Anthony King: One of the things that we do have is reasonably good foresight on is what regulatory changes are coming.
Anyone who is involved in the industry recognises the dear CEO type letters that are flagging the type of reviews that are of interest to the regulators, so you do get early warning signs.
For us it is about what regulations are likely to fundamentally impact the business model, which will either mean an enhancement in education or a review of our standard operating procedures.
"For MiFID II, the sheer scope and applicability was a challenge
for a lot of managers. "
Clearly for MiFID II it was a reassessment of the business model and how you do things. Any of us who were involved did recognise it as a big piece of work.
If I consider the Market Abuse Directive, in essence this is a conduct issue and something which all best practice firms are involved in upholding. So, for us it was more of a behavioural, cultural and educational piece.
For MiFID II, the sheer scope and applicability was a challenge for a lot of managers. Certainly, we found the investment reporting obligations complex.
"As an industry, we could do with a bit of a pause seeing
that we have just digested this."
Of course, there were no shortages of external vendors who were there to help with it and we have utilised some of them as well. Providing the oversight policies are in place and you have a robust monitoring framework, this works.
In the run up to the second anniversary of MifID II, it is interesting to speak to peers on how well embedded this is in operational processes. As an industry, we could do with a bit of a pause seeing that we have just digested this.
Looking ahead over the next 12-14 months, we are reasonably satisfied that there isn’t as much to digest as there has been in the past, but I am sure that this will not be a steady state.
Anthony: Everyone would recognise the generalised pressures that the industry is under. You essentially have had an ongoing increase in the cost-base to maintain the function while clients want to see better value for money, which is a euphemism for fee compression.
Our response in a practical sense has been to outsource more from a compliance perspective, the Certified Functions (CF) positions, what will become the Senior Management Functions (SMF) positions.
In terms of overview of compliance, you cannot outsource but we engage with one main provider who, from an independent and specialised and technical angle, performs a lot of the compliance duties for us.
"Everyone would recognise the generalised pressures
that the industry is under. "
As a small to medium sized enterprise, there are functions that are better off being in-house as opposed to outsourced. This is largely around monitoring because that is very data dependent, although not necessarily complex in task and is better done in-house.
As a team, we are all essentially focused on investing the funds. There is a lot of assistance we can get externally with the additional functions such as managing horizon regulations, the interpretation for your firm etc.
From a cost efficiency perspective, we have found this to work out quite well for us.
On operational resiliency, this is something which is very clearly in scope. We have spent a lot of time with our outsource providers on questioning this resiliency.
"We have spent a lot of time with our outsource providers
on questioning this resiliency."
I get a lot more comfort from the development of a lot of facilities being cloud-based as opposed to being on physical servers. From our perspective it is a far more stable and reliable operating system because of the technical expertise that we have put into this.
I guess at some point it will be tested and there will be repercussions from this.
Even five years ago we would have gone to our disaster recovery centres and tested things from there, but the world is now a very different place.
Anthony: One of the areas that I would point to is a greater use of technology. In the regulatory compliance world, I can see this becoming more prevalent.
For example, for the Market Abuse Directive, we are working on a system with one of the vendors we employ that is basically AI predictive technology to scan group communications.
It will pick up on key words and highlight what it thinks could be flagged as suspicious activity.
It won’t replace compliance in a fully automated nature, but some of these core monitoring functions will be addressed with resource implications as well.
Anthony: The SM&CR is a key one. As an investment manager in the insurance industry and as part of a larger insurance services group, we are in a better position to deal with it because the insurance industry went through exactly the same thing 18 months ago.
It is important for firms to be very clear on who their certified people are because of the paper trail of HR functions, which needs to be carefully considered and produced alongside this.
I do think that the industry is still digesting MifID II. And it is still very much in the market’s consciousness, but I don’t think that any of us who have been at the coal face will say no to a period where it is a little lighter on the regulatory front.