SUP 10C.6A Systems and controls functions: Finance, risk and internal audit
Introduction
1The FCA-designated senior management functions in this section apply even if the firm:
- (1)
is not required by the regulatory system to allocate any of these roles to someone; or
- (2)
is not subject to any requirements of the regulatory system dealing with the management of the matters referred to in SUP 10C.6A.3R to SUP 10C.6A.6R.
Seniority
The FCA expects a firm to ensure that a person performing a function in this section for a firm has sufficient expertise and authority to perform that function effectively. A director or senior manager would meet this expectation.
Chief finance officer function (SMF2)
The chief finance officer function is the function of having responsibility for management of the financial resources of the firm, including reporting directly to the governing body of the firm in relation to its financial affairs.
Chief risk officer function (SMF4)
The chief risk officer function is the function of having responsibility for overall management of the risk controls of a firm, including:
- (1)
the setting and managing of the firm’s risk exposures; and
- (2)
reporting directly to the governing body of the firm in relation to its risk management arrangements.
- (1)
Risk controls systems include ones designed to deal with the kinds of matters in the risk control requirements for SMCR firms.
- (2)
However SUP 10C.6A.4R applies even if the provisions in (1) do not apply to the firm.
Head of internal audit function (SMF5)
The head of internal audit function is the function of having responsibility for management of the internal audit function of the firm, including reporting directly to the governing body of the firm on the internal audit function.
- (1)
Internal audit covers the kinds of matters in the internal audit requirements for SMCR firms.
- (2)
However SUP 10C.6A.6R applies even if the provisions in (1) do not apply to the firm.