Recently the European Securities and Markets Authority (ESMA) has published another MiFID II consultation paper, this time on draft guidelines on certain aspects of the suitability requirements. While it deals with various aspects of suitability requirements that were originally introduced as part of the original MiFID, it also contains some interesting proposals that will have a significant impact for Robo-Advisors and how they go about their business.
Right before they closed shop for a long weekend to celebrate Bastille Day, ESMA published a Consultation Paper (CP) on draft guidelines on certain aspects of the suitability requirements under the Markets in Financial Instruments Directive (MiFID II).
Suitability Requirements
Originally introduced by MiFID in 2007 the suitability requirements were one instrument to enhance investor protection, which was a key element in the original directive and will be enforced by the reviewed rules. The MiFID rules sought to ensure that firms, which provide investment advice and portfolio management, act in the clients’ best interests. In that respect, suitability had to be assessed against clients’ knowledge and experience, financial situation and investment objectives. To do this, financial institutions need to obtain the relevant information from their clients.
The Guidelines that are subject of the current consultation aim to improve the existing framework. They contain new requirements regarding the information firms have to collect from clients, which is usually achieved through profiling questionnaires. The Guidelines also contain new rules in particular where automated, so-called Robo-Advisors or suitability systems are employed. They provide detailed information on how to reconcile customer data and products to determine the suitability for the respective client.
The new suitability assessment for Robo-Advisors
While the suitability requirements apply to firms of all sorts, the regulator makes it clear that it has its eye the new breed of financial advisors that use technology to bring services previously reserved for the wealthy. Obviously, we’re talking about Robo-Advisors. ESMA defines it as requirements for suitability assessment “in the context of automated advice tools”, but thinly veils its concerns that the technological revolution brought by FinTech may undermine its investor protection framework. The European Supervisory Authorities (ESA) already highlighted the risks inherent in the use of automated tools as part of their report on automation in financial advice in December last year.
In its proposed guidelines, the European watchdog identifies in particular three areas of specific need for investor protection:
- The information that should be provided to clients on the investment advice and portfolio management services when these services are provided through an automated tool (this concerns both what information should be provided and how information should be illustrated to clients);
- The assessment of the suitability (with particular attention to the use of online questionnaire with limited or without human interaction);
- The organisational arrangements that firms should implement when providing robo-advice.
To address these concerns, ESMA would like to introduce a number of obligations for Robo-Advisors, for which it now seeks feedback from the industry.
For instance, when using an automated tool, especially with Robo-Advisor, the customer is to be informed that an algorithm is used to gain customer information and then to derive advice or management decisions. The degree of human involvement” should also be presented, i.e. to what extent do employees review and work the information gathered. Furthermore, a Robo-Advisor should carefully examine whether the customer’s representation is also effective in the regulatory sense. For example, important information should be highlighted, graphic information supplemented by text, and also appropriate to the type of presentation, for instance on mobile phones.
ESMA also proposes a procedure that consists of a plausibility check as investors, in the regulator’s view, have a tendency to overestimate their capacity while underestimating risks at the same time, when they completed investment assessments. This is especially important for Robo-Advisor, as ESMA believes that it is precisely in this context that this risk is even higher since a human counterpart may be in a better position to detect inconsistencies in a client’s representations.
A regulator’s concerns and ESMA’s response
ESMA therefore introduces increased requirements for Robo-Advisors to deal with these concerns. While the design of systems obviously needs to meet regulatory requirements, it must also consist of a test strategy, and, in the event of changes to the algorithm, appropriate policies and monitoring should be provided. Algorithms need to be regularly reviewed, regularly tested and updated. In addition, a Robo-Advisor would have to provide policies, such as adequate customer data retrieval, cybersecurity protection, customer account security, and in respect of the use of social media platforms.
By doing so, ESMA introduces a higher regulatory burden for FinTechs who will now find themselves in the spotlight as they will have to proof that they deal with the regulator’s concerns appropriately. This comes with additional costs and the need to allocate added resources for Robo- Advisors, which in turn will increase the pressure further on a model that almost entirely is based on driving costs as low as possible.
What needs to be done
While these requirements do not come as massive surprise, especially in light of the regulator’s comments as part of its report in December 2016, it increases the pressure in terms of time and feasibility. Since the consultation runs until 15 October, the finalised guidelines will not be published before November or even early December with MiFID II applicable from 3 January 2018. Robo-Advisors should in any case loose no time to work on implementing necessary changes based on the proposal.