Skip Ribbon Commands
Skip to main content
Sign In

ESBG response: ESMA consultation on guidelines on certain aspects of compliance function requirements

ESBG response: ESMA consultation on guidelines on certain aspects of compliance function requirements

​​

​​

ESBG 

​Rue Marie-Thérèse, 11 B 1000 Brussels

​Transparency Register ID: 8765978796 80

October 2019​




ESBG welcomes the opportunity to provide comments to ESMA’s consultation, on the guidelines on certain aspects of the MiFID II compliance function requirements, and would like to make the following remarks.

Q1. Do you believe that guideline 1 should be further amended and /or supplemented?

Please also state the reasons for your answer.

This guideline encourages “to take into account the results of any monitoring activities and of any relevant internal or external audit findings”. In our opinion, this obligation might be positive if it secures the coordination and integration of all the defence lines. However, it should not compromise the independence between the third and second level of defence. If this happens, it would be preferable to maintain the original wording.

The proposed amendments to guideline 1 also raise some questions. According to paragraph 6, the term “shall” is used by ESMA when describing a MiFID II requirement. In general guideline 1 (paragraph 18) the previously used term “should” has been replaced by “shall”. Paragraph 18 does not, however, correspond to Article 22(2) of the MiFID II Delegated Regulation. For example, the open phrase “amongst others” that it now contains is nowhere to be found in the MiFID II Delegated Regulation. Furthermore, it remains unclear what the intention behind the addition of “priorities” (alongside “focus”) is. Overall, the changes to the wording make general guideline 1 less comprehensible. The same applies for the supporting guidelines. For example, it remains unclear particularly in paragraph 19 why changes were made to the wording (e.g. new term “work programme” – referred to so far in Article 22 of the MiFID II Delegated.

Q2 to Q4: Do you agree with the suggested approach in relation to the compliance function’s monitoring obligations? Please also state the reasons for your answer. Do you believe that further guidance is needed to clarify the compliance function’s monitoring obligations? Do you agree with the addition to paragraph 26?

ESBG believes that no further guidance is needed to clarify the compliance function’s monitoring obligations.

Recital 25 illustrates monitoring activities within the compliance function by referring to on-site inspections at the business unit. Considering this a valid approach, we also consider that it should coexist with current valid models, in which the on-site inspections (over internal offices or branches) are carried out by the Internal Audit function and also the Compliance function may commission the Audit function with its own particular reviews. Under this scenario, the results of the commissioned work should be just managed by the Compliance function.

The planned addition (interviews with customers) is not necessary, as Compliance is already required to use customer complaints as a source for its activities (see marginal figure Supporting guideline 30). Such interviews of customers by the compliance function are neither practicable nor target-oriented. Due to the integration of the compliance function within the framework of complaint management, there is no added value from our point of view.

Moreover, client interviews do not guarantee a higher level of investor protection. The planned addi-tion of interviews with customers should therefore be avoided.

​Q6: Do you agree with the suggested content of the compliance function reports in relation to product governance arrangements (paragraph 33 of the guidelines)? Please also state the reasons for your answer.

According to Art. 9 delegated directive (EU) 2017/59, investment firms shall ensure that the manage-ment body has effective control over the firm's product governance process. Investment firms shall ensure that the compliance reports to the management body systematically include information about the financial instruments manufactured by the firm, including information on the distribution strategy. From our point of view, the minimum information to be reported is too detailed. In our views, the volume distributed per asset class appears sufficient. Furthermore, it was not taken into account that there are already correlating information obligations from other legal bases (conflict of interest), which is why the listed requirements would be redundant.

Q7. Do you agree that the information that should be included in the compliance function reports should be proportional to the complexity and level of risks of the financial instruments manufac-tured and /or distributed by the firm? Do you believe that additional criteria should be taken into account? Please also state the reasons for your answer.

We fully agree to take into account the proportional criteria. We agree that the compliance function reports should be proportional to the complexity and level of risks of the financial instruments man-ufactured and/or distributed by the firm. It should also be borne in mind in this respect that the compliance report is intended for senior management and the supervisory function. These should only be bothered with information that is essential for them to perform their tasks. No additional criteria should therefore be taken into account.

Q9. Do you believe that further topics/areas should be included in the compliance function reports?

No.

Q10: Do you agree with the approach taken for the review of guideline 4? Do you believe that guideline 4 should be amended and/or supplemented further? Please also state the reasons for your answer

No further amendments or additions should be made to paragraphs 37 to 46.

Especially it is very non-transparent in what is meant by ‘compliance culture’. It is unrealistic to assume that the management board will officially speak out against compliance within the company.

Q11: Do you believe that guideline 5 should be amended and/or supplemented further? Please also state the reasons for your answer.

