The European Securities and Markets Authority (“ESMA”) has recently published a consultation paper on the compliance function requirements that are set out in the revised Markets in Financial Instruments package under MiFID II. In ESMA’s view the compliance function is “a crucial function within firms, responsible for identifying, assessing, monitoring and reporting on the firm’s compliance risk, i.e. the risk that a firm fails to comply with its obligations under MiFID II.”
MiFID II requires investment firms to have a robust governance framework and requires firms to implement a series of systems and controls with a clear organisational structure and lines of responsibility, and effective risk management and compliance processes. This includes policies and procedures to ensure regulatory compliance and the establishment of a permanent, independent and effective compliance function.
Under MiFID II the role of the compliance function is expanded in relation to certain specific topics, such as:
- new and specific responsibilities in relation to MiFID II’s product governance requirements under Article 9(6) and (7) and Article 10(6) and (8) of the MiFID II Implementing Directive;
- the compliance function may also operate as the complaints management function of the firm (Article 26(3) of the MiFID II Delegated Regulation);
- the compliance function shall also advise the management body of the firm on the firm’s remuneration policy (Article 27(3) of the MiFID II Delegated Regulation).
The draft guidelines promote a risk based approach as the basis for determining the appropriate tools to be used by the firm’s compliance function, as well as the extent of the firm’s compliance monitoring programme and the frequency of monitoring activities performed by the compliance function.
According to articles 22(2)(c), 22(3)(c), and 25(2) and (3) of the MiFID II Delegated Regulation suitable tools monitoring activities are, inter alia, the mandatory compliance reports. In the draft guidelines ESMA states that additional tools could be used by the compliance function including (but not limited to):
(a) the use of aggregated risk measurements;
(b) the use of (additional) reports warranting management attention documenting material deviations between actual occurrences and expectations (exceptions report) or situations requiring resolution (issues log);
(c) targeted trade surveillance.
ESMA is seeking feedback on its proposed re-organisation and content of the draft guidelines, including whether further clarification is needed on certain aspects. The consultation runs from the 15th July 2019 to the 15th October 2019 and ESMA intends to publish its final guidelines in Q2 2020. The final guidelines will replace ESMA’s guidelines that were issued in 2012 under MiFID I.
Sign up for a free trial of our MiFID II Self Service Transaction Reporting here.