Intricacies of Regulatory Reporting: "AI Helps, but Brings Its Own Set of Challenges"

Tuesday, 20/02/2024 | 13:40 GMT by Arnab Shome
  • Finance Magnates talked to several regtech experts to know the nuances of regulatory reporting.
  • "Each regulator is putting their own spin on things... for no discernibly necessary reason," Quinn Perrott said.
reporting Regulations

The regulatory reporting landscape evolved significantly over the past few years. Geopolitical events, like Brexit, and changes in regulations, as the introduction of MiFID II, have forced financial services firms to overhaul their reporting obligations. Now, the incoming Markets in Crypto-Assets (MiCA) Regulation later this year will make a huge impact on crypto reporting.

Each regulatory authority has its requirements when it comes to reporting. Although there are talks about harmonizing reporting among top regulators, the reality is different.

Quinn Perrott, Co-CEO of TRAction Fintech

“The idea is that the reporting is harmonized throughout the major global regulators,” said Quinn Perrott, the Co-CEO of TRAction Fintech. “They are calling it a Global Harmonisation Project, and there does seem to be a collaboration between regulators. This is a great idea in theory as it means that regulators can share data with each other easily, which leads to better monitoring and regulatory outcomes. Harmonization also means that the cost of implementation is significantly reduced for firms who need to comply.”

“Of course, in reality, each regulator is putting their own spin on things, and so, for no discernibly necessary reason, the requirements are not fully harmonized, even though they are all starting to point in the same direction and have a lot of similarities.”

Financial services firms must follow proper requirements when it comes to regulatory reporting. There are many caveats: time, proper forms and portals, and, of course, the relevant and accurate data.

Cysec reporting

UK Is out of EU Bloc, but Reporting Harmony Remains

Jurisdictions where harmonization is already in place is the European Union and the United Kingdom. However, this is because of the existing pan-EU regulatory structure and the previous presence of the UK in the bloc until 2020.

Regulatory reporting requirements for UK brokers can be broadly divided into trade and transaction reporting and firm data reporting.

For trade and transaction reporting, the UK’s Financial Conduct Authority (FCA ) still uses the requirements introduced by the Markets in Financial Instruments Regulation (MIFIR) to detect and investigate suspected market abuse. The provisions of the European Market Infrastructure Regulation (EMIR) enhance the transparency of derivative markets and reduce risks to financial stability.

Lewis Gurry, Director at C&G Regulatory Solutions
Lewis Gurry, Director at C&G Regulatory Solutions

“UK brokers are required to periodically report firm data to the FCA using the RegData system. Common data items include financials, client money, and asset returns, and prudential returns,” Lewis Gurry, a Director at C&G Regulatory Solutions, told Finance Magnates.

He further elaborated that each MIFIR transaction report must contain “complete and accurate details,” including but not limited to information about the financial instrument traded; the firm undertaking the trade; the buyer and the seller; and the date/time of the trade. Further, for these reports, firms need to meet the deadline, which is “as quickly as possible, and no later than the close of the following working day.”

The UK-regulated firms submit these to the FCA Market Data Processor, either directly or via an Approved Reporting Mechanism (ARM).

Under the EMIR trade reports, companies need to furnish additional information relating to clearing and collateral. Within one working day, UK-based counterparties need counterparties to report their side of the trade unless one party has agreed in writing to report on behalf of both counterparties or the law requires a financial counterparty to report on behalf of its counterparty.

“Firm data reporting varies depending on a firm’s profile and business model,” Gurry added. “Firms should refer to their individual reporting schedules for confirmation and raise any queries directly with their supervisory team at the FCA. Most reports are filed through RegData, but the FCA does require certain notifications and applications to be submitted through the Connect system.”

Elaborating on the reporting intricacies, Ron Finberg, an Executive Director of S&P Global Market Intelligence at Cappitech, said: "T+1 transaction reporting of trades is split between European Securities and Markets Authority (ESMA) EU and UK regulations. The primary regulations are EMIR and MIFIR of which the EU and UK versions are very similar but need to be reported to different locations. EMIR covers all derivatives while MIFIR is for products that trade on a trading venue (TOTV) or underlying trades on a trading venue (UTOTV)."

Ron Finberg, Executive Director, S&P Global Market Intelligence Cappitech

"A FX CFD is only reported under EMIR, shares of Vodaphone are reported only under MIFIR, but a CFD of Vodaphone falls under scope of both EMIR and MIFIR daily transaction reporting. Another regulation called SFTR covers daily reporting of security finance transactions, but very few CFD brokers are under scope of this regulation."

