EMIR Refit 3.0

Regulators are connecting the dots of Systemic Risk

Why you don't want to be the outlier..............

Recap EMIR 3.0

Following on from our initial blog on EMIR Refit 3.0 ( EMIR Refit – Key changes and challenges, Joost Verkade (deloitte.com)) , we wanted to contextualise and expand on drivers of change and the implications for firms of implementing EMIR refit 3.0. UK firms might want to consider engaging earlier than the regulatory deadline so they are aligned to potential market developments driven by EU’s earlier implementation schedule.

Recap on what’s changing?

Ten years on from its introduction regulators in EU and UK have now published significant enhancements to reporting transparency and granularity of derivatives for firms in the form of EMIR Refit 3.0. In summary there are several key reporting changes:

1. Alignment: EU and UK are consistent in approach, with a few exceptions:

a. UK has a 6-month time lag to EU implementation timelines.

b. UK has one additional optional field – “Execution Agent”.

c. Administrative differences due to syntax and regulatory references.

2. Data Fields: 203¹ data fields, up from prior 129 representing a net increase of 74 data fields (86² new, 12 retired).

3. Reconcilable data fields: 148 unique data fields are reconcilable; an increase of 59 on prior 89 reconcilable fields.

4. Resolution window of 7 days: reconciliation breaks with counterparties will need to be reconciled by T+7, with Unique Trade Identifier (UTI) being reconciled by 10 am T+1.

5. XML Communication Format: XML conforming to IOSCO ISO 20022 to exchange information with Trade Repositories (TRs) and National Competent Authorities (NCAs) will be the only allowable format.

6. TR Incident Reporting: adaptation of incident management process using the new template for submitting issues to NCAs.

Background

Why the change?

The primary objective of EMIR when introduced was to shine a light on systemic risk arising from derivative contracts, which at the time of the Credit Crisis in 2008 were viewed as being used for speculation in the financial markets driving systemic risk to unparralled highs. Regulators have struggled, however, to be able to extract the intelligence needed to fully understand the systemic risk due to lack of:

• Global standards: driven by the existence of different definitions, reporting formats and inconsistency of reported information relating to the same position (i.e., valuation, risk metrics)
• Consistency: inconsistant approach across counterparties to booking and reporting opposite sides of the same trade.
• Granularity: lack of granularity of the information has hindered the ability to achieve validation and reconciliation across the industry.

Regulatory Expectations

So how are regulators driving the desired change?

To achieve higher quality in reporting data regulators have put together several inter-related aspects

The data adage “GIGO” (garbage-in-garbage-out) sums up the impact poor data capture protocols have on the completeness and accuracy of reporting in up-stream reporting systems. Regulators have codified the requirement on firms to notify NCAs of significant reporting issues in the amended reporting regulations, which will facilitate incident monitoring and alert regulators to whether data quality issues are isolated to a small number of markets particpants (outliers) or if there are more systemic data quality challenges. Over time this will allow regulators to build up a picture of where the data disconnects exist in the market, allowing them to retrospectively re-assess prior submissions received, rank errors by their severity on a sliding scale, take enforcement action to address idiosyncratic and systemic risks in the eco-system.

The Introduction of ISO20022XML schema will standardise language and formats across the entire reporting chain (i.e., Counterparties, Entities, Trade Repositorities and NCAs) which will improve data quality, consistency of data and comparability both for regulators and the reporting entities. The ability to data mine systemic risk exposures has the potential to advance considerably under a single taxonomy in a machine-readable format where verification checks can be automated due to pre-defined formats.

Increased granularity of reporting will provide regulators with much greater transparency and an ability to confirm that both the buyer and seller of the position are correctly capturing all the economic terms and conditions necessary for assessing risk drivers.

New reconcilable fields and standardized TRs incident reports will drive integrity of the data sent between counterparties leading to a timelier resolutiuon of data quality issues which is a significant step up from existing requirements with 62 additional reconcilable fields. Counterparty reconciled exposure data will likely provide regulators with a much higher degree of comfort as to the true system risk exposures.

New transaction codes (i.e., UPI – unique Product ID) will provide regulators with standardization and aggregation of tranactions and products across counterparties, allowing regulators to build an ever-evolving picture of where systemic risk exists in the market and its trajectory over time.

Transitioning to EMIR 3.0- Practical Consideration

1. Reputational Risk

There has been more than a decade of regulatory change globally since the 2008 Credit Crisis and during that period we have seen regulators issue more than $321bn[1] in fines to banks that have failed to meet the revised standards. Record keeping fines alone for failing to meet regulatory obligations are now more than $2 Billion globally which will have implications in terms of meeting the data quality and reporting aspects under EMIR.

