A review of a compliance solution is a requisite for institutions to identify areas that need improvement, gaps in their current processes, and the overall status of stability and functionality of said solution. As the new regulatory environment becomes more complex, and organisations face the challenges of keeping up with new regulations, audit needs to evolve and adapt in order to stay relevant.
The global regulatory initiatives undertook the effort to increase transparency and to bring standardisation in the derivatives market via the formation of local trade repositories in corresponding jurisdictions. A current set of reviews from FSB reports indicates that 12 jurisdictions, with approximately the same number of regulators (or more), have authorized 15 to 19 global trade repositories across 5 OTC derivatives asset categories (Rates – 19, Credit – 17, Equity – 16, FX – 18, and Commodity – 15) to embark on this initiative. The trade repositories collect trade and other relevant information from market participants for the regulators in order to monitor the derivatives market. Regulators have expressed challenge in identifying systemic risk through the swap information sent by trade repositories and have also levied fine. On the institutions side there is scope to reduce the cost of reporting and fees paid to trade repositories.
In response to the current state of swap data reporting, the global regulators and industry associations are driving efforts to enhance the quality of information derived from the reporting initiatives. Whereas on the institution side, a continuous audit and a review of swap reporting controls and solutions built have become critical for assurance of regulatory compliance, meeting trade repository requirements and reduce the cost of reporting. Business, legal and Compliance, Operations and Technology stakeholders actively participate in the audit process.
Challenges in Swap Reporting Solutions
The phased rollout of OTC derivatives global reporting requirements has led firms to build a mix of strategic and tactical trade regulatory reporting solutions. This has resulted in a complex set of business rules, a lack of well-defined control procedures to monitor compliance, less control of manual reconciliation processes, and an increased operations cost. On the other hand, regulators are requiring firms’ management to improve the quality of information reported and to provide realistic & transparent insight into the reporting process. As a result, the current set of key challenges in the swap reporting ecosystem includes:
- Managing multi-jurisdictional reporting mandates for the same trade
- Lack of data standardisation across jurisdictions; trade repositories and asset classes impact data quality and granularity for regulatory reporting
- Managing the breaks caused by incorrect/under/over reporting of information
- Managing multiple systems and data sources, which leads to increased operations and technology costs
- Inability to segregate value add and non-value add reconciliation and control processes
- Finding and managing resources with adequate regulatory reporting experience
Compliance Audit for Swap Reporting
A compliance audit for swap reporting should provide a panoply of independent insight to stakeholders. It should not only opine on the overall solution, but also on individual processes/solutions built as part of the swap reporting ecosystem. The 6 considerations from stakeholders to conduct the review of swap reporting are:
- Are We Compliant? – Since swap reporting is a continuous process, the answer to such a clarification needs qualifications to identify entity, jurisdiction, asset class, position, message level, and time.
- What is Over/Under and Incorrectly Reported? – This is the second level of information which needs to be identified in the compliance audit. Over reporting increases the fees paid to trade repositories; under and incorrect reporting increases non-compliance.
- What should be reported? – Since the reporting requirements have multiple qualifications, a decision tree of validation rules providing this information is mandated. The challenge has been in defining the rules as mutually exclusive but collectively exhaustive as suitable for the purpose.
- What was reported? – This relates to identifying at which point in time was the information reported to trade repositories. Identifying the record set of reported items requires the swap reporting solution to keep a full audit trail and history.
- What should be controlled? – The controls required in the process define which validation rules should be monitored. Since swap reporting is continuous and time-sensitive, identifying the correct mix of trades, messages, books, products, and trade types should be included in the review sample.
- 6. What are key Control metrics? – Presenting findings and analysis that provide key performance indicators of decision-making for management is critical. The dashboard should be kept simple and provide relevant analytics to stakeholders.
The scope of audit should define jurisdictions, regulators, trade repositories, asset classes, firms’ entities (and related subsidiaries), branches and desk-conducting derivatives trading, and the time period for conducting the review. Since the review encompasses manifold dimensions, the process should be continuous and comprehensive in order to cover all aspects of the firms’ business-operating model.
After establishing an overall audit scope coverage, the audit objectives are developed. The audit objectives should be amended based on past findings, recent business events (internal and external), and changes from trade repository or regulatory mandates.
Next the in-scope sample set for review should be defined. Applying the sampling technique to OTC derivatives trade is challenging because the trades go through life cycle events or results in new trades stemming from old trades via compression or clearing. Additionally, every open trade has a position, valuation and collateral exchanged against a set of positions to the trade repository throughout the trade life cycle.
The act of conducting the review involves a focused approach of data-gathering and performing in-depth analysis of various areas of swap data reporting based on established hypotheses. The areas covered under the review include: reporting of the creation and continuation of data under different jurisdictions, trade party role, USI/UTI generation, reporting party determination, creation and validation of Legal Entity Identifiers (LEI), and accuracy of masking information, which would enable the collection of a sample size appropriate for a hypothesis. The study plan of activities includes the comparison of expected and actual results. Audit technique implementation should consume output from an independent, automated solution which can take in source information and provide the expected result set using an independent swap reporting rule set. A review process of matching expected against actual results would provide the next level of details for investigation and establish new control check points to minimize any deficiency.
A review of action items and the progress of observations from previous reviews should be monitored. This can take 2 forms: past immediate review (which may or may not have the same scope coverage) or past review with the same scope coverage. Understanding the relationship of observations across audit dimensions and scope is critical in order to avoid duplicate presentation of the same review observations.
Lastly, presenting the observations in a manner that provides sufficient details and can be actioned upon are the most critical steps in order to avoid the major reviews or observations from getting lost. An audit progress monitor should have the appropriate level of details for the stakeholders, along with the ability to view the detailed information on demand.
In the End
Reviewing the swap reporting solution and process is a complex process. It should strive to provide a truly cross-jurisdictional report at any point in time. With the impending set of regulations (e.g. reporting of secured finance transactions and MiFID II), the internal and external review process of said solution would demand frequent updates to the process. A comprehensive review process can only be performed periodically. However, the process audit should incorporate frequent, minor audits to enable the review of controls and to monitor the performance of the swap reporting solution in meeting institutional requirements.
By Vinod Jain, Director - Advisory Business, Iveta Nocifora Senior Analyst – Advisory and Jennifer Hu, Analyst – Advisory at EZOPS.