The Backdrop of SRD II
The European Union’s (EU’s) revised Shareholder Rights Directive (SRD II) came into force on 4th September 2020 with a view to increasing transparency between issuers and their shareholders and encouraging investors to engage more frequently in shareholder voting activities. The new compliance obligations mean that the provision of proxy voting services is a fundamental requirement for intermediaries focused on either retail or institutional investors, which for some firms is an entirely new mandatory responsibility. Moreover, though it is a European regulation, SRD II is global in impact as the requirements of the directive apply to all intermediaries that trade or hold European equities.
Lessons Learned During Implementation
Despite a call for a 12-month delay to the implementation made by 11 trade associations in April 2020, the European Commission opted to push forward on schedule. The EC decided to continue with the implementation because of the importance of transparency and further automating the investor communication process for shareholder meetings in light of the Covid-19 pandemic. The industry concerns raised by the associations about a lack of clarity in key areas just before the deadline also went unheeded by the regulator. Post-implementation deadline, some of these issues remain unsolved and three articles of the directive (Articles 3a, 3b and 3c related to shareholders’ information transfer) have now come into force across the European Economic area markets, including the EU, Iceland, Liechtenstein and Norway.
The crux of the problem facing many firms is the nature of SRD II as a directive rather than a regulation, causing it to be transposed differently by the various national authorities across the EU. This divergence in interpretation reflects the variance in the definition of “shareholder” from country to country, making the fundamental application of the directive challenging from the start. In practice, this means identification of the person/entity entitled to receive and exercise shareholder rights depends on the transposition in each country. For example, in countries such as the United Kingdom, Ireland or Malta the shareholder is determined to be the legal or natural person/entity registered on a company’s register of shareholders, even if this is a nominee and not the end investor. Conversely, in Italy the shareholder is determined to be the legal or natural person that has acquired a share in a company. There are also pre-existing, national-level differences in corporate law across the EU when it comes to the attribution of shareholder entitlements and the exercise of shareholder rights.
Regulatory transposition of the directive by national member states has been slower in some markets than others, which has impacted domestic market participants’ ability to prepare for the implementation. It is also worth noting that the directive is wide in scope, encompassing third country firms that are outside of the EEA.
Market participants highlight that the national regulatory delays and outstanding questions have led to implementation delays at the market infrastructure level, meaning firms remain out of compliance even months after the September 2020 deadline.
A Quick Reminder of The Obligations
As a reminder, the SRD II obligations in force from 4th September 2020 relate to the identification of shareholders and the transmission of information as described in the three main themes of the Implementing Regulation:
- Shareholder identification: Issuers were granted the right to obtain their list of shareholders any time and with any frequency. Intermediaries must provide to the issuer a response containing the list of required shareholder data by the end of day next business day. Forwarding of the request to downstream intermediary clients must be completed by end of business day for requests received prior to 16:00 local time, and by 10:00 the following business day for requests received after 16:00 local time. When forwarding the issuer request downstream, the first intermediary in the chain must authenticate the issuer agent’s role and the response channel through which disclosures should be sent.
- General meeting information and shareholder voting: This involves the transmission of information from the issuer to shareholders without delay in terms of corporate action notifications and shareholder meetings announcements. SRD II introduces two entirely new processes into market practices for general meetings that must be communicated to shareholders — voting receipts and confirmation that votes have been cast and counted, which must be sent directly to investors and their intermediaries. Intermediaries had to prepare for the ability to receive, process and send electronic machine-readable messages in order to comply with the strict deadlines. To this end, the ISO 20022 message format was recommended by the Securities Market Practice Group (SMPG) as a clearly defined standard that complies with all aspects of the implementing regulation and is designed with all specific aspects of proxy voting in mind.
- The impact on financial corporate actions: Firms must include beneficial owner details in their election messages, including legal entity identifiers (LEIs), and the frequency of notifications has increased to meet the requirements for end-of-day delivery.
Intermediary Lessons Learned
Intermediaries have been significantly impacted by the directive and they have learned a catalogue of important lessons during preparation and implementation.
Shareholder identification
Shareholder identification is a new concept for all but eight of the affected European markets and though these markets have in place means of identifying shareholders, now they must meet a whole new level of obligation cross-border. When scoping out the impact of passing shareholder identification data along the intermediary chain to the issuer, intermediaries realized that though there are shareholding thresholds below which this information does not need to be disclosed in some countries, all shareholder data needs to be captured, reviewed and responded to irrespective of whether a disclosure is made. Threshold markets therefore need to be closely monitored over time to ensure that obligations are met should a shareholder increase its holdings to bring it over the mandated threshold of holdings for disclosure. Depository receipts are a little more problematic in this regard as underlying shares must be tracked, adding an extra layer of data investigation and another intermediary into the process.
While most issuer requests for shareholder information are likely to be passed down the intermediary chain and must be reported directly back by each intermediary to the issuer, the issuer may also ask one specific intermediary directly for the information. In practice, this means that connectivity between all intermediaries had to be established directly with issuers in a secure context, which required investment by some of the sub custodians in connectivity to support the new communication channels. All intermediaries in the chain also need to be able to support some form of electronic processing to ensure that information is passed up and down the chain quickly and efficiently to meet the requirements to handle requests within a 24-hour timeframe.
Differing implementation timelines per country
The below diagram (Fig. 1) highlights the differences and the state of transposition at the time of implementation across the European countries in which SRD II has come into force. It highlights the five EU countries with national thresholds of 0.5%, above which shareholders can be identified: Austria, Estonia (from holders of nominee accounts), Italy, the Netherlands, and Slovakia. It also shows that on the SRD II implementation deadline, seven countries had not yet fully transposed the requirements into national law: Cyprus, Liechtenstein, Poland, Portugal, Slovenia, Spain, and Sweden. As at 1st January 2021, Norway and Iceland are awaiting the European Economic Area agreement to be updated before they transpose the directive. The lack of clarity on requirements in seven countries is significantly challenging for firms operating within and with those countries in terms of meeting compliance obligations.
Figure 1: SRD II – National Transposition/Implementation Status (as at January 2021)
The daily deadline response cut-off at 4pm for shareholder identification requests is challenging for intermediaries in a cross-border context with different time zones for application. This has been especially problematic for third country firms that are in a significantly different time zone than the EU and have faced confusion about deadlines. The status of the request with regards to record date is another aspect of the process that intermediaries are required to monitor closely, given the process for requests that are sent before record date is different to those sent after the record date has passed. The requests sent before record date require an extra level of scrutiny and effort on the part of the intermediaries as they must monitor transactions on the underlying security and ensure they are informed of the request up until the record date has passed.
Different regimes for reporting and penalties
The process for reporting noncompliance also isn’t as simple as many in the industry first thought, as intermediaries may be obliged to report to all 27 of the EU member state national competent authorities and those in the EEA, depending on the circumstances. The financial penalties that firms face for noncompliance vary significantly from jurisdiction to jurisdiction — with some regulators introducing no fines at all and others such as the Austrian and French regulators putting in place onerous penalty regimes.
Market structure challenges
The delayed timeline for regulatory transposition in many countries caused a knock-on impact to central securities depository (CSD) adoption of the required ISO 20022 messaging for issuer communication in those countries.
The area of shareholder disclosure has been a little easier to handle than other message types related to areas such as general meetings because of the lack of existing coverage by ISO 15022 messaging. Mapping has not been necessary between the two message types by intermediaries for shareholder disclosure as five entirely new messages and market practices were created for requests and cancellations.
Message mapping work
The Securities Market Practice Group (SMPG) spent a lot of time over the last 12 months working on establishing mapping between existing and new ISO 20022 messages for meeting notifications and shareholder voting, replacing the MX messages and updating the eight existing ISO 20022 proxy voting messages. The SMPG cross-referencing tables and message formats are aimed at reducing the number of messages firms are required to send, such as the ability for firms to send multiple votes using one instruction, and also allow them to cancel a single vote that is sent in such a manner.
One of the key challenges the group faced was in determining a single template for notifications across CSDs, which was not a simple process. The final version of the market practices for general meetings was not completed until the end of July 2020, which meant intermediaries effectively only had just over one month to adopt the messages and their related processes before the SRD II deadline.
Triparty collateral arrangement
The application of voting rights to EU securities held within a triparty collateral arrangement has been a little more complex than anticipated because of the challenges in managing collateral in 2020’s stressed market environment. In order for the proxy voting rights to be exercised, these securities must be called back as per the triparty agent agreement and must be substituted with eligible replacement collateral, which has been scarce due to ongoing market volatility.
The focus on preparing for EU process changes in 2020 has placed stress on other areas of intermediaries’ operations at a time when business as usual has been challenging overall. Many of these firms have had less time to dedicate to dealing with corporate actions processing, even though there have been many general meeting cancellations due to Covid-19, staff shortages and increased operational risk in the work-from-home environment.
