BaFin - Navigation & Service

Erscheinung:31.05.2017 International cooperation: New framework for international administrative assistance among securities supervisors

In January 2016, a spectacular case of insider trading in the United States ended with the release of Rajat Gupta, a former Director at Goldman Sachs. He had served a two-year sentence after passing on information gleaned from a committee meeting to a friend who was a hedge fund manager. The latter was thus enabled to execute extremely favourable securities transactions but was punished with an eleven-year prison sentence for doing so. This case made the news not only because of the severe sanctions imposed but also because of the investigative methods used, which included listening in on telephone calls and recording conversations.

Negotiations on the Enhanced Multilateral Memorandum of Understanding (EMMoU) of the International Organization of Securities Commissions (IOSCO), which was concluded shortly afterwards, caused less of a stir, even though this EMMoU includes these powers to exchange telecommunications data (traffic data) and recordings of conversations.

This article explains what exactly lies behind the EMMoU, how it improves international administrative assistance and what this means for BaFin and market participants.

International administrative assistance since 2002

Cases of insider trading and market manipulation often have a foreign dimension, which means that the concerned persons or institutions are often domiciled in different jurisdictions. In order to be able to successfully prosecute such cases, authorities rely on administrative assistance from authorities abroad. Section 7 of the German Securities Trading Act (Wertpapierhandelsgesetz – WpHG - only available in German) enables this international administrative assistance on the basis of cooperation agreements such as the EMMoU.

Already in 2002, the IOSCO members concluded the EMMoU's predecessor agreement, the MMoU. This allowed information to be exchanged on account, payment and transaction data as well as the beneficial owners in such transactions. The first year after signing the MMoU, the signatories granted each other administrative assistance in 56 cases, which had grown to 3,203 cases by 2015. Last year, BaFin sent 210 requests for assistance and provided administrative assistance itself in 132 cases.

The ever-increasing number of requests for administrative assistance reflects the fact that more and more supervisory authorities are adapting to international standards and sends a strong signal to all market participants. The still-increasing number of MMoU signatories and the ongoing expansion of securities markets means that a further increase in the importance of international administrative assistance can be expected.

Adaptation to greater interconnectedness and new technologies

After 15 years of cooperation on the basis of the MMoU, which has by now been signed by 112 countries, it was time to make some adjustments to take account of the fact that securities markets are now more interconnected as well as of new technologies like the internet and mobile communications services. The new framework expands the old MMoU to include additional powers known as the ACFIT powers. In order to be allowed to sign the EMMoU, the authorities must prove that they have these powers. With this in mind, many member countries have adapted their securities supervision law.

At a glance:ACFIT powers

A (to obtain audit papers): The authority must be allowed to obtain and forward documentation from auditors.

C (to compel testimony): The authority must be able to summon and question individuals. The appearance of the individual must be enforceable by way of a coercive fine or imprisonment.

F (to freeze assets): The authority should be able to confiscate assets either itself or by way of a court order.

I (to obtain internet service provider records): The authority must be able to obtain customer master data and traffic data from internet service providers. It must also be able to obtain records of this communication from supervised entities.

T (to obtain telephone records): The authority must be able to obtain customer master data and traffic data from telecommunications companies. It must also be able to obtain records of this communication from supervised entities.

Negotiations on the EMMoU, which took place over five years, were, however, accompanied by many discussions. Several IOSCO members saw the internet- and telecommunications-related powers, in particular, as very ambitious or even too ambitious. However, in order to send a strong signal to the markets, IOSCO did not allow any softening of these powers.

For those members which have a problem with the IT powers, IOSCO came up with another solution: jurisdictions can now choose whether to apply (to sign the EMMoU) with all ACFIT powers or only with the powers A, C and F. Despite this difference, both groups are still proper EMMoU members. Signatories which have not initiated or passed an application for the IT powers must, however, expect to receive only limited administrative assistance from other such members, if these are bound to the principle of reciprocity. The compromise also provides for the existing MMoU to remain in force.

