Issues with the quality of the written LRM procedures were detected in some cases. Observations included in some instances, procedures not providing documentation of the LRM arrangements, processes and techniques or did not cover all asset types or the use of LMTs (from the analysis during the product design phase to their ongoing use, etc.). In a few isolated cases, no written LRM procedures were put in place.

In some cases, the methodology was not always appropriate, not forward-looking and, more frequently, not justified and back-tested. For example, insufficient pre-investment checks – measurement of liquidity in pre-investment analyses and forecasts, consideration of portfolio impact, – or ongoing monitoring – absence of analyses involving all liabilities, lack of investors behaviour modelling and forward-looking estimates, verification of data quality were observed.

In some particularly worrying cases, margin calls were not considered at all.

Additionally, in some cases, LRM mechanisms and methodology were too static, with questions raised on the accuracy of LRM modelling during market downturns – including the accuracy of the data used for modelling the liquidity which should give due consideration to the prevailing market circumstances. This may result in unrealistically stable or even improving liquidity forecasts in crisis time.

In some cases, UCITS managers placed an overreliance on the presumption of liquidity referred to in Article 2(1) of the UCITS Commission Directive 2007/16/EC (UCITS Eligible Assets Directive) where they invested in listed securities.

Additionally, without dedicated follow-ups on securities presumed liquid, some ongoing controls were insufficient as they were not based on reliable data on volumes e.g. past volumes, number of brokers and trading size.

The mere lack of any data on volumes should be considered as possible evidence of the lack of sufficient liquidity and would need to be further investigated.

NCAs investigations revealed that a few specific supervised entities had applied the presumption of liquidity to all assets, including financial instruments which are not admitted to or dealt in on a regulated market under the conditions set out in Article 50(1) of UCITS Directive 2009/65/EC, where overall portfolio liquidity was deemed sufficient.

In these cases, no liquidity analysis and forecasts were performed for investments subject to Article 50(2)(a) of the UCITS Directive 2009/65/EC, which allows for investments in unlisted securities up to a limit of 10%.

Performing no pre-investment liquidity analyses and forecasts for these financial instruments is not compliant with the UCITS framework and should therefore be further investigated.

Some NCAs identified a few cases where the entity to whom the portfolio management function was delegated effectively also performed the LRM functions. Those cases also revealed an insufficient involvement of the internal risk management function, as well as insufficient delegation monitoring and due diligence. Moreover, the simultaneous delegation of portfolio and risk management functions to the delegate should not be allowed as it contravenes to UCITS delegation and substance rules.

In some cases, NCAs observed a widespread lack of data quality checks in a context of overreliance on very few data providers. In those cases, UCITS managers had not implemented robust and documented control processes, based on cross-checks and back-tests to ensure that they use sound and reliable data as explicitly required by the UCITS Directive.

NCAs reported some cases of missing, inaccurate, or unclear disclosures on liquidity risks and LMTs to investors in UCITS KIID and/or prospectus.

In some cases, insufficient (in terms of frequency, granularity and clarity) and, more rarely, absence of reporting to senior management were detected.

Some processes raised questions regarding the soundness and documentation of the decision-making process, in particular with regard to escalation process or analyses conducted during the design phase.

In some cases, NCAs detected no regular second and third-level controls of LRM policies and procedures, and identified a strong need to strengthen the overall control framework as both compliance and internal audit functions were not performing sufficient controls with respect to LRM processes. In such cases, these control functions have not been able to detect most of the shortcomings and regulatory breaches identified by NCAs in the course of the CSA.

External controls by the depositary and external auditors of the UCITS and UCITS managers are not performed in all cases. With respect to controls by external auditors, this might also be explained by diverging national rules and practices regarding the scope of audit.