09.28.2017
By Terry Flanagan

Compliance: A Big Picture

CAT. GDPR. MiFID II. AML. KYC.

Market participants have myriad regulations to comply with, at various stages of implementation, each with their own requirements and nuances.

But the diverse rule sets have some common themes, among them cybersecurity, regulatory reporting, market access, and identifying and preventing manipulative activity. So rather than managing each regulatory regime separately, it’s important for broker-dealers and hedge funds to have a cohesive strategy.   

Joanna Fields,
Aplomb Strategies

“It’s about thinking holistically and globally about all the requirements, allocating resources and developing a schema that builds something across different asset classes,” said Joanna Fields, founding principal at consultancy Aplomb Strategies. “This way you’re not building 400 different reports, you’re building one report for many different asset classes. You’re not multi-tasking with the same resources.”

The Consolidated Audit Trail is a top-priority concern for broker dealers. Mandated by the U.S. Securities and Exchange Commission, the CAT is a single, comprehensive database to enable regulators to more efficiently and thoroughly track all trading in U.S. equity and options markets.

The CAT is slated to roll out in multiple stages between this fall and November 2019; earlier this week, SEC Chairman Jay Clayton said the CAT would start as scheduled, but implementation could be phased in more gradually. For now at least, large broker-dealers must begin reporting trades in November 2018.

Fields, who was head of equities and derivatives market structure at Deutsche Bank before starting her own firm four years ago, said a core challenge for resource-constrained capital markets firms is allocating the resources to properly address regulatory change. Stitching up resources, to the extent possible, optimizes efficiency better than handling each project on a piecemeal basis.       

“If you think about regulatory reporting, it’s not just the Consolidated Audit Trail — there are best-execution reports for MiFID and updated requirements for TRACE,” among other mandates, Fields said. “You have to think holistically with your resources. Three years from now you’re not going to want to have a staff of 40 and need to lay off people.”

Regarding cybersecurity, Fields said only a small percentage of corporate boards have experience in the field. Chief information security officers (CISOs) are sometimes brought in to to ensure the right concerns are raised, but she is kept busy in this area.    

“I’ve been focused on cyber policies from the top — making sure you have insurance, making sure you have governance,” she said.  

Broadly speaking, firms ring up Aplomb when they have a problem. “What usually happens is there is a regulatory sweep or focus, and we’re called in,” Fields said. “We look at the issue and we turn that into ‘how do I fix the larger problem?’.”

(Visited 210 times, 1 visits today)

Related articles

  1. Trade reporting costs on the rise

    The buy-side can design their own reports to assist in compliance.

  2. Machines 'Learn' Front Office

    Neurensic acquisition is a vote of confidence in the emerging technology.

  3. Machines 'Learn' Front Office
    Contributed Content

    Is AI Ready for Compliance?

    Making the distinction between artificial intelligence and machine learning.

  4. Regulatory Harmonization in Focus

    It may be the next logical step according to Nasdaq's CEO.

  5. APA publishes trades in line with regulatory timeframes helping firms compliance with MiFID II.