The impending EU Benchmark Regulation (BMR) represents a step change in assurance reporting requirements for benchmark administrators. Steve Farrell, Partner at Deloitte, and lead at its benchmarks team, joined RIMES’ recent BMR Seminar to update attendees on just what these new assurance requirements mean.
Farrell outlined the three categories of assurance requirements of BMR:
- External Audit – required for administrators of Critical benchmarks and Commodity benchmark; third country administrators must also be audited for compliance with IOSCO principles.
- Internal Report – applicable for administrators of Critical and Significant benchmarks.
- Internal Review – applicable for administrators of Critical and Significant, Interest Rate and Commodity benchmarks for approval of a given methodology.
Before administrators can conduct these audits successfully, however, it is important to understand exactly what is meant by ‘audit and assurance’. For Farrell, the term can be broken down into three parts:
- Review and Recommend – Carried out by either an internal function or an external firm, this is an assessment of a control framework against regulatory requirements and usually take place ahead of the regulation coming into force.
- Internal Audit – Again carried out by either an internal function or an external firm, this takes place once a legislation is active and aims to test a ‘live’ control framework to highlight any deficiencies.
- External Audit – Carried out by an external assurance provider, this is an assessment of controls and processes against regulatory requirements against three areas: Reasonable Assurance, Limited Assurance and Agreed Upon Procedures.
When it comes to BMR, Farrell argued that a key activity for benchmark administrators will be to ensure they are producing comparable assurance reports, as this will ensure a level playing field and help promote a healthier benchmarks market.
Additionally, Farrell argued that of the three types of External Audit, Reasonable Assurance will be the most valuable to the industry following BMR. This is because, as the gold standard of external audits, Reasonable Assurance requires deeper levels of reporting and as a result enables clear and positive statements when an administrator is compliant. For Farrell, Reasonable Assurance will be critical for administrators under BMR as it will allow them to show clearly to regulators and to the market how they have addressed the many gray areas of the legislation.
Farrell concluded his presentation by looking at the IOSCO Principles that will underpin assurance under BMR. Currently, audits under IOSCO Principles vary in the level, type and format of report. In Farrell’s opinion, this means that users of such statements do not always understand what the reports mean. At present, BMR lacks any guidance on how firms should read and use audit guidance. Farrell believes this area must be addressed as a priority to ensure there is a level standard of control under BMR.
What Farrell made clear is that benchmark administrators need to start work now on preparing for the BMR assurance regime. From RIMES’ perspective, Farrell highlighted that assurance reporting for benchmark administrators is going to become more complex and costly than ever before. As a result, buy-side firms need to be aware of the impact this might have on the cost of benchmarks and look to ways of mitigating these costs, such as by using managed data services. Moreover, buy-side firms that are also benchmark administrators will need to build a completely new function to oversee BMR assurance. Emerging managed administrative services from companies such as RIMES will also help in this respect, helping firms to adapt the complexities of the BMR regime without undue disruption.
To view Steve Farrell’s report in full, click here.
RIMES has put together an easy to use BMR Checklist questionnaire for you to understand how you may be affected by the BMR.