What MiFID II means for your mobile communications
MiFID II is a mammoth task. It’s the biggest shakeup of financial services regulation for a decade. It builds on the original 2007 MiFID legislation and means many more workers across the European Union will have their communications recorded from January 2018. So, are you confident you’re ready for MiFID II?
MiFID II extends the recording of conversations and electronic communications beyond traders. From the 3 January 2018, thousands of businesses will be recording mobile communications (voice and SMS) that lead to a trade or financial transaction.
Since MiFID II was announced, there’s been some confusion about which devices and/or numbers are covered.
Initially, some firms even pushed for exemption from recording mobile calls where employees would be using personal phones. But, as it stands, MiFID II applies to any mobile communications relating to Relevant Conversations, such as:
Receiving and transmitting orders
Orders executed on behalf of clients
Transactions concluded when dealing on own account.
It’s the content of the conversation or communication that matters, not the mobile number on which it’s conducted. Importantly, businesses are still liable if the call is carried out on a personal device. This has led many companies to ban the use of personally-owned devices for business purposes.
Systems, storage and security
Most firms have opted for the reliability, assurance and control of a network-based system. There are many advantages over an on-premises set-up for recording, storage and retrieval – plus the option to ‘pay as you go’ with an OPEX model.
User experience is paramount for many businesses. With Vodafone, call quality isn’t compromised during recording, plus there’s no delay in connectivity and no need to change devices or Vodafone SIM cards.
When it comes to storage, network-based systems are again the system of choice. Crucially, they enable all communications to be recorded to the cloud. This reduces or eliminates the need for local infrastructure changes and it’s easy to increase storage as required.
MiFID II requires all records to be kept in a durable medium that allows them to be replayed or copied, but which prevents the original from being altered or deleted. So, companies must ensure the quality, accuracy and completeness of these records, while making them searchable and retrievable. That’s why Vodafone Network Mobile Recording uses triple-encryption, UTC time stamping and data tagging. This solution strictly controls access too – compliance teams right across your business can stream recordings via a secure portal. So, there’s an audit trail for every single communication from creation to disposal.
As you can imagine, with every communication having to be kept for at least five years (as opposed to the current six months), MiFID II is set to create a data mountain. It’s vital that your solution can handle this scale, while maximising control over recording, storing and retrieving data. This enables compliance teams to fulfil the letter of MiFID II and the spirit – to take a proactive stance to monitoring communications.
Don’t overlook GDPR
The new European General Data Protection Regulation (GDPR) swiftly follows MiFID II in May 2018.
The GDPR strengthens data protection for individuals on the data held about them which includes the recording of calls and communications in the context of data privacy. The penalties for data misuse under the GDPR are sobering – the current maximum of £500,000 will rise to potentially 4% of worldwide turnover.
The size of these penalties make it even more crucial to ensure that your MiFID II plans are rock-solid in terms of how you’ll be handling data.
Behind with MiFID II? We can help
If you’ve not yet planned or implemented precisely how you’re going to comply with the mobile recording element of MiFID II, time is fast running out. Vodafone Network Mobile Recording is easy to deploy, highly secure and provides the control that MiFID II demands. For your services, there’s minimal disruption. For your employees, there are no changes to the way they conduct calls. And you can be 100% certain that you are complying with this specific element of MiFID II.