Matthew Bryars, founder and CEO of Aeriandi, discusses the top considerations for any organisation looking to implement a MiFID II compliant call recording and archiving solution
The Markets in Financial Instruments Directive, commonly know as MiFID II, is due to come into force in January 2018. First introduced by the EU in response to the 2008 financial crisis, MiFID II is a set of sweeping reforms for the financial industry designed to prevent history from repeating itself in the same way again. The new legislation governs everything from where and how derivatives can be traded, to measures for reducing volatility and policing potential conflicts of interest among financial advisers. Achieving compliance is no mean feat and certainly won’t happen overnight. Indeed, MiFID II is widely considered to be one of the most sprawling pieces of financial legislation ever devised, and as a result it presents numerous challenges for those looking to achieve compliance ahead of the deadline in early 2018.
One of the more contentious aspects of the new legislation is the changes in requirements relating to the recording and archiving of telephone calls. The Financial Conduct Authority (FCA) currently mandates that only the telephone conversations of individuals directly involved in trading need to be recorded, but MifID II broadens the scope considerably to include anyone involved in the advice chain that may result in a trade. Naturally, this has a significant impact regarding the scope of whose conversations must be recorded once the new legislation takes effect. Conversations between the likes of wealth managers or independent financial advisors and their clients will now all fall under this scope, where previously they did not. Furthermore, the legislation applies to both fixed line and mobile conversations, and all calls must be stored and accessible for a minimum of five years after taking place (seven in some instances).
This particular portion of MiFID II is causing a certain degree of consternation. Perhaps unsurprisingly, before MiFID II was announced, few financial institutions had the infrastructure in place to meet it and many are still working on how best to achieve the compliance requirements. Fortunately for those that don’t have the necessary in-house resources, a variety of call recording and archiving solutions are available from third party organisations, which can help to achieve compliance right out of the box. However, choosing the right one can prove difficult without the necessary knowledge of what to look for in a solution. Below are a series of key considerations when assessing the various call recording and archiving solutions available today. While this list is by no means exhaustive, it should serve as a strong benchmark upon which to review potential solutions, as any offering that doesn’t meet these considerations is unlikely to completely fulfil the requirements set out by MiFID II and should therefore be avoided:
- Coverage of all required telephone platforms
MiFID II mandates that calls must be recorded across both mobile and landline platforms, so it is critical to ensure any solution being looked at has the capability to do this, as many out there cannot. The best solutions are also capable of recording SMS and instant messenger channels as well, so be sure to check this as well during any consultation periods if it is required.
- Easy implementation and scalability
Will implementing the new solution result in business down time and therefore, loss of revenue? If so, this creates problems of its own. Many cloud-based recording and archiving solutions no longer require any on-site installation, eliminating disruption incurred as a result. Scalability is also a major factor. Can the solution scale both up to cover busy periods, whilst scaling down to save the organisation money during quieter periods? If not, organisations will likely end up overpaying for recording capacity they aren’t using, or having to buy additional capacity at premium pricing on short notice.
- Access to call recording archives from anywhere
Cloud-based recording and archive solutions offer the ability to access call recordings and archives from anywhere, at any time via a secure online portal. This is particularly beneficial to organisations spread over multiple sites or countries. Vendors specialising in on-site recording and storage often cannot deliver this same level of flexibility in terms of recording accessibility, so be careful to ensure any solution being considered can match the needs of the organisation.
- Secure storage and encryption to protect recordings
MiFID II mandates that call recordings relating to a financial transaction must be stored for five years after the transaction was made, a significant rise from the six month period currently mandated by current FCA legislation. Not only does this impact heavily on storage resources, but it also presents security challenges, particularly if the recordings contain sensitive financial information. After all, five years is a long time to keep data safe. Only recording and archive solutions that offer the latest levels of data encryption and provide guarantees about who is able to access recordings should be considered. If a vendor is using outdated encryption or does not offer ongoing guarantees regarding upgrades to security as/when they become available, they should be avoided at all costs.
- Compliance with additional data standards
Whilst the primary driver for implementing a suitable call recording and archiving system is to achieve MiFID II compliance, many of the solutions available also offer additional layers of compliance such as the Payment Card Industry Data Security Standard (PCI DSS) and BS10008; governing whether recorded content is legally admissible in court if required. These data standards can bring additional return on any investment made and should be considered when choosing a suitable solution.
With the final implementation deadline for MiFID II now just a little more than a year away, financial organisations affected by it should already be well on their way to ensuring compliance. When addressing the new legislation related to call recording and archiving, thankfully organisations have a number of avenues that they can go down. For those not choosing the in-house route, there are numerous excellent solutions available from third parties. However, great care must be taken to ensure that the solutions on offer will actually help the organisation to achieve all of its compliance goals, rather than just some of them.