‘Gray Areas’ Remain in ESMA's MiFID II Guidance

The European Securities and Markets Authority (ESMA) released guidance in October for implementing technical requirements of the updated Markets in Financial Instruments Directive (MiFID II). The guidelines on order record-keeping, transaction reporting and time synchronization clock in at just under 300 pages, and are full of specific examples and detailed instructions.

The guidelines for investment firms, venues and Approved Reporting Mechanisms (ARMs) are intended to leave no potential loopholes, says Fran Reed, regulatory strategist at FactSet. "Through extensive use of examples, ESMA makes it clear how requirements must be met. At a high level, regulators really care about risk—and more specifically, prevention of systemic risk. How risk affects the market, how people react, how they trade—this all matters. So ESMA has to be very specific about how to implement these rules. They can't be fuzzy, because people won't understand what to do, or they will find loopholes and workarounds," Reed says, noting that ESMA spends 270 pages trying to avoid this from happening.

Outsourcing Fears Addressed

One of the main concerns that ESMA partially addresses in the document is around outsourcing, says Zach Johnson, a director in the regulatory consulting team at corporate advisory firm Duff & Phelps. "Some large firms have their own central reporting hubs in place to report to competent authorities, and they will be generating reports for all entities in their group who themselves have reporting obligations," Johnson says. "There was concern that this might lead to such firms needing to be registered as an ARM, in which case there would be a flood of firms suddenly gaining ARM-like status. ESMA has pretty much confirmed that it's not its intention to classify these firms as ARMs, as it does not consider this activity to be an outsourcing arrangement, which will be a huge relief to a large number of sell-side firms."

The guidelines also seek to reduce the number of transactions that firms will have to report for certain kinds of OTC derivatives, Johnson says. For instance, an equity swap will have two legs and can now be reported as a single transaction, instead of as two transactions linked using a complex trade identifier, as was previously required.

But further clarification may be needed around identifying the ultimate underlying instrument where there is a derivative on a derivative, for example.

There is the potential for a large number of transactions to not be reported because they are deemed out of scope. It opens up a potential gray area Zach Johnson, Duff & Phelps

"Under previous guidance, the idea was that you would look through to the ultimate underlying and identify the underlying company to determine if that derivative was in scope or not. ESMA says in the guidelines that you can just look down one level to the direct underlying; you don't have to look down to the ultimate underlying," which calls into question the requirement to report certain derivatives, Johnson says. "For example, an option on an American depository receipt (ADR) on a UK-listed pharmaceutical company: this company is clearly traded in Europe, and therefore that whole transaction would be reportable. But if you just stop at the ADR, that in itself may not be traded in Europe. There is the potential for a large number of transactions to not be reported because they are deemed to be out of scope, even though they are material and very valuable to regulators when looking for potential market abuse. It opens up a potential gray area that I'm not sure ESMA intended."

Zach Johnson, Duff & Phelps

ESMA provides detailed guidance about "concats"—identifiers for individuals such as traders and "decision-makers" composed of personal information, such as passport numbers and dates of birth. It has also provided an exhaustive list of the kinds of surname prefixes prevalent across Europe, such as "van der" or "Mac" to keep concats standard across the industry, since multiple firms will generate identifiers for the same individual.

"They went into quite a lot of detail about the concat field, which is quite complex. It's a very important field because ESMA is reliant on being able to identify the people that have touched the trade in order to prevent market abuse," says Andy Green, global head of business development at Risk Focus. "ESMA has done a good job in going right down into the detail, because ultimately the regulator lives and dies by what is populated in those identifier fields. Something as seemingly trivial as concat becomes fairly major to get correct."

We could end up with three massive pieces of regulation happening between October and January, basically within four months … [which] is unprecedented in regulatory history
Andy Green, Risk Focus

With MiFID II, ESMA has greatly expanded on its predecessor, widening its scope to more asset classes and thus including types of firms that were previously unaffected, such as those dealing in complex instruments with sophisticated strategies and processes, making it impossible for the regulator to address every possible scenario in these guidelines. In fact, the level of detail means some market participants believe this could be the last guidance from ESMA before MiFID II goes live in January 2018, Johnson says.

Full Steam Ahead

While some areas may need clarification in future, there's no time for firms to wait on this, says Simon Appleton, also a director in the Duff & Phelps team.

"Firms need to have changed their client take-on processes so that they can capture, for example, UK National Insurance numbers or passport numbers for different countries. Firms are running out of time if they haven't got all of this static data up and running to be able to be reported correctly in just over a year's time," Appleton says. "MiFID II is quite daunting in the sense that we are going from two asset classes—equities and credit—to five asset classes; and from 24 data fields in each transaction report to 65. And the related static data elements—around clients, counterparties, venues, short-selling flags, instrument reference data—are large components of the project. There is lots of work to be done, and some of these requirements will need big project teams. I know some of the large investment banks will have over 100 people working on this."

Green points out that MiFID II may not be the only regulation that firms have to worry about in the 14 months that remain before it takes effect. Not only has the US Securities and Exchange Commission pushed back the deadline for security-based swap data repository registration to April 2017, there are also concerns that the rewrite of the regulatory technical standards of the European Market Infrastructure Regulation (EMIR) will be delayed, he says.

"We could end up with three massive pieces of regulation happening between October and January, basically within four months," says Green. "Having to complete that amount of diverse work in such a short period of time is unprecedented in regulatory history. Especially as the UK Financial Conduct Authority, ESMA and other national competent authorities have made it crystal clear that MiFID II is an extension of MiFID I and there will be no leeway as there was with EMIR."