<img src="https://certify.alexametrics.com/atrk.gif?account=b2hlr1ah9W20em" style="display:none" height="1" width="1" alt="">
    Login
    Get started

    5 steps to ensure compliance with MiFID's data retention rules

    Published on 19 Sep 2017 by Lynne Callister

    Is your firm ready for MiFID's data retention rules?

    data retention rules

    As the implementation of  the Markets in Financial Instruments Directive (MiFID) II draws closer, businesses are under increasing pressure to take steps to ensure they're fully compliant.

    Last month, the US regulator, Securities and Exchange Commission (SEC), charged seven people with insider dealing after they allegedly used secure messaging apps to net $5m pofits trading inside information on mergers and acquisitions. According to the SEC, former Bank of America IT employee, Daniel Rivas, passed on tips to friends and family members over a 3-year period who used that inside information to trade.

    Just earlier this year, former investment banker, Christopher Niehaus, was fined £37,000 by the Financial WhatsApp icon data retention rulesConduct Authority (FCA) for disclosing confidential information on WhatsApp.

    The clock's ticking. Once MiFID II's data retention rules come into effect, we can expect a much tougher regime and tighter controls over electronic communications. Firms will have to comply with strict record keeping requirements, even capturing conversations, emails and instant messages.

    Are you ready?

    5 steps to prepare for MiFid II data retention rules:

    1. Assess 'current state' and conduct Impact Assessments - What happens now? Is it fit for purpose? Are there existing Codes of Conduct? What rules are currently in place in respect of encrypted messaging apps and use of personal mobile phones? What of organisational culture? What other improvements could be made, if any?
    2. Gather evidence using objective criteria - To what extent do employees use electronic communications, personal mobiles, encrypted messaging apps etc in their dealings with clients? What about anecdotally?
    3. Check the tech - Conduct a cost-benefit analysis to determine whether it's feasible/desirable to use other tech platforms or innovations to capture records - eg VoxSmart, EikonMessenger, etc.
    4. Get the tone right - It's all about the culture and how you sell it. How are employees reacting to the news? If you're facing a backlash and Big Brother accusations, perhaps it's time to big up the positives - eg the benefits this offers in terms of dispute resolution and evidence at litigation?
    5. Archiving - What retention periods currently apply and should they be extended? Records must be kept for a minimum of 5 years (up to 7 years on request by a national competent authority) or the lifetime of the relationship. Can we deliver?

    Want to know more about FCA Compliance?

    As well as 30+ free compliance training aids, we regularly publish informative FCA compliance blogs. And, if you're looking for a training solution, why not visit our FCA compliance course library.

    If you've any further questions or concerns about FCA compliance, just leave us a comment below this blog. We are happy to help!

    Leave a comment

    Tick

    Free Trial: Compliance Essentials

    Skillcast Essentials is our best-selling library and there's a reason for that. Essentials library provides comprehensive coverage of the key compliance / conduct issues that companies in the UK face today.

    Request now

    Biggest GDPR Fines of 2020

    Breaching the GDPR can cost you up to €20 m or 4% of annual global turnover. Which is why we are tracking the size and reasons for the biggest GDPR fines of 2020 - to help you avoid them! Since ...

    Read More
    Compliance Essentials News - January 2020

    This month's round-up of key compliance news includes Travelex ransomware, data protection issues, BBC equal pay, sexual harassment policies, AML & art, due diligence & competition law... Our pick of ...

    Read More
    6 Tips to Reduce the Risk of Ransomware Attacks

    Ransomware attacks - where hackers gain control of IT systems or data and then demand payment to unlock them - doubled in the UK in 2019. Now only the US suffers more attacks. Ransomware rates have ...

    Read More
    Skillcast at Learning Technologies 2020

    About Learning Technologies 2020 (#LT2020UK) Learning Technologies is Europe's leading conference dedicated to organisational learning and the technology that supports it. It's on February 12-13th at ...

    Read More