The Impact of Brexit

The UK exited the EU bloc in December 2020. The regulatory obligations for the UK firms changed with the closure of the transition: MIFIR and EMIR were replaced with UK MIFIR and UK EMIR, respectively. However, the core MIFIR reporting details were essentially unchanged for the UK firms that admitted to trading or traded at a UK, Gibraltar, or EU trading venue.

“There were notable amendments regarding dual reporting obligations where transactions were executed by an EU investment firm through a UK branch or vice versa,” said Gurry. “The FCA clarified that branches could no longer fulfill reporting obligations solely by transmitting orders to other entities. Consequently, investment firms needed contracts with both a UK ARM and an EU ARM to facilitate dual reporting.”

Under UK EMIR, the FCA assumed responsibility for registering and overseeing trade repositories operating in the UK post-Brexit. Notably, UK branches of third-country firms fall outside the scope of the UK EMIR reporting regime, alleviating reporting burdens for these entities. However, branches of UK-established firms abroad are subject to reporting requirements under the UK EMIR regime.

“Whilst the FCA requested periodic data from firms to inform their supervision strategy over Brexit and the transition period, it is worth noting that Brexit has not left a lasting impact on firm data reporting requirements.”

Finberg has observed a "divergence between the EU and UK versions of the regulations, specifically around go-live dates and exemptions." He added: "The EMIR REFIT which is a wide ranging update to EMIR regulation goes into scope in April of this year under ESMA and only in September for the UK. Similarly, for SFTR, new validations that ESMA added last September are only slated to go into effect in the UK later this year."

Reporting under CySEC

Cyprus, an EU member state, is home to many retail brokers. Most brokers offer services in other EU states by passporting their Cyprus Investment Firm license. These Cyprus-regulated brokers only have to report in their home jurisdiction unless they have a physical presence in another European Economic Area (EEA) jurisdiction through a Branch or a Tied Agent.

Under the Cyprus Securities and Exchange Commission (CySEC), there are three distinct methods of regulatory reporting: the CySEC Transaction Reporting System (TRS), the CySEC Portal, and the CySEC eXtensible Business Reporting Language (XBRL) Portal.

TRS is a central platform for submitting standardized reports, including the Quarterly Statistics Form, Complaints Form, and Monthly Prevention Statement (MPS). These reports must be in CySEC’s predefined format and are crucial to the validation process.

The CySEC Portal is employed for reports in non-standardized formats, such as the annual Compliance Report, Internal Audit Report, and Financial Statements. Unlike the TRS, these reports may vary in structure and content based on the specific requirements of the reporting entity.

When it comes to reporting, the CySEC XBRL Portal is the latest addition and addresses reporting obligations related to the investment firms’ prudential supervision framework. Companies must submit reports through the XBRL portal, using XBRL for standardized and machine-readable reporting.

Evdokia Pitsillidou, Risk & Compliance Director at SALVUS Funds
Evdokia Pitsillidou, Risk & Compliance Director at SALVUS Funds

“CySEC employs a multi-faceted approach to regulatory reporting, catering to both standardized and non-standardized formats,” Evdokia Pitsillidou, Risk & Compliance Director at SALVUS Funds, said. “The emphasis on validation and status confirmation ensures that submitted reports meet regulatory requirements, contributing to the overall integrity and effectiveness of the regulatory reporting system.”

Additionally, SALVUS Funds publishes a yearly regulatory reporting obligations calendar of reporting with CySEC.

Although the Cyprus-regulated companies only have to report to the regulator on the island, the data requested through these reporting obligations extensively cover the investment services and products offered by the firm across the EEA and third countries.

CySEC has the authority to forward the collected information to regulatory bodies such as the ESMA and the European Banking Authority, as well as to share them with competent authorities of other EEA Member States, Pitsillidou pointed out.

The Incoming MiCA

To bolster the regulations and reporting around cryptocurrencies, the European Union is about to introduce MiCA Regulation, with an anticipated full implementation by June 2024. However, the regulations will only cover physical cryptocurrency offerings under the Crypto Asset Service Providers (CASP) license.

Alexandros Constantinou, Director of Compliance Services, MAP S.Platis
Alexandros Constantinou, Director of Compliance Services, MAP S.Platis

“MiCA establishes a bespoke regime relevant to the issuance and public offering of crypto-assets as well as services related to crypto-assets,” said Alexandros Constantinou, Director of Compliance Services, MAP S.Platis. “MiCA does not capture financial products referencing crypto-assets which qualify as financial instruments and are regulated under other regimes such as MiFID II (e.g., CFDs on bitcoin).”

