MIFIDPRU 7.2 Internal governance
- (1)
1A MIFIDPRU investment firm must have robust governance arrangements, including:
- (a)
a clear organisational structure with well defined, transparent and consistent lines of responsibility;
- (b)
effective processes to identify, manage, monitor and report the risks the firm is or might be exposed to, or the firm poses or might pose to others; and
- (c)
adequate internal control mechanisms, including sound administration and accounting procedures.
- (a)
- (2)
1The arrangements in (1) must:
- (a)
be appropriate and proportionate to the nature, scale and complexity of the risks inherent in the business model and the activities of the firm; and
- (b)
be compatible with the requirements in the FCA Handbook relating to risk management and internal governance, for example those in MIFIDPRU 7 and SYSC, that apply to the firm.
- (a)
1When establishing and maintaining the arrangements in MIFIDPRU 7.2.1R(1), a firm should consider at least the following:
- (1)
the requirements that apply to the firm under MIFIDPRU 7 and SYSC 19G (MIFIDPRU Remuneration Code);
- (2)
the legal structure of the firm, including its ownership and funding structure;
- (3)
- (4)
the type of activities for which the firm is authorised, including the complexity and volume of those activities;
- (5)
the business model and strategy of the firm, including its risk strategy, risk appetite and risk profile;
- (6)
the types of client the firm has;
- (7)
the outsourced functions and distribution channels of the firm; and
- (8)
the firm’s existing IT systems, including continuity systems.