Related provisions for SYSC 3.2.1

21 - 40 of 92 items.
Results filter

Search Term(s)

Filter by Modules

Filter by Documents

Filter by Keywords

Effective Period

Similar To

To access the FCA Handbook Archive choose a date between 1 January 2001 and 31 December 2004 (From field only).

REC 2.2.6GRP
In determining whether the UK recognised body meets the recognition requirement in Regulation 6(3), the FCA3 may have regard to whether that body has ensured that the person who performs that function on its behalf:3(1) has sufficient resources to be able to perform the function (after allowing for any other activities);(2) has adequate systems and controls to manage that function and to report on its performance to the UK recognised body;(3) is managed by persons of sufficient
REC 2.2.7GRP
In determining whether a UK recognised body continues to satisfy the recognition requirements where it has made arrangements for any function to be performed on its behalf by any person , the FCA3 may have regard, in addition to any of the matters described in the appropriate section of this chapter, to the arrangements made to exercise control over the performance of the function, including:3(1) the contracts (and other relevant documents) between the UK recognised body and the
SYSC 13.9.4GRP
Before entering into, or significantly changing, an outsourcing arrangement, a firm should:(1) analyse how the arrangement will fit with its organisation and reporting structure; business strategy; overall risk profile; and ability to meet its regulatory obligations;(2) consider whether the agreements establishing the arrangement will allow it to monitor and control its operational risk exposure relating to the outsourcing;(3) conduct appropriate due diligence of the service
SYSC 13.9.7GRP
In some circumstances, a firm may find it beneficial to use externally validated reports commissioned by the service provider, to seek comfort as to the adequacy and effectiveness of its systems and controls. The use of such reports does not absolve the firm of responsibility to maintain other oversight. In addition, the firm should not normally have to forfeit its right to access, for itself or its agents, to the service provider's premises.
SUP 15.3.18GRP
In determining whether a matter is significant, a firm should have regard to:(1) the size of any monetary loss or potential monetary loss to itself or its customers (either in terms of a single incident or group of similar or related incidents);(2) the risk of reputational loss to the firm; and(3) whether the incident or a pattern of incidents reflects weaknesses in the firm's internal controls.
SUP 15.3.20GRP
In addition, the firm may have suffered significant financial losses as a result of the incident, or may suffer reputational loss, and the appropriate regulator35 will wish to consider this and whether the incident suggests weaknesses in the firm'sinternal controls.35
ICOBS 8.4.4ARRP
2The information referred to in ICOBS 8.4.4R (1)(b)(ii) is:(1) a description of the ways in which the firm, in its production of the register, is not materially compliant;(2) the number of policies, in relation to which, either:(a) the firm is not able to include any information in the register; and/or(b) information is included in the register but information may be incorrect or incomplete;in each case as a proportion of the total number of policies required to be included in
ICOBS 8.4.4BGRP
2In relation to the written statement referred to in ICOBS 8.4.4R (1)(b):(1) ICOBS 8.4.4R (1)(b) does not preclude the relevant director from, in addition, including in the director's statement any of the following as relevant:(a) if a firm's employers’ liability register is more than materially compliant, a statement to this effect, and/or a statement of the extent to which the director considers, to the best of his knowledge, the firm to be compliant in its production of the
ICOBS 8.4.9ARRP
2The requirement referred to in ICOBS 8.4.9R (7)(b) is that the report must include an opinion from the auditor confirming whether, in all material respects, the tracing office maintains a database which accurately and reliably stores information submitted to it by firms for the purpose of complying with relevant requirements in ICOBS 8.4 and that it has systems which can adequately keep it up to date in the light of new information provided by firms.
DTR 7.2.5RRP
The corporate governance statement must contain a description of the main features of the issuer's internal control and risk management systems in relation to the financial reporting process.[Note: Article 46a(1)(c) of the Fourth Company Law Directive]
DTR 7.2.10RRP
Subject to DTR 7.2.11 R, an issuer which is required to prepare a group directors’ report within the meaning of section 415(2) of the Companies Act 2006 must include in that report a description of the main features of the group’s internal control and risk management systems in relation to the process for preparing consolidated accounts. In the event that the issuer presents its own annual report and its consolidated annual report as a single report, this information must be
BIPRU 7.9.11GRP
The model review process may be conducted through a series of visits covering various aspects of the firm's control and IT environment. Before these visits the appropriate regulator may ask the firm to provide some information relating to its waiver request accompanied by some specified background material. The model review visits are organised on a timetable that allows a firm being visited sufficient time to arrange the visit and provide the appropriate pre-visit informatio
BIPRU 7.9.12GRP
As part of the model review process, the following may be reviewed: organisational structure and personnel; details of the firm's market position in the relevant products; profit and risk information; valuation and reserving policies; operational controls; IT systems; model release and control procedures; risk management and control framework; risk appetite and limit structure and future developments relevant to model recognition.
BIPRU 7.9.21GRP
(1) A firm should have a conceptually sound risk management system which is implemented with integrity and should meet the minimum standards set out in this paragraph.(2) A firm should have a risk control unit that is independent of business trading units and reports directly to senior management. The unit should be responsible for designing and implementing the firm's risk management system. It should produce and analyse daily reports on the risks run by the business and on the
REC 4.4.1GRP
Recognised bodies may receive complaints from time to time from their members and other people, both about the conduct of members and about the recognised body itself. A UK recognised body will need to have satisfactory arrangements to investigate these complaints in order to satisfy the relevant recognition requirements (see REC 2.15 and REC 2.16) or RAP recognition requirements (see REC 2A.3.2 G).1
REC 4.4.3GRP
Where the FCA2 receives a complaint about a recognised body, it will, in the first instance, seek to establish whether the complainant has approached the recognised body. Where this is not the case, the FCA2 will ask the complainant to complain to the recognised body. Where the complainant is dissatisfied with the handling of the complaint, but has not exhausted the recognised body's own internal complaints procedures (in the case of a complaint against a UK recognised body, including
SYSC 6.2.1RRP
A common platform firm and a management company5 must, where appropriate and proportionate in view of the nature, scale and complexity of its business and the nature and range of its financial services and activities,5 undertaken in the course of that business, establish and maintain an internal audit function which is separate and independent from the other functions and activities of the firm and which has the following responsibilities:5(1) to establish, implement and maintain
