MiFID II requires trading venues to store personally identifiable information (each potentially 50 characters long) relating to the traders, investment managers and clients of the orders they receive. While it might be very convenient for surveillance to have order book data married up with personal data, this requirement is not only an additional burden to system load but also raises data privacy concerns.
To mitigate these issues the industry is currently working towards an approach that allows trading platforms to rely on short codes submitted during trading, then receiving the mappings to the sensitive data via a separate link at the end of the day. Certainly the short code approach looks like the best way forward given the circumstances, but it forces market members to manage another long list of codes for each trading venue. Wouldn't it be great if all the venues were to agree to use the same short code standard? Better still, and safer, if trading venues were only obliged to store the short codes while ESMA managed the mappings between those codes and client information.
Wishful thinking, perhaps, given all the other mandatory MiFID II work going on and the short implementation timeline.