Feeds

The MiFID opportunity

Deadline is fast approaching...

Application security programs and practises

You can say one thing for a business disaster these days: it's usually a lucrative "opportunity" for IT people. The next such opportunity is going to be MiFID – the EU Markets in Financial Instruments Directive, which goes live in November 2007.

MiFID affects only a subset of UK companies, those in financial services (check out the FSA web pages at the above link), although some that are affected may not realise it yet – some will be coming under regulation for the first time – and it will have a major impact on those affected.

A guide to the MiFID state of play in the UK, from Michael Folger of the FSA, is available here; and another, Jitz Desai's MiFID: The roadmap to implementation, can be obtained from the MiFID documents section of the JWG-IT think tank pages (registration required).

MiFID is intended to increase transparency for trading in financial instruments and will, possibly, provide better consumer protection in this market. But, it has consequences for the IT group in firms affected (and remember that it will be a large and therefore high-risk project, highly visible, attracting board-level interest, and dealing with external regulators).

And, as usual with implementation of regulatory change, such work is likely to be well-paid - either because the legislators have unrealistic timescales or, more likely, because many businesses will leave compliance to the last possible moment.

What this new directive means (among other things) is that customers will be able to expect "best execution" of their trades according to published rules (and select their financial services partners according to their own preferred interpretation of "best execution").

However, there are few prescriptive rules as to how exactly to implement this (ILOG's Jean-Baptiste Dezard provides a useful summary of the likely requirements in his paper Addressing MiFID's Best Execution challenge - more from ILOG on MiFID here).

Financial services firms will be expected to be able to point to a documented process that implements MiFID to the satisfaction of the regulators. They may also have to defend their interpretation of best execution if this is disputed (going back five years) and be able to supply timely information on the completion of deals to their customers and regulators.

This may be good news for financial services customers, and it promises to reduce capital costs and provide increased business for financial services firms – although high implementation costs are also anticipated.

However, it will be a real headache for a hard-pressed IT department, especially if resources haven't been allocated to MiFID, since the MiFID rules (which were supposed to be formulated by the national regulators for the beginning of 2007) have not generally been implemented across Europe yet, and the MiFID "go live" date is November 2007.

Luckily, the UK FSA is ahead of the game - although MiFID is an international issue, in general, even for UK companies.

At SunLIVE07, Nick Gibson, head of regulatory stream, EU MiFID Programme, ABN Amro, discussed some of the potential technical challenges associated with implementing MiFID. These include:

  • Knowing what application logic is needed - Dutch law, for example, is unlikely to be finalised until shortly before MiFID goes live, giving Dutch IT groups little time to code and test the necessary logic.
  • Deciding what the "best execution" requirements really are; not just the rules applying when the trade is made, but any logic required to report on best execution from trades five years ago – do we need to actually recreate the market at the time of the trade? Gibson thinks not, but this isn't clear.
  • Managing the operational risk is associated with traders having to work out which rulebook applies to, say, a French client trading with the London branch of a Dutch bank.
  • Improving the user interface to financial systems, to make supplying more information to customers and other stakeholders easier ("self service" facilities may be needed).

Gibson also points out (ironically) that transaction reporting is "a joy" - with 27 potential variants and a choice of the applicable regulator and regulating engine (internal or external) to worry about.

Application security programs and practises

Next page: Tools

More from The Register

next story
BBC goes offline in MASSIVE COCKUP: Stephen Fry partly muzzled
Auntie tight-lipped as major outage rolls on
There's NOTHING on TV in Europe – American video DOMINATES
Even France's mega subsidies don't stop US content onslaught
You! Pirate! Stop pirating, or we shall admonish you politely. Repeatedly, if necessary
And we shall go about telling people you smell. No, not really
Airbus promises Wi-Fi – yay – and 3D movies (meh) in new A330
If the person in front reclines their seat, this could get interesting
UK Parliament rubber-stamps EMERGENCY data grab 'n' keep bill
Just 49 MPs oppose Drip's rushed timetable
Samsung threatens to cut ties with supplier over child labour allegations
Vows to uphold 'zero tolerance' policy on underage workers
Dude, you're getting a Dell – with BITCOIN: IT giant slurps cryptocash
1. Buy PC with Bitcoin. 2. Mine more coins. 3. Goto step 1
US freemium mobile network eyes up Europe
FreedomPop touts 'free' calls, texts and data
prev story

Whitepapers

Reducing security risks from open source software
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.