What are the Market Abuse Regulations (MAR)?

The Market Abuse Regulations (MAR) are a set of robust regulations, enforced across the European Union (EU) to actively reduce the rate of market abuse in the industry and to protect individual investors and consumers. The MAR came into effect on 3 July 2016 across EU member states and is subsequently enforced in the UK by the Financial Conduct Authority (FCA). The FCA is currently driving an important initiative to enhance the financial services industry and to protect the consumers operating within it from market abuse. Therefore, the FCA penalise firms and individuals who engage in market abuse severely. Knowledge and training of the MAR is of utmost importance for those working and dealing in the financial services industry.

Why is the MAR important?

The MAR is important because it is part of the drive to reduce market abuse, which has been a significant problem in the financial services industry. Since the financial crisis in 2008, confidence in the financial services industry has been volatile. Market abuse has further eroded consumer confidence in the industry. Therefore, the MAR is important as it will help to restore confidence and to enhance the culture of the financial services industry.

The MAR has effectively expanded regulatory scope across more financial instruments and established vastly detailed compliance requirements. Now, the MAR applies to financial instruments which are traded on multilateral trading facilities (MTF) and organised trading facilities (OTF), not just on an EU regulated market.

Why did the MAR come into force?

The MAR came into force on 3 July 2016 and effectively replaced the EU Market Abuse Directive (MAD). The MAR has established far more detailed requirements which relate to the disclosure of inside information, market soundings, market surveillance, transaction reporting and investment recommendations. Therefore, those working within financial services firms have a huge responsibility to ensure they are conducting themselves in line with the MAR, to demonstrate that their conduct is not going to harm the market or consumers.

What happens if you do not comply with the MAR?

If a firm or an individual breaches the MAR, they will be subject to investigation by the Financial Conduct Authority (FCA), the regulatory body in the UK which is committed to preventing, detecting and penalising market abuse.

If a breach of the MAR occurs, the FCA can impose unlimited fines, order injunctions or prohibit regulated firms or approved persons. Specifically, insider dealing and market manipulation can be penalised with criminal sanctions, which can involve custodial sentences of up to 7 years, as well as a fine.

The FCA reported in June 2019 that Fabiana Abdel-Malek, a senior compliance officer for UBS AG, and Walid Choucair, a family friend, were both sentenced to three years imprisonment after they were found guilty of five offences of insider dealing. The FCA found that Fabiana Abdel-Malek had encountered inside information from UBS AG and offered this to her family friend, Walid Choucair, who was a day trader of financial securities.

Due to the information that Choucair received, a profit of £1.4 million was made due to trading which was able to take place with insider dealing. The National Crime Agency co-operated with the FCA to investigate and penalise this incident of market abuse.

What impact will Brexit have on the MAR?

Currently, financial services firms listed in the UK which trade in financial instruments, are still under the regulatory scope of the MAR. However, the intended exit of the UK from the European Union has undoubtedly raised concerns over how the MAR will apply to regulated firms in the UK following the exit.

If UK based firms continue to access the single market, the European Union will require the UK to maintain a market abuse regulatory framework which is compatible with the MAR. A deal for the UK’s exit strategy has not been finalised yet, and therefore we cannot confirm what impact Brexit will have on MAR. However, by staying up-to-date with changes and understanding the specific regulations established under MAR, it will ensure that you are prepared and are compliant.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

“In a world older and more complete than ours they move finished and complete, gifted with extensions of the senses we have lost or never attained, living by voices we shall never hear.”

Picture of James

James

VinciWorks CEO, VInciWorks

Spending time looking for your parcel around the neighbourhood is a thing of the past. That’s a promise.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.