Month: October 2019

FCA Tackles Liquidity Mismatch - Waymark Tech Blog

FCA Tackles Liquidity Mismatch

The FCA has set out new rules to protect investors in open ended funds in hard-to-sell assets, but already they have run into some criticism.

The policy review had been started in response to property fund suspensions after the EU referendum.

The suspensions demonstrated the risk of liquidity mismatch between the time it takes to sell assets and fund holds, and the daily redemptions being offered to investors. Each time the fund managers were unable to fulfill requests for withdrawals because of their exposure to hard-to-sell illiquid assets.

The new rules started in September and only apply to property funds. A new category has been created: ‘funds investing in inherently illiquid assets’, which will be subject to enhanced oversight and disclosure rules. They will also be required to provide liquidity risk contingency plans and will be required to halt trading if there is uncertainty about the value of 20% or more of their portfolios.

The consultation closed in January and it had been due to announce its policy in June, but that was delayed by the Woodford suspension. As well as these new rules, the regulator is considering various remedies to avert a repetition of the Woodford crisis, such as the practice of daily dealing.

The policy statement says the FCA will look into notice periods for investors wishing to redeem their cash or reducing frequency for funds exposed to iliquid assets.

Another key area, according to the FCA, is disclosures. The Woodford crisis they say, illustrated the importance of investors being informed about the possibility of a liquidity mismatch. They further said, investors in the Woodford fund did not seem to be aware of – nor understand – the liquidity risks to which they were exposed.

Not going far enough?

The plans have not received the warmest of receptions. SCM Direct founder, Gina Miller, described them as ‘more tick-box regulation’, warning that investors would not be protected by mere risk warnings and contingency plans.

Other criticisms focused on the decision to limit the scope of the consultation to property funds while ignoring the wider UCITS Universe.

As the FCA acknowledged, the Woodford crisis showed that liquidity mismatches were not solely confined to property funds.

“Liquidity issues can extend to other open-ended funds, including UCITS, where they have holdings of less liquid assets, even including investments in listed equities if there is not a liquid market in those equities. Similarly, some bonds may be listed without there being a liquid market for those securities.”

Financial conduct authority

UCITS fell outside the scope of the original consultation, but when the FCA delayed its policy by three months after the Woodford crisis to see if there were relevant lessons it could draw, there were expectations that the scope might be widened.

The issue is urgent. The major liquidity crises of the past year have involved daily dealing or UCITS funds, so while this policy statement is one part of the solution, more will need to follow. The FCA confirmed that both they and the Bank of England are continuing to investigate solutions which could be applied to the wider market, so there will be more updates to come.

What can we learn from the Tullett Prebon Fine? - Waymark Tech Blog 22.10.19

What Can We Learn From the Tullett Prebon Fine

The FCA has fined broker firm Tullett Prebon £15 million for a string of misconduct issues, so where did they go wrong and what lessons can everyone else learn?

Picture this scene… You’re a broker firm and you’re worried about some suspicious signs on a recent trade. You ask the broker about it and he says: “You don’t want to know.”

For most people that would be a big red flag to dig further. For Tullett Prebon it was the end of the conversation and it’s one of the reasons they now find themselves on the wrong end of one of the biggest fines of the year.

In total, the FCA has fined them £15.4 million for a string of failures in the firm’s broker division. It failed on a number of issues including conducting business with due skill, care and diligence and failing to put good risk management processes in place. Worse still, when they did come under investigation they were, said the regulator, neither open nor cooperative.

Culpable incompetence

It’s not hard to see where they went wrong. The FCA’s assessment is pretty damning. ‘The case against Tullett Prebon was a long and complex one,” they said. “The firm’s failure to be open with the FCA about the existence of key evidence reflected a high degree of culpable incompetence and prejudiced the FCA enquiries.”

Management were wrongly under the impression that all was well with the firm. In part, that was because they had not put the proper processes in place to monitor and ensure compliance, but also because they almost willfully missed clear red flags. Systems may have been in place but they were not being used effectively and, when red flags did pop up, they were ignored.

This is why one broker’s “You don’t want to know” answer to a question about inordinately high brokerage on one deal went uninvestigated.

Poor culture

This incident highlights a serious problem with culture. That the broker felt comfortable being so blunt with his superiors highlights his belief that it wouldn’t be chased up.

The FCA uncovered a tendency towards ‘lavish entertainment’ which left the door open to all sorts of improper behaviour such as wash trading, which involved no change of beneficial ownership or underlying commercial purpose.

