BLOG

See the latest news and insights around Information Governance, eDiscovery, Enterprise Collaboration, and Social Media. 

All Posts

MiFID II Compliance - Understanding New Expectations for Preserving Website & Social Media Records

MiFID.jpg

The Markets in Financial Instruments Directive 2004/39/EC (MiFID) came into play in 2007. Established by to regulate investment services, increase competition and enhance consumer protection, MiFID applies to all member states of the European Economic Area including banks, brokers, financial service institutions and advisers and more. On 20 October 2011, the European Commission adopted a legislative proposal for the revision of MiFID which took the form of a revised Directive and a new Regulation The European Parliament and Council reached an agreement to develop MiFR, and MiFID II to further make markets more transparent and better protecting of investors.

With its implementation scheduled for January 2018, there are numerous law changes financial services organizations must prepare to abide by. In regards to recordkeeping, organizations are now required to have consistent means of capturing, retaining and reproducing records of all their activity whether through personal conversation, telephone, or electronic communications.

MiFID II: What’s Changed?

While much of MiFD II is the same, it has been expanded to include additional recordkeeping rules. A few key changes to note:

1) List of specific minimum requirements:

2) Increased supervision:

  • MiFID II mentions that NCA will use company records to ensure firms are complying with their obligations.

3) Required capture of all conversation types and stages:

  • MIFID II rules regarding telephone and electronic conversations require firms to keep not only conversations that conclude in a trade or confirm a transaction, but all communications that may lead up to a trade in the future - including instant messages and social media conversations.  

4) Request for durable, accessible mediums:

  • Records should be kept in a durable medium allowing for replaying, but which prevents the record from being manipulated or altered. The records also need to be readily accessible and available upon request.

5) New expectations for telephone and electronic conversations:

  • Under MiFID II, firms are now obliged to keep all records of these communications for up to 7 years.

  • Firms must ensure that electronic communications and telephone calls on both privately owned and firm issued equipment, internally and externally are being retained, for permanent and contracting staff.

6) Longer retention periods

  • MiFID II asks firms to retain records for up to 7 years

How Can I Comply?

MiFIDII.jpg

By January 3rd 2018 all organizations to whom MiFID II applies to should be in a position to archive, supervise and disclose all their electronic communications and be prepared for ESMA requests at any time. This requires a reflection of company recordkeeping and reporting processes to ensure complete compliance.

With ESMA’s ability to conduct an audit or make records requests, all recordkeeping aspects, from collection, preservation of materials, dates, supervision and replaying should be carefully considered when determining which systems to implement.

While there may be additional changes to the laws by its implementation date, firms should not wait to get their ducks in a row.

Further Reading

PageFreezer has put together a comprehensive whitepaper on MiFID II meant to serve as guidance on how this new law applies to websites and social media. It also covers an an exploration of archiving software as an effective tool for easy and effective MiFID II compliance.

To continue your education on this new law and prepare to your organization for compliance, download our new free whitepaper “MiFID II Compliance - Understanding New Expectations for Preserving Website & Social Media Records” here.

More helpful resources for financial services organizations:

Related Posts

Pagefreezer Is SOC 2 Type 1 and 2 Compliant

I’m extremely proud to announce that Pagefreezer is now SOC 2 Type 1 and Type 2 compliant. We have always made use of compliant data centers to store information, but over the last year our organization itself has now gone through the rigorous SOC 2 auditing process to achieve compliance. 

Enterprise Collaboration Tools: The Answer to Information Governance and Remote Teams

The COVID-19 Pandemic has forced many organizations—both large and small—to quickly change the way they operate. As formal lockdowns and social distancing guidelines were published by governments all over the globe, companies were left to figure out how they can get the job done with a remote workforce. 

13 Tips for PIOs and Government Social Media Managers Dealing with COVID-19 (Coronavirus)

The impact that COVID-19 has had is unprecedented. Of course, there is the impact of the disease itself, but it is also forcing organizations to continue to operate while a large portion of its employees work from home.