1. This note presents a factual update and analysis of regulatory developments in the area of securities regulation since the completion of the 2003 Financial Sector Assessment Program (FSAP). The assessment update took place in early December 2007.1 It was based on a detailed follow-up self-assessment prepared by the Financial Market Authority (FMA) and its responses to a questionnaire prepared by the International Monetary Fund (IMF). The FMA also provided extensive documentation, including English translations of all relevant legislation and statistical data. The FMA arranged meetings with market participants, including personnel responsible for securities trading at credit institutions and investment fund managers, as well as with the Vienna Stock Exchange (VSE) and the Takeover Commission, all of which provided valuable insights into the effectiveness of regulation and the particular characteristics of the Austrian securities markets. The staff of the FMA were very helpful and gave unstintingly of their time in numerous discussions and in responding to ad hoc requests for information, often at short notice. The Federal Ministry of Finance (BMF) and the Oesterreichische Nationalbank (OeNB) were similarly helpful. The mission is very appreciative of the assistance it received.
B. Institutional and Market Structure
2. By European standards, securities and capital market activity in Austria is exceptionally dominated by banks. In Austria, a firm must be a credit institution and be subject to the Banking Act (BWG) as well as the Securities Act (WAG 2007) in order to provide most investment services for most products. This includes the role of broker on the stock market for the execution of client orders and manager of collective investment schemes. Nonbank investment firms are limited to the provision of investment advice on an individual client basis, discretionary management of portfolios on an individual client basis, and the reception and transmission of orders. They can also operate a Multilateral Trading Facility. They are not permitted to handle client money, securities, or other instruments. These restrictions do not apply to nonbank investment firms passporting into Austria.2
Key market indicators and changes since the 2003 FSAP
3. The market capitalization of the VSE has risen from €44.8 billion at end-2003 to €170.3 billion at end October 2007, an increase of 372 percent. As a percentage of GDP, market capitalization peaked at 57 percent, boosted by a steady flow of initial public offerings (IPOs) and capital increases by existing issuers, although it was a little lower at the time of the assessment update. In 2007 IPOs up to October amounted to €2.89 billion, versus €1.04 billion in 2003. Listing these companies on the exchange raised its overall capitalization by €6.25 billion in 2007 versus €4.03 billion in 2003. Capital increases raised €7.2 billion up to October 2007 versus €1.7 billion in 2003. Average monthly turnover in domestic shares, which was €1.6 billion in 2003, had risen to €15.9 billion by October 2007, of which 61.7 percent was executed by the VSE’s international members (23.2 percent in 2003). The VSE lists equity issues of 86 companies (unchanged since 2003). As was the case in 2003, most bond market trading takes place off-exchange in the over-the-counter (OTC) market, although 3086 bonds are listed, and therefore reliable statistics on turnover are not available. The futures and options markets are relatively undeveloped by the standards of major European exchanges.
Collective investment schemes
4. In the collective investment schemes sector, the number of retail funds have increased from 1438 in 2003 to 1659 (15 percent) and special funds from 585 to 710 (21 percent). Funds under management have risen from €111 billion to €172 billion and the number of fund management companies has risen from 23 to 24. There are also 4674 foreign funds from other European Union (EU) states and globally that are eligible to be marketed in Austria, up from 3202 in 2003 (46 percent).
5. Since the original assessment which took place in October 2003, the legislative and regulatory landscape in the EU and the European Economic Area (EEA) has changed substantially. In this period, the EU has sought to create a single European capital market under its own FSAP (Financial Services Action Plan) programme. Many of the changes directly impact on the degree to which Austria has implemented the International Organization of Securities Commissions (IOSCO) Principles, although where the pan-European legislation consist solely of directives and not regulations the extent to which Austria has fully and accurately transposed the directives into national law has a bearing on the degree of observance.
6. Austria has a good reputation for timely transposition into domestic law and bringing into force EU directives in the field of financial services. The most important directives, together with the date Member States were required to bring each directive into force and the Austrian law which transposed each directive with its actual in force date, are as follows:
|EU Directive||To be in force in||Austrian law||In force in|
|UCITS III||Feb 2004||InvFG||Feb 2004|
|Market Abuse Directive||Oct 2004||BorseG||Jan 2005|
|Prospectus Directive||Jul 2005||KMG + BorseG||Aug 2005|
|Takeover Directive||May 2006||UbG||May 2006|
|Capital Adequacy Directive||Jan 2007||BWG||Jan 2007|
|Transparency Directive||Jan 2007||BorseG||Apr 2007|
|MiFID||Nov 2007||WAG 2007 + BorseG||Nov 2007|
C. Conclusions of the 2003 Assessment
7. Austria was one of the first states to be assessed using a detailed methodology implementing the IOSCO Principles. The 2003 assessment found that Austria had fully or broadly implemented a large majority of principles; a few were partially implemented or not applicable, and none were not implemented. Main recommendations related to cooperation, collective investment schemes, and secondary market regulation.
II. Principles Review
8. Overall there has been substantial progress in implementing FSAP recommendations in various areas of securities regulation.
The regulator: Principles 1–5
Principle 1: The responsibilities of the regulator should be clear and objectively stated.
9. During the period the mission team was on site, parliament passed legislation which significantly changed the way financial services regulation is to be organized in Austria with regard to banking supervision. The legislation is discussed in detail in the Basle Core Principles update, but as regards the process of supervision, the OeNB will conduct all on-site inspections of credit institutions under the Banking Act, and all analysis of the results of those inspections, reports received from the banks, etc., and other information received. The FMA will be legally responsible for prudential supervision including the provision of legal interpretations, supervisory proceedings such as sanctions and approvals, and initiating supervisory enquiries. However, the FMA’s responsibilities under the WAG 2007, BorseG, Capital Market Law (KMG) and BWG as it applies to nonbank investment firms remain unchanged, including the FMA’s powers to carry out related on-site inspections of banks, as well as nonbank investment firms.
Principle 2: The regulator should be operationally independent and accountable in the exercise of its functions and powers.
