It’s been a while since I last put pen to paper. Call it writer’s block or something or maybe I’m just knackered from the x-thousand pages of financial regulations that I’ve had to process in the last two years, but either way, I wanted to give you an update on things, particularly as you’re all probably breathing a sigh of relief now that MiFID 2 is out of the way and wondering if you can all get back to a normal life?

Afraid not, that is, if you settle securities, or you’re generous enough to lend them out because there’s more regulation in the pipeline.

As hard as that may be to believe, you must be asking yourself what gives with this relentless assault of legislation, particularly in the post-trade and financial market infrastructure space and how does the EU manage to churn out so much of this stuff? It’s a fair question but in actual fact, they’re quite organised about it.

Ever since MiFID set the scene back in 2007 with its sweeping reforms to level the playing field and harmonise trading in the equity space, regulators have been full on in their pursuit to break down cross-border barriers in the EU and develop a single market for capital that is both efficient and safe, implemented, as you of course know, through a zillion pages of regulations, directives and technical standards. Throw in an expensive dose of retribution for the financial crisis courtesy of EMIR and you roughly get to where we are now, with just two important gaps left to fill.

And so to the point of this blog – CSDR and SFTR, or rather the Central Securities Depositories Regulation and the Securities Financing Transactions Regulation, for those of you whose brains are fried from small-letter-acronyms! The former aims at harmonising how the EU regulates securities settlement, whilst the latter aims at plugging the risks in the shadow banking system in securities lending and repos and both of these regulations will impact the buy-side and sell-side alike, as they all settle securities, whilst in a zero interest rate world, are all a tad impartial to lending them out for a few extra basis points.

So what do you need to look at?

The Central Securities Depositories Regulation (CSDR)

The standard response I get to CSDR is the “yeah so what, we’re not a CSD”. Brilliant. That’s a bit like saying that you’re out of scope of EMIR because you’re not a CCP and so what is CSDR all about?

Historically, CSDs – such as Crest – along with their ‘international’ (ICSD) cousins – such as Euroclear – used to be regulated in the EU at a Member State level and CSDR, quite simply, aims to harmonise that by creating a common authorisation, supervision and regulatory framework for CSDs, much like EMIR did for CCPs.

Granted, much of CSDR is about the authorisation of CSDs and the recognition of their third country equivalents but, just like with EMIR, there’s much more to this regulation that will impact your business and so the two requirements that I want to touch on are the Article 6 & 7 ‘settlement discipline’ measures and the Article 9 ‘settlement internaliser’ reporting obligation, both of which will affect all participants of a CSD and will require significant efforts to implement.

CSDR requires participants to settle their transactions on the intended settlement date and introduces a ‘two pronged’ approach to harmonising the timing and discipline of securities settlement in Europe. First up is the Article 6 ‘measures to prevent settlement fails’, that encourage and incentivise the timely settlement of transactions, followed by the Article 7 ‘measures to address settlement fails’, which deter settlement fails through mandatory cash penalties and a buy-in mechanism. This pretty much amounts to what it says on the tin – firms need to try harder to settle on time and when they don’t, they’re going to be whacked with a cash penalty, followed by a compulsory buy-in if that doesn’t work. Perennial failers take note!

We’re still waiting for the final technical standards but we do have a comprehensive 112 page Final Report that details the draft RTS and ITS for the settlement discipline regime and these are worth looking at now, even though the obligations won’t kick in for another 24 months following publication in the Official Journal.

In particular, the measures to prevent settlement fails will require CSDs and their participants to:

• Make enhancements to the allocation and confirmation process, including the mandatory offering of electronic interaction with professional clients
• Automate the processing of all settlement instructions in order to improve STP and limit manual intervention
• Provide for mandatory matching of settlement instructions in order to support fully automated, continuous real-time matching throughout the day

Whilst the measures to address settlement fails will require:

• CSDs to implement a comprehensive monitoring and reporting regime for settlement fails
• CSDs to implement a cash penalty mechanism for settlement fails, redistributable to the receiving participants that suffered from the settlement fail and calculated on a daily basis for each business day that a transaction fails to be settled after its intended settlement date
• Cash penalties not to be considered as a source of revenue for CSDs but CSDs allowed to apply fees to cover costs
• CSDs to implement a mandatory buy-in process for any financial instrument which has not been delivered within a set period (4 business days for liquid markets, 7 business days for illiquid markets and extendable to 15 days for SME growth markets) of the intended settlement date

