The second EU Market Abuse Directive (MAD II) is due to come into force in July 2016. In analyzing the level of preparation of financial institutions (FIs), it is clear that the majority are unprepared for the 2016 deadline. They are still in the process of performing their risk analysis, and then identifying gaps in compliance processes and systems for a regulation due to come into force in fewer than six months, and virtually none are prepared in any of the specific areas covered by MAD II.
Partly this is due to a perceived lack of clarity: firms are struggling to establish governance and risk management processes without clear regulatory guidelines to adhere to. Many are waiting for the final review of ESMA technical standards, but the degree of granularity for which many are waiting will likely not be forthcoming. In this situation, FIs are struggling not to achieve full compliance, but to manage the principles of MAD II sufficiently well to save themselves from being identified as regulatory targets.
The Market Abuse Directive does not mandate the automation of processes, but the technical standards1 have stated that the large majority of cases will require an automated surveillance system. Financial institutions will have to be prepared to justify to regulators how generated alerts are managed, and why their implemented processes and systems (automated or not) are appropriate for their business. Therefore, in order to ensure they remain compliant, firms are turning to flexible and automated technology solutions, and this is driving a wave of system replacements and enhancements among FIs, and an overall growth in risk IT expenditure.
Future systems will utilize a combination of communications controls, data mining and advanced analytics. Firewalls and network controls should be supported by link analysis of trading patterns; monitoring of activity across asset classes and the mining of unstructured data, including e-mail, voice and chatroom communications to provide intelligence on potentially unauthorized trading and disclosure of insider information will be vital. Beyond this, the market abuse management systems should include user-configurable rules management, reporting and workflow - MAD II and market abuse regulations are mutable, and FIs should prioritize spending to save, in order to avoid expensive change management processes in future. One observable trend is that 83% of respondents indicated an increase in compliance spend for 2016, and none indicated a decrease. In the face of shrinking margins across the industry this is paired with a challenging trading environment.