Many firms were wondering when the first fine for MiFIR transaction reporting breaches would be levied by the FCA, so it might have come as a surprise to see a fine for a breach under the previous MiFID transaction reporting regime. We have seen strong signals from the FCA that it is disappointed with quality of some of the transaction reports it receives and it has been tireless in explaining that complete and accurate transaction reports are essential to monitor for market abuse effectively.
Despite these warnings, some might have been thinking that the FCA was too occupied with Brexit to take enforcement action for transaction reporting breaches. The latest fine, at £27.6m after a 30% early settlement discount, is over twice as large as the previous fine for MiFID transaction reporting and should leave firms in no doubt that the FCA will continue to take a hard line with reporting breaches of both the MiFID and EMIR variety. Many may be left considering what they should be doing to make sure they’re not the next subject of enforcement action.
What failings did the FCA identify?
Purely in terms of numbers, between 5 November 2007 and 24 May 2017, the firm:
- Failed to report 3,658,423 transactions;
- Inaccurately reported 83,074,015 transactions, and
- Erroneously reported 49,152,274 transactions.
These look like very large numbers, but they have to be taken in context: In the period in question approximately 1.8 billion transactions were reported. This implies that the FCA didn’t raise any issues for approximately 1.665 billion transaction reports, or 92.5% of the submitted reports. It would be interesting to know how many senior managers are confident their firm is reporting more than 92.5% of its transactions correctly. Of course, they should be aiming for 100% complete and accurate reporting, but it is possible that many senior managers don’t actually know their accuracy rate.
Systems and controls
Of course, it isn’t just a numbers game. The accompanying Final Notice highlights a lack of sufficient systems and controls. In particular, the FCA stated there was a breach of Principle P3 by:
- Failing to have adequate systems and controls to ensure that reference or ‘static’ data used for various mandatory fields in the transaction reports submitted to the authority were complete and accurate;
- Failing to have in place adequate change management controls to manage changes affecting transaction reporting processes and systems, and
- Failing to undertake appropriate testing to ensure the completeness and accuracy of transaction reports.
It is particularly interesting to note the criticisms in the Final Notice of the control framework calling out that it “did not adequately test and reconcile the completeness and accuracy of all transaction reporting data from its front office systems to the ARM reporting to the Authority.”
Lessons to be learned
The obvious lesson is that the FCA is actively enforcing transaction reporting. If your firm does not have adequate systems and controls in place or doesn’t even know how good (or bad) its reporting is; you could be at risk.
Interestingly, in reference to the weakness of the reconciliation and testing controls, the notice called out the “periodic, sample based” nature of them. The limitations of sample testing and the false confidence that it provides has been one of the root causes of many a fine. At Kaizen, we provide quality assurance testing on all transaction reports and our reconciliation service tests all trades in the front office systems, determines whether they should be reported, and only then reconciles against the reports submitted to the regulator. We can also advise on the control framework, test all reference data (including ISINs, counterparty LEIs and for natural persons) and provide training on the regulatory requirements.
Firms need to react
When issues are identified by the FCA the clock is ticking. Firms should take any issue identified by the FCA as a trigger to not only investigate the issue raised but to look across all of its reporting to make sure it is correct. Flushing out issues quickly is critical in maintaining the confidence of the FCA. The industry is littered with examples of firms that have completed reviews and improved procedures only to have issues found many months and sometimes years later.
Senior Managers liable
The Senior Managers and Certification Regime (SMCR) has increased the reporting risks by making senior managers personally liable for transaction reporting controls. The SMCR is soon to extend to all core firms at the end of the year. Firms and their senior managers need to examine the systems and controls they have over transaction reporting and ask themselves whether they truly understand whether they are meeting the FCA requirements or whether they could be potentially next in line for enforcement action.
If you have any doubts whether your reporting and controls are up to the required standard, we can help. We have a proven track record in helping firms tackle their transaction reporting issues and risks head on – and helping them to avoid censure.Our ReportShield™ quality assurance service provides everything you need for reporting assurance including a bespoke control framework, quality assurance testing, reference data testing, reconciliation and training.
Please contact us for a discussion with one of our regulatory experts to find out more.