With the implementation of the revised Markets in Financial Instruments Directive (MIFID II) less than 6 months away, investment firms are gearing up to the comply with the upgraded directive before the deadline. From the numerous upgrades and revisions to different elements, one of the biggest changes relates to the regulation regarding how firms record transactions and their dealings with clients. Under MiFID I, firms were subject to a few record keeping requirements compared to under MiFID II. Investment firms are required to keep records of every client order and every decision taken to execute the order. Firms must also keep records of transactions while executing or transmitting an order. European Securities and Markets Authority (ESMA) has provided a non-exhaustive list of minimum records to be kept which firms must adhere to. The period of time for the retention of a record shall begin on the date when the record is created. As per the directive, data must be stored for at least five years (with an option to extend it to seven years) and should be in a medium that can be easily accessed by National Competent Authorities (NCAs). One might say firms have limited and straightforward record keeping requirements under MiFID I. However, in order to fill the gaps left by MiFID I and due to the rapid development of the internet, the commission has significantly enhanced the record keeping requirements.

Under MiFID II, there is an increased need for investment firms to provide required information to NCAs. These enhanced records will assist NCA in confirming whether a firm has complied with its obligations in respect to its behaviour relating the integrity of the market. As a result, record keeping requirements under MiFID II are much more granular. MiFID II rules require investment firms to store records of all services, activities and transactions and ensure the data is sufficient so that a regulator can reconstruct each stage involved in the processing of a transaction. This means all the initial forms of communications must now be recorded as well, which is quiet an ask. In addition, records have to be ‘readily accessible’ by the relevant competent authority. However, there isn’t an explicit definition by ESMA or the FCA on what ‘readily accessible’ means. They expect a firm to identify what is appropriate based on the type of transactions involved. Firms at the moment might be looking at market benchmarks set by other regulations such as the American Dodd Frank regulations which imposes a requirement of a 72-hour turnaround. Investment firms must now ensure the stored records cannot be manipulated in any way, unless it is for amendments. In this case, a clear audit trail is required to show the changes that have taken place. MiFID II also requires firms to immediately record every initial order received from a client and in relation to every initial decision to deal taken for the disposal of any NCAs.

MiFID II has improved regulations regarding recording of voice and electronic communications as well. The new regulations require firms to operate an effective policy which covers the rules surrounding the recording of telephone conversations and electronic communications. It is mandatory for firms to keep records of telephone conversations and electronic communications relating to transactions whether they deal on own account; or receive, transmit or execute client orders. Keeping in mind the evolution of internet compared to a decade ago when MiFID I was introduced, MiFID II also extends its scope of communication to any form of electronic media like emails instant messaging, video conferencing, SMS and so on. This might turn out to be a tricky affair for firms as the widespread use of smart phones over the past few years has resulted in various messaging applications being used for communication. Firms must also inform new and existing clients that telephone calls which may result in transactions will be recorded.

With uncertainties still looming over a lot of the granularities over MiFID II, firms are still waiting for NCAs to localise the MiFID II guidelines and make them more specific. According to an estimate from auditors E&Y, a standard medium-sized UK wealth manager is expected to spend between £3 million to £5 million on preparations for MiFID II compliance. Enhanced compliance requirements including the ones on record keeping is expected to change how wealth managers conduct their research and how they bundle information. It is obvious that regulatory changes to processes like record keeping will affect all ends of a firm including IT, marketing and HR. How managers will align their firms with these changes and how NCAs across Europe will bring a sense of clarity to these vague requirements remains to be seen.

Six months remain. January is looming. It seems as if there is some anxiety building up about the impact of MiFID II and the compliance deadline.

The Markets in Financial Instruments Directive II or MiFID II is the biggest regulatory shake up of European financial markets in at least a decade. Its aim is to enable greater transparency and protection for customers across a range of asset classes and its financial instruments.

The time left to comply is not the only reason investors and firms alike are showing some signs of anxiety. In part, some of this anxiety emanates from the regulators themselves. The sense is that there needs to be further clarity on the scope and greater level of detail for meaningful guidance.

A study by JWG found that 90% of institutional investors in Europe risk non-compliance, are under-prepared and over-stretched in efforts to comply with nearly 1.5 million paragraphs of rules.

Whether more time will be granted beyond the one year delay will be interesting. The reality is that probably one third of the rules are yet to formalised or the provision of technical guidance for their implementation.

However, most firms or investors affected by the regulation will wish not to take the chance to miss compliance. Getting locked out of particular markets they operate in or face significant penalties would not be a great start to the new year.

