LogoRegulatory Alerts
2018-06-29

FMA Circular on Personal Transactions by Employees with Financial Instruments pursuant to Article 28 et seq of MiFID II Delegated Regulation (EU) 2017/565

The Austrian Financial Market Authority published this circular to guide credit institutions and other legal entities on complying with personal transaction obligations under MiFID II Delegated Regulation (EU) 2017/565. It requires firms to maintain broad confidentiality areas, document written arrangements with explicit control measures, and notify all employee transactions involving financial instruments without de minimis limits or account-type differentiation. Additionally, the guidance mandates prompt notification on the same or following banking day alongside timely material checks against watch lists and trading records to effectively mitigate conflicts of interest.

Finanzmarktaufsicht logo

Austria

Finanzmarktaufsicht

Click to view thumbnail

JU N E 2 0 18 Document Number: Publication Date: 05 / 2018 29.06.2018 FMA CIRCULAR ON PERSONAL TRANSACTIONS BY EMPLOYEES WITH FINANCIAL INSTRUMENTS PURSUANT TO ARTICLE 28 ET SEQ MIFID II DELEGATED REGULATION (EU) 2017/565

FMA Circular on Personal Transactions 29.06.2018 2 I. INTRODUCTION ...................................................................................................................... 3 II. Principles .................................................................................................................................. 4 (1) The scope of circle of the relevant person should be considered as being broad ...................... 4 (2) The arrangements taken must be documented in written form and must also contain control measures ..................................................................................................................................... 5 (3) It is not permissible to differentiate between in-house securities accounts and those held at other banks ........................................................................................................................................... 6 (4) The legal entity must be notified about every personal transaction conducted that involves a financial instrument. The introduction of de minimis limits is not permissible ............................. 6 (5) The legal entity shall be informed promptly about personal transactions ................................... 7 (6) A transaction that is conducted by an employee for the account of a third party (by dint of being an authorised signatory or holding a power of attorney), shall be qualified as being a personal transaction as defined in Article 28 et seq. of Delegated Regulation (EU) 2017/565 ................. 7 (7) The notification may be made by means of a transaction report or by means of other procedures. ..................................................................................................................................................... 7 (8) Control measures shall include both the checking of observance of reporting obligations as well as material checks about the transactions .................................................................................. 8 (9) The obligation to notify promptly implies that timely control measures are deployed. ................ 9

FMA Circular on Personal Transactions 29.06.2018 3 I. INTRODUCTION

  1. The Austrian Financial Market Authority has decided to publish the following FMA Circular in order to provide legal entities as defined in Article 26 para. 1 of the Austrian Securities Supervision Act 2018 (WAG 2018; Wertpapieraufsichtsgesetz 2018) with guidance in relation to the correspondence of the legal rules in conjunction with personal transactions pursuant to Article 28 et seq. of Commission Delegated Regulation (EU) 2017/565 of 25 April 2016 supplementing Directive 2014/65/EU of the European Parliament and of the Council as regards organisational requirements and operating conditions for investment firms and defined terms for the purposes of that Directive (hereafter "Delegated Regulation (EU) 2017/565"). This circular provides an overview about the main requirements in relation to this issue while also taking into consideration the FMA's legal view or supervisory practices (that has in the meantime also been confirmed by various instances or the Supreme Court respectively).
  2. The present circular was originally published in 2016 and has been republished in this current version in particular to take into account the WAG 2018 in conjunction with Delegated Regulation (EU) 2017/565 (with references being duly amended). The most recently published version is valid.
  3. This circular is addressed to all credit institutions as legal entity as defined in Article 26 WAG 2018. The principles that are contained in the circular have been drawn up on the basis of supervisory practices in credit institutions. However, they may also be applied to also assist other legal entities pursuant to Article 26 WAG 2018. The same also applies for the legal interpretation of those rules that are replicated from MIFiD rules (e.g. the Investment Funds Act of 2011 (InvFG 2011; Investmentfondsgesetz 2011 or the AIFM Regulation).
  4. For the purposes of this circular, the term "transactions" will be used for personal transactions as defined in Article 28 of Delegated Regulation (EU) 2017/565 and the term "employee" for the relevant person as defined in Article 29 (1) of Delegated Regulation (EU) 2017/565.
  5. This circular does not constitute a legal regulation. It is intended to serve as guidance and reflects the FMA's legal interpretation. No rights and obligations extending over and above the provisions of the law can be derived from this circular.
  6. Where designations used refer to natural persons, the formulation used applies to both genders.

