• FNZ Figaro
  • FNZ Neon
  • FNZ Digitize
  • Careers
  • JHC Community
  • In a recent feature article in Wealthbriefing, JHC’s Andrew Watson shares his views on the two most important regulatory changes coming to the industry.  Here is an excerpt from the full article…

    “Regulations can sometimes force completely different behaviours, leading to legal wrangles. Fears that upcoming EU rules will create such a clash are misplaced, however”, says Andrew Watson, Head of Regulatory Change at JHC.

    The latest example of what is feared comes from two major sets of European Union regulations: MiFID II – which seeks to improve investor protection and quality of advice (taking effect from the start of 2018) – and General Data Protection Regulation (GDPR), which kicks in from May next year. GDPR sets out strict terms under which organisations collect and store data and forces such groups to clearly explain their actions.

    The fear of a clash stems from the fact that while MiFID II requires firms such as banks, brokerages, asset managers and other parties to collect reams of information from clients,  GDPR limits what data can be held and for how long. At first glance these sets of requirements could create a compliance reconciliation nightmare. The punishments lawmakers can mete out for offenders under GDPR are harsh: fines of up to 4 per cent of annual worldwide turnover can be imposed in the event of a breach. That’s enough to send some players out of business. Squaring these rules with MiFID II is therefore essential.

    However, perceptions that there is a clash of the rules is misconceived and suggests authorities must be clearer in setting out the boundaries, says Watson.

    “There is a lot of confusion. GDPR says you should only keep the data you need for only as long as you need it. If you are doing lawful business then there are data needs associated with that. I don’t see a conflict here,” Watson continued.  “One issue with such regulations is that there is a lack of clarity about how the rules will affect firms until quite late,” he said.

    MiFID II, which imposes reporting and data collection obligations on firms, is one of the largest regulatory changes to hit European wealth management for years, and is part of the regulatory aftermath of the 2008 financial crisis. With GDPR, meanwhile, the rules play to public concerns about security of client data – a point driven home almost daily by stories of cybercriminals stealing data, or even plain simple losses of information caused by carelessness.

    The GDPR regime creates new “rights for data subjects”, including around consent and the so-called “right to be forgotten”, said Watson. “GDPR does not change anything in financial regulation but you do need to take data protection really seriously.”

    A key issue is that when signing up for a discretionary wealth management services,the wealth manager must understand the investors situation, goals and objectives as part of a suitability review as stipulated by MiFID II. Despite the rights of the data subject granted by GDPR the investor cannot withdraw consent for you using the data for this purpose. Even if the investor asks for the account to be closed then both MiFID II and Anti Money Laundering legislation require the wealth manager to retain these records for many years afterwards. GDPR does not override this. Wealth Managers do, however, have a responsibility to safe guard this data both externally and within the firm.

    “The industry is doing a lot about MiFID II and that’s taking up a lot of bandwidth. I am seeing a lot of firms queuing up their GDPR projects behind MiFID II and that’s a mistake,” he said.

    If you are a Wealthbriefing subscriber, you can view the full article here.  If you would like more information on the work that JHC has been doing on both MiFID II and GDPR, please drop us a note at [email protected]

    *Note: The original article :   NEWS ANALYSIS: How To Ensure There Isn’t A Clash Between MiFID II And Looming Data Protection Regime was written by Tom Burroughes, Group Editor, and published on  7 June 2017