10. The 2003 assessment commented that the power of the BMF to commission the FMA to conduct audits is “somewhat inconsistent” with the independent status of the FMA. There has been no change; and although this power has since been used only once, and the FMA believes that in the specific case it would have conducted an audit at its own initiative, the update assessment endorses the comments in the 2003 assessment. In particular, under Article 16 of the FMABG,3 “the Federal Minister of Finance shall exercise his supervision over FMA ensuring that the FMA fulfils its statutory duties, does not breach the laws and regulations when performing its functions and does not exceed its scope of authority. The Minister is authorized to seek from the FMA information on all matters relating to the supervision of the financial market (for these purposes). The FMA shall provide the Minister with the required information without delay, in any event no later than within two weeks.” There is a risk that this power of the Minister to require the FMA to produce information could be used to apply political pressure on the FMA and to improperly obtain information, since the power is very wide-ranging and appears to include information on current and prospective enforcement cases, although the FMA and the BMF stated that the power has never been used in this way.
11. The assessment recommends that consideration be given to narrowing its scope to exclude information on current or prospective enforcement cases. In such cases it should be used to enable those who believe they have been unfairly treated to seek to persuade a court that FMA has breached the law or the scope of its authority.
Principle 3: The regulator should have adequate powers, proper resources and the capacity to perform its functions and exercise its powers.
12. In the 2003 assessment concerns were expressed that (i) the size of administrative fines was too low to provide a “meaningful regulatory tool”; and (ii) current staffing levels in the Securities Supervision Department were too low, requiring excessive reliance on the external auditors of licensees. The assessment noted that additional staff would enable the FMA to take a more direct approach, particularly as regards to the inspections of firms and market monitoring. During the course of preparing this update, most industry participants agreed that the FMA lacks sufficient numbers of staff. However, they also observed that there is a cadre of well-skilled and experienced senior officials. In their view, uncompetitive salary levels dictate that the FMA must look primarily to relatively inexperienced persons to fill lower-level positions, which means that practical understanding of investment business and its growing complexity can be obtained only on the job. This understanding cannot be properly achieved merely through the review and analysis of the reports of external auditors. The FMA believes, however, that it has had success in recruiting young but relatively experienced staff. It also devotes resources to identifying and filling gaps in the skill sets of new recruits via the FMA Academy and offering other training opportunities.
13. These issues were taken up again in 2003 regarding Principles 9 and 10 but are treated here by reference to the principles that deal with specific supervisory activities and where sufficient skills, experience and numbers are elements in implementation, namely Principles 9, 17, 22, 23, and 28.
Principle 4: The regulator should adopt clear and consistent regulatory policies.
14. In 2003 it was recommended that, in order to promote transparency in regulation, there should be broader opportunities for all stakeholders to express views on potential regulatory changes and that consultation papers should be published on the FMA’s Web site.
15. This has been done. Notably in the implementation process of the MiFID, the FMA published for consultation recommendations concerning Level II implementing measures as well as draft texts and also set up a targeted mailing list of interested parties seeking their comments directly. It will be important to maintain and improve this process of public consultation to ensure it remains consistent with best international practice.
Enforcement: Principles 8–10
16. The issues raised in the 2003 FSAP concerning the level of administrative sanctions and staffing levels have been addressed to some extent. Administrative fines have been increased to a maximum of €50,000 for each offense following a ruling of the Constitutional Court, although the Court also stated that this amount is the maximum permitted under the Constitution. This leaves Austria out of step with many other jurisdictions such as the U.K. and France. The FMA is able to ameliorate this problem in that a single overall offense (e.g., of market manipulation) can often be divided into several separate offenses, each of which can be subject to the maximum fine. It also believes that there are advantages to the administrative sanctions approach over the criminal sanctions approach. For a detailed description of the argument see Principle 28 below. Disciplinary cases not involving insider trading are now running at around 30 a year following a period when the FMA had to deal with a substantial backlog inherited from its predecessor body.
17. In March 2006, in an important legislative change, the FMA received additional enforcement powers to more effectively combat unlicensed or otherwise dubious investment service providers and unlicensed deposit takers including the power to close down such firms. The National Council passed a package of amendments to existing legislation in November 2005 including the FMABG, BWG, WAG, and BorseG, as well as the pensions and insurance supervision acts.
18. While the issue of staff resources is discussed by reference to specific principles as established above, in considering the overall effectiveness of the FMA’s supervisory, investigatory and enforcement efforts, it should be noted that in market surveillance and collective investment scheme supervision the FMA has introduced new systems. In the case of market surveillance this involves a high level of cutting-edge technology. In the case of collective investments the system is a partly automated but still primarily manual. Both systems have increased the efficiency and effectiveness of individual members of staff.
19. While these systems coupled with the increase in staff numbers have made some contribution to resolving the problems identified in 2003, the workload in supervision and compliance has grown at a faster rate due to the need to enforce the very large volume of new and detailed securities market focused legislation introduced in the last four years. As regards the question of whether the Securities Supervision Department of FMA has sufficient staff, the situation has deteriorated.
20. Exercising new enforcement powers acquired in 2006, FMA formed an Enforcement Task Force in the Legal Department, consisting of four persons, to conduct investigations in the banking, securities, insurance, and pension company sectors. In 2006 the Task Force carried out five unannounced on-site inspections using its new powers and one in 2007.
Cooperation: Principles 11–13
21. The 2003 assessment noted that at that time the FMA had limited powers to provide full cooperation to foreign regulators, such as conducting investigations on behalf of foreign regulators, notably in the area of market manipulation. It was also noted that the FMA was neither able to compel testimony on behalf of a foreign regulator nor represent a foreign regulator in court.
22. As regards Principle 12, the assessment observed that the FMA had completed the IOSCO questionnaire as the first step toward signing the IOSCO Multilateral Memorandum of Understanding (MMOU). Unlike the position regarding Memoranda of Understanding (MoU) in banking and insurance, the Austrian Constitution does not prohibit the FMA (rather than the government) from becoming a signatory.
23. Since 2003 there have been significant improvements in the legal and regulatory situation in Austria, primarily driven by the implementation of the Market Abuse Directive (MAD) in 2005 via the BorseG and now the MiFID in November 2007 through implementation of the WAG 2007. The BorseG, which implemented the MAD, provides comprehensive definitions of insider dealing and market manipulation and gives the FMA extensive powers of investigation. WAG 2007 A91 (4 and 6) may have opened up additional gateways for the exchange of information; although with the new legislation only in force for a few weeks, it remains to be seen whether any practical or judicial impediments will arise.