FMA Circular on Personal Transactions 29.06.2018 4 II. PRINCIPLES (1) THE SCOPE OF CIRCLE OF THE RELEVANT PERSON SHOULD BE CONSIDERED AS BEING BROAD 7. A measure to prevent forbidden personal transactions is to control the flow of information by establishing confidentiality areas (CAs).1 In practice, permanent or temporary CAs are established for those employees who either regularly or on an ad hoc basis have access to compliance-relevant information. Belonging to a CA in practice frequently represents a material point of reference for the arrangements taken by the entity in relation to personal transactions. Where the definition of a relevant person as defined in Article 29 (1) of Delegated Regulation 2017/575 is linked to belonging to a CA, then the CAs are not allowed to be too narrowly spread, and are required to cover all persons who conduct personal transactions as relevant persons as defined in Article 28 Delegated Regulation (EU) 2017/565. 8. The CA must in particular capture persons, who have direct contact to the clients, are who are involved in the provision of investment services and activities:2

• Persons who are entrusted with trading of transferable securities for a legal entity, or persons who have close contact to the clients, are therefore to be considered as relevant persons as defined in Article 29 (1) of Delegated Regulation (EU) 2017/565. This also include sales employees.3 • Employees working in private and corporate bank as well as other client advisers for investments (such as the employees of regional sales units such as bank branches) are also exposed to conflicts of interest by virtue of their direct contact to clients in relation to the management of accounts and securities accounts when providing investment services and activities and therefore are considered as relevant persons as defined in Article 29 (1) of Delegated Regulation (EU) 2017/565.4

• The staff of tied agents are also considered as relevant persons as defined in Article 29 (1) of Delegated Regulation (EU) 2017/565, provided that they actually and directly provide investment services for the credit institution.5

1 Module 1 Principles of Orderly Compliance, Point 9 or Module 2 Insider trading law and market manipulation, Section 1 Point 4 of the Standard Compliance Code of the Austrian Banking Industry (versions of 28.12.2007 and 24.02.2011 respectively). 2 UVS Wien 10.12.2012, UVS-06/FM/47/4460/2012; UVS Wien 10.12.2012, UVS-06/FM/40/5480/2012. 3 Judgement of the Federal Administrative Court (BVwG) 11.08.2014, W210 2000417-1/8E. 4 UVS Wien 10.12.2012, UVS-06/FM/47/4460/2012; UVS Wien 10.12.2012, UVS-06/FM/40/5480/2012. 5 UVS Wien 23.06.2010, UVS 06/FM/47/3890/2009.

FMA Circular on Personal Transactions 29.06.2018 5 (2) THE ARRANGEMENTS TAKEN MUST BE DOCUMENTED IN WRITTEN FORM AND MUST ALSO CONTAIN CONTROL MEASURES 9. From Article 29 para. 1 WAG 2018 it is apparent that a legal entity, when determining appropriate strategies and procedures, must ensure that the legal entity itself, its managers, employees, and tied agents all comply with the obligations set out in Chapter II of Delegated Regulation (EU) 2017/565 (the requirements in relation to personal transactions are defined in Chapter II, Article 29). 10. Adequate arrangements are to be understood as requirements for the organisation or strategies and procedures that ensure that no forbidden personal transaction is concluded as defined in Article 29 (2) to (4) of Delegated Regulation (EU) 2017/565. The relevant arrangements must be documented in written form. Adequate arrangements must also include control measures by the legal entity to ensure that employees fulfil the necessary obligations.6 11. Legal entities must draw up as an arrangement as defined in Article 29 of Delegated Regulation (EU) 2017/565 an adequately specifically defined written rulebook (e.g. in the form of a Compliance Guideline or a Compliance Handbook) for employees to ensure that the employees are able to consult and acknowledge it at all times. This written rulebook should define the conduct obligations such as reporting obligations for securities portfolios as well as individual personal transactions, submission of copies or annual transaction lists. Such obligations must explicitly be brought to the attention of employees (see also Article 29 (5) (a) of Delegated Regulation (EU) 2017/565). 12. Furthermore legal entity must also define in written form, which specific control measures have been taken in relation to the personal transactions of its employees. This may be done in the form of a process or operational sequence description or as an instruction to the competent body.7 In the view of the Supreme Administrative Court (VwGH; Verwaltungsgerichtshof) the legislator has a specific rulebook in mind for employees that must focus on the purpose and objective of the rule(s). It is self-explanatory that such "arrangements" must be documented in writing, thereby in particular making it possible for employees to consult and acknowledge them at any time.8 In so doing, from the FMA's perspective, it is necessary to specifically determine which activities and the relevant control steps as well as what steps are conducted in the end of the reporting obligations not being complied with by the competent body.

