The Market in Financial Instrument Directive (MiFID) was originally designed to create an EU financial market with harmonised regulation for investment services. MiFiD’s main objectives are to increase competition and offer consumer protection in the investment services markets. MiFID was amended in 2014 and will come in to effect in 2018.
Irrespective of Brexit, the UK’s own authority, the FCA, advises that financial companies affected must continue to comply with the MiFiD II regulations.
With these regulations and their requirements, MiFiD places an emphasis on both an employer and its individual employees to ensure FCA rules are not evaded and confidential client information is not shared.
A large part of the rules focus on electronic communications such as telephone conversations, letters, emails etc, and the need to record, securely retain over a defined period of time and make these documents, call recordings and emails quickly retrievable. Although this process may well pose a wider question about employee monitoring in the workplace, it is without doubt that many large financial companies will have sophisticated systems in place to manage the storage, retention, access and retrieval of electronic communications.
For the majority of small and medium sized businesses, the ability to record these types of electronic communications and information is generally possible now. The ability to store, provide secure access and retrieval with an auditable footprint will need some careful forethought. Regulations such as MiFiD II and GDPR, means more and more companies will need to review how their communications information is stored and made accessible. They will also need to consider if and how these systems can aggregate the plethora of electronic communications types, and if and how these will be related to their employees and their company contacts.
As with so many business regulations, could it be only a matter of time before these practices spread wider than just the financial services market?