Even by recent standards, 2018 should be quite a year for regulation. How will those on the data management front-line ensure compliance with EU Benchmarks Regulation, MiFID II, FRTB, GDPR or PRIIPs in a cost-efficient way?
MiFID II has dominated data management for regulatory compliance throughout 2017 and will continue to demand attention in 2018 as we move into the new world order.
But the directive isn’t the only large and potentially burdensome regulation for firms to consider.
Accompanying MiFID II at the start of January will be the EU’s Benchmarks Regulation and Packaged Retail and Insurance-based Investment Products (PRIIPs), both coming into effect as of 1st January, preceding MiFID II’s compliance deadline of 3rd January.
The Benchmarks Regulation looks to ensure the accuracy and integrity of benchmarks by improving governance and controls over the benchmark process; improving quality of input data and methodologies; ensuring contributors are subject to adequate controls; and providing greater transparency and adequate rights to redress to protect consumers and investors.
PRIIPS requires providers of retail investment and insurance products to provide consumers with Key Information Documents (KIDs) containing clear information on every product they promote.
The data management requirement is considerable, leading some firms to review their product ranges, and many to consider working with third-party services that support the production and distribution of KIDs.
Watch video — MiFID II Market Readiness Report – Will the market be ready?
General Data Protection Regulation (GDPR), a broad and all-encompassing data privacy blanket covering EU citizens, follows on 25th May.
Requirements include gaining consent to process personal data, notifying authorities and individuals of data breaches, and ensuring individuals’ access to data, in addition to their right to have data deleted provided there are no legitimate grounds for keeping it.
To achieve GDPR compliance and avoid the huge penalties of non-compliance — fines of up to 4% of annual group turnover — financial institutions need to establish a clear understanding of the personal data they hold and its purpose. They must put in place processes to destroy data across the organization when it no longer has a purpose.
The consequences of this are not only a considerable data management challenge, but also the unforeseen and unhelpful consequences of a reduction in client data that can be used for business analytics and determining product plans.
Holistic data approach
The Fundamental Review of the Trading Book (FRTB) is also on the agenda for next year, although its deadline is in 2019.
FRTB introduces stricter rules for the treatment of market risk and addresses some of the weaknesses of the current framework. The scope of this regulation is global and covers rates, credit, FX, equity, and commodity asset classes.
The UK’s Prudential Regulation Authority (PRA) has already asked banks planning to use the internal model approach, which in most cases allows a lower capital holding than the standard model approach, to submit their plans to a PRA working group in 2018.
Watch video — How can you turn MiFID II compliance from challenge to opportunity?
With regulatory demand at an all-time high in 2018, a holistic approach to compliance becomes a ‘must do’ rather than a ‘nice to have’.
It means infrastructure must be rationalized at the data level to provide a more efficient, and less costly, response to multiple regulations.