5 key EMIR Refit controls: what do you need to be ready?
As we all know, the EMIR Refit is coming into force next year – in April 2024 for the EU, and September 2024 for the UK.
The finance world is abuzz with talk of how the changes will affect firms’ operational processes, and what it means to ‘be ready’. So earlier this year, Duco held two round-table sessions with our customers in London and Amsterdam.
These discussions led to some interesting and useful findings and helped us identify five key questions to ask when you’re assessing your readiness for the EMIR refit.
What are financial leaders saying about the EMIR Refit?
Two main themes came out of our round-table sessions.
The first is that regulators are getting tougher, increasing their scrutiny across both buy- and sell-sides. Using MiFID as a benchmark, there have been a range of high-profile fines in the last few years:
- Merrill: £34.5m
- UBS: £34.2m
- Goldman Sachs: £27.6m
- Sigma Broking: £531k (individual fines specifically for not having frequent independent checks on reporting)
You don’t need us to tell you how hard fines like this hit your reputation and bottom line.
Even disregarding fines, any irregularities picked up by regulators will require an audit by an approved firm – expensive, and resource-intensive. Especially since you’ll have to amend and resubmit all affected reports.
Perhaps unsurprisingly, then, the second theme we discovered is that firms need a control layer, not just a reporting engine. This is being explicitly called out by regulators. In a “Dear CEO” letter from 2021, David Bailey, Executive Director, UK Deposit Takers Supervision at the Prudential Regulation Authority (PRA) said, “Firms’ governance arrangements for regulatory returns must be supported by an effective and robust control framework. We identified a number of gaps in end to end processes for regulatory returns, such as insufficient controls around models, End User Computing (EUC) and a lack of reconciliation checks for errors.”
Those controls are not always easy to implement. Traditional solutions can manage trade repository reporting, but don’t investigate why breaks are happening.
What’s more, they’re also usually inflexible, and require major technology changes when rules change – making them unsuited to today’s ever-shifting regulatory environment. But if firms don’t pick up inefficiencies now, they’ll have to back report, hire consultants, clean up their data and then backload, at a cost, to trade repositories.
Working with our customers, we’ve identified the top five things you should be asking yourself to gauge your readiness for the EMIR Refit. Use each section to diagnose your readiness and discover any gaps that need filling.
1. Are you underreporting or overreporting?
Many of the fines we mentioned above came about not because of incorrect data, but because transactions were not reported at all. Merrill Lynch was fined for not reporting 68.5 million transactions for example. In other cases, many were reported when they didn’t need to be. The UBS fine was in part due to 49.1 million erroneously reported transactions.
Post-reporting controls that compare the data received by the trade repository against what’s in your internal system is vital. It can help you see where trades were erroneously included or excluded, and identify areas that may need remediation.
2. Do you have the right controls in place between your source systems and reporting engine?
Your reporting engine will be incredibly important in helping your business stay compliant across the EMIR Refit. But it’s far from the only consideration you’ll need to take into account.
When data moves from your source systems into your reporting engine, errors can creep in as data is transformed and enriched. And the EMIR Refit, as you’re no doubt aware, is increasing the number of fields you’ll need to report on. 86 are new, 41 have format revisions and 33 have logic revisions.
That’s a lot of new data, and ensuring its accuracy will be challenging.
You’ll need a control layer between your source systems and reporting engine, as well as between the trade repository and your internal systems, to ensure the data that goes in is accurate and to flag any discrepancies quickly.
3. Can you investigate daily mismatch data from trade repositories?
Every night, your trade repositories will pair and match the daily data that you’ve provided with your counterparties’ data. As a regulatory requirement, they’ll then share this with you on a daily basis.
What they won’t do is investigate any breaks that occur in that data.
You’ll need to do this yourself, to fix the break, correct the data, and adjust any processes to ensure the break doesn’t continue to happen. So you’ll need another control layer between your reporting engine and trade repositories. It should enable you to understand where breaks come from, and manage workflow accordingly.
4. How do you manage reconciliation between diverging EU and UK regimes?
As we’ve noted, the EMIR Refit is coming into force at different times for the EU and UK. This means that you’ll be managing across two regimes in the five-month gap between the two go-live dates.
Even after September, once the UK moves closer to the EU in EMIR terms, there will be differences that you’ll need to keep on top of. The FCA, for example, has set out some areas that they may want to handle differently. And Phase II of the Refit, scheduled for 2026, will bring more reconcilable fields.
Your reconciliation system will need to be adapted on an ongoing basis. So you’ll need an agile solution, rather than a static, hard-coded one, to ensure that you evolve at the pace of regulation and stay compliant. And you’ll need to think about the cost associated with this and what kind of solution can keep those costs down.
5. Are you testing your end-to-end controls as part of the UAT phase?
Trade repositories want to give firms six months of user acceptance testing (UAT) before the EMIR Refit goes live in April 2024. Some have already set live their UAT environments, and are inviting firms to get started.
UAT is an important part of the Refit, as it’ll enable you to discover issues in your reporting ahead of the go-live date. But while it can be tempting to charge straight in, you’ll need to implement controls first.
Controls must be implemented before UAT to ensure your configurations are giving you the results you need. Building retrospectively after go-live and apologising for weak control frameworks won’t cut it with the regulator.
Given the tight timelines, you’ll need to ensure any control solutions can be set up quickly and cope with large amounts of data.
Getting ready for the EMIR Refit
Traditional reporting engines are all well and good. But it’s time to start thinking about how and where you can implement your control layers, to perform an independent, periodic check and ensure that what you report is complete, accurate and timely.
Find out more about our data quality solution for the Emir Refit and how we can help you ensure your reporting data meets the new requirements.