The European Securities and Markets Authority (ESMA) today announces that it has fined DTCC Derivatives Repository Plc (DDRL) a total of €408,000 for seven infringements of the European Market Infrastructure Regulation (EMIR) regarding data confidentiality, data integrity, and direct and immediate access to data.
The breaches relate to:
- granting certain asset managers access to data that they were not entitled to receive;
- setting up its IT system in a way which altered the substance of certain information reported to DDRL; and
- failing to provide regulators with direct and immediate access to relevant data.
The breaches, which were committed between 2014 and 2018, were found to have resulted from negligence on the part of DDRL.
EMIR provides for the protection of the confidentiality and integrity of data received by trade repositories (TRs) and requires TRs to provide such data to regulators. This is a key requirement to improve transparency and facilitate the monitoring of systemic risks in derivatives markets.
DDRL failed to provide direct and immediate access to regulators by:
- generating reports for regulators containing incorrect data;
- failing to provide certain regulators with transaction data they were entitled to receive in line with their responsibilities and mandates; and
- failing to provide regulators with all transaction data regarding OTC derivatives contracts that were opened and exited, cancelled or matured on the same day.
This was the first time ESMA found breaches in relation to a TR’s obligation to ensure the confidentiality and the integrity of the data reported under EMIR. In calculating the fine, ESMA considered both aggravating and mitigating factors provided for in EMIR.
DDRL may appeal against this decision to the Board of Appeal of the European Supervisory Authorities. However, such an appeal does not have suspensive effect, although it is possible for the Board of Appeal to suspend the application of the decision in accordance with Article 60(3) ESMA Regulation.