One of world’s leading universities in London was victim to a significant cyberattack.

University College London (UCL) is one of London’s leading multidisciplinary universities. The attack targeted the institution’s IT systems, shared drives and management systems, affecting over 35,000 students and 11,000 staff.

The ransomware attack started appearing through phishing emails. UCL email system of both students and staff were infected with links and attachments as the anti-virus was unable to detect it. Once the email and its attachments were opened, the local and shared drivers were targeted, compromised and encrypted.

UCL is unable to access the system and specific files. Shared network drives were locked by the UCL’s Information Services Division.

They also released the following statement ““It is vital we all maintain a high level of vigilance when opening unexpected emails. If the email is unexpected or in any way suspicious then you must not open any attachment or follow any link in the email. Doing so may lead to loss of your data and very substantial disruption to the university.”

In order to avoid the negative consequences of ransomware, such as losing important files, preventing detecting and responding to security breaches in information technology system quickly is vital. Ensuring individual access to websites is secure and only opening attachments from trustworthy and known sources – is a good preventative measure. It is both the responsibility of the individual and the business to prevent these attacks and address them quickly and effectively.


Looking to the future – Steven Maijoor addresses FIA IDX conference, no more MiFID II delays
• The chair of ESMA has pledged there will be no further delay on the implementation of MiFID II.
• Speaking during the FIA IDX conference in London, ESMA’s Steven Maijoor eased concerns that the regulation would face further delay.
• “Contrary to some recent coverage and commentary, MiFID 2/MiFIR will come into effect on 3 January 2018, there will be no further delay in its implementation. One delay has been enough for all concerned,” said Maijoor.
• ESMA informed the European Commission in October 2015 “that a delay to the technical implementation of MiFID II was unavoidable.”
• ESMA is on track with all MIFID 2/MIFIR IT projects, in particular the Financial Instruments Reference Data System (comprising the collection of reference and trading data and the transparency calculations), and the double volume cap mechanism,” said Maijoor.

The success of Finance and technology, known as Fintech, is acknowledged across industries, however Fintech is not the only increasing trend. As technology continuously incorporates itself into the daily insurance service provision, inspiring efficiency and improved service, Insurtech has emerged as a portmanteau of “Insurance” and Technology”. From black boxes in cars measuring driver performance and algorithms in calculating risk profiles of customer to wearables measuring health, Insurtech is predicted to have a great impact on customer experience.

How industry will work?

New insurance companies are looking into possible ways of using technology to assess the risk rating of a client and to monitor them using technology to monitor daily activities of clients.

Despite only 37% of Gen Y reporting that they have positive experiences with their insurance globally, the Insurance sector still contributes over 25% of the UK’s total net worth. With the rise of Big Data, insurance companies are presented with the opportunity to grasp the various platforms to improve their overall efficiency.

According to the FDA, around 1.7 billion smartphone users will be using a mobile medical app by 2018, this is a huge opportunity as environmental sensors connected to devices and wearables, such as FitBits and Apple Watches allow insurers to better manage risk, improve subscriber loyalty and optimize sales opportunities. These devices monitor our health and therefore health insurers can use this assess risk smarter, reducing the premium for those who are healthier for instance and improving the overall economy.

Blockchain can also help secure the data of customers, ensure that insurance history and transaction is kept safe.

Impact on Insurance Industry

Despite this industry being new, it is predicted to have a greater impact on customer experience with insurance claiming time reduction and analytics being a differentiation factor.

With technologies being connected, there will be an emergence of usage based models, autonomous cars, wearables, digital health including genomics, drones and use of artificial intelligence.

Despite these facts however, less than 45% of insurance industry players have FinTech strategy and even less than 15% are active participants in incubator programs. There is a predication these numbers will increase in order to stay competitive and up to date with FinTech

There is also a predicted change in the need for employees with training in the psychology and behavioral economics trades.

Cases and Emerging Trends

As an emerging trend the service is still at an infancy stage and not enough statistics exist to give a view on the trend.

Motor insurance telematics is still at an incipient stage—even in Italy where market usage is above 8%. Benefits of motor insurance usage monitoring technology can be categorized a proactive approach, objective information and loss prevention and mitigation.

Snapshot by Progressive is a USA based company that installs a (usage gets monitoring technology) telematics box for a period of 75 days, the client a price adjustment based on his or her own style of driving

Current startups in the space are proving that the use of technology is a positive development for the insurance business itself and for its customers, who are looking for more options, flexibility, and transparency.

Insurtech will not only benefit the business itself but will also benefit it’s customers.