Currently, brokers offering CFDs referencing cryptocurrencies are still required to submit the usual reports that they are subject to. However, Constantinou pointed out: “the main difference in reporting rests with their EMIR-Refit reports where specific fields need to indicate that the report concerns a crypto-assets class and a specific reference to the underlying crypto-asset.”

And, for reporting under MiCA, the regulators are yet to come up with the specific regulatory requirements, although it will encompass a spectrum of reports, including compliance-related reports, reports addressing their capital adequacy, and data collection reports tailored for the provision of various crypto asset services and management of crypto assets.

Pitsillidou said: "At present, reporting on cryptocurrencies is mandatory through the Monthly Prevention Statement (MPS), detailing the receipt of specific crypto assets as means of deposits by regulated entities. Additionally, the quarterly statistics form requires the completion of date concerning the offer of Contracts for Difference (CFDs) with cryptocurrencies as the underlying asset by investment firms."

"Given that MiCA regulation is not yet in full effect, CASPs currently registered under CySEC must comply with reporting obligations established within the AML/CFT framework."

The Entry of Artificial Intelligence

Like any other sector, artificial intelligence (AI) is significantly impacting rules-based tasks of regulatory reporting. Many regulators globally have published reports on AI's benefits and highlighted caution. Regarding regulatory reporting, AI can facilitate more efficient and accurate regulatory compliance through automated monitoring and analysis of vast datasets. It can further enhance the detection of irregularities, potential risks, and non-compliance, thereby improving overall regulatory oversight.

“We must highlight that the necessity for AI to be adequately trained on regulatory reporting processes is imperative,” Pitsillidou added. “It is crucial to note that the adoption of AI in the regulatory landscape brings its own set of challenges, including issues related to transparency, accountability, and the ethical use of AI. Striking a balance between innovation and the ethical deployment of AI technologies is pivotal for ensuring a fair and effective regulatory environment in the era of advancing technological capabilities.”

The regulatory reporting landscape evolved significantly over the past few years. Geopolitical events, like Brexit, and changes in regulations, as the introduction of MiFID II, have forced financial services firms to overhaul their reporting obligations. Now, the incoming Markets in Crypto-Assets (MiCA) Regulation later this year will make a huge impact on crypto reporting.

Each regulatory authority has its requirements when it comes to reporting. Although there are talks about harmonizing reporting among top regulators, the reality is different.

Quinn Perrott, Co-CEO of TRAction Fintech

“The idea is that the reporting is harmonized throughout the major global regulators,” said Quinn Perrott, the Co-CEO of TRAction Fintech. “They are calling it a Global Harmonisation Project, and there does seem to be a collaboration between regulators. This is a great idea in theory as it means that regulators can share data with each other easily, which leads to better monitoring and regulatory outcomes. Harmonization also means that the cost of implementation is significantly reduced for firms who need to comply.”

“Of course, in reality, each regulator is putting their own spin on things, and so, for no discernibly necessary reason, the requirements are not fully harmonized, even though they are all starting to point in the same direction and have a lot of similarities.”

Financial services firms must follow proper requirements when it comes to regulatory reporting. There are many caveats: time, proper forms and portals, and, of course, the relevant and accurate data.

Cysec reporting

UK Is out of EU Bloc, but Reporting Harmony Remains

Jurisdictions where harmonization is already in place is the European Union and the United Kingdom. However, this is because of the existing pan-EU regulatory structure and the previous presence of the UK in the bloc until 2020.

Regulatory reporting requirements for UK brokers can be broadly divided into trade and transaction reporting and firm data reporting.

For trade and transaction reporting, the UK’s Financial Conduct Authority (FCA ) still uses the requirements introduced by the Markets in Financial Instruments Regulation (MIFIR) to detect and investigate suspected market abuse. The provisions of the European Market Infrastructure Regulation (EMIR) enhance the transparency of derivative markets and reduce risks to financial stability.

Lewis Gurry, Director at C&G Regulatory Solutions
Lewis Gurry, Director at C&G Regulatory Solutions

“UK brokers are required to periodically report firm data to the FCA using the RegData system. Common data items include financials, client money, and asset returns, and prudential returns,” Lewis Gurry, a Director at C&G Regulatory Solutions, told Finance Magnates.

