introducing a new obligation at Article 9(3)(c) requiring management to "define, approve and oversee" a remuneration policy that encourages responsible conduct and the fair treatment of clients, while also avoiding conflicts of interest.
Within the conflicts of interest provisions at Article 23(1), MiFID II requires firms to identify, prevent and manage conflicts engendered by remuneration and other incentive structures. Article 24(10) adds another layer as remuneration or assessment of the performance of staff should not be done in a way that conflicts with clients' best interests. In particular, this means that targets or other measures that inappropriately incentivise sales of particular financial instruments should be reviewed. In the UK, the FCA released GC 15/1 on performance management, which may help firms navigate this point, when finalised.
Of course, many firms will already be well rehearsed on remuneration issues (not least because the FCA expects remuneration policies to meet Principle 3 of the FCA's Principles for Businesses, that require firms take reasonable care to organise and control their affairs responsibly and effectively) so MiFID II should not necessarily trigger profound change. Nevertheless, this will be an area in which firms need to be able to demonstrate they have at least reviewed their practices.
All firms take note
The FCA proposes generally applicable requirements that cut across non-MiFID firms based on MiFID II's remuneration standards (FCA Discussion Paper 15/3, chapter 7 para 7.14).
In some quarters, the results of MiFID I implementation within firms are considered disappointing; the legislature and supervisors will be looking for an altogether different result after 3 January 2017.