Matt Smith explains the opportunities to be found in 2018’s regulatory storm
For many financial services firms, the impending implementation of the Markets in Financial Instruments Directive II (MiFID II) and the General Data Protection Regulation (GDPR), are viewed with a large degree of apprehension. It’s easy to see why. These regulations together will send seismic shocks through the regulatory landscape, with implementation costs likely to run into the billions. However, those who are able to look beyond the logistical and financial burdens involved in compliance with MiFID II and GDPR will find themselves rewarded with a treasure trove of data that they can use to improve their existing processes and gain a competitive edge.
It’s worth recapping just how far-reaching and transformative these regulations’ data requirements are. MiFID II stipulates that firms must keep records for all services, activities and transactions for up to seven years, even including intended transactions that did not ultimately go through. These records must be stored in a specified, immutable form, and must encompass both textual records, but also audio recordings of phone calls. Under GDPR, companies will be responsible for how they collect, store and use personal data, including having in place data protection policies and impact assessments, in addition to having relevant documents on how data is processed.
Below, Matt Smith, CEO at SteelEye, a compliance tech and data analytic firms, discusses how embracing compliance with these regulations can give firms a competitive edge.
i. Refining data
The data obligations under MiFID II and GDPR should provide businesses with the impetus to aggregate and harness their data. Firms often hold an overwhelming amount of fragmented customer data stored in their systems, often stored in multiple locations, leaving them vulnerable to the risk that any update does not populate data thoroughly. With the majority of firms having little guidance or understanding of how to use and sort this data, many are missing out on the opportunity to capitalise on this potentially valuable resource
Both regulations impose stringent requirements on the types of data held by firms and on the storage of this data. In order to ensure regulatory compliance, many firms will find they need to upgrade their existing data storage systems, which will enable them to fine-tune their databases and prioritise quality of data over quantity.
ii. Streamlining processes
Having refined their data, firms will now be able to use the insight gained from this to drive efficiencies and reduce costs, both by identifying areas in which the firm’s processes could be improved, and by highlighting potential skills shortages.
The increase in specific, personalised data required by GDPR will allow businesses to improve communications with existing and potential clients by sending them more relevant content, responding faster to requests and engaging with them in a way they prefer. Financial firms can use the data collected under MiFID II, not only to conform to their obligations, but also to consolidate the information contained within this data. From this, firms will be able to gain insight into their trading activities to help them execute with greater efficiency and profitability. Firms can achieve this by driving trading efficiencies through cost-effective third party technology solutions, such as SteelEye, that offer advanced multi-venue, multi-asset- class surveillance and compliance.
iii. Stimulating innovation
The Improved data storage systems required for compliance with MiFID II and GDPR will give businesses the ability to establish patterns and trends, enabling them to innovate and improve and even launch new products, and create more efficient communication and distribution channels.
Drilling into MiFID II data will provide valuable customer analysis and insight into risk management, portfolio management and marketing, among many others. Data accumulated from recorded conversations under this regulation could provide important insights into trading behaviors. Stored audio conversations are especially suited to ‘sentiment analysis’ – to determine the attitudes and perceptions of customers towards the firm, and how this compares with their perception of competitors. GDPR on the other hand, will force firms to improve the quality of their databases in order to thrive in this newly data-driven landscape. These improved databases will allow companies not only make better sense of their data, but also enable them to gain valuable insights. This will pave the way for data-led innovation which will improve business’s data security and resilience, accelerating business initiatives and ultimately create new competitive strategies.
iv. Building trust
Improving customer protections and transparency lie at the heart of the new regulations, with both MiFID II and GDPR promoting transparency and data conscientiousness. It therefore stands to reason that firms which make the effort to comply will be rewarded by increased loyalty and trust. The disrupted regulatory landscape will level the playing field for businesses, with those that are the most transparent and secure likely to succeed in attracting new customers at the same time as retaining existing ones.
MiFID II’s obligations regarding communication, disclosure and transparency for investors are reflective of underlying consumer trends. The regulation will require firms to improve their risk management and governance which is likely to likely result in cultural improvements, such as a reduction in harmful business practices such as miss-selling, and improved relationships with both clients and regulators. GDPR clearly sets out new rights for individuals, including the right to restrict how businesses use their data, the right to have data changed or be corrected, and the right to be forgotten. Recent ICO research has revealed that customers would be more willing to provide their data, and for different uses, if they felt they could trust organisations to handle it fairly, securely and responsibly. This provides a major opportunity and competitive advantage for those who can demonstrate that they get data protection right.