The second point on my list for CSDR is the Article 9 ‘settlement internaliser’ reporting obligation – regulators are aware that the practice of internalising settlement exists and so they want better visibility over it. CSDR defines a settlement internaliser as the following:

“any institution, including one authorised in accordance with Directive 2013/36/EU [CRD IV] or with Directive 2014/65/EU [MiFID 2], which executes transfer orders on behalf of clients or on its own account other than through a securities settlement system”

And you’ll be surprised as to just how often this actually takes place. Cross securities in an omnibus account? – settlement internaliser. Cross securities through a custodian? – settlement internaliser. I mean heck, even CSDs cross securities through their own CSD, which should technically make them a settlement internaliser, other than the fact that they actually are the “securities settlement system” and so that technically doesn’t count, but I guess ESMA didn’t think of that one. Doh!

Anyway, whilst the reporting requirement could be worse  – it’s a quarterly report, not a daily report – this one has got a fixed go-live date of 10 March 2019 and so you’ve only got a year or so to finish this. To be honest, your real challenge here is probably not the reporting requirement per see, although this is far from trivial, but will be trying to identify every single touch point in your business where you might be a settlement internaliser and then centralising the data accordingly in order to make your report. If you’re a big bank, with lots of businesses, doing lots of things, you will have a bucket load of entities that settle securities and my guess is that you’ll still be discovering some of them buried at the back of a cupboard by the time this requirement goes live!

Clock’s ticking.

The Securities Financing Transactions Regulation (SFTR)

Switching now to SFTR, this regulation was published in the Official Journal back in 2015 and we’ve already gone live with the Article 15 ‘transparency of reuse’ requirements in 2016, as well as the Article 13 and 14 ‘transparency requirements’ for collective investment undertakings in 2017. Throw in a bunch of stuff about trade repository registration and recognition for their third country equivalents and that pretty much covers it.

Other than, of course, the Article 4 ‘reporting obligation’, which is nothing short of a technical monster.

I don’t often make a big deal about reg change specifics – all reg change is complex and you just get on with the challenges that it presents you but this is definitely one of those to bring to your attention. The last time I hit the alarm button was back in 2014 when I highlighted the fact that the ‘MiFID Review’, as it was then called, would be nothing short of mind boggling. My rationale at the time was simple and I wrote the following about MiFID 2:

“I say mind boggling from a multi-dimensional perspective. The first dimension being its complexity, the second dimension being its scope and the third dimension being the sheer volume of the legislation itself.”

Given that I called this out four years ago, I’ll leave you to decide whether you think I was right or not 😉, and so why am I making such a big deal now about the SFTR reporting obligation?

I guess the first point is that security financing transactions are complex instruments that not that many reporting folks will have much, if any, experience with – think OTC derivatives, but in a foreign language you can’t speak. And so your business analysts are going to have get jiggy with understanding the difference between a repurchase agreement, a buy-sell back agreement and a securities lending transaction, whilst jumping head first into understanding how margin lending works in your prime brokerage unit.

If reporting a ‘new instrument’ per see wasn’t bad enough, we also centrally clear some of these things and so take your securities financing transaction reporting regime and slap everything you know about EMIR trade reporting for centrally cleared derivatives on top of it – life cycle events and all! But the icing on the cake for me is the collateral reporting and the reuse reporting and there’s about 30 pages covering this in the Final Report that will leave you mesmerised. The first time I walked through this with my colleagues in the project team I barely understood some of the scenarios that ESMA has painted, which demonstrates the complexities behind these instruments.

For those of you that need this in numbers, the draft technical standards in the Final Report are currently looking at 153 reportable fields – yup, 153! – across counterparty data, loan and collateral data, margin data and re-use data, whilst the reporting obligation also introduces a new category of EMIR counterparty – the ‘NFC small’, whose SFTR reporting will be delegated to its FC counterparty as a single-sided report. Throw in EMIR-style transaction and position level reporting, dual-sided delegated reporting, a four date phase in once the technical standards are published, followed by another four date phase in for the backloading of historic reports – remember the problems these caused with EMIR?! – and you are probably starting to get the gist of how complex SFTR reporting is going to be.

From a regulatory perspective, we are still waiting for the final versions of the RTS and ITS to be published in the Official Journal, upon which the clock will then start ticking for a 12 month countdown for investment firms and credit institutions to start reporting their SFTs. From what I hear, it looks like the regulators are being kind to the industry in not landing this one right on top of MiFID 2 but for something this complex, when the technical standards land, 12 months is not a lot of time to complete this.

Or have you even started?