He further elaborated that each MIFIR transaction report must contain “complete and accurate details,” including but not limited to information about the financial instrument traded; the firm undertaking the trade; the buyer and the seller; and the date/time of the trade. Further, for these reports, firms need to meet the deadline, which is “as quickly as possible, and no later than the close of the following working day.”

The UK-regulated firms submit these to the FCA Market Data Processor, either directly or via an Approved Reporting Mechanism (ARM).

Under the EMIR trade reports, companies need to furnish additional information relating to clearing and collateral. Within one working day, UK-based counterparties need counterparties to report their side of the trade unless one party has agreed in writing to report on behalf of both counterparties or the law requires a financial counterparty to report on behalf of its counterparty.

“Firm data reporting varies depending on a firm’s profile and business model,” Gurry added. “Firms should refer to their individual reporting schedules for confirmation and raise any queries directly with their supervisory team at the FCA. Most reports are filed through RegData, but the FCA does require certain notifications and applications to be submitted through the Connect system.”

Elaborating on the reporting intricacies, Ron Finberg, an Executive Director of S&P Global Market Intelligence at Cappitech, said: "T+1 transaction reporting of trades is split between European Securities and Markets Authority (ESMA) EU and UK regulations. The primary regulations are EMIR and MIFIR of which the EU and UK versions are very similar but need to be reported to different locations. EMIR covers all derivatives while MIFIR is for products that trade on a trading venue (TOTV) or underlying trades on a trading venue (UTOTV)."

Ron Finberg, Executive Director, S&P Global Market Intelligence Cappitech

"A FX CFD is only reported under EMIR, shares of Vodaphone are reported only under MIFIR, but a CFD of Vodaphone falls under scope of both EMIR and MIFIR daily transaction reporting. Another regulation called SFTR covers daily reporting of security finance transactions, but very few CFD brokers are under scope of this regulation."

The Impact of Brexit

The UK exited the EU bloc in December 2020. The regulatory obligations for the UK firms changed with the closure of the transition: MIFIR and EMIR were replaced with UK MIFIR and UK EMIR, respectively. However, the core MIFIR reporting details were essentially unchanged for the UK firms that admitted to trading or traded at a UK, Gibraltar, or EU trading venue.

“There were notable amendments regarding dual reporting obligations where transactions were executed by an EU investment firm through a UK branch or vice versa,” said Gurry. “The FCA clarified that branches could no longer fulfill reporting obligations solely by transmitting orders to other entities. Consequently, investment firms needed contracts with both a UK ARM and an EU ARM to facilitate dual reporting.”

Under UK EMIR, the FCA assumed responsibility for registering and overseeing trade repositories operating in the UK post-Brexit. Notably, UK branches of third-country firms fall outside the scope of the UK EMIR reporting regime, alleviating reporting burdens for these entities. However, branches of UK-established firms abroad are subject to reporting requirements under the UK EMIR regime.

“Whilst the FCA requested periodic data from firms to inform their supervision strategy over Brexit and the transition period, it is worth noting that Brexit has not left a lasting impact on firm data reporting requirements.”

Finberg has observed a "divergence between the EU and UK versions of the regulations, specifically around go-live dates and exemptions." He added: "The EMIR REFIT which is a wide ranging update to EMIR regulation goes into scope in April of this year under ESMA and only in September for the UK. Similarly, for SFTR, new validations that ESMA added last September are only slated to go into effect in the UK later this year."

Reporting under CySEC

Cyprus, an EU member state, is home to many retail brokers. Most brokers offer services in other EU states by passporting their Cyprus Investment Firm license. These Cyprus-regulated brokers only have to report in their home jurisdiction unless they have a physical presence in another European Economic Area (EEA) jurisdiction through a Branch or a Tied Agent.

Under the Cyprus Securities and Exchange Commission (CySEC), there are three distinct methods of regulatory reporting: the CySEC Transaction Reporting System (TRS), the CySEC Portal, and the CySEC eXtensible Business Reporting Language (XBRL) Portal.

TRS is a central platform for submitting standardized reports, including the Quarterly Statistics Form, Complaints Form, and Monthly Prevention Statement (MPS). These reports must be in CySEC’s predefined format and are crucial to the validation process.

The CySEC Portal is employed for reports in non-standardized formats, such as the annual Compliance Report, Internal Audit Report, and Financial Statements. Unlike the TRS, these reports may vary in structure and content based on the specific requirements of the reporting entity.