6 VwGH 27.03.2015, Zl Ra 2015/02/0025-5: "In any case arrangements that do not stipulate any controls, are not adequate (…)". 7 Supervisory practices have shown that legal entities regularly entrust the issue of personal transactions by employees to the compliance function. 8 VwGH 27.03.2015, Zl Ra 2015/02/0025-5.

FMA Circular on Personal Transactions 29.06.2018 6 (3) IT IS NOT PERMISSIBLE TO DIFFERENTIATE BETWEEN IN-HOUSE SECURITIES ACCOUNTS AND THOSE HELD AT OTHER BANKS 13. Pursuant to Article 29 (5) (b) of Delegated Regulation (EU) 2017/565 the legal entity must be informed promptly about any personal transaction entered into by a relevant person as defined in Article 29 (1) of Delegated Regulation (EU) 2017/565. Delegated Regulation (EU) 2017/565 does not differentiate in this case whether the personal transaction is conducted using the employee's securities account held at their own credit institution (in-house securities account) or using a securities account held at a third-party bank (third-party bank securities account). All personal transactions must be notified - with the exception of those personal transactions set forth in Article 29 (6) of Delegated Regulation (EU) 2017/565 - regardless of whether they are settled through an in-house or a third-party bank securities account. (4) THE LEGAL ENTITY MUST BE NOTIFIED ABOUT EVERY PERSONAL TRANSACTION CONDUCTED THAT INVOLVES A FINANCIAL INSTRUMENT. THE INTRODUCTION OF DE MINIMIS LIMITS IS NOT PERMISSIBLE 14. The obligation to notify covers all personal transactions involving a financial instrument with the exception of those personal transactions listed in Article 29 (6) of Delegated Regulation (EU) 2017/565. On the basis of the final exception in Article 29 (6) of Delegated Regulation (EU) 2017/565 it is therefore not permissible that the notification is either restricted to personal transactions with specific financial instruments (eg. shares)9 or that the notification of personal transactions is excluded for specific financial instruments (e.g. government bonds and Kontrollbank bonds)10 . 15. Furthermore, it is not permissible to restrict the notification of personal transactions for a relevant person pursuant to Article 29 (1) Delegated Regulation (EU) 2017/565 to be restricted to a pre-defined threshold, but the notification must cover every personal transaction – irrespective of the amount.11

9 UVS Wien 12.03.2013, UVS-06/FM/40/4027/2012. 10 UVS Wien 12.03.2013, UVS-06/FM/40/5480/2012. 11 UVS Wien 14.04.2011, UVS-06/FM/47/11679/2010, UVS Wien 06.03.2013, UVS￾06/FM/40/5480/2012.

FMA Circular on Personal Transactions 29.06.2018 7 (5) THE LEGAL ENTITY SHALL BE INFORMED PROMPTLY ABOUT PERSONAL TRANSACTIONS 16. From the FMA's perspective the requirement for promptness will be satisfied, if the arrangements for the notification of personal transactions (irrespective of whether by means of a reporting obligation or a systematic analysis, see also (7)) are conducted both for in-house securities accounts as well as for third-party bank securities accounts promptly following the execution of the transaction - i.e. on the same banking day or at latest on the following banking day. The criteria of prompt notification will therefore in particular not be satisfied in the case that the notification of transactions is only conducted at specific routine intervals12 (e.g. on a weekly, monthly or annual basis). (6) A TRANSACTION THAT IS CONDUCTED BY AN EMPLOYEE FOR THE ACCOUNT OF A THIRD PARTY (BY DINT OF BEING AN AUTHORISED SIGNATORY OR HOLDING A POWER OF ATTORNEY), SHALL BE QUALIFIED AS BEING A PERSONAL TRANSACTION AS DEFINED IN ARTICLE 28 ET SEQ. OF DELEGATED REGULATION (EU) 2017/565 17. In the case of there being any other kind of notification of personal transactions using systematic arrangements, this means that the in-house securities accounts of third parties, for whom employees are authorised signatories or hold a power of attorney, must be captured in the systems of the legal entity and must be marked as such. 18. In the case of a reporting obligation for securities accounts the legal entity shall ensure that those securities accounts are also covered by the reporting obligation, for which employees are authorised signatories or hold a power of attorney. (7) THE NOTIFICATION MAY BE MADE BY MEANS OF A TRANSACTION REPORT OR BY MEANS OF OTHER PROCEDURES. 19. The notification of every personal transaction may either be made by means of a transaction report (reporting obligation for the employees) or by others procedure that allow the legal entity to ascertain that such transactions have been conducted (e.g. a procedure whereby the legal entity received a copy).

