Much has been written about MiFID II but new research amongst Compliance Officers and IT Directors published this week reveals that the UK’s financial services firms remain unprepared for the revised MiFID legislation which will come into force in January 2018. What’s the holdup, and how can you make sure your call recording is MiFID II compliant?
The latest MiFID II readiness survey suggests that many compliance and IT decision-makers within large financial services firms feel that, although they understand the revised legislation, they are unsure of the practical detail, knowledge and planning needed to achieve compliance. This would go some way in explaining why over a quarter of surveyed businesses do not yet have the technology and infrastructure in place to meet compliance standards under MiFID II.
If this is true for enterprise firms, where does this leave medium-sized wealth firms with more limited resources, let alone those that weren’t previously captured by MiFID but now have to comply?
Compliance for the Midsize Firm
Whilst the study, positively, finds that at least 30% of large financial services firms have started to gear up for MiFID II with budget allocations and newly devised policies and procedures, firms with 200 – 2,000 employees may well be lagging behind, stuck in detailed gap analysis and policy development.
Interestingly, only 10% of survey respondents are currently communicating with partners and suppliers about their preparations for MiFID II compliance. This could easily be a missed opportunity for midsize organisations, too. After all, some of the experts you already work with could help you fit a number of pieces in the compliance jigsaw, especially when it comes to implementing technology solutions that support your new compliance processes.
One of the many revised obligations to which you will need to adhere includes extensive trade call recording. Your business communications provider should be a good port of call to get support on your call recording review and ensure compliance ahead of the implementation deadline.
Uncertainty around Consequences of Non-Compliance
True for all elements of the MiFID II legislation, non-compliance could easily result in penalties by the regulator as of January 2018. It is no secret that infractions under MiFID I frequently inflicted heavy penalties on financial services firms and that this is expected to continue. However, we can’t be sure of the exact financial penalties that will be applied (despite the suggested numbers you may see around) until the new regime has been fully transposed into UK law. Luckily, compliant call recording is easily attainable if you work with an experienced strategic solutions partner.
As far as our customers are concerned, we’re already helping them to prepare, notably by planning and implementing their call recording strategies and solutions in the face of MiFID II or by upgrading their existing call recording solutions.
We partner with Red Box Recorders, specialists in compliance communications recording, to make sure your voice recording solution achieves the right outcomes from a compliance and business perspective.
If you already have a recording solution in place, it’s time to review whether it can stand up to the stringent requirements of MiFID II, namely
1. Recording scope
You may need an upgrade in order to record all communications across channels and devices, including digital and mobile communications. On this note, don’t forget to check on your corporate mobile phone contracts and establish if your current provider can supply a suitable recording solution. If not, you need to understand any contractual obligations upon switching supplier.
2. 5-year data retention
You will likely need to enhance your data retention capacity to store recording data for the period of 5 years and in some instances 7 years. This is a tricky one because it is hard to predict the exact volumes of data you will amass over time. Scalability is therefore key and points toward a cloud-based solution that flexes in in step with your needs.
3. Accurate event reconstruction
Upon request by a regulator, you will have to be able to reconstruct client conversations quickly and accurately. That means data search, analytics and reporting tools are indispensable.
If it isn’t failsafe already, you may need to build resilience into your call recording solution to safeguard continual, uninterrupted compliance. Resilience applies on two levels: your call recording solution needs inbuilt monitoring to flag any anomalies such as missing or faulty records and it needs to support automated failover in the event of a technical outage.
5. Ongoing management and testing of the recording process to ensure compliance
A managed service in addition to the solution could be a worthwhile investment to ensure continuous system performance and maintenance, especially if you struggle to provision sufficient resource for the day-to-day management of your communications estate.
Finally, training your Risk & Compliance Managers and IT staff on your call recording should help to build knowledge of call recording storage, record retrieval and event reconstruction.
If you feel a little stuck with your call recording review, get in touch with us on 01483 242526 or the team over at Red Box and we’ll lend a hand. Whilst the deadline for implementation is fast approaching, there’s still time to get it right.