When it comes to reporting, the CySEC XBRL Portal is the latest addition and addresses reporting obligations related to the investment firms’ prudential supervision framework. Companies must submit reports through the XBRL portal, using XBRL for standardized and machine-readable reporting.

Evdokia Pitsillidou, Risk & Compliance Director at SALVUS Funds
Evdokia Pitsillidou, Risk & Compliance Director at SALVUS Funds

“CySEC employs a multi-faceted approach to regulatory reporting, catering to both standardized and non-standardized formats,” Evdokia Pitsillidou, Risk & Compliance Director at SALVUS Funds, said. “The emphasis on validation and status confirmation ensures that submitted reports meet regulatory requirements, contributing to the overall integrity and effectiveness of the regulatory reporting system.”

Additionally, SALVUS Funds publishes a yearly regulatory reporting obligations calendar of reporting with CySEC.

Although the Cyprus-regulated companies only have to report to the regulator on the island, the data requested through these reporting obligations extensively cover the investment services and products offered by the firm across the EEA and third countries.

CySEC has the authority to forward the collected information to regulatory bodies such as the ESMA and the European Banking Authority, as well as to share them with competent authorities of other EEA Member States, Pitsillidou pointed out.

The Incoming MiCA

To bolster the regulations and reporting around cryptocurrencies, the European Union is about to introduce MiCA Regulation, with an anticipated full implementation by June 2024. However, the regulations will only cover physical cryptocurrency offerings under the Crypto Asset Service Providers (CASP) license.

Alexandros Constantinou, Director of Compliance Services, MAP S.Platis
Alexandros Constantinou, Director of Compliance Services, MAP S.Platis

“MiCA establishes a bespoke regime relevant to the issuance and public offering of crypto-assets as well as services related to crypto-assets,” said Alexandros Constantinou, Director of Compliance Services, MAP S.Platis. “MiCA does not capture financial products referencing crypto-assets which qualify as financial instruments and are regulated under other regimes such as MiFID II (e.g., CFDs on bitcoin).”

Currently, brokers offering CFDs referencing cryptocurrencies are still required to submit the usual reports that they are subject to. However, Constantinou pointed out: “the main difference in reporting rests with their EMIR-Refit reports where specific fields need to indicate that the report concerns a crypto-assets class and a specific reference to the underlying crypto-asset.”

And, for reporting under MiCA, the regulators are yet to come up with the specific regulatory requirements, although it will encompass a spectrum of reports, including compliance-related reports, reports addressing their capital adequacy, and data collection reports tailored for the provision of various crypto asset services and management of crypto assets.

Pitsillidou said: "At present, reporting on cryptocurrencies is mandatory through the Monthly Prevention Statement (MPS), detailing the receipt of specific crypto assets as means of deposits by regulated entities. Additionally, the quarterly statistics form requires the completion of date concerning the offer of Contracts for Difference (CFDs) with cryptocurrencies as the underlying asset by investment firms."

"Given that MiCA regulation is not yet in full effect, CASPs currently registered under CySEC must comply with reporting obligations established within the AML/CFT framework."

The Entry of Artificial Intelligence

Like any other sector, artificial intelligence (AI) is significantly impacting rules-based tasks of regulatory reporting. Many regulators globally have published reports on AI's benefits and highlighted caution. Regarding regulatory reporting, AI can facilitate more efficient and accurate regulatory compliance through automated monitoring and analysis of vast datasets. It can further enhance the detection of irregularities, potential risks, and non-compliance, thereby improving overall regulatory oversight.

“We must highlight that the necessity for AI to be adequately trained on regulatory reporting processes is imperative,” Pitsillidou added. “It is crucial to note that the adoption of AI in the regulatory landscape brings its own set of challenges, including issues related to transparency, accountability, and the ethical use of AI. Striking a balance between innovation and the ethical deployment of AI technologies is pivotal for ensuring a fair and effective regulatory environment in the era of advancing technological capabilities.”

About the Author: Arnab Shome
Arnab Shome
  • 6654 Articles
  • 102 Followers
About the Author: Arnab Shome
Arnab is an electronics engineer-turned-financial editor. He entered the industry covering the cryptocurrency market for Finance Magnates and later expanded his reach to forex as well. He is passionate about the changing regulatory landscape on financial markets and keenly follows the disruptions in the industry with new-age technologies.
  • 6654 Articles
  • 102 Followers

More from the Author

Retail FX

!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|} !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}