12 BVwG 09.11.2015, W204-2016361-1/9E, BVwG 22.12.2014, W204-2000423-1/8E.

FMA Circular on Personal Transactions 29.06.2018 8 20. The reporting requirement for the employees many therefore be omitted if legal entities have other procedures at their disposal that permit them to determine that personal transactions have been conducted. Supervisory practice has shown that legal entities frequently make use of systematic arrangements in the case of in-house securities accounts (e.g. IT-based labelling of such transactions) in order to ensure prompt notification or checking. (8) CONTROL MEASURES SHALL INCLUDE BOTH THE CHECKING OF OBSERVANCE OF REPORTING OBLIGATIONS AS WELL AS MATERIAL CHECKS ABOUT THE TRANSACTIONS 21. Legal entities shall regularly conduct checks whether the employees have fulfilled their obligations in relation to personal transactions (e.g. the prompt and complete transaction reporting). Where the notification and checking of personal transactions is not possible by automated means, then the legal entities shall in practice conduct checks for completeness and promptness by comparing the transactions that have been notified or otherwise identified with an annual transaction list. A representative sample may be used for this purpose. The annual transaction lists that are to be requested in this regard must be compared against the notifications received during the year. During this check it is not sufficient to only compare the year-end amounts stated on the securities accounts statements, since they do not contain the individual transactions, and therefore cannot also be checked.13 22. The legal entity should set a short deadline for the submission of the annual transaction list to the compliance function (e.g. 31.01. of the following year) and communicate this to the employees in question. Thereafter the timely submission of this transaction list should be checked, and in the event of non-compliance the necessary steps should be taken by the legal entity. 23. On a material level, the individual transactions are to be compared against the watch list and the blacklist, with the client trading and proprietary trading transactions including large orders that the entity has conducted.14 The supervisor recommends that the personal transactions of employees are compared with all client and proprietary trading transactions. The possibility cannot be excluded in individual cases that smaller orders (which do not fall under the definition of large order, such as clusters of smaller orders) may influence the market, and therefore may also be relevant. A comparison only against the large orders may be an alternative to a comparison against all client and proprietary trading transactions. This presupposes that the definition of a large order defined by the entity had been adequately chosen and implemented, and that additional arrangements have been taken by the credit institution, which take into account or cover all cases of information asymmetry. In the case that the definition of large orders is not properly implemented or where implementation

13 UVS Wien 12.03.2013, UVS-06/FM/40/4027/2012. 14 UVS Wien 12.03.2013, UVS-06/FM/40/4027/2012.

FMA Circular on Personal Transactions 29.06.2018 9 occurs with insufficient additional arrangements, then the risk exists that not all transactions are captured that are needed for effective checking. 24. As is already the case when notifying about transactions, when checking such transactions no restriction is permissible (such as only on the shares of the entity itself) 15. A check being conducted on personal transactions that only occurs from a specific value threshold, as well as also when "larger" orders exist, does not constitute an adequate arrangement pursuant to Article 29 (1) of Delegated Regulation (EU) 2017/565. The check must cover every personal transaction for a relevant person under the scope of Article 29 (1) of Delegated Regulation (EU) 2017/565 (with the exception of the personal transactions covered in Article 29 (6) of Delegated Regulation (EU) 2017/565). (9) THE OBLIGATION TO NOTIFY PROMPTLY IMPLIES THAT TIMELY CONTROL MEASURES ARE DEPLOYED. 25. Pursuant to Article 29 (1) of Delegated Regulation (EU) 2017/565 legal entities shall not only be required to make adequate arrangements, but shall also be required to fulfil such arrangements on a permanent basis. Legal entities must therefore ensure, in particular by means of checks, that the permanent fulfilling of the implemented arrangements actually occurs and that the corresponding measures are taken in the case of failure to comply. The possibility to check personal transactions depends in general on being aware of them. 26. In the case of notification of personal transactions in in-house securities accounts arrangements must also be taken to ensure the timely checking of the transactions by timely means for evaluating and querying them. 27. In the case of notification of personal transactions in third party bank securities accounts legal entities shall have to define other appropriate procedures due to the lack of systematic querying options to ensure prompt checking (e.g. procedures where the legal entity receives a copy, see also MN 19). 28. For a check as defined in Article 29 (5) (b) of Delegated Regulation (EU) 2017/565 from the FMA's perspective it does not suffice if personal transactions are compared (irrespective of whether they were conducted using an in-house securities account or a third party bank securities account) with the watch list and blacklist, with client trading and proprietary trading transaction lists including large orders16 only at routine intervals (e.g. monthly or even only annually), but must occur promptly (several times a week). In this instance proportionality considerations such as the size of the entity or the number of employees may be taken into account.

15 UVS Wien 12.03.2013, UVS-06/FM/40/4027/2012. 16 Or alternative control measures as defined in MN 23.

Share