The Market in Financial Instruments Directive (MiFID II) is a wide-ranging regulation that affects all investment banks and financial organizations in the UK. Already in force for more than eight months, MiFID II has presented new trends and challengesin the UK mobile messaging compliance landscape – particularly in the area of text message archiving
MiFID II Recordkeeping Requirements
Under MiFID recordkeeping requirements and Best Execution obligations, UK financial firms are required to capture and record mobile text messages, as well as archivevoice calls, chats, emails, and other electronic messages that are intended to lead to a transaction. Financial firms in the UK are now also requiredto archive text messages and other trade-related mobile content for a longer time period: from 6 months under the current regulation to a minimum of 5 years under MiFID II.
While most regulated UK firms already retain five to seven years of records for best practice, it will now be mandatory across the EU. Aside from that, it is now also the responsibility of the firm to record voice calls in the highest audio quality, to make the investigation and prosecution process of potential market abuse more efficient.
Text Message Archiving Compliance Tips
With more complex and stringent requirements in place, it is not surprising why many companies are still confused about the new rulings of MiFID II. In fact, a freedom of information request submitted by Professional Adviser has revealed that the Financial Conduct Authority has received more than 1,500 calls and queries relating to the MiFID II rules in the last six months.
To help UK financial firms alleviate their compliance burden, we will detail in this infographic the top text message archiving tips that will ensure compliance with the new MiFID II mobile phone recording regulation.
1. Establish a Text Message Policy
To ensure compliance with the recordkeeping requirements of MiFID II, it is imperative for UK financial firms to have a clear and solidtext messaging policy in place. This is under the Article 16(2) of MiFID II which requires investment firms to establish adequate policies and procedures sufficient to ensure compliance of the firm with its obligations under the new Directive.
A detailed and well-grounded text messaging policy is essential to ensure that all employees are texting in compliance with existing text message archivingstandards and bestpractices in the industry.In a top-level perspective, a text messaging policy should convey the following information to the employees:
- The purpose of the policy.
- The scope of the policy.
- The responsibilities of employees.
- The level of required consent.
- The risks and consequences of violating the policy.
- The monitoring/oversight process of the organization.
Make sure that your text message policies are updated and clearly dictate the process of supervising electronic communications to avoid fines and penalties from FCA.
2. Ensure Stringent Data Access Standards
Along with MiFID II is another piece of an all-encompassing regulation which not only affects the way financial firms capture and record text messagesbut also the way they store and protect them from data security risks: the GDPR.
To achieve compliance with MiFID II and GDPR, it is critical to ensure that only authorized users can access the archive database, such as text messages that convey information related to customer’s financial information, order records, and employees trade correspondence.
Keep in mind that regulators emphasize the protection and privacy of data – which could include details as seemingly minor as client address or phone number.
3. Use a Mobile Device Management (MDM) Solution
If your organization allows its employees to use their personal devices for work purposes, then you must consider investing in an MDM solution. It is a software that allows IT administrators to control, secure, and enforce policies on smartphones, tablets, and other mobile devices used for business purposes.
When investing in an MDM solution, make sure to choose one that is already or can be integrated with your mobile archiving platform. Doing so will not only enable you to capture and record text messages that are trade-related on the personal device of your employees but also enforce policies and controls onto all the devices across your organization in just one platform.
4. Use an Enterprise Text Message Archiving Solution
The implementation MiFID II this year is expected to compound the cost of compliance in the UK financial sector. In the 2017 report from Duff and Phelps, it was revealed that financial institutions’ regulatory costs could more than double over the next five years.
While the cost of compliance is quite a financial burden, the cost of non-compliance is much higher and threatening. If you fail to capture and record text messages, voice calls, chat logs, emails, and other types of mobile content, you could face hefty fines and penalties, or even legal actions from FCA and also from the EU itself.
To avoid non-compliance sanctions, UK financial organizations should invest in an enterprise-grade mobile archiving platform that will allow them to capture andretain text messages, record voice calls, as well as emails, IMs, MMS, voice chats, WhatsApp messages, and other types of mobile content.
The TeleMessage Mobile Archiver effectively addresses compliance, regulatory, and eDiscovery response requirements and reduces risk across a variety of industries. TeleMessage records mobile content, including SMS, MMS, Calls, and even chat logs from popular apps such as WhatsApp. Messages are securely and reliably retained within TeleMessage servers or forwarded to an archiving data storage vendor of your choice.
Our mobile archiving products securely capture content from mobile carriers and mobile devices for a variety of ownership models (BYOD, CYOD, and employer-issued). With our multiple archiving solutions, you can always find the right tools or blend for your requirements: