MiFID II for Asset Managers: Communications Record Keeping


ACA Compliance Group

Publish Date


Compliance Alert

  • Compliance

Communications record keeping obligations which include phone taping, are likely to prove particularly challenging when it comes to the cost of compliance and complexity of systems requirements. In fact, the obligations threaten to prove some of the most technically difficult for the buy-side to comply with.

Who Needs to Keep Records?

Although the FCA has had tape recording requirements in place since 2009, which in its own words are “very similar to the new MiFID II regime,” investment managers have typically been able to rely on their sell-side counterparts to fulfil these obligations on their behalf. However, as of January next year that exemption will no longer be valid. Both buy- and sell-side institutions will have the same obligation to record communications that relate to transactions across all financial instruments (not just those that are listed).

In terms of which buy-side firms are in scope, investment management firms both large and small (including hedge funds) will need to comply with the new rules. The FCA had also originally proposed to extend obligations to retail financial advisers and corporate finance businesses (Article 3 firms). However, it recently decided against this initial proposal (PS17/5) and will allow these firms to keep records by taking written notes instead, given the systems costs involved in electronic record keeping.

What Needs to be Recorded?

For firms obliged to keep electronic records of communications, the MiFID II obligations will require that records are kept for at least five years (and up to seven if requested by National Competent Authorities), which is a significant increase from the six months of records currently required by the FCA. However, it is not just the length of the retention period that threatens to be problematic, but also the scope of what needs to be recorded.

In terms of electronic communications and phone taping, firms may find that when in doubt they are better off recording and retaining all communications. Although the rules state that only communications “intended to result in transactions” or that “relate to” client orders need to be recorded, the problem—in ESMA’s own words—is that “it is impossible to appreciate upfront whether the conversation will lead to the conclusion of a transaction.” Furthermore, ESMA clarified in its latest guidance, that firms are expected to record relevant phone conversations and electronic communications from “start to end.”

The range of channels that needs to be recorded is equally broad. ESMA has been conscious of not providing an exhaustive list as it recognises that technology is always evolving, but gives a sample list that includes “video conferencing, fax, email, Bloomberg mail, SMS, business to business devices, chat, instant messaging and mobile applications.”

Finally, if there is the possibility that they will result in a transaction, face-to-face meetings also need to be recorded. Thankfully, this need not be done electronically but the record keeping obligation can be met using written minutes or notes. Even so, while written notes may be more practical (and avoids the awkward moment of bringing out a recording device during a conversation), ensuring all front office staff make adequate notes (there is a prescribed list of items that must be noted in the minutes for it to be a valid record) and maintaining an archive of those records will still pose a challenge. Proper training will therefore be needed not only to make sure individuals are aware of their obligations but also that record keeping gets engrained into their BAU behaviour.

More Than Just Recording; Also Monitoring

MiFID II record keeping requirements will, in themselves, prove a challenge to comply with. However, it is important to note that firms are obliged to do more than simply keep records; they will also have to monitor those records, on a proportionate and risk based basis.

In its most recent Q&A guidance on the topic, ESMA noted that the obligation to monitor records should serve a variety of functions. To begin with, it will help firms to check they are meeting their regulatory obligations. In addition, monitoring should help ensure recording processes are adequate and records are “readily accessible” and can “accurately reconstruct the audit trail of a transaction.”

The last part of this requirement will no doubt prove particularly burdensome. Given that a single conversation could relate to numerous transactions, or a single transaction could stretch over a long period of time and involve numerous interactions across numerous channels – there will be an enormous amount of complexity in tracking and correlating which communications relate to which transactions

Furthermore, firms are also expected to monitor recordings to help meet their broader regulatory obligations, such as best execution requirements and the detection of market abuse. This aspect lies at the heart of whether or not firms perceive record keeping obligations purely as a box-ticking exercise. In an ideal scenario, all of this new transaction-related information could be put to productive use and mined in order to detect potential risks or optimise business processes.

Sourcing the Best Solution

MiFID II record keeping requirements will undoubtedly pose significant challenges for asset managers. In order to comply, most will not only need to go through a thorough sourcing engagement to make sure they have the right technical solution in place, but also train staff to ensure they are aware of their day-to-day obligations.

Given the complexity involved in compliance, the temptation may be to find an outsourced service provider that can make life simpler. However, while firms can seek to outsource aspects of a compliance solution, they can never outsource their responsibility, as ESMA considers record keeping to remain the responsibility of the regulated entity irrespective of who does the recording. That puts added pressure on firms to carry out very careful due diligence to make sure they select the right provider. Given that there is less than six months before the rules take effect, any firm that isn’t already well along the path towards compliance will need to accelerate their efforts by leveraging existing industry experience and know-how.

Sources: FCA policy document published July.