24. WAG 2007 also provides the FMA with new powers to exchange information concerning persons conducting unauthorized investment business and unauthorized deposit taking. The need to demonstrate dual criminality has been removed, although the FMA’s power to compel testimony on behalf of a foreign regulator is likely to depend on whether a connection can be made to Austria, such as the order being given from Austria or the security being listed on an Austrian exchange. The FMA does not have a power to represent a foreign regulator in court.
25. Broadly speaking, any information that the FMA can obtain in pursuit of a market manipulation or insider dealing case, such as directors dealings, client account identifications, etc., should be subject to exchange, subject to internationally accepted professional secrecy provisions, with regulators in other EEA states and third countries.
26. Banking secrecy has been relaxed to a large degree in cases of securities market enforcement but remains a residual problem in a small minority of cases where neither the requesting authority nor the FMA can establish an Austrian regulatory connection that would provide the FMA with a basis for providing information. Austria’s implementation of Anti–Money Laundering/Countering the Financing of Terrorism (AML/CFT) legislation has helped in this regard. Fundamental change to the banking secrecy legislation (A28 Banking Act) requires a two-thirds vote by the National Council. The net result has been that until now Austria has been unable to sign the IOSCO MMOU, although it has been admitted to the so-called “B List” of states committed to sign but where there remain domestic legal impediments that the regulators are committed to urging their governments to remove.
27. Following the coming into force in November 2007 of WAG 2007, the FMA intended to reopen discussions with the IOSCO Screening Group, which may result in Austria becoming a full signatory to the MMOU.
Issuers: Principles 14–16
28. The 2003 assessment recommended that, as the competent authority in securities supervisory matters in Austria, the FMA should be responsible for the depositing of prospectuses for public offering and should become so with the implementation of the EU prospectus directive.
29. In practice the requirements of the Prospectus Directive now interact with the Transparency Directive. Austria has implemented both in a way that achieves the underlying purpose of the recommendation.
30. In the EEA, the issuance of prospectuses since July 2005 has been governed by the Prospectus Directive and its implementing Regulation. The Directive was transposed partly in the KMG and partly in the BorseG in August 2005. The Regulation is directly applicable as if it were national law and did not require transposition. The regulation’s primary purpose is to set out the detailed content requirements for prospectuses for various types of securities such as equities, bonds, asset backed securities, derivatives, depository receipts, etc.4
31. As recommended in the FSAP, under the new KMG the FMA has been appointed the competent authority for the approval of prospectuses. No prospectus may be published until it has been approved by the FMA (A10(1)). Under Article 8a the FMA has extensive powers including the power to require issuers to provide supplementary information and to suspend or prohibit a public offering if it has reasonable grounds for suspecting an infringement of the KMG or BorseG.
32. Serious breaches of the KMG (such as making an offer to the public without an approved prospectus) are subject to criminal sanctions of up to two years in jail or a (salary-related) fine of up to €180,000. Less serious offenses are subject to administrative sanction by the FMA of a fine of up to €50,000.
33. In 2006 the FMA approved 80 prospectuses and 17 supplementary prospectuses. In the first three quarters of 2007 those numbers were 56 and 19. The process is operated by a staff of 5 persons and seems to be efficient.
34. The ongoing obligations on investors in and issuers of securities that have been admitted to trading on a regulated market, such as the publication of annual and semiannual accounts and the disclosure of changes in large shareholdings (defined as regulated information), are set out in the Transparency Directive. They have been transposed by Austria in the amended BorseG. The FMA has been given new supervisory powers such as the power to suspend or prohibit trading and to conduct on-site inspections of issuers (A86(6)). The circumstances in which these powers may be exercised include those in which the FMA reasonably believes that an issuer of shares has failed to treat equally all shareholders that are in the same situation, as set out in Article 83(2) BorseG.
35. The 2003 assessment noted that directors’ dealings in their (listed) company’s shares did not have to be reported to the FMA for one year. That was amended with the coming into force of the MAD. Under A48(d)(4) BorseG, the limit is now 5 days, except for small sales amounting to less than €5,000 in any one year, and has been extended to derivatives and shares in associated companies. The FMA has issued forms to standardize such submissions for ease of aggregation and analysis.
36. Under the BorseG, the Österreichische Kontrollbank (OKB) has been designated the officially appointed mechanism for the central storage of regulated information (A86(4)). As such it has retained its role as depository for prospectuses. It has a number of responsibilities under the Act. These include:
- answering questions from the public regarding securities subject to a prospectus, the timing of an offer, where a prospectus can be obtained, etc.,
- satisfying itself that the prospectus and other regulated information submitted to it contain the required information, including in the case of a prospectus that the FMA has approved it, and
- providing such information to members of the public for a reasonable fee.
37. The FMA is empowered to set, by decree, the minimum technical standards of the OKB’s systems, including easy access for end-users (A86(5.2). This is new legislation, and the FMA is currently considering whether it is necessary to use this power. The assessment update notes that formal standards are worthwhile.
38. In 2006 Austria amended the Takeover Law (UbG) to implement the Takeover Directive. In practice, the UbG required relatively few amendments as its main provisions had been modeled closely on the U.K. Takeover Code, which has for many years been the standard for the equal treatment of shareholders, particularly minority shareholders. The UbG had been modified to comply with European civil law and the structure of Austrian corporate ownership, which is characterized by the presence of long-term core shareholdings rather than fully diversified institutional investors who prevail in the U.K. model, for example.
39. The main change in the amended law is that it no longer permits companies to have a provision in their articles of association that limits minority shareholders to receiving only 85 percent of the bid price. Elsewhere, key provisions that require the bid to be at least as high as the price the bidder or its associates paid prior to the bid are largely unchanged, and the mandatory bid provisions have been somewhat strengthened.
40. In accordance with Article 29 UbG, the Takeover Commission has exclusive competence in all matters regulated in the UbG. The FMA and the Takeover Commission are legally obliged to work together in mutual assistance as stated explicitly in A21 para. 2, FMABG, and to collaborate with equivalent bodies in other EEA Member States (A27d UbG). Both parties acknowledge that they have a good working collaboration.
41. It appears that transposing the Transparency Directive has created one instance of overlapping power. Under Article 86 BorseG, the FMA has extensive powers over issuers (although no sanctioning powers) in a variety of circumstance including where the issuer has failed, in the view of FMA, to treat equally all of its shareholders that are in the same situation (A83 BorseG). This may be of relevance with regard to the target company, because the Takeover Commission’s powers clearly apply to the bidder’s obligation to treat all the target’s shareholders equally, but are perhaps less explicit concerning the treatment by the target’s treatment of its shareholders. In the latter case the FMA’s powers appear to apply as well. In takeover situations this overlap will require close cooperation between the Takeover Commission and the FMA. The powers of the FMA in Article 86 are new for the FMA (they came into force in April 2007) and practical experience still has to be gained.
42. In 2005 Austria passed the “Corporate Governance Act” (GesRAG), which provided for a number of mandatory measures such as:
- strengthening the independence of supervisory boards and external auditors,
- limiting the number of supervisory boards an individual can be a member of,
- requiring the supervisory boards of companies listed on the first or “Prime” section of the VSE and all companies with more than five members on their supervisory boards to appoint audit committees, and
- requiring all listed companies to appoint a financial expert to the audit committee.
43. Further obligations will shortly be applied to significant banks and insurance companies, whether listed on the VSE or unlisted.
44. The Act stands alongside the Austrian Code of Corporate Governance, which was established in 2002, and the new legally binding obligations have been incorporated in the Code. The Code is reviewed annually. The Code comprises three categories of rules: mandatory legal requirements; “comply or explain” requirements; and recommendations, where noncompliance requires neither disclosure nor explanation.
45. Further changes to company law and the Stock Exchange Act (BorseG) will take place in 2008 when Austria implements amendments to the 4th and 7th Company Law Directives and the 8th Company Law Directive.
Collective Investment Schemes: Principles 17–20
46. The 2003 assessment did not consider that the industry’s adoption of voluntary quality standards to minimize the possibilities of conflicts of interest leading to disadvantaging investors was sufficient. It recommended that they be made compulsory and noted that this would happen when the Investment Fund Law (InvFG) was brought into force on 2004.
47. This has not happened, although the Austrian Association of Investment Management Companies, to which all Austrian managers of collective investment schemes belong, continues to update the standards in consultation with the FMA. The latest update was to take account of the Third Directive for Undertakings for Collective Investments in Transferable Securities (UCITS III). The FMA has endorsed the standards and has stated that it expects collective investment scheme managers to adhere to them and that a breach of the standards will be regarded by the FMA as a breach of the Banking Act obligation to act with due diligence.5
48. Given the functional similarity of collective investment scheme management to securities markets activities (such as discretionary portfolio management), the 2003 assessment recommended that the division be moved from the Banking Department to the Securities Supervision Department. (Note: This was accepted and took place in January 2008.) The FMA’s rationale for the transfer is based primarily on the changes in banking supervision to be introduced in 2008 but also because of changes in the international regulatory environment:
- Off-site analyses and on-site inspections of credit institutions are to be conducted by the OeNB. But the supervision of investment fund management companies is closely linked to the supervision of securities. In the discussions between OeNB and FMA to implement the new structure of banking supervision, it was agreed that it would be more appropriate to move the supervision of these companies to the Securities Supervision Department;
- Although these companies are formally considered as credit institutions, the FMA’s experience has shown that there are more interfaces with the Securities Department.
- There has developed an international consensus—for example, within Committee of European Securities Regulators (CESR)—that the supervision of investment fund management companies should be within securities supervision.
49. Additionally, the 2003 assessment questioned whether staffing was sufficient. Staffing has remained static since 2003 at 10 persons and turnover has been a problem. At the same time there has been some increase in the number of licensed funds although not spectacularly so. As noted above, retail funds have increased from 1438 to 1659 (15 percent) and special funds from 585 to 710 (21 percent). However, that understates the actual increase in the department’s workload, as 911 new funds were registered and 607 closed or merged, which equates to an average of 228 new funds a year with approximately 152 closing every year. The large increase in foreign funds (up 1400 since 2003) and the significant level of arrivals and departures also require notification arrangements for UCITS and registration processing requirements for non-UCITS.
50. To introduce more efficiency into the supervisory process, the department is developing a system called ARIS, which builds on part of the banking review process. It combines data from several internal and external sources, both quantitative and qualitative, using a mix of automated and manual processes, it generates a “traffic light” scoring system which enables staff to identify and investigate possible emerging problems such as poor performance, low profitability or excessive management changes. Full evaluations are made annually for all companies, and whenever new significant information appears. Management dialogues are carried out on the same schedule with all but the smallest companies, which go through the process every two years.
51. Staffing constraints have limited on-site inspection of management companies to two a year. Shortly, following the amendment to the scope of FMA’s authority, full inspection powers will be transferred to the OeNB as the management companies are licensed as special banks. However, the department intends to carry out inspections focused on risk management procedures and systems in cooperation with the OeNB. It hopes to be able to carry out 3 to 5 such inspections annually. This number would remain rather limited relative to the number of companies (38) but would be a significant improvement on the present position.
52. Industry representatives are complimentary about the regulation of their industry by the FMA, which is described as an efficient, low-cost and flexible supervisor in the positive sense of being willing to go with the grain of the industry where legislation and the FMA’s investor protection remit permit. Staff are described as knowledgeable and always seeking to maintain their understanding and expertise. The shortage of staff was noted, however.
53. As is typical in many jurisdictions, investment funds are becoming more complex as legislation has been progressively relaxed to permit the use of derivatives and other sophisticated portfolio management techniques. Typical of this trend are the 72 guaranteed funds outstanding in Austria, which have lives of 3–7 years, where the principal is guaranteed at maturity and in some cases the payback includes 80 percent of the highest net asset value achieved during the life of the fund. The guarantee may be granted only by banks licensed to give such guarantees (which do not include the management companies, although many are affiliated to banks that can grant guarantees). Disclosure requirements are more detailed than for traditional funds. The prospectus and other documents for funds with embedded derivatives are required under the InvFG to make that clear. Index funds are not permitted to use derivatives in a way that might generate performance gaps between the index and the fund.
