With the implementation of MiFID II looming, firms must ensure they are up-to-date with the FCA’s changes to ensure they comply with the new regulations around call recording. Phil Deeks, TCC’s Technical Director outlines why firms must be prepared for a number of process changes no matter which option they choose.
In its recent Policy Statement 17/14, the regulator published final rules around MiFID II in which Article 3 firms have the choice of either recording conversations or taking written notes.
Firms must decide which method is more applicable to them and ensure they can consistently apply it across their business. There are many different factors which firms must take into consideration when deciding which option to choose, including the size, purpose and complexity of the business, but either option is likely to require change to be made.
The first hurdle will be to implement the necessary controls to ensure potential or actual orders are identified, and all of the relevant information is recorded to meet the appropriate requirements.
Note taking versus conversation recording
Firms which choose the note taking option will be expected to record the necessary details of the conversation, including:
- The time and date of the meeting;
- The location;
- The attendees present and who initiated the meeting;
- Information regarding the price, volume, type of order, when it needs to be transmitted or executed and the reasons for the order.
If firms choose this approach they must be aware that this option may not provide an accurate record of the conversation, especially if individuals choose to complete the notes after the conversation has taken place. Conversation recording can help firms comply with the wider requirements of MiFID II. In addition, firms using the data and management information (MI) available to them as a result of conversation recording can utilise this to their advantage to progress their governance and identify operational efficiencies, as well as evidencing that suitable and positive customer outcomes are being delivered.
All firms must ensure records are kept secure with restricted access to prohibit accidental damage or tampering. Firms must also take into account that these safeguarding restrictions will need to be considered in terms of their GDPR obligations, as well as the 5 year restriction that MiFID II places on retaining data.
Policies and procedures
MiFID II requires firms to have a policy on recording telephone conversations and the use of electronic communications, which senior managers are responsible for implementing, overseeing and controlling.
The firms that choose to take notes will also need to have suitable processes and controls in place to ensure they meet the record-keeping requirements.
All firms must ensure they fully train all members of staff on the requirements of MiFID II and make sure they informed of the procedures around conversation recording, as well as the process around access of data and data protection. Firms must also conduct regular checks to ensure employees are abiding by the policies and procedures.
It is essential that all firms start preparing as soon as possible to make sure they are ready for the implementation of MiFID II in January 2018.