Dear CEO letter on Securities Markets Conduct Risk

The Central Bank issued a Dear CEO letter on Securities Markets Conduct Risk which addresses the findings from its wholesale market conduct supervisory work in 2019. The letter notes areas for improvements and sets out the Central Bank's expectations of firms in relation to managing market conduct risk and outlines the Central Bank's areas of focus for market conduct supervision in 2020. 

The recent letter follows on from the 2019 Dear CEO letter which had announced the formation of a specialised team for supervising wholesale market conduct and also set out the Central Bank's expectations in respect of how firms should identify, mitigate and manage market conduct risk.

Overview

In 2019 the Central Bank focused its supervision efforts on how regulated entities were identifying market conduct risks and assessing those risks and found that identifying risks is proving a challenge for firms. Clearly, if a risk is not identified it cannot be assessed or managed appropriately. The management of risk is a focus of the recent letter, with the Central Bank specifying that boards should be taking full ownership of the governance of market conduct risk and challenging group decisions where necessary. 

2019 Findings and future expectations

The Central Bank outlines the findings of its 2019 supervisory engagements on market conduct risk:

Identifying market conduct risk is listed as an area where staff sometimes lacked an understanding of what amounted to market conduct risk. The Central Bank identified the lack of a structured process for market conduct risk identification. Such a process should operate to successfully identify the risks and identify the controls that are in place to mitigate those risks.

The Central Bank indicated that there was a lack of communication about controls to employees. Controls were also not adequately tested to ensure their effectiveness. Risk registers were not updated adequately, to include a specific and itemised list of conduct risks. 

Management Information (MI) was identified by the Central Bank as being frequently inadequate in relation to market conduct risk. It was not clear to staff when relevant MI should be generated and MI did not always have a clear channel for distribution. MI was not always subject to quality assurance and was not reviewed by the CEO in every instance. 

Governance of market conduct risk was not demonstrated to the Central Bank by several firms. In some global firms, the Irish based CEO did not have autonomy in relation to market conduct risk decision-making. Reporting lines on conduct were often to management outside of Ireland and there was a poor flow of information between group structures and Irish entities. The Central Bank also noted that some Pre-Approval Controlled Function (PCF) holders were not discharging all of the responsibilities associated with their functions.

Central Bank expectations are focused on addressing the identified shortcomings.

The expectation is that regulated entities should:

1. Identify relevant market conduct risks at local and branch level
2. Risk frameworks and controls should be developed to address the identified risks 
3. Staff should understand market conduct risk in order to generate relevant MI. Distribution channels should be understood and local senior management should review it in addition to any group management
4. Conflicts of interest should be identified as a conduct risk and controls should be developed accordingly
5. The Board and senior management should own the governance of market conduct risk, regardless of group arrangements. Challenging group approaches should be demonstrated, where appropriate
6. Governance structures should be reviewed to ensure there is sufficient capacity to manage market conduct risk
7. Controls should be in place to monitor and report conduct of all staff regardless of location
8. Ongoing fitness and probity monitoring and training of PCF staff is required

Market Abuse

Supervisory activity from 2019 indicated instances of ineffective trade surveillance and where such functions were outsourced, inadequate supervision was identified. Ineffective and inconsistent approaches to the submission of Suspicious Transaction and Order Reports were identified. The Central Bank also observed failures to identify the applicability of the Markets Abuse Regulation (MAR) in certain interactions between regulated entities and issuers. 

On the issue of market abuse the Central Bank has now set out five expectations:

1. The effectiveness of trade surveillance systems should be assessed
2. Active monitoring and supervision of the performance of outsourced activity is required
3. Staff should have clear lines of responsibility for oversight of trade surveillance and internal escalation of alerts
4. Regulated entities should undertake a review of the quality and volume of their Suspicious Transaction and Order Reports bearing in mind their level of trading activity
5. Market participants and issuer investor relations functions should be mindful of the prohibitions against unlawful disclosure of inside information and insider dealing. Controls should be in place governing communications where there is a risk of breaching MAR 

For further information contact Patrick Brandt, Partner – Financial Regulation or Sinéad Prunty, Knowledge Lawyer – Financial Regulation.

Date published: 20 February 2020