54. Since the 2003 assessment, the principal legislative change has been the entry into force of the UCITS III Directive, which is the latest, but will not be the last, in a line of Directives intended to create a modern, innovative pan-European market in collective investment schemes. The Directive was implemented in Austria by amendment to the InvFG which came into force in February 2004. Since Austrian investment management companies have always been licensed as banks, implementation of the Directive did not require the extensive changes to the regulatory capital base and internal organization of UCITS managers that occurred in some jurisdictions. However, it increased the freedom to provide services across national borders in the EEA and significantly broadened the range of investments open to UCITS managers including derivatives. The opportunity was taken to set out in greater detail the required disclosure to investors; the FMA and BMF believe that the InvG now requires fund prospectuses to disclose any pending legal proceedings involving the fund, the operator, or its management that may be material to the decision to invest, although not explicitly, as recommended in the 2003 assessment.
55. Both the EU Commission and CESR have continued to issue guidance on matters such as eligible assets and hedge fund indices, which in Austria are implemented by changes to the InvFG and regulations (Verordung) issued by the FMA. This is regarded by the market as a useful technique. This almost continuous process of updating the InvFG will continue through 2008 (UCITS IV is under preliminary discussion) and will continue to put pressure on staff resources as they engage in pan-European negotiations prior to implementing agreed measures.
56. New domestic legislation, the Real Estates Funds Act and the Staff Provisions Funds Act (governing special funds), have also required staff attention.
Market Intermediaries: Principles 21–24
57. The greatest impact of the MiFID has fallen upon the FMA departments responsible for supervising investment firms and the banks that provide investment services. The Austrian system had previously imposed relatively high-level principles of business conduct when dealing with and for clients in the markets for securities and related products such as collective investment schemes, derivatives, etc. The MiFID is nominally principles-based legislation but in practice imposes detailed regulation of the firm/client relationship, albeit allowing firms to use their discretion in some areas such as assessing the suitability of an investment for a client, the process of achieving best execution, the contents of client agreements, and the management of conflicts of interest. In some respects the Austrian regulatory requirements had been ahead of much of Europe. For example, the provision of investment advice had required a license whereas this has become obligatory in Europe only with the coming into force of the MiFID.
58. The MiFID was primarily implemented through the WAG 2007. In addition, much of the detailed investor protection regime in Austria had been set out in a “self-binding” Standard Compliance Code for Financial Institutions and in the Guideline on Providing Investment Advice (including a booklet on risk warnings) prepared by the Austrian Chamber of Commerce. In practice it is binding only on banks and not on nonbank investment firms or service providers. Banks have to state publicly that they are in compliance with the Code and the Guidance. Post MiFID, the Code and the Guideline remain in force, but many of the provisions are now replicated as enforceable regulation in WAG 2007, which takes precedence.
59. A very heavy burden has fallen on FMA supervision staff in preparing for the MiFID in the last three years, including attending meetings of CESR working parties and assisting the BMF in its negotiations in Brussels. In the last twelve months the legislative landscape has become progressively fixed, with the completion of the Level 1 Directive and the Level 2 Directive and Regulation, although CESR and the EU Commission were still publishing opinions and guidance on interpretation and implementation of the MiFID until late summer. CESR has an ongoing work program on difficult and contentious issues that is likely to result in further interpretive guidance, which Member States will be expected to implement.
60. Emphasis has recently shifted to two further tasks. The first is educating supervisory and enforcement staff on the requirements of the MiFID as they impact on licensees and modifying the supervisory processes and inspection manuals accordingly. This has involved a mix of external training, internal project work, and discussion up to and including the level of managing directors. Second, the FMA has been advising licensees and their external auditors on what their obligations to their clients will be and what the FMA will expect of them under the new regime. These are very time-consuming processes and have had to be carried out while at the same time maintaining the necessary level of supervisory oversight of licensees, analyzing external auditors carrying out on-site inspections, especially “for cause,” etc.
61. Generally, industry representatives expressed positive views on their relationship with the FMA in the evolution of regulatory policy in securities market matters, where the attitude of staff was described as open and helpful. As regards the MiFID, views varied, though the sample was small. On one hand, the FMA was described as helpful and deeply involved in the discussions on modifying the Standard Compliance Code (SCC) and the Guideline on Providing Investment Advice (including the booklet on risk warnings) whereby industry participants, working with the Chamber of Commerce, have updated the Code and the Guideline at their own initiative to take account of the MiFID as they see it. The revised Code and Guideline were published and submitted to the FMA for comment, which it has done. On the other hand, some suggested that the FMA had not gone beyond setting out the legal requirements and the guidance developed by CESR.
62. In practice, despite the small size of the FMA Security Supervision Department and therefore the very limited number of staff available for regulatory policy formulation work, the FMA has developed and published guidance that expands upon the MiFID requirements including:
- A circular clarifying the differences between tied agents and freelancers (see below) and their obligations;
- A list of minimum records;
- Guidance on licensing procedures; and
- Passporting requirements.
The implementation measures, as well as the SCC and the Guidelines, are published on the FMA’s Web site.
63. It should also be noted that it is a key policy principle underlying the MiFID that senior managements should take responsibility for their firms’ actions and should not rely solely on detailed rules from the regulator. In some civil law jurisdictions such as Austria this is a new approach to which all parties—the regulator, investment firms and the judiciary—will take time to adapt.
64. Furthermore, from a firm’s perspective—due to the very limited resources for conducting on-site inspections (discussed below) and therefore the heavy reliance by the FMA on the reports of licensees’ external auditors—the risk of enforcement action for breach of the MiFID by the FMA in the near term is low. That still leaves firms open to the risk of suit by customers who believe they have suffered loss as result of noncompliance with the MiFID and the award of damages. The question of the exposure of the authorities to public liability may also arise.
65. From the FMA’s standpoint, auditors’ reports are required within six months of the business year end. Most Austrian firms use a calendar year, and the FMA has taken the practical and pragmatic decision (replicated by many regulators in Europe) that the 2007 reports (which will include the first two months of the MiFID regime) will be expected to report only on whether firms have properly installed the necessary organizational, risk management and control mechanisms intended to secure compliance. However, an FMA circular dealing with organizational requirements such as the compliance function, risk management and internal audit will not be published until the end of 2007.