The increased vigilance that EMIR 3.0 will bring in terms of data quality and reconciliation with counterparties particularly in the areas of transaction information, valuation, collateral, and all within a maximum window of T+7 will significantly raise the bar on expected data quality, with no room for complacency. This will require a firm wide collaboration across the three lines of defense given the very technical specialist nature of the product, changes to target operating model, technology, and the control environment.

Firms should give due care and attention to the composition and structure of the project team that will be tasked with its delivery and the ultimate ownership of the project. Whilst on the surface this might be viewed as a regulatory reporting or compliance deliverable, the subject matter is extremely technical and subject matter expertise will need to be brought to bear across the design, build and testing phases of the reporting capability to ensure the underlying data quality and integrity meets the regulation and is aligned with the external counterparty in a timely fashion. Whilst compliance might have responsibility for the oversight of the project and its deliverables, they will need to deliver that in collaboration with colleagues from all 3 Lines of Defense (LoD) across the firm. These resources should be identified early in the process and their roles and responsibilities for delivery of the project outputs clearly defined.

2. Timeline & Project Management

Implementation timelines are detailed below:

The timelines might convey the impression that there is a long lead-in time, the warning on car mirrors feels appropriate:

The early adoption of a strategic plan, with clear deliverables, ownership, workstreams, prioritisation and resources to execute inclusive of leadership will be pivotal to delivering against the regulatory timetable. This plan should be concisely presented to senior management for agreement and execution of milestones and periodic updates inclusive of agile delivery to adapt to challenges and industry developments as other external stakeholders begin to engage and industry matures solution for those areas where only “guidance” has been provided by regulators (i.e., tolerances).

3. External Stakeholder Engagement

External Stakeholders will be key to helping successfully drive change required as follows:

• Counterparties: multiple engagement protocols may be required depending upon sophistication of the counterparty, aligning deliverables and processes with peers inclusive of contractual obligations including new counterparty data fields.
• Trade Repositories (TRs): opportunities to streamline and simplify processes and early sight of industry developments should be explored with TRs to ensure delivery schedules are co-ordinated. Early engagement on the XML Template and technical specifications to align protocols and testing will be critical.
• 3^rd Part Vendors: providers of service into the firm (incl. Trading and Technology platforms) and any required developments should be discussed and agreed and deliverables aligned into the overall delivery plan.

4. Heavy Lift - Technology & Data

Where there is an existing XML template for EMIR firms may feel they have an advantage, however it will likely need considerable enhancement to meet the revised requirements and attain the necessary standards. There are 86 new data fields and 42 modified fields out of a total of 203 which will present a considerable heavy lift to meet all the necessary developments needed to accommodate EMIR 3.0. De-risking delivery will require an agile approach to work with potentially multiple 3^rd Party vendors across multiple business lines to deliver a consistent product with suitable verification checks and agree the output, integrate into TR XML reports, and reconcile with the counterparty. Once test cohort is complete for all product types such that new transactions can be captured, firms will need to turn their attention to retrospectively populating any additional information across of the trades in the portfolio – subject to how much of that data is already captured and populated a parallel back-fill exercise might need to be accommodated which could be quite a resource intensive exercise. Consideration will also need to be given to data retention policy and archiving once trades roll-off for at least 5 years. Consideration should be given to deploying accelorators to minimize the uncertainty wherever possible. The challenge here will not only be internal but also where these fields are reconcilable with counterparty then additional complications outside the firm’s control may materialise.

5. Target Operating Model (TOM) and Control Environment

The above changes will require a review of existing TOM, policy, procedures, and processes. Roles and responsibilities for data and its quality within core systems and possibly external vendor systems will need to be documented and ageed amongst the various functions. Where gaps have been identified these will need to be addresses with new controls and remediation plans put in place along with timelines and interim steps to address. Firms will need to put in place written procedures to ensure all reconciliation breaks are resolved within the T+7 requirement and over time these will need to be modified in line with changes to agreed tolerance levels that are put in place with TRs from time to time. Inorder to deliver a sustainable model to meet regulatory requirements period review and change management protocols will need to be put in place to keep abreast of regulatory and or market developments.

_________________________________________________________________________________________

[1] Data fields quoted refer to EU EMIR refit, UK permits the reporting of an additional optional field ‘Execution Agent’

[3] Source: Reuters BCG note 2 March 2017 (https://www.reuters.com/article/us-banks-fines-idUSKBN1692Y2)