SUP 10A.8 Systems and controls functions
Systems and controls function (CF28)
The systems and controls function is the function of acting in the capacity of an employee of the firm with responsibility for reporting to the governing body of a firm, or the audit committee (or its equivalent) in relation to:
- (1)
its financial affairs;
- (2)
setting and controlling its risk exposure (see 6SYSC 7.1.6R, article 23(2) of the MiFID Org Regulation and article 23(2) of the MiFID Org Regulation (as applied in accordance with SYSC 1 Annex 1 2.8AR, SYSC 1 Annex 1 3.2-AR, SYSC 1 Annex 1 3.2-BR, SYSC 1 Annex 1 3.2CR and SYSC 1 Annex 1 3.3R)); and3
- (3)
adherence to internal systems and controls, procedures and policies (see 6SYSC 6.2, article 24 of the MiFID Org Regulation and article 24 of the MiFID Org Regulation (as applied in accordance with SYSC 1 Annex 1 2.8AR, SYSC 1 Annex 1 3.2-AR, SYSC 1 Annex 1 3.2-BR, SYSC 1 Annex 1 3.2CR and SYSC 1 Annex 1 3.3R)3).
The systems and controls function does not apply in relation to:5
4- (1)
bidding in emissions auctions carried on by a firm that is exempt from MiFID under article 2(1)(j); or5
- (2)
Where an employee performs the systems and controls function the FCA would expect the firm to ensure that the employee had sufficient expertise and authority to perform that function effectively. A director or senior manager would meet this expectation.
Full scope UK AIFM
1For a full-scope UK AIFM, the requirement to have an employee responsible for reporting to the governing body of the firm or the audit committee for matters in SUP 10A.8.1R (2) and SUP 10A.8.1R (3) is derived from the AIFMD level 2 regulation, which imposes obligations on such firms to have a permanent risk management function and, where appropriate and proportionate for their business, an internal audit function.