The UK Financial Services Authority (FSA) has fined Commerzbank £595,000 for transaction reporting failures stemming from underlying data errors, including the use of multiple internal codes for the same counterparties. The German bank’s fine may be a fraction of the £2.45 million imposed on Barclays last year, but it indicates that the regulator is continuing to focus on the data details of the reports that it receives from the industry.
According to the FSA, as an incoming EEA branch passporting into the UK under Article 32 of the MiFID Directive, Commerzbank failed to provide correct transaction reports to the regulator between 5 November 2007 and 20 November 2009. Commerzbank failed to meet the FSA’s data requirements over a period of two years with regards to these reports for approximately 1.03 million transactions, an estimated 94% of its reportable transactions during that period. For example, one of the anomalies identified by the regulator in the report was the use of incorrect internal codes for the counterparty field, which meant that the FSA was unable to allocate individual transactions to the same client.
The fine is much less than that slapped on Barclays because of its status as a branch and the bank’s systems and controls aspects are under the jurisdiction of its home regulator, Bundesanstalt für Finanzdienstleistungsaufsicht (BaFin). Much like the Barclays fine though, the FSA has discounted the total amount of the penalty by 30% pursuant to Stage 1 of the early settlement discount scheme. Were it not for this discount, the FSA would have imposed a financial penalty of £850,000 on Commerzbank.
Firms are required to submit data for reportable transactions by close of business the day after a trade is executed, as specified by MiFID. The FSA then uses this data to detect and investigate suspected market abuse: insider trading and market manipulation. The transaction report therefore contains data including details of the product traded, the firm that undertook the trade, the trade counterparty and the trade characteristics such as buy/sell identifier, price and quantity.
Much the same as the Barclays case, the FSA indicates that data errors have a damaging impact on its ability to detect and investigate suspected market abuse. “In addition, the failures have impaired the FSA’s ability to provide accurate transaction reporting data to overseas regulators,” it adds.
In total, the FSA identified 35 transaction reporting issues that the bank had to tackle, encompassing the issue that some reports were not submitted to the FSA, it failed to manage and resubmit transactions which were sent to the FSA and subsequently rejected, and the submission of transactions with inaccuracies. These inaccuracies included the fact that: “some Commerzbank London trading books were incorrectly flagged as Frankfurt trading books and therefore not identified for FSA reporting purposes; all futures were assumed to be reported by the relevant exchange and thus not reported by the firm; and not all of the Commerzbank systems were generating Market Identifier Codes (MICs) for the Venue Identification field in transaction reports, and some systems were generating non-MICs which resulted in these transaction reports failing validation and thus not being submitted to the FSA.”
Furthermore, the data details were also incorrect due to the multiplicity of internal counterparty codes, incorrectly filled time fields and unit price fields.
The FSA notes in its letter that it considers the bank’s failures to provide correct transaction reports to be “serious”, largely because it affected all asset classes for an extended period of time. Moreover, the regulator notes: “despite individuals within Commerzbank being aware from MiFID implementation of shortcomings in the firm’s transaction reporting system (Mitre), these issues were not escalated to management. Nor was any action taken in response to requests by the FSA that the firm carry out internal checks, following the FSA’s discovery of errors in the firm’s data. The individuals aware of the shortcomings and the FSA’s requests did not appreciate the regulatory implications resulting, and the urgency with which the firm should have addressed those issues.” In other words, Commerzbank failed to take heed of the warnings issued by the regulator about tackling its underlying data issues.
Commerzbank waited until January last year to carry out a review of its transaction reporting and reported on that review in June, which the regulator seemingly deemed to be too little, too late. However, the FSA does note that the bank has since cooperated and has allocated “sufficient resources” to tackling the problems with the transaction reporting architecture.
The fine highlights that even those outside of the FSA’s direct supervision are in danger of scrutiny of their data details and that greater coordination of regulatory projects is needed on a cross border basis. To this end, the FSA notes that the London team of Commerzbank was not on the same page as the Frankfurt-based central MiFID project team with regards to transaction reports. The London team had “assumed” that a central team would be developing a group wide solution, but not enough communication was happening between the relevant parties.
This led to data deficiencies in the bank’s in-house reporting system Mitre: “the requirements to which Mitre was built were inaccurate and not approved by the designated reviewers prior to implementation of them; as a result Mitre was built without adequate functionality to ensure the full inclusion of reportable transactions and the accuracy of reports; and user acceptance testing conducted in respect of Mitre did not check for the completeness and accuracy of the transaction reporting data sent to the FSA against the SUP 17 requirements.”
The FSA notes that the London team was also well aware that 30% of the reports produced by the system would be rejected due to incorrect or insufficient data, but a “satisfactory” method of correcting these inaccuracies was not defined, thus leading to a lot of manual intervention, delays and backlogs. The regulator indicates that the lack of involvement by the compliance team in the building of Mitre was a significant part of the problem. Getting the end users and all those affected by the data chain involved in the building of such a system is therefore vital going forward (something to bear in mind with regards to new liquidity risk reporting systems).
The letter sent by the FSA to Commerzbank regarding the fine is available to view here.