First published in Thomson Reuters Regulatory Intelligence.
Firms have been required to carry out regulatory reporting for many years, but the financial services industry is facing an unprecedented amount of change. Strong, agile change management processes will be essential to navigate the challenges ahead.
Change is already underway, with U.S. Commodity Futures Trading Commission (CFTC) and Canadian reporting amendments due in December this year and the European Market Infrastructure Regulation (EMIR) Refit granted approval. Regulators across G20 derivative regimes are set to implement reporting recommendations from the Critical Data Elements (CDE) guidance.
There are also moves afoot to increase the interoperability of reporting regimes, as well as to address the wealth of data-quality concerns inherent in today’s reporting. Firms with MiFIR reporting requirements face a similar onslaught of changes.
The UK Financial Conduct Authority (FCA) is expected to issue a discussion paper, and following that a consultation paper, on a review of the transaction reporting obligations under UK MiFIR. A month ago, the regulator issued a strongly-worded message to reporting firms in its Market Watch 70 targeting primarily improvements for data quality.
The changes proposed by the European Securities and Market Authority (ESMA) to the MiFIR transaction reporting requirements were set out in its final report in March 2021, and are awaiting review by the European Parliament. Securities Financing Transactions Regulation (SFTR) reporting firms are also expecting change, with the revised validation rules schemes expected early next year.
This might seem daunting, but firms whose change management processes are fit-for-purpose will be able to take the shifting reporting requirements in their stride. Firms may wish to consider the following practical steps.
1. Identify and anticipate reporting changes
Organisations often underestimate the importance of scanning the horizon for forthcoming changes. Firms should ensure they have signed up to receive all regulatory updates, not only from regulators themselves but also from trade repositories/authorised reporting mechanisms (ARMs)/approved publications arrangements (APAs).
They would be particularly well-advised to engage with trade associations, which aim to discuss proposals on an industry-wide basis. Such actions will provide firms with the maximum possible time to capture, control and configure any changes into their own reporting workflows. Many firms fail to engage with Level 1, 2 or 3 regulatory text at a sufficiently early stage, limiting their understanding of legal liabilities and reporting requirements, and reducing their ability to interpret and anticipate changes.
2. Document reporting processes and controls
Firms’ reporting procedures and documentation must be comprehensive, thorough and reviewed regularly. Firms should ensure that their own documentation (change logs, issue tracker, responsibility assignment (RACI) matrix, reporting flow process, escalation points, etc.) are all fit-for-purpose for existing reporting processes.
This will not only help to maintain a strong control framework now, but will also allow firms to understand their reporting processes before changes are implemented. Known issues can be accounted for, and planned enhancements or vital fixes can be handled and prioritised/moved/upgraded as necessary, enabling existing commitments to be maintained.
Few firms have such documentation in place or, if they do, often fail to maintain it adequately. For these firms, the vast array of forthcoming changes presents an opportunity to get their houses in order, and improve their own regulatory compliance, preparing for the required changes while remediating the lack of written oversight for reporting process and controls.
3. Understand and prepare
The documentation of process and controls is vital, but a well-versed and experienced team is exponentially more likely to be able to navigate the onslaught of regulatory change. Firms should ensure that all internal stakeholders have regular and thorough training for EMIR, MIFIR or SFTR reporting.
Those responsible for discovering and remediating issues need more in-depth knowledge about existing requirements and the various refits/rewrites/rewordings ahead. The lengthy proposals from regulators need to be read comprehensively, understood and discussed by all affected staff, not just those who perform the daily regulatory reporting.
Firms need to understand the upstream or downstream impact of the proposed changes. They must ensure they know where and how to source information for new or amended reporting fields, which, for example may be required at point of onboarding. This may mean an outreach programme to all existing trading counterparties for data that was not previously required.
Many of these newly required data points will not yet be included in the firm’s risk/booking system. Firms also need to establish which existing fields are difficult to interpret and need market-wide discussion or clarification from regulators.
Much advice will be published in the “Level 3” guidance documents (often) once they have gone live, but regulators can provide crucial feedback or clarification prior to regime change via letters or Q&As. Firms that are aware of such statements can take this into account for initial reporting, thus reducing or avoiding expensive and labour-intensive remediation projects further down the line.
Successful change management processes will provide relatively accurate time estimates for required build time in a comprehensive, inclusive and clear project plan. Building in contingency time will also help with the handling of unknown issues, which are bound to occur. Dependencies should be discussed and spelled out, and tasks required for stand-alone or siloed activities can then be efficiently scheduled.
Finally, such plans must allow for suitable and extensive testing of the reporting changes prior to implementation. This is mandatory in some reporting jurisdictions, whether the testing be for in-house systems, submissions to the repository or ARM/APA, or submissions to the regulator.
The importance of testing has often been grossly underestimated, either from a time requirement, or an overall value, point of view, and this has resulted in even the most extensive change management plans falling victim to unknown, but predictable, reporting issues.
Once firms have identified, documented and planned all relevant changes, they will be able to implement their plans. They should continue to document progress and changes throughout the process; even if things go smoothly, circumstances can change at any point.
Knowing what reporting changes were made, when, why, and by whom, is essential if firms are to identify and remediate unexpected implementation challenges. They should keep all stakeholders informed of progress, good or bad, through regular, clear and succinct update statements.
During implementation, the value of all the time set aside for testing will become clear, and firms should test their reporting changes as much as possible. Testing will have many benefits, and should include the testing of a firm’s own reporting, although cracks in the process can also occur for trade repositories/ARMs/APAs, as they too have their own implementation programmes underway to manage their regulatory obligations.
Such institutions are unable to account for all real-life reporting situations and trade types in their own user acceptance testing, and so rely on their clients to test as many additional scenarios as possible and uncover bugs ahead of the fixed go-live date.
Many firms also engage in joint or combined testing programmes alongside peers, boosting the efficiency of their own testing and enabling them to share discovered issues or known pain points with enough time to remedy a solution where possible.
Adequate preparation is essential if firms are to navigate the constantly changing regulatory reporting landscape. Firms that identify and document the proposed changes will be in a prime position to understand what will be required, and how to plan for revised regulatory requirements.
Failure to do so may mean compliance officers and other responsible staff find themselves remediating reporting issues long after “go-live” dates — something which comes at considerable cost. The winners will be those who implement balanced, comprehensive and clear change management plans for their firms’ regulatory reporting.
- To discuss upcoming regulatory reporting changes with one of our regulatory specialists, please contact us.