IOSCO hopes to complete a significant number of application procedures before its next annual conference in May 2018. Just as was the case with the old MMoU, in order to sign up to the EMMoU, the interested authorities must pass IOSCO's screening process. A verification team consisting of supervisors from several jurisdictions examines the powers of the respective authority, usually by way of a written procedure. To this end, the team analyses the legal situation and administrative practice in the applicant's jurisdiction. Several question rounds usually take place to clarify points of detail. The team issues a comprehensive final report, on the basis of which IOSCO decides – provided there are no outstanding questions – on whether the authority can sign up to the EMMoU or not.

Will BaFin apply to sign the EMMoU?

Because of the enhanced options for administrative assistance which it offers, it would be advantageous for BaFin to sign the EMMoU. It would be able to obtain more information, thereby strengthening its Securities Supervision Directorate's enforcement capabilities. It is currently examining what the chances of a successful application are and is analysing potential problem areas.

The fact that the necessary powers have already been created as a result of the European regulatory framework – in particular through the Market Abuse Regulation – is an advantage. Germany transposed the provisions into national law at the beginning of 2016 with the First Act Amending Financial Markets Regulations (Erstes Finanzmarktnovellierungsgesetz - only available in German), which increased BaFin's powers of intervention under the WpHG (see expert article "Sanctions: First Act Amending Financial Markets Regulations – the new provisions of the German Securities Trading Act"). Thus, BaFin may demand documented information from anyone as well as summon and question individuals. It may also demand traffic data from telecommunications operators, and from supervised entities traffic data as well as records and electronic notifications. In addition, legislators have allowed BaFin to request the authorisation of the Local Court (Amtsgericht) of Frankfurt to confiscate assets.

Some of these powers, however, may only be used by BaFin to enforce bans on insider trading and market manipulation. In this respect, the German legislation currently still differs from the IOSCO standards of the EMMoU, whose scope is wider and includes all instances of misinformation as well as the application of fraudulent practices, incorrect bookkeeping and all cases involving securities and derivatives transactions or associated transactions in assets. Included also are cases relating to market participants that are active in the respective jurisdiction and subject to an authorisation requirement. The Second Act Amending Financial Markets Regulations (Zweites Finanzmarktnovellierungsgesetz), which is currently going through the legislative process (see, amongst other sources, the BaFinJournal of October 2016 – only available in German), should extend BaFin's powers in this respect.

Other uncertainties

Other uncertainties exist as well. For example, even though BaFin can now obtain telephone and internet traffic data from the respective providers, this power is limited in practice by the short retention limit of ten weeks specified in section 113b of the German Telecommunications Act (Telekommunikationsgesetz – TKG - only available in German). In addition, there is a risk that data retention may only be permitted under European law in the case of serious criminal offences. This is indicated by several judgements of the Court of Justice of the European Union.1) BaFin's power, which is based on section 96 of the TKG, would be largely ineffective in this case.

Furthermore, restrictions apply to the transfer of personal data in countries which are not members of the EU. These restrictions will be tightened once more for all EU member states from 25 May 2018, when the General Data Protection Regulation becomes applicable. Since excessively strict provisions could make the exchange of important enforcement information more difficult, there is a risk that a verification team from IOSCO might deem these provisions to be impermissible, as they constitute a blocking law. What is more likely, however, is that a solution will be found before then which allows personal data to be exchanged with the authorities of non-member countries, so long as these provide appropriate guarantees of protection.

Please note

This article reflects the situation at the time of publication and will not be updated subsequently. Please take note of the Standard Terms and Conditions of Use.

Footnote:

Did you find this article helpful?

We appreciate your feedback

Your feedback helps us to continuously improve the website and to keep it up to date. If you have any questions and would like us to contact you, please use our contact form. Please send any disclosures about actual or suspected violations of supervisory provisions to our contact point for whistleblowers.

We appreciate your feedback

* Mandatory field