MiFID II, GDPR and ESMA: The Not-So-Terrible Trio

It’s been a while since we had a good financial bubble to discuss around the water cooler; bubbles are the punctuation marks in a long history of financial folly. In terms of scale, the leading contender is the legendary South Sea Bubble of 1720. It precipitated a slew of nefarious investment schemes, each more ridiculous than the last. Examples included cannons that fired square ‘balls’ and the compelling but inscrutable, “undertaking of great advantage but no-one is to know what it is”. The chancer that put this beauty together netted £2000, enough to keep themselves and their extended family in good whiskey for life. The bubble burst shortly afterwards, taking the British economy down with it. In response, the government created The Bubble Act of 1720 which outlawed the creation of joint-stock companies without a royal charter – perhaps the first attempt at regulating the financial markets.

Fast forward to the 21st century and we still see people fall prey to scams, especially in the financial services arena. Eleana Massoura, Head of Compliance at FXTM, a global, award-winning broker, says that “even with a raft of regulation being rolled out in the last decade, investors still find themselves at the wrong end of financial products and investment returns; partly because of a lack of information and partly because of unethical behaviour by some service providers. Technology has enabled hundreds of companies to come online and offer their services and regulators sometimes struggle to keep up”.

Whilst there are still loopholes that allow unscrupulous people to take advantage of investors, international regulatory bodies like ESMA (European Securities and Markets Authority) are working hard to plug them. The most prominent regulatory initiatives are MiFID II (Markets in Financial Instruments Directive), its accompanying regulation MiFIR, and GDPR (General Data Protection Regulation).

MiFID II, GDPR and ESMA

MiFID II builds on a regulation first put in place in 2007, which sought to make investing more transparent for both retail and institutional investors, particularly with reference to standardised regulatory disclosures. Put simply, it required financial institutions to disclose all costs, charges and fees before the client committed to a product. This included management, advisory, custodian, fund entry and exit levies; significantly, it also required these costs to be represented as a percentage in the local currency. MiFID II builds on this legislation and has widened its scope to include commodities, currencies, credit products and their derivatives. It also has stricter policies in place to protect client funds.

GDPR sets out to reinforce data protection for all individuals in the European Union. Its goal is to help people reclaim control of their personal information, whilst also simplifying regulatory aspects for businesses. Non-compliance risks severe consequences, so responsible companies are making this a business priority. At first glance, GDPR might not look like financial services regulation; nonetheless, it is of utmost importance. Traders are required to divulge a large amount of sensitive data before making transactions; GDPR aims to keep such information under wraps, with heavy fines for firms that do not disclose data breaches.

ESMA is an independent EU Authority. It helps safeguard the stability of the European Union’s financial system by enhancing investor protection and promoting stable and orderly financial markets. It subjects all investment firms in the European Economic Area to a more stringent regulatory framework.

How do the regulations affect traders?

MiFID II, in particular, demands comprehensive reporting and disclosure from financial service providers; this stands to affect traders or anyone else signing up for a financial service. The most significant changes involve transaction reporting requirements. Investors will be obliged to supply ‘natural person identifiers’ – unique ID codes that must be provided before any trading can occur. This also applies to trades generated or executed by computer algorithms. In turn, investment firms are required to authenticate client ID codes by requesting a passport or national identity card number. The granular level of ID confirmation required by regulators means that data protection will inevitably take centre stage — this is where GDPR comes in. At the same time, ESMA ensures the enforcement of data protection measures; however, financial services firms still need to assure regulators that they have incorporated the relevant security protocols, including those regarding permissions and data access.

What next?

MiFID II has come into effect at the start of the year, on 3 January, but businesses should have already made the preparations necessary for compliance in 2017. Massoura explains, “While the regulations may look draconian in some areas, they all have one goal — to protect the investor. FXTM welcomes the new regulations. We are satisfied that we have put the structures in place to be compliant. We believe that a compliant industry benefits both client and service provider.”

By LeapRate. To read the original article click here >

To review our extensive free resources on GDPR click here >

2018-01-24T08:01:48+00:00Categories: GDPR, Marketing & Data Privacy|Tags: |

About the Author:

Carrie runs Little Fish Media from her home town in Sussex and works with clients in London and across the UK on inbound marketing and consultancy projects. Little Fish Media is an Inbound Marketing agency working with b2b, financial and professional services firms to generate leads, attract prospects and close deals. We are proud to be anything but your typical marketing agency! Check out www.littlefishmedia.co.uk

Leave A Comment