The EU guideline MiFID II is causing quite an uproar in the banking sector. Those who do not fulfill the new requirements for information, documentation and storage are playing with fire: They may face penalties of up to five million euros or up to ten percent of their overall revenue from the past fiscal year. An ECM system can help banks to meet regulatory requirements in the most cost-efficient way possible.

The EU Markets in Financial Instruments Directive II — MiFID II for short — has been causing an uproar since it went into effect on January 3, 2018. If banks do not fulfill the new compliance requirements, they may face penalties of up to five million euros or up to ten percent of their overall revenue from the past fiscal year. These requirements cover new obligations regarding information, documentation and storage. Fulfilling these new requirements is a complex and costly endeavor. In particular, the guidelines regarding the recording of consultations and phone calls have the potential to cause high expenditures.

The results of a bank study about bank readiness for MiFID II (in German: "MiFID II-Readiness – Banken bei der Umstellung auf der Zielgeraden?") was conducted by the consulting form PPI AG. It revealed that 78 percent of the surveyed banks are assuming that there will be a high financial investment involved in fulfilling MiFID II. But the obligation to inform customers clearly and in detail about new financial products and to provide the corresponding information is just as financially and organizationally taxing. How can banks meet this onslaught of regulatory demands in the most cost-efficient way possible? Distributed information systems only increase the complexity of the tasks. While these systems have been merely administrative in the past, they are now a big risk. With the rising number of regulations, the need for an IT platform economy is getting stronger and stronger. For these reasons, the decision-making process for an enterprise content management (ECM) system is no longer one just for the IT, but also for the management team. With ECM software like Doxis from SER, banks are able to store data and documents in an audit-proof way, find information directly, document the fulfillment of the obligation to inform, and connect information across the company in the context of processes and workflows.

MiFID II requires the fulfillment of a wide range of duties regarding information provided to customers. Banks increasingly have to provide customers product information about financial tools and recommended investment strategies. This is to ensure that customers understand the investment services and their risks and can therefore make informed decisions regarding investments. Banks must also provide quarterly account reports of current revenues and stocks. For both customer and bank, these kinds of information processes are laborious if they are not automated. When banks send their customers this information in the mail or per email, as is common nowadays, both sides have a lot of work. Each side must manually file the information in a proper way so it can be found again. Sending documents is also complex. If new product information is supposed to be sent regularly to hundreds or thousands of email recipients, the addresses must be manually selected, a letter must be written and all of it sent. Sending information in mail takes even more time and money. Furthermore, banks require confirmation that important information was read and acknowledged by customers, which must also be documented. Information stored in various locations, such as in paper files and folder structures in file directories, only makes matters worse. It's possible that important receipt confirmations are accidentally lost or cannot be found. This is a very risky situation for banks in light of the possible penalties they must pay if they do not fulfill regulations regarding documentation.

Many banks have a customer portal already. Document services through ECM software such as Doxis can easily be added to the portal. This means that current information no longer has to be sent, but can be centrally stored in way compliant with MiFID II. With this new service option, customers are able to find all information regarding their banking business and investments at one central location without long searches. This makes not only customers happy, but also saves banks a lot of time and money in (phone) service. An ECM system enables banks to meet the MiFID II deadlines for providing customers information about investment products. From drafting and sending a letter and then filing it in the customer file, these processes can run fully automatically. In the digital customer file, customer advisors find all relevant information in the right context, which enables them to provide information or act at all times.

According to MiFID II, banks and financial service providers are still required to record all phone and written communication that takes place in the framework of investment consultations with customers. These recordings must be stored and readily available to customers for five to seven years. What's more, this personal data must be stored, protected, provided, deleted and logged in a manner compliant with the EU GDPR. With a certified ECM system such as Doxis, which is connected to a suitable telephony software, banks are able to meet these requirements. This has the advantage that it improves the quality of customer service. When a customer call comes in, the ECM system recognizes which customer is calling based on the telephone number and gives a direct link to the digital customer file. The bank advisor has a 350-degree view of the customer relationship and directly finds important information such as contracts, correspondences, bank statements or loan applications. The advisor can also quickly see from the filed phone/discussion logs what was last discussed and give the customer a response. As soon as the customer asks in a phone call for a consultation regarding a new investment, the bank advisor can immediately start recording the call out of the customer file. To put in writing the content of discussions, the ECM software also offers the necessary note and log templates.

Once the call is finished, the notes and the recording are centrally archived in the customer file an audit-proof way that meets legal retention obligations. Bank employees can find this personal data at any time and can prove, if needed, what was discussed. At the same time, banks are also able to meet important new requirements of the EU GDPR. If customers invoke their right of access, their right to data portability or their right to erasure, banks must transmit their personal data in a structured and machine-readable way. Banks must also completely and traceably delete or black out information if requested.

Even if the pressure is building for many banks, there is still time to act! With the right IT tools, such as an ECM system, it's possible to avoid this potentially highly costly situation. The result: a centralized and compliant retention and deletion management system.