Firms not ready for EC directive.

The Markets in Financial Instruments Directive (MiFID) aims to create a single European market for financial services, joining 27 member states of the European Union plus Iceland, Liechtenstein, and Norway. But many firms in those nations are struggling to comply with the directive's recordkeeping responsibilities, recent surveys reveal.

According to The Wall Street Journal, MiFID "governs where and how shares can be traded and is meant to encourage greater competition among trading venues by lowering the cost of transacting business in Europe and boosting investment in listed companies." It came into effect November 1, 2007.

Article 51 of the directive requires financial firms to retain records in a transparent, auditable way for at least five years after a transaction takes place. Customer records must be kept for the entire length of a firm's relationship with a client. Firms must retain documents in a manner allowing national regulators "to access them readily and to reconstitute each key stage of the processing of each transaction."

Therein lies the problem, however. According to independent think-tank JWG-IT, 64 percent of firms say they cannot comply because they cannot reconstruct events after the fact within reasonable timeframes or cost levels. Statistics cited in a Computing report reveal that seven out of 10 organizations do not have the mechanisms in place to destroy records that have passed their regulatory expiration date.

"MiFID will require a significant upgrade, not only in the way that records are stored and retrieved, but also how they are captured, linked, and accessed at the required time" the JWG-IT group's report explains.

Firms that don't comply with their new responsibilities could be fined hundreds of thousands of euros. In November, the European Commission (EC) reported that 11 European states failed to meet the deadline for the introduction of MiFID. Many regulators, however, are not on track either.

[ILLUSTRATION OMITTED]

The commission confirmed that seven domestic regulators, including those in Spain, Poland, and Portugal, didn't meet an October 31 deadline to detail how they planned to apply the directive in their markets. Four others--Latvia, Liechtenstein, Lithuania, and Slovenia--only partially fulfilled this obligation, according to JWG-IT research. Domestic regulators were originally given a January 31, 2007, deadline, but the commission had to extend that after the United Kingdom was the only one of the 30 member states to meet it.

The Netherlands and Finland transposed their MiFID plans to the commission by the October deadline, but the Czech Republic, Estonia, Hungary, Iceland, Poland, Portugal, and Spain did not. Experts say U.S.-listed firms will be better prepared for MiFID because they have already had to introduce controls to comply with the Sarbanes-Oxley Act.