The FCA has identified that there are still transaction reports that are being submitted incomplete and inaccurate. Although there has been an improvement in data quality since 2018 which has continued in a positive direction as more firms are acting to improve their transaction report data quality, there is more work to be done by firms. The root causes of these issues usually relate to weaknesses in change management, processes and design, data governance, control framework and governance, oversight and resources. The FCA’s themes of concern are covered in detail below, noting that the FCA has observed a chain reaction between these areas (i.e. a weakness in one area can spread to others).
| Themes | Examples of issues | Recommendations |
|---|---|---|
| Control framework | • Poorly designed reconciliation processes. • Conducting reconciliation on specific fields only or irregularly. • Controls not reviewed or updated when processes evolve. • Firms excluding services/data from third parties from their control and reconciliation framework – causing gaps in monitoring and limits firms identifying issues caused externally. | • Firms to understand the end-to-end transaction reporting process. • Ensuring arrangements are in place to ensure transaction reports are complete and accurate – including having a control framework falling under the firm’s transaction reporting process. |
| Reporting process and logic design | • Incorrect interpretation of regulatory requirements and development of reporting logic e.g. input from first and second lines of defence within entities are limited in the design process. Unclear implementation of the transaction reporting process | • The FCA advised firms to be aware of Article 22(2)(b) of the MiFID Org Regulation – firms are to set up and maintain a permanent and effective compliance function that is independent and responsible in advising/assisting the persons responsible for carrying out investment services and activities to comply with the firm’s (UK) obligations. • Consideration of ad-hoc resource assignment and unclear deliverables which can lead to manual processes that cause further reporting issues. |
| Change management | • Poor change related practice. • Insufficient documentation for change management e.g. key decision records. • Change processes are outsourced to third parties and there is inadequate monitoring of the third party’s deliverables. • Absence of transaction reporting subject matter expertise (SME) within firm. • Staff turnover and absences – particularly where there are key staff dependencies. | • Use of business analysis and systems and data mapping before regulatory changes commence. • Creating new business and function requirements and reporting systems including pre- and post-deployment testing and sign-off. • Keeping records of key decisions. • Better oversight of third parties and management of information. • Have clearer policies and procedures in dealing with absences of key staff members and overall, on change management. |
| Data governance | • Collection of data in their reporting processes from various sources – can lead to fragmented data owners, data access and storage issues, procedural inefficiencies and increasing error, for example: o Encrypted data flowing from systems holding personal information and resulting in national identifiers to be misused and unidentifiable. o Incorrect data being sourced from inaccurate or outdated mapping or data tables. • Insufficient documentation on data lineage – can undermine data integrity used in transaction reporting. • Poor record keeping – can undermine a firm’s ability to audit records and correct historical transactions. | • Removal of disconnect between data management and regulatory reporting e.g. having data dictionaries and data lineage documents that explain how data elements are used and where necessary, upgraded. • Better identification of source data – will improve the identifiability of reporting breaks and remove business flow blind-spots. • Better record keeping and procedures in place. • Adequate security and change management of personal information. |
| Governance, oversight and resourcing | • Prioritsation of financial risk management at the expense of non-financial risk – leads to weaknesses in the measurement/management of risks associated with transaction reporting. • Lack of management information processes can create monitoring issues for senior management eg. senior board members may be prevented from understanding the regulation/operational risks from reporting issues. | • Firms to understand that transaction reporting is an operational, compliance and reputational risk. • Having in place a formal Compliance Risk Assessment process and SME providing guidance on transaction reporting matters. • Firms to have clear organisational structures, reporting lines, functions and responsibilities. • Managing exceptions and report transactions on time and not |
How can TRAction assist?
If you need assistance in understanding the MiFID regulations and how this may impact your firm, or are experiencing issues with your trade reporting, data quality or issues relating to the root causes as we have described, please get in touch with us.
