On 21 January 2020, Derville Rowland, Director General of Financial Conduct at the Central Bank of Ireland (the “Central Bank”) issued a Dear CEO industry communication in respect of the outcomes of the Central Bank’s thematic review of wholesale market conduct risk (the “Dear CEO Letter”). In 2019, the Central Bank established a dedicated Wholesale Market Conduct Team in order to carry out market conduct risk assessments of firms engaging or applying to engage in wholesale market activity. Following the establishment of this team, the Central Bank issued its first Dear CEO Letter in March 2019 in which it outlined its expectations for impacted firms in identifying, mitigating and managing market conduct risk (please click here for Matheson’s Insights article on this point).
The Dear CEO Letter sets out the Central Bank’s findings in respect of its engagement with 24 regulated entities throughout 2019, which included on-site inspections of 10 regulated entities and branches of Irish entities in other jurisdictions. The Central Bank supervisors conducted over 150 interviews of CEOs, directors, risk and compliance officers as well as frontline staff as part of its engagement with industry. The central observation from the review was that firms did not adequately identify the market conduct risk that they were exposed to and as such could not appropriately mitigate and manage the risk.
We have summarised, in a concise printable form, the good and bad practices as identified by the Central Bank under the three key headings used in the Dear CEO Letter and detail what the Central Bank outlines as its regulatory expectations in these areas. Please click here to access this document.
Industry communications from the Central Bank provide firms with valuable insights into the thinking of the Central Bank on specific matters, at a given time, and the Dear CEO Letter is no exception. The following are some insights which we in Matheson have found particularly instructive:
1. Identification of Risk
As explained above, the Central Bank’s key finding was that firms failed to identify what market conduct risks are inherent to their specific businesses. As a consequence, firms did not have adequate conduct risk frameworks in place. The rationale behind the Central Bank not providing a definition of “risk” was to facilitate firms to look specifically at their own individual circumstances to define the risk facing them. The Dear CEO Letter has shown that having a generalised policy is not sufficient for the Central Bank.
2. Accountability at a Granular Level
It is notable that the Central Bank carried out a broad range of interviews across the front, middle and back offices and did not solely focus on interviewing controlled functions. By doing so, it is clear the Central Bank expects all staff in firms to live and breathe its conduct risk framework. It is not sufficient to have a framework in place that is not properly embedded into the business of the firm. Each individual staff member must fully understand and implement the framework. The conduct risk framework should therefore form part of the day to day business of a firm.
3. Market Abuse and Reporting
In the Dear CEO Letter the Central Bank identified that inadequate trade surveillance systems and inconsistent STOR submissions are a driver of conduct risk and accordingly, a gap in a firm’s conduct risk framework, if a firm does not comply with these MAR requirements. The Central Bank further identified that insufficient communication between firms and investor relations functions could also lead to a risk of breaching the MAR rules in relation to the disclosure of inside information. This warning on disclosure of inside information is relevant to regulated firms, issuers and persons who act on behalf of issuers (whether they are regulated or not).
4. Activity Captured
The Central Bank’s inspection of wholesale market activity has a wider remit than just MiFID activity. Wholesale market activity captures a wide host of regulation including MiFID II, MAR, Central Bank reform Act, Investment Firm Regulations 2017, EMIR, CSDR and SFTR.
Next Steps for Impacted Firms
The Central Bank has indicated that its supervisory work in 2020 “will include focussing on firms’ ability to identify market conduct risk; the extent to which they are sufficiently well controlled to govern wholesale market conduct risk; and the flow and escalation of conduct-specific information within and across regulated entities and groups”. Consequently, impacted firms should insure they do the following:
- bring this letter to the attention of their board;
- analyse their own conduct risk framework and the implementation of same across the firm, as against the Central Bank’s findings (good practices, bad practices and expectations); and
- following this analysis, consider revising the conduct risk framework and or initiating further training, as is necessary.
Matheson are happy to assist with any queries you may have and offer a broad range of services from a full review and gap analysis of conduct risk frameworks, to specific technical advice on net issues. Please see below details of our team who have expertise in this area.
This overview was authored by Darren Maher, Joe Beashel and Lousie Dobbyn