A lack of cooperation

Last, but by no means least, the regulator complained about a lack of openness and cooperation. Tullett Prebon had access to evidence in the form of audio tapes. This had been requested by the regulator in 2011 but it wasn’t until 2014 that the broker finally handed them over. They also gave an inaccurate account of how they had been discovered.

Lessons learned

Tullett Prebon’s failures, therefore, were many and varied, which is why the regulator has issued such a high fine. Aside from just the misconduct, the broker made life worse for itself by its reaction and clear evidence that it hadn’t taken compliance seriously enough.

It was also not the first time it had fallen under the gaze of the watchdog in recent times. Investigations in 2008 and 2010 also revealed ineffective controls about conduct.

These, then, are lessons which firms can put in place. First, they need to ensure that everyone within the organisation buys into a positive code of conduct and that they are properly incentivised. Clear oversight processes must be put in place and monitored to ensure they are being used properly.

The regulator is looking at firms which are more likely to be non-compliant, such as past behaviour or weaknesses in their business structures. Firms which have these may well find themselves the subjects of FCA probes.

Finally, at all stages transparency is crucial. If a firm cooperates with an investigation, that will be noted. Aside from reducing the level of the fine, it will also lesson the impact on a firm’s reputation.

Spotting the signs of bad culture - Waymark Tech Blog 15.10.19

Spotting the signs of bad culture

As any healthcare professional will confirm, treating the symptoms is usually easier, cheaper and more effective than treating the disease. The FCA is now taking a similar line, and in a recent speech, the FCA’s director of supervision, Megan Butler, set out what signs they would be looking for to detect those companies which might be about to break the law.

In a speech at an event organised by the Investment Association, Butler argued that the two biggest causes of rule breaking were culture and business model. Depending on how both were structured, she said, a company might be more or less likely to break the rules.

When assessing a company, she said they looked at four ingredients.

  1. Incentives: People play by the rules of the game and how they are rewarded. Inappropriate incentives, such as those based on high commission, can encourage people to operate in an inappropriate way.
  2. Purpose: Employees, say they are more attracted to firms which have a clear purpose and a positive mission. The FCA agrees and says that those which clearly state their mission are more likely to get things right than one in which its purpose is vague, or in which it is not embedded into daily operations.
  3. Leadership: Good, strong leadership from people who set the tone is crucial. This shows all employees the kind of behaviour that is expected and the conduct that will advance them in life. Those leaders who exhibit poor conduct or a willingness to prioritise profit over ethics tend to pass those behaviours down.
  4. Governance: Butler said that the regulator looks at governance in detail. It is important to have clear controls in place to ensure that people are not only technically competent, but that they go about things in the right way.

With the Senior Managers Regime due to be rolled out across the entire financial sector in December, firms can improve their prospects by adopting the same attitude as the regulators. They can monitor their own businesses for these four issues to ensure they have all the key ingredients in place to achieve the kind of positive culture the regulator is looking to promote.

But, what does this look like? Butler also had thoughts on this…

Ultimately it is about establishing a speak-up-and-listen culture. Employees must be encouraged to speak up when they see inappropriate behaviour.

Historically, those firms which have fallen seriously foul of the regulators have suffered from a negative culture in which employees were actively discouraged from expressing concerns. At times, whistle blowers were actively penalised. We only have to look at the example of Jes Staley, the Barclay’s banker who was fined for his aggressive pursuit of a whistle blower. Actions such as this reverberate across an organisation. They tell everyone that this is a company which will punish those who flag up misconduct more than those who commit it.

Finally, it’s also a question of how businesses perceive compliance. Do they see it as a regulatory risk; namely a box-ticking exercise done to keep the regulators happy, or is it a business risk? Positive conduct and culture comes from viewing it as a key business risk. It not only puts you in the firing line of the regulators, but it also means your business model is inherently insecure.

As mentioned at the start of this post, treating the symptoms is more effective for everyone. It helps the regulator identify those firms which are most at risk of breaches – and it also helps firms to minimise the risk of a breach occurring in the first place.

CFTC Fines - Waymark Blog Post

CFTC Hits Big Six for $6million

The US Commodities Futures Trading Commission (CFTC), has slapped six financial institutions with fines totalling $6million for various swap dealing violations.

In a statement, the CFTC said HSBC, Societe Generale, Northern Trust NatWest Markets, BNY Mellon and PNC Bank were all issued orders for a number of different regulatory failures.

HSBC became the first bank to be fined for violating swap dealer risk management regulations. The bank will pay $650,000 for failing to put appropriate risk management systems in place for swaps transactions. The regulator also found that it failed to properly report swap deal data in certain transactions to a swap dealer repository.

