Five rules to cope with the radical changes Mifid II imposes on financial communication systems.
An overhaul of the EU Markets in Financial Instruments Directive, commonly known as Mifid II, comes into force on 3 January 2018.
The legislation requires all financial service providers that operate or deal in the EU to record telephone conversations and electronic communications that relate to the ‘reception, transmission and execution of orders, or dealing on own account’ – including on mobile phones, SMS messages and electronic communications, and store them for a minimum of five years.
But what technical challenges does this pose to financial institutions?
With the EU introduction of Mifid II legislation, the financial industry is being challenged in a period that has already seen heavy disruption from the emergence of Fintech and increasingly popular technologies such as blockchain, mobile banking and payments, and AI.
Although the new legislation is designed to bring greater transparency, accountability and investment protection, this represents another huge technical challenge for the finance industry – especially for smaller organisations with limited IT budgets or less in-house technical support.
No channel left unmonitored
Mifid II requires all communications concerning financial transactions to be recorded and stored for up to seven years. Think of the number of communications channels currently available to customers – voice, video, instant messaging, social media, SMS, and other methods are all prevalent in business communications, and all need to be monitored.
To comply with these demands, financial organisations must put a clear compliance strategy in place, with the ultimate goal being the introduction of a comprehensive recording solution that fully complies with key Mifid II criteria – keeping clear, easily accessible and retrievable records of all conversations across all channels.
Failure to comply with the rules could result in heavy fines of up to £5m or even a trade ban – and the potential pitfalls on the road to compliance are numerous. Forgot to monitor the text messages of a small, dozen-strong customer service team?
Was the recording suite knocked offline for an afternoon due to heavy call traffic? Have stored communications been corrupted after four years? These are all potential grounds for investigation and possible punishment.
So how can organisations ensure every communications channel and every compliance angle is covered?
The five million pound questions
To ensure full MiFID II compliance, there are a number of requirements IT departments should take into account before selecting and deploying a recording solution.
1: OK for now but businesses change, is it scalable?
Firstly, any solution must have the functionality and capacity to scale depending on the size of the organisation. If all one hundred customer-facing employees were to be issued with mobile phones tomorrow, would the solution be able to handle the monitoring of an additional hundred devices?