The following is a guest article from Robin Hodgkins, President of Castine LLC, a provider of commission management software and research procurement solutions.
With all consternation created by MiFID II’s research unbundling requirements in Europe and around the world, a key issue is being overlooked: asset managers will be required to perform due diligence analysis on all third-party research providers.
UK regulators in their consultation paper on MiFID II referenced the need to conduct due diligence on external research providers: “We anticipate that operational changes that investment managers, in particular, may need to make to meet the new MiFID II approach may be complemented by new services being offered by third parties. This could include administration of RPAs, which may involve holding RPA funds on behalf of a portfolio manager, performing basic due diligence on research providers to confirm they are legitimate, and processing payments.” [Italics added]
To cover the MiFID II requirements as well as USA-based due diligence requirements, buy-siders are well advised to establish a systematic process to ensure each of their research providers has been properly vetted and stacks up with internal compliance standards. Once an adequate due diligence process is established, asset managers will be well positioned to begin implementing a MiFID II compliant research valuation, budgeting, and payment process.
The Missing Piece
If we take a look at the continuum of research procurement and management activities envisioned under MiFID II, the due diligence step has received the least attention.
These days, everyone is focusing on the “Value Derived” and “Pay for it” blocks, which keeps a lot of consultants and vendors busy (Castine included). The “Research Discovery / Request” component often comes directly from one’s portfolio managers and analysts, possibly augmented by consultants and/or research portals and aggregations (Integrity Research included).
“Use and Consume” is handled by several robust research management and research consumption systems already on the market.
The missing piece is one that is required in the EU and also in the USA – the “Due Diligence” and onboarding piece.
Cornerstones for Due Diligence
A robust due diligence program includes a thorough assessment of a firm’s research brokers, independent research providers (IRPs) and trading counterparties, and one that repeatedly monitors their compliance practices, staffing, capabilities, and registration or regulatory information. Pre-designed and pre-collected due diligence questionnaires can start the process by letting buy-side compliance groups get into their reviews and approval process right away. This is far more effective than wasting weeks and months when starting from scratch and doing all the follow-up to make sure vendors have responded.
Integrating pre-collected information helps firms to overcome one of the biggest hurdles to a robust compliance program, especially where it relates to MiFID II, because it saves the time needed by the buy-side to design, collect, collate, review, and act on the questionnaires. Conversely, if you choose to do all of the legwork around collecting and ensuring all the questionnaires are updated, using pre-designed questionnaires can still save ramp-up time.
Solutions exist that put all of these steps together, allowing the buy-side to outsource all of the legwork to regularly collect the information, track changes, manage approvals and interviews, and pipeline all due diligence data into the firm’s MiFID II – compliant RPA system. Castine’s RPA Centre includes a database of over 500 completed due diligence questionnaires for its buy-side clients.
Key due diligence issues are summarized below:
- Target research brokers, independent research providers (IRPs), trading counterparties to start and then extend to IT/cybersecurity and general vendors.
- For research firms, ensure that each type of firm is covered by the appropriate questionnaire(s).
- Review your questions with your legal team and/or consultant to make sure they reflect industry best practices and elicit the proper level of information you need.
- Have a system in place to ensure that brokers update their responses every year.
- Maintain historical data in perpetuity and easily available for review at any time.
- If tracking the interviewing of new brokers, keep a list of all questions you pose and how the broker answered them.
- Collect research samples, org charts, correspondence for future reviews
- Tie the approved brokers and IRPs directly into your broker valuation or voting system.
- As research is an expensive proposition, track the licenses involved, with particular attention paid to the renewal and cancellation process, user lists and renewal requests, and payment information.
- In conjunction with your periodic valuation review, ask users (e.g. PMs and analysts) if they want the continue to use the research, especially if it’s tied to a license with cancellation windows to watch out for.
- Have a broker “risk score” to track which firms are higher risk and therefore more deserving of frequent reviews. Ideally have the scoring be automated and updated whenever answers change.
Having these steps in place is an easy starting point for a successful MiFID II rollout. Regardless of the path the buy-side decides to travel with MiFID II – using P&L, client fees, or client commissions, objective vs. subjective valuations, paying brokers oneself or using different brokers or an RPA “bank” for payments – excellent compliance practices are critical and underpin the entire process. Strong due diligence, whether built in-house or purchased through a vendor solution, is a necessary first step.
 https://www.fca.org.uk/publications/consultation-papers/cp16-29-mifid-ii-implementation, page 33, section 3.42.