The European Securities and Markets Authority (ESMA) has today published two final sets of guidelines aimed at enhancing the protection of investors in the EU. The guidelines relate to the provisions under the Markets in Financial Instruments Directive (MiFID) relating to the suitability of investment advice and the compliance function.

ESMA, by issuing these guidelines, expects to promote greater convergence in the interpretation of, and supervisory approaches to, the MiFID suitability and compliance requirements. The guidelines are aimed at both market participants and national competent authorities who should incorporate them into their supervisory practices.

Steven Maijoor, ESMA Chair, said:

“These new guidelines will provide clarification for market participants and national authorities on these key investor protection requirements, and ensure that we promote greater convergence in interpretation and supervisory approaches across the EU.

“The implementation of these guidelines will contribute to a system of pan-European safeguards which will allow investors to benefit from the same levels of protection regardless of where they are investing.”

Appropriate arrangements for the suitability assessment

Assessing suitability is an important MiFID investor protection requirement. Before providing investment advice or portfolio management services, investment firms must ensure that any investment product recommended is suitable for the client in question.
Therefore, investment firms must obtain the necessary information to be able to understand the essential facts about the client in order to assess the suitability of any investment for that client. This includes information about a client’s investment objectives, financial situation and knowledge and experience.

Based on the information collected, an investment firm must assess whether the specific transaction to be recommended or entered into in the course of providing portfolio management service is suitable.

ESMA found the following shortcomings in the implementation of the MiFID suitability requirements:

  • failure to ask clients the right questions;
  • failure to collect the necessary and relevant information;
  • failure to interpret correctly the information provided by the client; and
  • even where the right information is collected, failure to recommend a suitable investment.

These new guidelines focus on the need for firms to have in place appropriate arrangements to enable them to meet the suitability requirements on an on-going and consistent basis for any client, and irrespective of the distribution channel used.

Responsibilities of the compliance function

MiFID requires investment firms to implement a series of systems and controls (appropriate to the nature, scale and complexity of their business) aimed at securing a robust governance framework, with a clear organisational structure and lines of responsibility, and effective risk management and compliance processes. This includes policies and procedures to ensure regulatory compliance and the establishment of a compliance function.

This second set of guidelines are focused on the responsibilities of the compliance function and are aimed at helping investment firms to increase the effectiveness, and importance, of the compliance function. They focus on:

  • the responsibilities of the compliance function for monitoring, reporting and advising;
  • the organisational requirements of the compliance function for the standards of effectiveness, permanence and independence;
  • the extent of interaction of the compliance function with other functions, and the outsourcing of the tasks of the compliance function; and
  • approaches for competent authority review of compliance function requirements.

Next steps

Competent authorities to whom guidelines apply should comply by incorporating them into their supervisory practices, including where particular guidelines are directed primarily at financial market participants.

The guidelines will be translated into the official languages of the European Union (EU) and published on ESMA’s website. Competent authorities will have two months following the publication of the official translations to confirm their compliance or intention to comply, with reasons for non-compliance, to ESMA. The guidelines will then apply 60 days after the end of the reporting period for competent authorities.

Financial market participants are not required to report whether they comply with these guidelines.