Compliance considerations ahead of January deadline
On forecasting the likely actions of Russia during the Second World War, UK Prime Minister, Sir Winston Churchill, spoke of it as a ‘riddle wrapped in a mystery inside an enigma'. Alternative asset managers might be forgiven for thinking the same about the devilish complexity of MiFID II.
But rather than get bogged down and concerned about the vicissitudes of regulation, managers should focus on the aspects they can control and take practical steps towards becoming compliant.
The first point to make is that MiFID II should not be thought about as merely a compliance exercise.
"The buy-side should think more about the major strategic implications to this, which could create new marketing opportunities and a competitive advantage. If I knew there was a challenge on the horizon, from a regulatory standpoint, I would use the ability to demonstrate more transparency to investors as an opportunity and would look to do it as early as possible, and market the fact that I was already MiFID II compliant.
"That's my advice to clients. Don't put it off. Be an early adopter and you'll potentially bring more business in," says George Ralph, Managing Director of RFA.
Given that MiFID II will touch every aspect of a fund management business, the worst thing to do is treat it merely as a compliance issue and dump it on the Chief Compliance Officer. Putting compliance best practices in place to comply with MiFID II should be treated as an enterprise risk management exercise, led by senior management involving every department.
"When I talk to CCOs about the regulatory environment the industry is in today, they have so much to oversee," comments Paul Yau, Senior Regulatory Counsel at Advise Technologies. "I therefore think that the right tone has to be set by the top management starting with the CCO. You definitely need different parts of the firm to be engaged. It can't just be a case of thinking that `the compliance department can handle it'."
In Ralph's view, MiFID II falls in to the whole risk management decision making process. Risk is basically impact versus likelihood and from a risk likelihood perspective, MiFID II is happening. It's not going anywhere.
"As such, the business decisions relating to risk have to come from the top management. You can't have a compliance professional come in on a contract to tell you what you need to do to remain compliant; they could come in initially to do the gap analysis but that's it," advises Ralph.
Patrick Robinson is Director at Bridge Consulting. Bridge provides compliance services to UCITS management companies and AIFMs in Ireland. Although these firms will not be directly impacted by MiFID II, many of the managers to whom they delegate portfolio management services will be MiFID licensed firms. As such, Robinson has a clear view on how the regulation is beginning to impact them.
"Across our client base, the implementation phase involves risk, legal, operations, IT and compliance individuals," says Robinson. He continues:
"MiFID firms need to determine what the potential risks are to their strategies and structures and how they should be addressed. This requires pulling in resources from the IT department, on how to get better information and monitoring on best execution, on research, and in particular on transaction reporting. And pulling in resources from the operations team to determine how all that data should be managed on a daily basis: Where is the data coming from? Which systems is it going in to?"
To get all the data in place for reporting under MiFID II is likely to be a significant data management exercise across the various front to back office teams. As such, they will need to understand what is involved and when to engage with the right people: with respect to legal and compliance, risk, the Investor Relations team, etc. Some will have to re-evaluate their whole IT framework.
"It's important to be able to put appropriate monitoring in place for best execution and to be able to demonstrate it, and that you are properly considering the results of best execution," says Robinson. "It's much the same on the research side; sitting down with portfolio managers to understand how they assess the quality of research and how they use it, and where they are getting it from. These are all aspects around which MiFID firms need to build a robust monitoring solution."
The sooner fund managers have gone through the data mapping exercise and worked out the extent to which their IT systems will be up to the task, the better they can identify gaps and engage with the right vendors.
"Now is the optimum time to be getting data handling processes and procedures covered off and documented," says Geraldine Gibson, CEO of AQMetrics. "Simulated testing for transaction reporting takes places over the summer and then moves on to the regulators' systems towards the end of the year."
As part of the transaction report, a legal entity identifier (LEI) has to be provided for security. Every service provider and fund manager will have its own LEI, which is held in an LEI reference database. It's no different to financial instruments having their own ISIN code. As new companies and service providers come on board, they will need to be assigned an LEI in a manager's systems. The problem is that for some managers, their databases aren't configured to automatically tag every LEI.
"If someone doesn't have a repository for LEI data in-house, which a lot of small managers don't, we will pull all that data together as the appointed ARM. Then we sign off the interface with the client and from that point forward, if there are any changes to the way we source data, we just run through structured change management. It's a very controlled exercise," comments Gibson.
The data lifecycle
With respect to the data lifecycle, as part of a compliance `to do' list there are two components worth considering.
The first is to make sure that fund data is stored in an efficient way that makes it easily retrievable for transaction and transparency reports. Ralph says that fund managers should investigate storage management software in order to automate the movement of data through the lifecycle.
