If you manage IT at an EU-based financial institution, you are likely staring down an onslaught of new rules from the Markets in Financial Instruments Directive II (MiFID II).  MiFID II picks up where MiFID I left off in 2007, mandating a new level of compliance for companies that deal in financial instruments such as derivatives.  You may wonder what it will mean to you and your IT department.

On one level, it’s hard to predict MiFID II’s impact. These type of regulations change from the time of their publication to their actual implementation. Even then, the working norms and practices around implementation of internal and external controls, audit and enforcement have yet to be determined. Some software vendors will introduce new versions of their products that automate some of MiFID II’s standards.  Specialized consultants are on hand to help with the process. Every company will have different requirements, and so forth.  Your specific obligations are probably difficult to forecast.

On another level, the future is quite clear: MiFID II is already creating a lot of work for IT managers and compliance directors. The regulations are intended to make markets in 28 countries more transparent and balanced for all investors across multiple security types.  Anything this sweeping is going to be complicated to realize. A brief look at MiFID II’s objectives and core measures suggests just how time-consuming MiFID II is for IT departments:

• External Controls and Reporting – This area of MiFID II places restrictions on commodity derivatives trading, with a requirement to report derivatives trading to regulators. Financial firms will now also be required to report on dealings with trading counterparties in other countries.

• Internal Controls and Governance – MiFID II calls for enhanced governance, with an emphasis on internal controls and “tone at the top” aspects of corporate governance. From an IT perspective, this objective will create demand for new types of reporting on securities trading activities across territories and business entities.  An increased focus on internal controls and governance will also probably require systems that can facilitate audit as well as new policy definition and enforcement functionality.

• Market Structure – These core measures include mandatory position limits on commodity derivatives, the introduction of an “Organized Trading Facility” (OTF) for non-equity investment instruments, open access to trading venues, limitations on trading away from regulated markets (e.g. “dark pools”) and restrictions on high-frequency algorithmic trading. Each measure will require a change in the systems that support trading activities as well as the reporting requirements for trading activity. Financial firms will need to show that they have accomplished the market structure measures through reporting and disclosure of controls.

• Market Transparency – Transparency is one of the main goals of MiFID II. There is a push for increased regulatory and client reporting requirements for all classes of assets. MiFID II will require near-real-time reporting to regulators.  The regulations also call for the creation of a “Consolidated Tape.” A consolidated tape is a high-speed digital system that reports price and trading volume information for stocks from multiple exchanges at the same time, e.g. simultaneous trading updates from the CAC 40, FTSE, Euronext 100 and DAX.

• Investor Protection – Regulatory authorities gain more oversight of products, including the ability to ban or limit the marketing of investment products to retail investors. Definitions of “Suitability” are being revised for “complex” products that contains embedded derivatives.  In addition, the regulations ban inducements and require stricter disclosure rules for payments made to independent advisors and money managers.

MiFID II is already having many repercussions for IT departments. The regulations are making a new breed of customer portal standard in the financial business. Companies are expected to give clients more detailed and real time access to account information through portals now. Trading systems are certainly being deeply impacted. Through the regulatory regime, one sees recurring calls for transparency and expanded reporting along with new heights of data integration.  While not specifically called out in the standards, MiFID II is going to mean the deployment of whole new data aggregation, storage and analytics systems.  Infrastructure will be stretched, as will personnel. Indeed, according to the Accenture 2015 Global Structural Reform Study, 48% of financial firms are planning to add fulltime headcount in response to regulatory changes; 68% plan to increase contractor headcount and another 59% plan to increase headcount through outsourcing.

MiFID II is leading to to a surge in hiring, but not the kind of hiring that most firms actually desire. While the same Accenture study showed that more than half of firms plan to use MiFID II as a pretext for changing strategies and expanding services, the regulations are largely expected to be a drag on resources on innovation.  And, it’s not as if there won’t be a MiFID III or something just like it coming along in a few years.  The financial industry is in a nearly constant state of regulatory reaction.  Compliance managers have to be on call for what seems like a permanent state of change in regulations.

There is reason to be positive, though.  Challenging waves of change like MiFID II can present hidden opportunities to rethink application architecture, data management, infrastructure and more. Now is a good time to think about how to avoid getting bogged down in a long, draining distraction over MiFID II at a time when most industry players need to focus on competitiveness and cost-cutting.

Choosing the right partner who can help you chart a course for ongoing agility and IT operations efficiency whilst enabling your compliance projects is a smart way to avoid some the drag effect of compliance on an ever increasing backlog of IT innovation projects.