SYSC 6.2.2GRP
1The term 'internal audit function' in SYSC 6.2.1 R (and SYSC 4.1.11 G) refers to the generally understood concept of internal audit within a firm, that is, the function of assessing adherence to and the effectiveness of internal systems and controls, procedures and policies.The internal audit function is not a controlled function itself, but is part of the systems and controls function (CF28).42
COND 2.4.2GRP
(1) [deleted]88(2) In this context, the FCA will interpret the term 'appropriate88' as meaning sufficient in terms of quantity, quality and availability, and 'resources' as including all financial resources (though only in the case of firms not carrying on, or seeking to carry on, a PRA-regulated activity)8, non-financial resources and means of managing its resources; for example, capital, provisions against liabilities, holdings of or access to cash and other liquid assets, human
COND 2.4.4GRP
(1) [deleted]88(2) Relevant matters to which the FCA may have regard when assessing whether a firm will satisfy, and continue to satisfy, this threshold condition8may include but are not limited to:(a) (in relation to a firm other than a firm carrying on, or seeking to carry on, a PRA-regulated activity),8 whether there are any indications that the firm may have difficulties if the application is granted, at the time of the grant or in the future, in complying with any of the
CASS 5.4.1GRP
(1) CASS 5.4 permits a firm, which has adequate resources, systems and controls, to declare a trust on terms which expressly authorise it, in its capacity as trustee, to make advances of credit to the firm'sclients. The client money trust required by CASS 5.4 extends to such debt obligations which will arise if the firm, as trustee, makes credit advances, to enable a client's3premium obligations to be met before the premium is remitted to the firm and similarly if it allows claims
CASS 5.4.4RRP
A firm may not handle client money in accordance with the rules in this section unless each of the following conditions is satisfied:(1) the firm must have and maintain systems and controls which are adequate to ensure that the firm is able to monitor and manage its client money transactions and any credit risk arising from the operation of the trust arrangement and, if in accordance with CASS 5.4.2 R a firm complies with both the rules in CASS 5.3 and CASS 5.4, such systems and
SYSC 13.8.2GRP
A firm should establish and maintain appropriate systems and controls for the management of the risks involved in expected changes, such as by ensuring:(1) the adequacy of its organisation and reporting structure for managing the change (including the adequacy of senior management oversight);(2) the adequacy of the management processes and systems for managing the change (including planning, approval, implementation and review processes); and(3) the adequacy of its strategy
SYSC 13.8.4GRP
The high level requirement for appropriate systems and controls at SYSC 3.1.1 R applies at all times, including when a business continuity plan is invoked. However, the appropriate regulator recognises that, in an emergency, a firm may be unable to comply with a particular rule and the conditions for relief are outlined in GEN 1.3 (Emergency).
BIPRU 7.10.8GRP
BIPRU 7.10 sets out the minimum standards that the appropriate regulator expects firms to meet before granting a VaR model permission. The appropriate regulator will not grant a VaR model permission unless it is satisfied that the requirements of BIPRU 7.10 are met and it is satisfied about the procedures in place at a firm to calculate the model PRR. In particular the appropriate regulator will not normally grant a VaR model permission unless it is satisfied about the quality
BIPRU 7.10.13GRP
As part of the process for dealing with an application for a VaR model permission the following may be reviewed: organisational structure and personnel; details of the firm's market position in the relevant products; revenue and risk information; valuation and reserving policies; operational controls; information technology systems; model release and control procedures; risk management and control framework; risk appetite and limit structure; future developments relevant to model
BIPRU 7.10.81GRP
In assessing whether the VaR model is implemented with integrity as described in BIPRU 7.10.58R (Stress testing), the appropriate regulator will consider in particular the information technology systems used to run the model and associated calculations. The assessment may include:(1) feeder systems; risk aggregation systems; time series databases; the VaR model system; stress testing system; the backtesting system including profit and loss cleaning systems where appropriate; data
SYSC 13.10.1GRP
Whilst a firm may take out insurance with the aim of reducing the monetary impact of operational risk events, non-monetary impacts may remain (including impact on the firm's reputation). A firm should not assume that insurance alone can replace robust systems and controls.
SYSC 13.4.1GRP
Under Principle 11 and SUP 15.3.1 R, a firm must notify the appropriate regulator immediately of any operational risk matter of which the appropriate regulator would reasonably expect notice. SUP 15.3.8 G provides guidance on the occurrences that this requirement covers, which include a significant failure in systems and controls and a significant operational loss.
MAR 5.6.1RRP
1A firm operating an MTF must:(1) report to the FCA:(a) significant breaches of the firm's rules;(b) disorderly trading conditions; and(c) conduct that may involve market abuse; (2) supply the information required under this rule without delay to the FCA and any other authority competent for the investigation and prosecution of market abuse; and (3) provide full assistance to the FCA, and any other authority competent for the investigation and prosecution of market abuse, in
SUP 3.7.2GRP
A firm should consider whether it should notify the FCA and the PRA (if it is a PRA-authorisedfirm) or the FCA (in all other cases) under Principle 11 if:(1) the firm expects or knows its auditor will qualify his report on the audited annual financial statements or add an explanatory paragraph; or (2) the firm receives a written communication from its auditor commenting on internal controls (see also SUP 15.3).
LR 8.7.2BGRP
10Situations when the FCA may impose restrictions or limitations on the services a sponsor can provide include (but are not limited to) where it appears to the FCA that: (1) the sponsor has no or limited relevant experience and expertise of providing certain types of sponsor services or of providing sponsor services to certain types of company; or(2) the sponsor does not have systems and controls in place which are appropriate for the nature of the sponsor services which the sponsor
LR 8.7.8RRP
A sponsor must notify the FCA in writing as soon as possible if:(1) 8(a) 8the sponsor ceases to satisfy the criteria for approval as a sponsor set out in LR 8.6.5 R or becomes aware of any matter which, in its reasonable opinion, would be relevant to the FCA in considering whether the sponsor continues to comply with LR 8.6.6 R; or(b) 8the sponsor becomes aware of any fact or circumstance relating to the sponsor or any of its employees engaged in the provision of sponsor services
COLL 6.2.9GRP
(1) As the authorised fund manager normally controls the issue, cancellation, sale and redemption of an authorised fund'sunits, it occupies a position that could, without appropriate systems and controls, involve a conflict of interest between itself and its clients.(2) SYSC 3.1.1 R (Systems and controls) requires that a firm take reasonable care to establish and maintain such systems and controls as are appropriate to its business and Principle 8 requires a firm to manage conflicts
COLL 6.2.12GRP