Secondly, fund managers will need to be surgical with their reporting, and ensure that their IT systems act like a scalpel not a sledgehammer.
Enterprise data management
With increased regulation such as MiFID II facing fund managers, many will need to strengthen and invest increasingly in their regulatory reporting function and associated technology. Key to this, in Ralph's view, will be enterprise data management.
"Historically, fund managers have been large consumers of market data from vendors, which is structured, validated and easy to manage. However, fund managers also create their own data sets, such as who made the decision to place a trade, who executed it and which algorithm was chosen. New regulations such as MiFID II are increasingly asking managers to report on these internal data sets too.
"The challenge many will experience is that internal data can often be held in different systems across the firm and is typically less structured yet will need validation before reporting to regulators. Therefore, I believe we'll see a growing focus on enterprise data management and investment in those technologies, which will make that process less onerous and more secure."
This is a new requirement for MiFID firms and will require them to demonstrate in detail how they are setting research budgets and delivering the best value to clients. In the eyes of the FCA, it will not be sufficient for the buy-side to simply say that this is what they pay for commission, therefore that is what next year's budget will be based on.
"That does not meet the requirements under MiFID II. Firms are going to need to figure out what they need and have a separate budget. Understand your needs now and go through that discovery process before you start to contract with different research providers.
"We speak to fund managers who are at all different stages of preparedness. Few global firms are still at an early stage of the process. Larger institutions need to work with their legal teams on new service level agreements to negotiate with their multiple service providers, alongside communicating with their end investors. One industry body that we spoke to recently estimates that 2.5 million contracts that need to be rewritten, with respect to research," explains Vicky Sanders, co-founder of London-based RSRCHXchange, a leading institutional research platform.
Towards the end of 2016, RSRCHXchange ran a survey, in which one of the questions asked: "When does your firm plan to be compliant with MiFID II rules on Research Unbundling?"
With respect to hedge funds, the results were as follows:
Q4 2016: 9.1%
Early 2017 2.5%
Start of 2018: 13.6%
In brief, there are seven practical steps to research unbundling that fund managers can consider:
- Set a needs-based budget;
- Implement controls
- Identify research (ie only pay for content that meets ESMA's definition of research);
- Block free inducements;
- Record consumption;
- Evaluate quality;
- Unlock the research market.
Firms will also be required to demonstrate best execution, again to prove to the regulators that they are acting in the best interests of their clients.
However, in Article 27 of MiFID II there is no single way to determine best execution.
"Even though they've strengthened the language from `reasonable' to `sufficient', investment firms must have a strong, demonstrable and documented process in place for measuring best execution, however, the regulation is not prescriptive and does not specify the steps needed to achieve the standard," says Allan Goldstein, CFO, COO and CCO of New York-based Trade Informatics.
He advises fund managers to put in place a policy that allows them to measure their counterparties both qualitatively and quantitatively and review it periodically, making adjustments as they see fit.
"Once you have a process in place, you'll then be able to marry the transparency that you're gaining from research unbundling to your process for measuring the effectiveness of your counterparties. You'll then start to better understand who, among your counterparties, is truly accretive to your overall investment process," adds Goldstein.
Watertight service contracts
One final compliance consideration is to re-appraise one's vendors and make sure that they understand MiFID II, such as the turnaround time on reporting, retention periods for data and so on.
"If you think about the stringency increase under MiFID II on communication disclosure and transparency that firms are going to have to have with their clients, that same level of stringency equally needs to apply to the vendors they use," says Ralph.
This is all about ownership. Under MiFID II, the buy-side will be required to take more detailed approaches to the way they manage their business processes; they can't just rely on the sell-side.
"In Q3 and into Q4, I would expect the sell-side to deluge the buy-side with repaperings," remarks Leonard Ng, Partner at Sidley Austin LLP. "Imagine if out of 100 brokers you use, 60 are based in the EU. That means 60 repapering exercises. A lot of investment banks' terms of business are based on what MiFID I required 10 years ago, so is going to be a huge amount of change given what MiFID II introduces, as well as new commercial realities of trading."
The good news is that plenty of service providers and vendors are working hard to support their clients through this difficult phase of readjustment.
Yau's role as regulatory legal counsel at Advise Technologies is to help get the rules correct, in terms of the business intelligence then goes into the solutions it builds.
"I am part of the Best Practices group, composed of attorneys, fund accountants, etc. Based on conversations within our group, as well as with asset managers and regulators, we gather industry knowledge and share it with our clients. We aren't just a vendor, we try to always provide practical industry insights where possible. And MiFID II is no exception," concludes Yau.