Reset to Today

To access the FCA Handbook Archive choose a date between 1 January 2001 and 31 December 2004.

Content Options:

Content Options

View Options:

SUP 10A.8 Systems and controls functions

Systems and controls function (CF28)

SUP 10A.8.1RRP

The systems and controls function is the function of acting in the capacity of an employee of the firm with responsibility for reporting to the governing body of a firm, or the audit committee (or its equivalent) in relation to:

  1. (1)

    its financial affairs;

  2. (2)

    setting and controlling its risk exposure (see 6SYSC 7.1.6R, article 23(2) of the MiFID Org Regulation and article 23(2) of the MiFID Org Regulation (as applied in accordance with SYSC 1 Annex 1 2.8AR, SYSC 1 Annex 1 3.2-AR, SYSC 1 Annex 1 3.2-BR, SYSC 1 Annex 1 3.2CR and SYSC 1 Annex 1 3.3R)); and3

  3. (3)

    adherence to internal systems and controls, procedures and policies (see 6SYSC 6.2, article 24 of the MiFID Org Regulation and article 24 of the MiFID Org Regulation (as applied in accordance with SYSC 1 Annex 1 2.8AR, SYSC 1 Annex 1 3.2-AR, SYSC 1 Annex 1 3.2-BR, SYSC 1 Annex 1 3.2CR and SYSC 1 Annex 1 3.3R)3).

10A.8.1ARRP

[deleted]6

2
SUP 10A.8.2RRP

The systems and controls function does not apply in relation to:5

4
  1. (1)

    bidding in emissions auctions carried on by a firm that is exempt from MiFID under article 2(1)(j); or5

  2. (2)

    benchmark activities.5

SUP 10A.8.3GRP

[deleted]6

SUP 10A.8.4GRP

Where an employee performs the systems and controls function the FCA would expect the firm to ensure that the employee had sufficient expertise and authority to perform that function effectively. A director or senior manager would meet this expectation.

Full scope UK AIFM

SUP 10A.8.5GRP

1For a full-scope UK AIFM, the requirement to have an employee responsible for reporting to the governing body of the firm or the audit committee for matters in SUP 10A.8.1R (2) and SUP 10A.8.1R (3) is derived from the AIFMD level 2 regulation, which imposes obligations on such firms to have a permanent risk management function and, where appropriate and proportionate for their business, an internal audit function.