We take a critical view of the responsibility of the management as provided for in paragraph 48, last sentence. Such responsibility cannot be provided by way of interpretation, but only at level 1 or, if authorised, at level 2. In addition, responsibility of the Executive Board for the appropriate staffing of the compliance function and the expertise of the compliance function employees collides with the explicitly standardised responsibility of the Compliance Officer for the compliance function (see Art. 22 para. 3, letter b) MiFID II Delegated Ordinance). We therefore advocate a waiver of the last sen-tence in paragraph 48.

In this context, arrangements (“arrangements necessary to ensure effective communication between the compliance function and the other control functions”) should not be understood as written agree-ments. Combining the compliance function with the internal audit function should generally be avoided as this is likely to undermine the independence of the compliance function because the inter-nal audit function is charged with the oversight of the compliance function. Where appropriate, both compliance and internal audit function could share its control and desk review plans in order to carry out such controls more effectively and avoid duplicities and redundancies.

Q12 to Q13: Do you agree with the creation of a new guideline solely focused on the skills, knowledge, expertise and authority of the compliance function? Please also state the reasons for your answer. Do you agree with the additions to guideline 6 (formerly part of guideline 5)?

With regard to general guideline 6 (paragraph 53), we take a critical view of the requirement in the last paragraph "high professional ethical standards and personal integrity". These criteria are not relevant under MiFID II. Regulatory requirements require that the compliance function has the necessary ex-pertise (see Article 22 (3) (a) MiFID II-Del.Reg. 2017/565). As the interpretation would itself require interpretation, its verifiable implementation would probably be impossible in practice. We suggest deleting the last sentence in paragraph 53 of the Supporting guideline.

Q14: Do you believe that guideline 7 should be further amended and/or supplemented? Please also state the reasons for your answer.

No.

Q15: Do you believe that guideline 8 should be further amended and/or supplemented? Please also state the reasons for your answer.

No.

Q16: Do you believe that guideline 9 should be further amended and/or supplemented? Please also state the reasons for your answer.

No.

Q17 to Q18: Do you agree that, subject to the proportionality principle, a firm should consider establishing and maintaining a core team of compliance staff whose sole area of responsibility is MiFID II? Please also state the reasons for your answer. Do you believe that guideline 10 should be further amended and/or supplemented? Please also state the reasons for your answer.

We do not agree with this approach. The Guidelines already outline the need to allocate necessary resources to risk assessment function.

• The compliance requirements are based on the principle of proportionality (see Article 22 (1), last sentence of MiFID II Del. Reg. 2017/565). This also applies with regard to the staffing of the compliance function.

• The Supporting guideline 78, in particular the question Q17, gives rise to fears that smaller institutions in particular, which do not yet have "a core team within the compliance function staff members whose sole area of responsibility is MiFID compliance", will come under pres-sure to justify themselves in future, although their staffing levels are in line with the regulatory requirements for the compliance function. This would not be appropriate.

• Another argument against the proposal is that ESMA would like to define Art. 22 MiFID II Del.Reg., i.e. the MiFID compliance function. However, if this function exists and is con-cerned with the corresponding securities compliance tasks, we do not understand how it can be used to set up a further core team, which should differ in the scope of tasks. Like the compliance function itself, this core team would also only deal with MiFID II issues.

Q19 to Q20: Do you agree with the amendments made to guideline 11? Please also state the reasons for your answer. Do you believe that guideline 11 should be further amended and/or supple-mented? Please also state the reasons for your answer.

The changes are comprehensible. These are clarifications and they correspond to the understanding already valid in Member States. Consequently, we have no objections to the changes made.

Q21: Do you agree with the amendments made to guideline 12? Please also state the reasons for your answer.

We see no need for the supervisory approach specified in paragraph 92, as conformity with the com-pliance function requirements and due performance of compliance function tasks are already checked comprehensively by particularly the internal and external audit functions.

We strongly disagree with Recital 92, which describes as a good practice that some Members States require the compliance officer to fulfil an annual questionnaire in order to gather information on the compliance of the firm. This report is not a real evaluation on how the function is monitoring the firms. It could lead to misinterpretations and may bring, consequently, confusion and uncertainty to investment firms, thus creating an un-level playing field within the single market and resulting in an inconsistent approach across the EU.

Q22: Do you believe that guideline 12 should be further amended and/or supplemented? Please also state the reasons for your answer.

We consider that Recital 92 should be therefore removed from the consultation document.

General Comment

Furthermore, we noticed that the wording “firms” was used to describe “investment firms” as defined in Art. 4(1)(1) of MiFID II as well as “credit institutions when providing investment services and activities” within the meaning of Art. 4(1)(2) of MiFID II. For us, it is unclear, why this distinction was made, as Art. 4(1)(1) of MiFID II defines as “investment firm” “any legal person whose regular occupation or business is the provision of one or more investment services to third parties and/or the performance of one or more investment activities on a professional basis”, therefore from our point of view the wording “investment firm” would be sufficient to include also credit institutions when providing investment services.​


MiFid; Regulation; European Supervisory Authorities (EBA-ESMA)