2(1) |
The [UK RIE] must ensure that the systems and controls used in the performance of its [relevant functions] are adequate, and appropriate for the scale and nature of its business. |
(2) |
Sub-paragraph (1) applies in particular to systems and controls concerning - |
|
(a) |
the transmission of information; |
|
(b) |
the assessment, mitigation and management of risks to the performance of the [UK RIE'srelevant functions]; |
|
(c) |
the effecting and monitoring of transactions on the [UK RIE]; |
|
(ca) |
the technical operation of the [UK RIE], including contingency arrangements for disruption to its facilities; |
|
(d) |
the operation of the arrangements mentioned in paragraph 4(2)(d); and |
|
(e) |
(where relevant) the safeguarding and administration of assets belonging to users of the [UK RIE's] facilities. |