66. The effect of this is that it will not be until the summer of 2009, when the 2008 audit reports are received, that the FMA will begin to have comprehensive data on MiFID compliance by licensees. Greater resources devoted to on-site inspections in the intervening period appear essential, especially in response to client complaints, market gossip, or other indications of concern, in order to reduce the risk of significant problems going undetected until serious damage to investors has arisen.
67. A particular but transitional problem concerns the “passporting” provisions of the MiFID, where some Member States have delayed bringing the Directive into force on the agreed date. In practice, and despite earlier fears, it appears that most Member States have met the deadline or will have done so by the end of November 2007. According to the EU Commission, the remainder are expected to do so in early 2008. CESR has issued extensive guidance to its member regulators on how to handle problems, but as of early December 2007 the FMA was not aware of any problems regarding inward or outward passporting regarding Austria or Austrian firms although it should be noted that at least two of the late jurisdictions are of particular relevance to Austria. Some banking sources report that certain governments are unlikely to bring the MiFID into force until 2009.
68. Regarding the role of the external auditors in securing compliance with MiFID, the FMA recognizes that it may prove to be the weak link in the chain, as it has been least involved in the negotiations and pre-implementation planning. The FMA has been taking and continues to take, measures to inform auditors on the MiFID and to stress that going forwards, investigation compliance with its provisions will be a mandatory task. Emphasis is being placed on the “Big Four” auditing firms and those smaller firms that specialize in auditing investment firms.
69. The general risks inherent in the heavy reliance on a licensee’s external auditors, which is a characteristic of Austrian supervision, is discussed in greater detail in the Basel Core Principles update. As regards nonbank investment firms and investment service providers, reliance on auditors might have been appropriate until now given the limited prudential risks posed by them (see above regarding the limited functions nonbanks can undertake). Furthermore, the Securities Supervision Department routinely returns two-thirds of the financial statements and other routine reports it receives from auditors for revision and clarification.
70. However, the MiFID and the MAD impose greatly increased legislative requirements. These include requirements regarding the proper treatment of clients, which are now embedded in WAG 2007 (for example, on the identification, management and disclosure of conflicts of interest), and market integrity issues embedded in the BorseG, which implemented the Market Abuse Directive (such as the maintenance of Chinese walls and “insider lists”). There are multiple concerns. Many auditors will not be able adequately to assess compliance with these issues, which requires an element of judgment as to outcomes as well as inputs in many cases; they will report in a way that is not sufficiently explicit to put the FMA on notice or will report too long after the damage to investors has occurred. Additionally, the legal liability caps on auditing firms are low, ranging from €2 million to €12 million, apply even to gross negligence, and in any case must be covered by insurance. The closeness of the external auditing firm to its clients, developed over many years, can also be a cause for concern.
71. The 2003 assessment recommended that tied agents, which are defined as natural or legal persons allowed to offer all financial services but whose conduct is the responsibility of the investment firm to which they are “tied,” should be individually licensed by the FMA. However, at the European level [?] it has been determined that tied agents should be permitted to continue in business. The MiFID continues to permit the practice of employing tied agents, subject to strict obligations of full responsibility being imposed on investment firms and banks that employ them, an obligation on the national regulator to maintain a public register of tied agents, and other requirements. The FMA has adopted the MiFID approach to tied agents and maintains and publishes such a register.
72. The MiFID also permits Member States to continue previous practice and to exempt from licensing a category of natural person who can conduct a restricted set of investment services for more than one firm, such as the provision of investment advice concerning transferable securities and collective investment schemes and the reception and transmission of orders in these instruments, but cannot handle client money or assets. These persons do not have passporting rights under the MiFID. Austria permits such persons, known as “freelancers,” and also requires them to join a public register maintained by the FMA. There are 12,327 tied agents and freelancers in Austria. The process of reregistration is currently underway under the MiFID, and the FMA expects that under the new mix of obligations and opportunities provided by MiFID there will be substantial realignment within this sector and at the border between tied agents and investment service providers, with many of the latter electing to become tied agents.
73. The recommendations set out above need to be reviewed in the context of the current very limited resources available for supervising the provision of investment services and the undertaking of investment activities as defined under the MiFID, as well as the large increase in the detailed statutory regulatory requirements against which compliance must now be assessed. The two divisions concerned have a total staffing of 16, compared with 11 in 2003. This includes 3 experts on financial instruments including one with some understanding of commodity derivatives,6 which are included in the MiFID but were excluded from its predecessor directive. To put this into context: Article 91 of WAG 2007 authorizes the Securities Supervision Department of the FMA to carry out on-site inspections of the 318 licensed nonbank investment firms and investment service providers for compliance with WAG 2007. In addition, it authorizes the department to carry out on-site inspections of some 850 credit institutions that provide investment services for compliance with the second chapter of WAG 2007. This includes organizational requirements for providing investment services, conflicts of interest requirements, and specific conduct-of business rules. The department is also responsible for compliance with the insider dealing legislation by 50 insurance companies and 20 pension funds. Despite the increase in staff since 2003 the department carried out fewer on-site inspections in 2006 (13) than it did in 2003 (15) and will carry out 11 inspections in 2007.7 This recent decline was said by the FMA to be due to the diversion of staff resources to assisting the BMF in implementing the MiFID, in helping the industry to prepare for the MiFID, and in updating its own inspection procedures to cope with the increased demands of the directive. As noted above, there is a particular problem relating to the period until mid-2009 when the first full reports on the MiFID compliance will be received from external auditors.
74. There is a planned further increase of 14 staff, which will be helpful and will make a significant improvement in the current position. But it remains the case that inspection and analysis resources are very limited, and heavy reliance will remain on external auditors for the foreseeable future. The key disadvantage of this approach is that FMA staff are unable to develop expertise in reviewing the activities of licensed entities and in understanding their businesses at first hand. The supervisory staff appear well motivated, but they have very limited reference points to assess the reports of external auditors when these are received. There is a significant possibility that this will lead to warning signals being missed. It is also difficult to reconcile this with the risk-based approach that the Securities Supervision Department seeks to use, in line with best international practice, given that the department does not periodically inspect even the totality of high- to medium-risk firms.
