Strategy & Operations » Governance » MiFID: The IT reckoning cometh

Firms subject to the new Markets in Financial Instruments Directive (MiFID)
could be facing a collective IT bill of as much as e6bn (£4bn) in order to
change systems to meet the new regulations.

But nobody is quite sure for two reasons. First, the final details of how the
regulations will apply in the UK won’t be published until 31 January 2007. The
consultation process isn’t even finished (see box).

Second, the IT costs that individual firms incur will depend very much on the
current state of their legacy systems. Firms that have built some
future-proofing into their IT architecture – for example, by using service
oriented architecture – have developed common standards and have developed
interoperability between systems will find it easier than those whose IT is
still stuck in legacy silos.

Are the IT professionals ready for this new challenge? Yes and no.

Positively, a MiFID Joint Working Group is working away to define a series of
IT models that will help IT professionals create appropriate new systems in
their own firms. The IT services industry is also developing a range of

Negatively, a survey of 16 compliance and IT directors at UK banks and
investment firms as recently as June found that IT functions “had yet to be
fully engaged in MiFID projects”. But the survey in The Banker magazine found
that IT professionals realised the impact of MiFID would be “fundamental” and

MiFID will apply in all EU countries, although there will be differences of
detail in the way the directive is implemented in each. The Financial Services
Authority will administer and police the rules in the UK. It’s likely that
British regulation will initially be more thorough than in most other European
countries, especially new central European accession states.

New landscape

The challenge for IT is that MiFID, which replaces the Investment Services
Directive, introduces a completely new landscape for securities trading. Until
now, as much as 50% of EU stock trading hasn’t been conducted through stock
exchanges – for example, off book dealing between two parties that want to trade

Now, these other trades will need to be treated as systematic internalisers,
following the same trading principles as brokers on an open exchange. As a
result of this, and a combination of other information gathering and retention
rules, some firms may need to store as much as four times the volume of data
they currently hold, according to Ash Saluja, partner at CMS Cameron McKenna.

But that’s not the only problem facing IT. MiFID will fundamentally change
both workflows and record keeping in most firms affected by the rules. For
example, there will be two main categories of client under the new regime –
retail and professional – with a separate category, eligible counterparty, for a
limited range of businesses.

IT will need to change systems to allow for the fact that boundaries between
the categories are not the same as under the current Conduct of Business rules.
One effect is that systems will have to allow for more retail clients – where
regulatory procedures are stiffest.

Another factor that IT will need to build into systems is best execution –
the principle that a financial services firm carrying out a trade for a client
must, according to Article 21 of MiFID: “take all reasonable steps to obtain the
best possible result, taking into account price, costs, speed, likelihood of
execution and settlement, size, nature or any other consideration relevant to
the execution of the order”. IT systems will need to hold data that defines
which of those – sometimes conflicting – criteria are most important for
individual clients and audit trail data to show that trades were completed in
compliance with the criteria.

Where next?

How will IT handle all these changes? MiFID gurus suggest that many firms
will seek to use a mixture of tailored and bespoke systems together with
services provided by third parties. For example, the FSA may approve a number of
trade data monitors – IT suppliers authorised to collect and process trading
data on behalf of those banks, investment houses or brokers that engage them to
do so.

As it becomes clearer what the detailed rules will be, the MiFID Joint
Working Group should announce IT operating models for a number of key areas of
MiFID admin. These could include:

  • Systematic internalisation;
  • Post-trade price publishing; and
  • Reporting and best execution.

To help firms move towards MiFID compliance, a number of consultants and IT
services suppliers, such as Daydream, are announcing compliance implementation
management tools and services. There is no question that MiFID represents
another big IT challenge for those firms affected.

However, they can tackle it by going back to the basics of good IT management
– breaking down the project into logical parts such as data management, process
documentation, data warehousing, systems implementation, testing and system
integration. Project management skills will be important as well as specialist
MiFID implementation skills. Unfortunately, there are already signs that the
latter may be in short supply. Says Saluja: “If I was an IT director in an
investment bank, I’d be thinking about my budget for next year – because I’m
going to need a lot more resources.” n

Peter Bartram