Next year will be one of the biggest for compliance deadlines.
Alongside the requirements of the General Data Protection Regulation (GDPR) – which provides updated safeguards for customer data – the second Markets in Financial Instruments Directive (MiFID II) comes into force on 3 January 2018.
MiFID II will have a massive impact on the financial services sector. One of the main areas of change is around call recording, with the directive stipulating that anyone involved in the advice chain for an intended trade must record and retain their mobile communications for five years.
For all companies involved in MiFID II, there are several steps that will have to be taken before, during and after the January deadline – and varying skills will be required at each point.
Some businesses will already have a compliance programme in place that has to be updated to comply with MiFID II, while others will have to implement a formal compliance initiative. The challenge will be greater for those implementing call recording for the first time. There are also considerations around company size, as smaller firms may not have dedicated compliance officers.
For companies facing overlapping compliance projects, such as GDPR and MiFID II, it’s important to look at what planning activities have taken place already and then what can be combined.
The stages of preparation
The very first step involves an audit of the regulation to know exactly what’s required. From a skills perspective, compliance experience is the number one priority.
The individuals involved in compliance planning need to look at the processes that are currently in place and where data has to be captured.
The second step is looking at how to manage customer consultations. Any records that might influence a trade have to be kept, and businesses must build up an understanding of how these records will be saved and how they can be accessed when required.
Firms may also have to enforce rules on not communicating with clients through encrypted channels such as WhatsApp.
Making sure the changes continue to work across the business can be the most difficult part.
The main challenge is ensuring that compliance requirements don’t get in the way of how people actually work. For traders, compliance processes around their interactions with clients may have an impact on their daily working habits.
For example, does the call recording system require the trader to do anything different to ensure their calls are recorded? One way to avoid the need for training and mitigate user errors is to make sure all calls are recorded automatically.
As with any project, it’s also key to explain why changes are being made to those affected by them.
Make sure it’s working
A final consideration is reporting and monitoring. It’s important to demonstrate that compliance is being adhered to and is operating correctly. By planning ahead, companies can make the right use of new technologies and avoid any potential issues before the regulations come into full effect.