75. On the plus side, the use of “management dialogues,” begun in 2003, has increased from 11 to 27 in 2006. A dialogue is undertaken when a particular investment firm has come to the attention of the department for one or more of several reasons such as investor complaints, statements in the external auditor’s report, or frequent changes of managing director. By end-2007, 8 management dialogues will have taken place with credit institutions, and 32 with investment firms to discuss conduct of business-related matters and almost all 24 collective investment scheme management companies are routinely subject to an annual dialogue. The department considers these dialogues to be a very useful means of reacting quickly to emerging problems and of identifying and securing necessary changes. These are positive developments, but almost all management dialogues take place at the offices of the FMA (in 2007 only one took place at the firm). More dialogues should take place at the firm. In this way FMA staff could get some hands-on sense of how the firm is operating, its general efficiency, and the attitude of its staff, which would benefit their desk-based supervision.
Secondary Markets: Principles 25–30
76. In the 2003 assessment, there was concern that, with the ownership of the exchange in the hands of its members, surveillance of trading was subject to an unacceptable degree of conflict of interest.
77. This has been satisfactorily addressed by the FMA. In 2004 the FMA began a project to bring market surveillance “in house.” It reviewed systems employed by other EU regulators such as FSA (U.K.), BaFIN, Consob and AMF (France). Over two years (and after some 3,300 person hours) it then developed its own system, which was fully implemented in November 2006. Called the Market Abuse Detector (MADe), it combines relevant information from a large number of sources including:
- Real-time order data from the VSE;
- OTC and on-exchange trade data reported directly to the FMA;
- Newspapers and other media;
- Investment research;
- Dealings by specific investors (via mandatory Client IDs on trade reports);
- Directors dealings;
- Disclosed inside information; and
- Share buy-back programs.
78. OTC transactions are off-exchange trades executed by Austrian-based banks in financial instruments admitted to trading on an exchange or where the underlying security is traded on exchange. This includes reporting of trades in OTC-covered warrants where the underlying is an exchange-traded security. The system can automatically connect the warrant to the underlying security for analytical purposes. Further expansion will include IPOs and capital increases.
79. The system generates alerts that can then be investigated to establish whether the circumstances merit further investigation. The system appear to be highly efficient in the way it collates information from a large number of sources and enables the staff of the Markets and Exchanges Division to maximize their ability to identify and priorities potential cases of insider dealing and market abuse.
80. Market Supervision has a staff of six. Three monitor the market and analyze the alerts generated by MADe. The other three deal with analyzing potential instances of insider dealing and market manipulation, which are becoming increasingly sophisticated. It is unlikely that six people are sufficient given that in addition they have to undertake preliminary investigations, which may include talking to issuers, brokers, banks, and other firms, as well as to the persons instigating the suspicious transactions.
81. The practice of short selling, which globally is sometimes controversial in periods of market turbulence, is not regulated by the FMA, as is the case in most developed markets. It is not a common practice in Austria. “Naked shorting” (selling stocks with no intention to deliver on settlement date) is in any case severely constrained since all trades are matched against the Central Counterparty (an entity owned by the VSE and the OKB). The Central Counterparty issues escalating fines for failure to deliver.
82. In 2006 the FMA launched three formal insider dealing investigations and nine market manipulation investigations. Although in the case of insider dealing these numbers were substantially lower than in 2004 (14), staff believe that this is because the greater efficiency provided by MADe has resulted in better preliminary investigation and the elimination of insufficiently supported cases. On the other hand, market manipulation investigations rose slightly (7). In 2007, out of 14 preliminary investigations the FMA proceeded with 5 insider dealing and 5 market manipulation cases, all of which it describes as complex.
83. The results of bringing cases to court have been disappointing. Courts do not always appear to properly understand the technicalities of securities and derivatives trading. The FMA is seeking to engage the judiciary in a dialogue on insider dealing offenses, but this takes time and is not always easy. As in many jurisdictions, “white collar” crime such as insider dealing is sometimes not treated sufficiently seriously by prosecutors or judges. Now that prosecutions for insider dealing have been concentrated in Vienna rather than scattered across the country, and with the appointment of a special group of prosecutors for insider dealing, the situation has improved somewhat. Furthermore, the FMA has a power to lodge appeals and to demand that a criminal case be reopened (A48k(2)(1) BorseG).
84. The VSE is still required to monitor trading in real time and to maintain an orderly market for which it uses a market surveillance system called XETRA Observer, purchased from the Deutsche Borse. It is required to report any suspicious transactions to the FMA on a daily basis. However, the importance of its role has diminished significantly as the powers of the FMA in this area have increased.
85. In 2003 there was concern also that the role of the Exchange Commissioner appointed by the BMF (and a current BMF employee) was based on an outdated concept and that consideration should be given to moving that responsibility to the FMA. He attends all meetings of the supervisory board of the exchange and meetings of the management board of the exchange at which decisions concerning the listing and delisting of financial instruments are made and decisions are taken regarding admission, suspension, and expulsion of members.
86. There has been no change in the position, although it should be noted that the Commissioner reports to the FMA and the head of the FMA’s Securities Supervision Department is appointed Deputy Exchange Commissioner. The Commissioner has an obligation to lodge an objection if he believes that a decision of the supervisory or management board violates federal laws, decrees or rules of the FMA. The effect of such an objection is to postpone the decision until the FMA has made a ruling on the matter that is binding on the exchange. To date this has never happened.
87. More significantly, the FMA now has sole responsibility for the approval of prospectuses required for public offerings and admission of securities to trading on an exchange under the KMG and for enforcing ongoing disclosure obligations of issuers under the BorseG (see section above re issuers). Therefore, the VSE’s listing rules are less important in terms of investor protection than they were in 2003.
88. However, under the MiFID and its implementing regulation, the VSE, as the operating company of a regulated market, has significant residual obligations regarding issuers and derivatives contracts. The BorseG therefore imposes additional obligations on the VSE that must be met before a security or derivative can be admitted to trading on the exchange (BorseG A66) and requires the exchange to have effective arrangements enabling it to verify that issuers are complying with initial, ongoing or ad hoc disclosures (BorseG A66(7)).
