MiFID Compliance

Historically, the extent of investment in time and money to disaster recovery and business continuity planning was driven very much by an organisations own internal approach to risk management and ‘best practice’.

Increasingly broad scoping regulatory regimes such as the FSA and The Markets in Financial Instruments Directive (MiFID) are placing greater deliverables on organisations with respect to disaster recovery and business continuity to achieve compliance. However, because the regulations and directives are aimed at a broad definition of financial services organisations, regulators are opting not to be overly prescriptive in what constitutes compliance for very varying types and sizes of financial services organisations.

By not distinguishing between ‘buy side’ and ‘sell side’ for instance and through the pre-determined design to not define specifically how organisations should comply, organisations are often left with important internal risk assessments they must make for instance:

• which systems should an organisation deem ‘critical’ versus ‘important’?
• what data needs to be retained to evidence ‘best execution’ and what impact will that have on my IT infrastructure?
• what do we have to do to ensure our disaster recovery and business continuity plans are in line with the rules?
• what expectation should I have and what due diligence should I consider doing on my third party outsourcing providers
• how are we going to achieve this by 1 November 2007?

Wavex can help you address these issues. Please give us a call to discuss your organisations’ particular circumstances.