Compliance is an area within financial services that has changed dramatically over the past decade. We have seen regulatory implementations fundamentally change how firms today operate. There has also been an influx of new financial (FinTech) and regulatory technology (RegTech) firms delivering innovative ways of solving common problems. As a result, the role of compliance has transformed from being regarded as a cost-centre and box-ticking exercise, into a top priority and c-level concern.
As we approach the end of a decade of significant regulatory change, Matt Smith, CEO of SteelEye, highlights six key trends, opportunities and challenges we expect to see as 2020 unfolds:
1. Monitoring and oversight remain top priorities
In December 2019, we saw the introduction of the Senior Managers and Certification Regime (SMCR or SM&CR) for all Financial Services and Markets Act (FSMA) authorised firms. In preparation, financial firms across the board deployed various solutions, built in-house or outsourced, to manage their compliance.
In 2020, we will not only see market participants getting to grips with the practical elements of SM&CR, but we will also start to see a shift in firms’ priorities, away from process and towards monitoring and oversight.
"We will start to see a shift in firms’ priorities, away from process and towards monitoring and oversight."
Considering the fundamental change in the personal accountability of senior managers introduced by the new regime, firms are going to want the ability to not only monitor that their systems are working, but that everyone is adhering to the conduct rules.
As SM&CR beds in we expect to see the regulator putting higher demands on firms to demonstrate oversight. And this doesn’t just apply to SM&CR but across the board, with continued regulatory scrutiny on Market Abuse Surveillance under MAR (Market Abuse Regulation) and MiFID II. A key priority for all firms in 2020 will therefore be to execute on their oversight obligations and implement systematic capabilities that can effectively monitor interactions and transactions.
Following on from SM&CR, we will see the first phase of the Securities Financing Transactions Regulation (SFTR) come into force in April for credit institutions, investment firms and relevant third country firms.
As with most regulations, SFTR will require firms to deep dive into the requirements and make sure they have the correct processes to effectively comply. Specifically, they must ensure they can bring together all relevant data, build and validate their SFTR reports and send the reports to the regulator within the required timeframe. However, with the new validation rules and SFTR XML schemas only being published on the 31st of October 2019, this doesn’t give firms a huge amount of time to prepare. And with the complex array of systems, platforms and data sources used by financial firms today, regulatory reporting can be prohibitively difficult, especially for smaller firms with limited resources.
"With the new validation rules and SFTR XML schemas only being published on the 31st of October 2019, this doesn’t give firms a huge amount of time to prepare."
If firms are not able to easily bring together, query and export their data from a range of sources, SFTR compliance will be a significant challenge. But if firms get the data part right, it will be easy for them to not only meet their SFTR obligations but also future proof themselves for new regulations.
3. Increased focus oN data accuracy
Following the implementation of MiFID II there was a plethora of accompanying data challenges. For example, just in the first year over 1,000 investment firms reported having misreported their transactions.
When the directive came into effect in 2018, the regulator was somewhat forgiving on data accuracy – allowing firms some leeway to get their houses in order. In 2019 on the other hand, the regulator increased its scrutiny of reporting quality, and we saw the FCA starting to hand out hefty fines for non-compliance, something only set to intensify in 2020. For UBS and Goldman Sacs, this resulted in fines totalling £27.6 million and £34 million respectively for misreporting .
It is no longer an option for firms not to prioritise their data quality. Poor data management practices also mean that compliance not only becomes time consuming and extremely costly, but an ever-increasing business risk. As firms start to recognise this, we will see more focus on data management. In 2020, firms should be focussing on putting in place technologies that allow them to optimise operations, reduce costs and improve data quality.
"In 2020, firms should be focussing on putting in place technologies that allow them to optimise operations, reduce costs and improve data quality."
We will not only see firms reviewing their data management processes but also evaluating their entire compliance set-up front to back in 2020.
