Source: Dave Lewis, iVestigo
Dave Lewis, technical director of IT Assurance at iVestigo explores the likely impact that MiFID will have on the requirements for availability and continuity of business-critical IT systems and considers the effects of IT system downtime under the ruling.
MiFID as most will be aware, will allow financial institutions to provide services throughout Europe as a single market, on the basis of home country supervision. Overall MiFID contains some 73 articles and applies to all financial institutions in Europe, buy side and sell side, and impacts all asset classes except (currently) foreign exchange trades.
It is clear, even on first reading, that MiFID is both broad and far reaching but what is the overall aim of the directive? In short, MiFID aims to uphold the integrity and overall efficiency of the financial system and provide a coherent, risk-sensitive framework for regulating the order execution arrangements in the European financial markets.
Integrity. Efficiency. Regulated order execution.
We’ve heard market integrity and efficiency before, nothing new there. Regulated order execution? Again, striving to achieve best execution is nothing new, so what’s the twist? Well, MiFID is seeking to achieve a high level of investor protection by ensuring quality execution of transactions by imposing an explicit 'best execution' obligation. Making best execution an explicit obligation is all well and good but how will institutions prove it?
Under MiFID, institutions will have to publish 'firm' quotes during trading hours and traded prices in all the quoted securities that they deal in. The idea is to reduce the 'price improvement' game and encourage (force) institutions to reflect 'real' tradable prices. This will mean that institutions will effectively act as mini stock exchanges, which in turn will mean much more data being published into the market and the approach to 'best execution' taking on a much more quantitative rather than qualitative guise.
Critics argue that price is only one factor and does not of itself 'prove' best execution. A 'best price' is for naught if the cost of settling with the particular counterparty is high, for instance, due to a lack of automated systems.
Nevertheless, MiFID will impose tight time limits on publishing prices and therein is the real hidden impact on institutions IT systems. I say hidden because there are sections of MiFID that relate specifically to IT systems – see Article 13 (4) and (5) for continuity and effective IT system controls and the CESR advice in relation to disaster recovery.
The obligation to publish prices will require institutions to utilise robust electronic order handling and trade execution systems in order to comply and get their prices published in time. What constitutes 'in time'? MiFID aims for 'as close to real-time as possible' so, think in terms of three minutes as a maximum and think in terms of being able to publish prices 'in time' throughout all trading hours.
The aim of requiring prices to be published is to enhance the transparency on the depth of liquidity in securities and hence aid pricing and best execution. The effect of an IT system error during trading hours that prevents quotes from being published is not explicit under MiFID. It does not seem unreasonable to infer under the current text that if prices cannot be published then the institutions trading activity should stop. Hopefully this will be clarified over time, but what is certain is that resilient IT systems will form the backbone of successful MiFID compliance.