The regulator therefore decided to impose a civil monetary penalty which was reduced because they said the bank had cooperated and taken remedial steps.

“The Commission’s swap-dealer risk management rules are designed to monitor and regulate the systemic risk endemic to the swaps market. At the heart of these regulations is the requirement that swap dealers separately consider the risks unique to swaps as an asset class, separate from their other businesses…”

CFtC Director of enforcement, James McDonald

“… this is the first action the CFTC has brought regarding violations of these particular swap-dealer risk management regulations, and the Commission will continue to focus on enforcing these critical requirements.”

James mcdonald contd.

Societe Generale, meanwhile will pay $2.5million for violating swap data reporting obligations. It was also ordered to continue remediation efforts and to update the CTFC on its progress with compliance.

Due to NatWest’s cooperation and “substantial” remediation, the watchdog has imposed an $850,000 civil monetary penalty, amongst other sanctions. The charges were placed against the firm for failing to comply with its obligations to submit accurate large trader reports (LTRs) for physical commodity swap positions to the CFTC.

Northern Trust was charged with several violations of the CEA and CFTC regulations for swap reporting under parts 23,43 and 45 of the CFTC regulations. They were fined a total of $1m.

NatWest’s fine of $850,000 for swap dealer reporting violations, as well as other sanctions, was reduced because of their cooperation with the regulator and what was described as ‘substantial’ remediation efforts.

BNYM is the world’s largest custody bank and asset servicing company. It was fined $750,000 for numerous violations of CEA and CFTC regulations relating to swap reporting.

PNC Bank’s fine of $300,000 was for violations of parts 20, 43 and 45 of the CFTC regulations.

The fines highlight the importance of fulfilling all reporting requirements. The regulator finished by warning that it will “continue to vigorously enforce reporting requirements,” and that it will “take appropriate action where reporting failures are occurring as a result of serious supervisory failures.”

Is the ICO using its full powers? Waymark Tech Blog 03.10.19

Is the ICO using its Full powers?

GDPR was supposed to usher in a brave new world of bumper fines and data responsibility, but is the ICO making the best use of its powers?

The build up to the launch of GDPR was a bit like the wait for the millennium bug. Headlines warned of massive penalties comprising 4% of annual turnover. The industry braced for impact and then… nothing. The big fines failed to appear in 2018 leaving many to wonder if this, like the Millennium bug, would be a lot of fuss over nothing.

More recently, though, things have begun to pick up. We’ve seen big fines for British Airways and Marriot. Facebook faces potentially billions of dollars worth of fines for multiple investigations. Regulators have shown that although they see fines as a last resort, they are willing to go big when required.

Even so, we have not yet seen fines hitting the 4% limit as promised, but this in itself should not surprise us too much. The ICO never issued the highest possible fines under the old Data Protection Act. The severity of the breach and the level to which the company may be deemed to have been responsible have all influenced scale of the fines implemented.

Financial services worst hit

One area in which the doom mongers might have been right was in guessing that the financial services would be heavily hit. Data on enforcement actions seem to back this up as the financial sector received more GDPR penalties than any other. Overall, data suggested there have been 68 enforcement actions across the EU with 11 of those going to the financial services sector. The professional sector came second with seven fines followed by the public sector and healthcare.

Most fines issued (41) were due to breaches in the processing of personal data while 23 were issued for the lawfulness with which the data was processed. Three fines were issued for the way a breach was communicated to the regulators and one for the way in which the breach was communicated to the individuals.

Too early to tell

GDPR is beginning to have an impact but in many ways it may be too early to tell. The ICO only applied GDPR to breaches that occurred after the imposition of the new regulations. As such, most of the enforcement actions taken during 2018 were held under the older regulations. It is only in 2019 that we have really seen GDPR taking shape.

Across the continent regulators are also working to adapt their approach and some have been clearer than others.

A good guide comes from Dutch regulators who issued this guidance on how they will approach fines. It has three main categories:

  1. Simple or clerical violations which carry fines of €100,000
  2. When a company fails to fulfill specific GDPR requirements regarding data processing they will be fined at € 310,000
  3. The most serious instances come when a company refuses to be transparent and fails to notify users or the regulators. These attract fines of €525,000
  4. The unlawful processing of special categories of data €725,000

These are early days indeed, but regulators are showing a degree of understanding. They are less concerned with penalising basic errors as much as cracking down on those companies which have seriously broken the law, or shown a lack of transparency when problems do occur. This is why companies such as Facebook which have repeatedly faced questions for the ways in which it handles data, tend to come under the greatest scrutiny.

Powered by WordPress & Theme by Anders Norén