Third Country Headaches
One of the most challenging aspects for third country firms is that their local regulatory compliance requirements related to data privacy can conflict with those of SRD II. While in the EU, SRD II takes precedence over national data privacy legislation, third country regulators are unlikely to allow firms to report data that is under data privacy restrictions to EU issuers or national competent authorities. These firms therefore are likely to fall foul of one regulator or the other through no fault of their own. The penalty regimes in some countries may therefore potentially cause a decrease in cross-border support by third country intermediaries over time.
Asset Manager Lessons Learned
The introduction of shorter deadlines of no more than three business days for any shareholder action has put pressure on firms to reduce previously manual processes where possible. Asset managers with large numbers of custodians have been especially challenged to keep up with the requirements because of the expected increase in the number of notifications that must be processed on a daily basis for their underlying clients. These firms have also faced challenges in tracking down data for beneficial owners where gaps have been identified, and this will be a significant data maintenance task going forward.
The Issuer Perspective
A significant impact from the issuer perspective of SRD II could be an increase in the number of class actions taken by shareholders in the future if the voting procedure isn’t deemed by shareholders to be compliant with the directive. This has meant issuers in the region are keen to see greater intermediary compliance with SRD II and they are communicating directly with their national authorities and the European Commission to ensure late implementers are monitored and, if necessary, appropriate action is taken.
Broadridge’s Lessons Learned
There have been some distinct challenges, the first of which was helping to make impacted intermediaries aware that they are actually impacted by the SRD II regulation, e.g. financial intermediaries incorporated outside the EU that deal in EU securities. The second was convincing some of the intermediaries that it was their responsibility to meet their SRD II compliance obligations. Here global custodians have tried to solve the problem for their underlying clients and Broadridge has needed to architect bespoke solutions to cater for their needs. Lastly, it has involved building a holistic solution to cater for the varying market and intermediary strategies for SRD II compliance. Due to late transpositions and market guides, by 3rd September 2020 many impacted entities formed their own view on what SRD II compliance meant, although these interpretations and devised processes did not always fully reconcile or align with other upstream and downstream intermediaries.
Advice for Late Implementers
Some firms may have struggled to meet the September 2020 deadline and are still in the process of implementing SRD II requirements. In order to assist late implementers in getting up to speed with the requirements, here are some key areas upon which they need to focus their efforts:
- Shareholder identification best practices: Understand that firms must collect and maintain shareholder data regardless of nationally-set thresholds for disclosure — this is to ensure that should shareholdings change during the request process, intermediaries are able to meet the issuer requests accordingly. Both ultimate economic beneficial owner and nominee data should also be maintained, so that firms are able to meet the national requirements in lieu of cross-border harmonisation of the definition of “shareholder” across the EEA.
- Shareholder meetings: The existing ISO 15022 messages and the older proxy voting ISO 20022 messages are not compliant with SRD II requirements; therefore, it is advised that firms adopt the new SRD II-compliant ISO 20022 messaging and market practices. The ISO 20022 format has been updated with 32 new elements to bring it into compliance with the directive.
- Keep in mind SRD II’s review: The European Commission is due to review SRD II’s effectiveness and to tweak the regime further in either 2022 if current plans remain in effect, or in 2023. Proactive national authorities are likely to take a much stricter line when it comes to noncompliance in the run-up to the review and there will not be much room for manoeuvre for market participants at that point. Though it’s relatively early days for the directive, it is a key part of the Capital Markets Union agenda and hence is likely to receive more focus than many other compliance regimes over the next couple of years.
Closing Comments
Based on the complexity of the task at hand, and with the backdrop of a tragic global pandemic, Broadridge believes the industry has done a remarkable job to embrace SRD II implementation, despite the fact that some alignment challenges remain across the markets and participants.
Over the next 12 months we hope many of the current operational challenges will be resolved; however we nonetheless expect an ongoing high focus in this area, especially for global intermediaries, and we predict investor and regulator ESG themes and concerns will continue to drive further change. Our advice for these firms is to allocate budget and resources to navigate through the challenges that lay ahead.
History tells us that regulators do not take pity on those that were nearly compliant - their focus pivots on how firms managed and handled the exceptions to the rule.
Those looking for outside assistance should also consider their options carefully. The reputational and compliance consequences for SRD II non-compliance can be very high. Thus talk to firms that can offer deep domain knowledge, scale, financial stability, the highest digital data security and complete market coverage. This will help your business to meet both its EU market and global compliance obligations.
AUTHOR
General Manager, Bank Broker-Dealer Investor Communication Solutions
Broadridge