Explanatory table: This table belongs to COLL 6.2.2 G (4) (Purpose).

Correction of box management errors

1

Controls by authorised fund managers

An authorised fund manager needs to be able to demonstrate that it has effective controls over:

(1)

its calculations of what units are owned by it (its 'box'); and

(2)

compliance with COLL 6.2.8 R which is intended to prevent a negative box.

2

Controls by depositaries

(1)

Under COLL 6.6.4 (General duties of the depositary), a depositary should take reasonable care to ensure that a scheme2 is managed in accordance with COLL 6.2 (Dealing) and COLL 6.3 (Pricing and valuation).

(2)

A depositary should therefore make a regular assessment of the authorised fund manager's box management procedures (including supporting systems) and controls. This should include reviewing the authorised fund manager's controls and procedures when the depositary assumes office, on any significant change and on a regular basis, to ensure that a series of otherwise minor changes do not have a cumulative and a significant effect on the accuracy of the controls and procedures.

3

Recording and reporting of box management errors

(1)

An authorised fund manager should record all errors which result in a breach of COLL 6.2.8 R (Controls over the issue and cancellation of units) and as soon as an error is discovered, the authorised fund manager should report the fact to the depositary, together with details of the action taken, or to be taken, to avoid repetition of the error.

(2)

A depositary should report material box management errors to the FCA immediately. Materiality should be determined by taking into account a number of factors including:

  • the implications of the error for the sufficiency of controls put into place by the authorised fund manager;
  • the significance of any breakdown in the authorised fund manager's management controls or other checking procedures;
  • the significance of any failure of systems or back-up arrangements;
  • the duration of an error; and
  • the level of compensation due to the scheme, and an authorised fund manager's ability (or otherwise) to meet claims for compensation in full.

(3)

A depositary should also make a return to the FCA (in the manner prescribed by SUP 16.6.8 R) on a quarterly basis.

INSPRU 7.1.27GRP
Firms should also consider whether their systems and controls provide sufficient information to permit senior management to identify the crystallisation of risks in a timely manner so as to provide them with the opportunity to respond and allow the firm to obtain the full value of the modelled management action. Firms should also analyse the wider implications of the management actions, particularly where they represent significant divergence from the business plan and use this
INSPRU 7.1.34GRP
Where the firm is relying on systems and controls in order to mitigate risks, the firm should consider the risk of those systems and controls failing at the confidence level at which the ICA is being carried out.