The FCA has published observations of their supervision of the UK MiFID transaction reporting regime in Market Watch 82. It discusses:
- remedial timelines,
- back reporting and
- breach notifications
on trade reporting, advising firms to consider if these should be integrated into existing processes.
Operational frameworks should be improved given persistent inefficiencies the FCA has observed. We discuss below the themes they have focused on, along with some case study examples the FCA has provided.
Remedial timelines
Remediation varies given the scale and complexity of the issue at hand, along with the operational capability of firms. The FCA explained that although some issues may take time to remediate if complex, other matters should be dealt with quickly to avoid further risk exposure. Firms are expected to be proactive and transparent throughout their remediation process.
The FCA has found that the common root causes behind delayed remediation include:
- Internal processes involving lengthy hierarchical decision making, siloed teams and fragmentation of task ownership.
- Insufficient assigning of resources towards remediation and resolution.
- Inability to identify and tackle root causes, instead focusing on symptoms of reporting issues.
- Compliance culture within a firm being reactive and weak governance structures (lacking accountability and not prioritising remediation).
Back reporting
Back reporting is how firms correct inaccurate and incomplete transaction reports. However, if this process is delayed, data remains questionable, thus restricting the FCA’s ability to detect any market abuse. The FCA have provided some case studies in which they differentiate between ‘protracted remediation’ and ‘delayed back reporting’ – see below examples of the themes focused on:
- Crystallised compliance risk: Firms may correct an issue however, in doing so, may also fail to correct historical reports, showing poor compliance oversight and weak internal controls.
- Internal governance weakness: Poor prioritisation and structured sequencing in addressing reporting issues highlight flaws in governance and operational management in firms.
- Data access and infrastructure restrictions: Reporting may be delayed given inaccessible data after a system migration which further highlights issues with data governance and retention.
- Impact on Business-as-Usual (BAU): Firms may underestimate the impact of back reporting on their resourcing, thus affecting their daily operations. They will have to create a separate back reporting workflow with appropriate staffing, to eliminate the pressure on their BAU.
Breach notifications
The FCA have stated that breach notifications are crucial in data quality. They expect these to clearly describe:
- the issue,
- its root cause and
- any gaps or weaknesses which may have been involved in processes, controls and governance.
In Q1, the FCA received 241 breach notifications and they have summarised their observations and best practices below:
| Issue observed | Clear notifications | Unclear notifications |
|---|---|---|
| Issue description | 83% | 17% |
| The FCA’s best practice is to detail the nature of the issue e.g. misreporting, under reporting or late reporting. Descriptions should be relevant, succinct and not refer to internal firm systems. | ||
| Issue observed | Clear notifications | Unclear notifications |
|---|---|---|
| Root cause description | 76% | 24% |
| For more information on root cause themes, see our article on Market Watch 81 here. | ||
| Issue observed | Notifications with exact detail | Approximations provided | Not provided |
|---|---|---|---|
| Impacted Transactions | 85% | 8% | 7% |
| Relevant period | 74% | 21% | 5% |
| If this information is not available at the time of submission, firms should explain this in the notification and not delay submission. If an assessment is ongoing, firms should advise when the assessment will be completed as well as details/ figures as being exact or approximations. | |||
| Issue observed | Notifications with exact detail | Approximations provided | Not provided |
|---|---|---|---|
| Back reporting planning | 76% | 9% | 15% |
| This section should not be left blank. Insight on reporting timelines should be provided. | |||
| Issue observed | Notifications with sufficient detail | Notifications with insufficient detail | Not provided |
|---|---|---|---|
| Details of governance committee awareness | 80% | 18% | 2% |
| Details on committees, the forum or person the matter has been escalated to should be provided. | |||
| Issue observed | Notifications with sufficient detail | Notifications with insufficient detail | Not provided |
|---|---|---|---|
| Details on weaknesses in systems & control | 66% | 31% | 3% |
| Details of plans to address issue | 75% | 16% | 9% |
| The connection between the reported issue and the root cause should be demonstrated by firms. General feedback on the overall improvement of processes and controls of one’s firm should be avoided. Rationale should be provided if this section is not applicable. Where firms are of the view that the weaknesses are due to their third-party vendor, they should consider if any specific controls and oversight by the vendor would have alleviated or prevented the trade reporting issue from occurring. | |||
The FCA concluded with:
“We will continue to monitor the quality of breach notifications closely and to that end we introduced a quality flag as part of our case management and record keeping.”
How can TRAction assist?
If you have any questions in relation to trade reporting or how to improve your internal processes, governance and controls for efficient and accurate trade reporting and remediation please contact us.