89. Compliance with these obligation is monitored and can be enforced by the FMA in exercise of its powers to license the operator of an exchange (BorseG A2(2)) and to withdraw a license in the event that the operating company of the regulated market “continually fails to fulfill its duties relating to the management and the administration of an exchange adequately and in accordance with the regulations” (BorseG A4(2)). Short of de-licensing, the FMA can impose administrative fines on a person responsible for an exchange operating company for a range of offenses, up to a maximum of €30,000 (BorseG A48(5).
90. The FMA has the power to suspend a security or derivative contract from trading on a regulated market if this is necessary to “safeguard the interests of a properly functioning market and is not contrary to the interests of investors” (BorseG A25b(3)).
91. In 2003 the definition of market manipulation was very narrow and the fine of €20,000 was judged “much too low” to present a real deterrent. At that time, insider dealing was already a criminal offense subject to a maximum term of two years imprisonment. Insider dealing remains a criminal offense but the maximum prison sentence has been raised to five years and a (salary-related) fine can be imposed of up to €180,000.
92. The implementation of the Market Abuse Directive via amendments to the BorseG in January 2005 has partly dealt with these problems by introducing more extensive definitions of insider dealing and market manipulation. It required the setting up of a comprehensive regime to give practical effect to the prohibition of market manipulation, which included giving the FMA powers to suspend trading in a stock (A48q(3) BorseG) and to conduct on-site inspections at an issuers office (A48q(1)(3) BorseG).
93. Market manipulation remains an administrative offense, though the maximum fine has been increased to €50,000. This appears still to be too low and compares unfavorably with many other jurisdictions. Higher fines would provide a more significant deterrent, as well as more incentive for FMA staff to diligently pursue cases although there is no evidence that they lack diligence today. As regards licensed entities, other sanctions, such as suspension or termination of the license, can be imposed. However, the maximum monetary value of administrative sanctions is a matter of interpretation of the Austrian Constitution. The Constitutional Court has ruled that €50,000 is the maximum fine that can be levied for an administrative offense, which appears to close off further discussion at present.
94. In response to the suggestion that market manipulation should be made a criminal offense in order to increase the penalties, the FMA argues that there are advantages in maintaining the current approach despite the low level of fines:
- A market manipulation will often consist of several offenses, each of which can be subject to the €50,000 maximum, which increases the “headline” figure;
- The process is faster and subject to shorter formal time limitations than criminal offenses—18 months for initiation and 3 years to complete including appeals versus over 5 years for criminal prosecutions;
- The decision on a case is determined at first instance by experienced FSA staff subject to appeal to a Tribunal where the FMA is a party to the proceedings. The only subsequent appeal is to the Administrative Court—a form of judicial review—and the FMA can appeal as well as the plaintiff;
- The burden of proof is lower (although the assessment notes that in some jurisdictions the seriousness of the offense in terms of reputational and ongoing employment damage to an individual cause courts to require a standard of proof equivalent to the criminal standard); and
- The penalty can include disgorgement of profits.
95. These arguments have merit and it may be that, despite the Austrian Constitutional constraints, maintaining market manipulation as an administrative offense is the most appropriate and pragmatic approach. Any opportunity to raise the maximum limit again should be taken.
96. The MiFID has created a new category of investment activity for which licensing is necessary, namely operation of a Multilateral Trading facility (MTF). The definition corresponds almost exactly to the definition of a regulated market or exchange, with the key difference being that, unlike an exchange, an MTF does not have to impose listing criteria for the instruments users trade on its system. So far there is only one MTF in Austria; it is operated by the VSE, which has converted its third market from an exchange to an MTF in order to maintain its very light regime on securities traded on it. Should an MTF from another EU Member State passport into Austria, which is probable in the course of 2008, the FMA’s primary concern will be to ensure no loss of trade data for its market surveillance purposes and that there is effective cooperation with the Home State regulator of the MTF operator. The MiFID sets out obligations and procedures to achieve that end. If an entity wishes to establish an MTF in Austria, the FMA believes its current licensing and ongoing supervisory procedures will be sufficient with minimal adaptation.
III. Recommendations for Action and Authorities’ Reactions
Powers and resources of the regulator
97. The BMF’s powers to instruct the FMA to conduct audits should be removed, and the BMF’s power to require the FMA to provide information on current and prospective enforcement cases should be narrowed so as to exclude information on current or prospective enforcement cases.
98. The authorities should ensure that cases concerning the public liability of the State do not impede the ability of the FMA and its staff to properly perform their functions and meet their responsibilities.
99. The human resources of the Securities Supervision Department of the FMA should be increased, especially to conduct on-site inspections, in addition to the 14 planned appointments. Assessed as understaffed in 2003, the increase since then has been absorbed in dealing with the heavier workload imposed by new EU Directives, exacerbating the position and leaving a shortfall greater than in 2003.
100. There is a need to recognize and deal with the problem of securing compliance with the enhanced business conduct rules of the MiFID in the period until the first full audit reports are received in June 2009.
101. Administrative fines should be raised further to levels elsewhere in Europe.
Principles 11 and 13
102. Discussions should be resumed with IOSCO with a view to Austria’s becoming a full signatory of the IOSCO MMOUat the earliest opportunity. Any outstanding problems regarding Austrian law or the FMA’s powers that emerge in that process should be resolved.
Supervision of market intermediaries
Principles 22 and 23
103. The heavy reliance on external auditors in assessing compliance with new client facing obligations should be reviewed. This should include consideration of measures to increase the reporting obligations of external auditors to the FMA.
104. Consideration should be given to encouraging the rotation of audit firms and not merely of individual auditors, especially when an audit company with few partners is used.
105. Management dialogues with investment firms and credit institutions should be held“on-site” rather than in the FMA’s offices.
B. Authorities’ Reactions
106. The Austrian Ministry of Finance and the FMA consider the recommendations as very valuable and in general in line with their own assessments and priorities for the forthcoming years.
107. We fully agree that, among others, adequate staffing and continuing intensification of on-site presence are important means to further advance supervisory effectiveness. Moreover, also in line with the assessment of the IMF, we consider the issues arising with implementation of the MiFID as important challenges for the future. We will also continue our efforts to become a full signatory of the IOSCO MMOU.