The FCA’s governance reality check: why UK EMIR Refit failures are systemic

The UK European Market Infrastructure Regulation Regulatory Fitness Program (UK EMIR Refit), which went live on 30 September 2024, was meant to be a crowning achievement in derivatives market transparency, demanding important technical shifts like the adoption of ISO 20022 XML and an increase to over 200 reportable fields.

However, the Financial Conduct Authority (FCA)’s recent publication of Market Watch 84 (MW84) delivers a stark post-implementation reality check. The newsletter confirms that the root problem exposed by the Refit is not merely technical, but a systemic failure of governance, culture, and operational frameworks within the financial sector. The FCA has pivoted from guidance to assertive accountability, viewing poor reporting not as a compliance hiccup, but as a risk to financial stability.

Quantifying operational failure

MW84 makes clear that firms’ operational frameworks were insufficiently resilient to absorb the regulatory change. The evidence is empirical and alarming:

• 19% of counterparties encountered specific challenges with reporting following the Refit implementation.
•  A worrying 1.45% of UK reporting counterparties completely failed to submit details of derivative trades since the new requirements came into effect.

The regulator views this failure rate as a grave concern. The FCA explicitly states that these persistent issues “materially affect our visibility of the UK derivatives market” and severely hamper the capacity of the authorities to monitor systemic risk. High-quality data is essential for the FCA and the Bank of England to monitor for systemic and financial stability risk.

The strategic value of EMIR data

To understand the severity of the data failures, firms must appreciate how the regulator utilises this information. The FCA uses EMIR data proactively for macroprudential supervision. For instance, the data is leveraged to analyse the use of critical benchmarks across markets, and was vital during periods of volatility, such as when the FCA used OTC SONIA Swaps activity (enhanced by MiFID transaction data) to build a clearer, real-time picture of participants’ rates exposure following specific tariff announcements. When reporting quality falters, it directly compromises the regulator’s ability to maintain market integrity.

Vendor accountability is non-delegable

A less visible but highly significant focus in MW84 is the specific mention of firms’ issues related to “vendor management”. Given the technical complexity of the Refit, many firms relied heavily on third-party RegTech solutions. The fact that many still faced challenges indicates that vendor solutions, or the firm’s oversight of them, were often inadequate. The FCA’s stance is unequivocally clear: accountability for data quality cannot be outsourced. Firms must exercise stringent oversight and due diligence over their vendor partners; if the service provider fails, the reporting counterparty remains legally accountable.

The failure of frameworks: governance, culture, and remediation in the spotlight

The observations in MW84 are not unique to UK EMIR. They carry significant operational parallels with findings in previous FCA publications, such as Market Watch 82, which addressed UK MiFID transaction reporting. This confluence suggests that the primary deficiencies are systemic and structural, reflecting widespread weaknesses in operational governance and compliance culture.

The persistence of weak governance and reactive culture

The FCA notes “persistent inefficiencies” and “shortcomings” in operational frameworks, indicating many firms failed to mature their reporting governance since the original requirements came into effect. The core failure points observed are fundamentally cultural and structural:

• Fragmented ownership: no single individual or team is held fully accountable.
• Siloed internal teams leading to disconnects between front-office trade data capture and the final reporting function.
• Reactive compliance: issues are only addressed after detection by a Trade Repository (TR) or the regulator, rather than proactively.
• Weak governance resulting in slow decision-making due to lengthy internal approval chains.

Compliance must transition from an isolated, reactive function to an integrated element of the operational workflow.

Remedial timelines: missing the window of tolerance

A major point of supervisory criticism is the excessive delay in establishing and completing remediation programs. The FCA expects firms to be proactive and transparent, setting reasonable expectations for completion.

However, the regulator has observed remedial exercises extending “beyond reasonable timelines”. Common causes for delay include insufficient resourcing, competing business priorities that deprioritise compliance fixes, and a critical tendency to focus on “fixing the symptoms” rather than decisively tackling the “root cause” of the underlying system or data flow failure. The regulatory expectation is for remediation to be auditable, decisive, and rapid.

The Back Reporting blind spot and legacy trade failure

The correction of historical data, or ‘back reporting’, represents a significant operational blind spot for many firms, frequently overlooked or deprioritised. This negligence was immediately exposed by the UK EMIR Refit, which mandated that all outstanding derivative trades entered into before 30 September 2024, had to be updated to the new ISO 20022 and 200+ field standards by the 31 March 2025 transition deadline. This complex backloading process required enriching legacy trades with numerous newly required data points. Failure to complete this process is a direct manifestation of poor governance over archived data.

Elevating breach notification quality: a test of internal controls

The FCA’s scrutiny extends deep into firms’ internal processes, focusing specifically on the quality and depth of errors and omissions (E&O) notifications, or breach notifications. Notifications are deemed deficient if they omit three key components: clear root cause analysis, accurate scope and impact, or defined governance oversight. Delivering a complete notification is not an administrative task; it fundamentally tests the maturity of a firm’s internal controls, requiring the ability to trace an error backward through the entire data processing pipeline to identify the precise point of failure.

This is the first part of our thought leadership series on UK EMIR Refit resilience. The next instalment will cover the critical areas of data integrity, lifecycle event mastery, and the strategic imperatives for 2026.