In the lead up to MiFID II, many firms scrambled to find solutions, doing what they needed to comply. Now that more firms have a better understanding of the regulation, they can make better decisions. Add to that the continued pressure on margins across the industry and we are seeing more and more firms turning their attention to how they can gain more value from their compliance processes and data.
"Now that more firms have a better understanding of the regulation, they can make better decisions."
As a result, we are seeing a shift in the approach to compliance spend. Firms are recognising that they need to increase short-term investment to achieve efficiencies and synergies in the long-term.
This goes hand in hand with the changing role of compliance. Looking back just 10 years, compliance was very much regarded as a box-ticking exercise and therefore low on the priority list for innovation and new technology. Due to the increasing reputational, operational and financial implications of non-compliance, and the recent regulatory implementations like SM&CR which hold executives personally & legally accountable, compliance has now shifted to become a top priority and c-level decision.
Firms are moving away from buying solutions that fill short-term needs and are looking to invest in compliance innovation. A great example is ING’s RegTech Lab headed up by Ian Hollowbread. The ING RegTech Lab looks at how we can digitalise regulatory process to enhance compliance and pro-actively protect the financial system at large.
"Firms are moving away from buying solutions that fill short-term needs and are looking to invest in compliance innovation."
As firms look to prioritise compliance innovation and their fundamental compliance and data management processes, we are likely to see firms investing more in compliance in 2020 than ever before.
We are not only seeing a change in attitudes from the market participants but also from the regulators and policy makers. It is no secret that MiFID II has received a wealth of critique since its implementation. Whilst we have yet to see major reform to the rules, the policy makers at the European Commission have announced that they will be reviewing potential tweaks to the legislation in relation to costs, the distribution of market data, investor protection rules and research for small companies.
"Policy makers at the European Commission have announced that they will be reviewing potential tweaks to the legislation."
A repeated criticism of MiFID II is that the increased transparency has produced little benefit for market participants. With a regulatory review of market data distribution, we are hoping that we will see increased pressure on players such as Approved Publication Arrangements (APAs) in 2020 to make trading data available to the market 15 minutes post execution as the regulation & law stipulates.
How market participants can benefit from regulations like MiFID II is a discussion that will continue in 2020 as the market as a whole understands the value that things like data transparency can bring.
Looking at the RegTech sector, we have seen an influx of new FinTech and RegTech firms over recent years, but we have also seen a lot of consolidation. Just in 2019, we saw RegTek become acquired by Bloomberg and Fonetic acquired by Voxsmart. We also saw the formation of new strategic partnerships, such as Rimes and Soteria coming together to offer a more compliance consolidated solution. Looking ahead, we will likely see some new start-ups in 2020, but we expect the consolidation trend will continue as the larger players struggle to compete with the agility and speed of change that start-ups offer.
"We expect the consolidation trend will continue as the larger players struggle to compete with the agility and speed of change that start-ups offer."
As we enter 2020 one thing is clear - those firms that did not take the regulations seriously in the past will start to see the regulators becoming unforgiving as they crack down on data accuracy, oversight and compliance. That said, the regulator remains open to collaboration and working with market participants - as long as efforts have been made and can be demonstrated.
Firms can no longer hide and need to come to terms with this new regulatory landscape - embracing the opportunities it can present. With SM&CR bedding in and SFTR coming into force, a key focus for firms moving into the new year will therefore be to review their compliance procedures and processes alongside assessing their data management needs.
"A key focus for firms moving into the new year will be to review their compliance procedures and processes alongside assessing their data management needs."
It is encouraging to see that firms are coming around to the benefits that compliance can bring and that investment in innovation is increasing. 2020 is looking bright and we expect to see a huge amount of change within this space as firms strive to improve their operations and optimise their performance.
STEELEYE LIMITED, A COMPANY REGISTERED IN ENGLAND AND WALES WITH COMPANY NUMBER: 10581067, VAT NUMBER: 260818307 AND REGISTERED ADDRESS AT 55 STRAND, LONDON, WC2N 5LR.