Related provisions for INSPRU 7.1.27
1 - 20 of 22 items.
5A firm should ensure that the systems and controls include:(1) appropriate training for its employees in relation to money laundering;(2) appropriate provision of information to its governing body and senior management, including a report at least annually by that firm'smoney laundering reporting officer (MLRO) on the operation and effectiveness of those systems and controls;(3) appropriate documentation of its risk management policies and risk profile in relation to money laundering,
A firm should ensure that the systems and controls include:1(1) appropriate training for its employees in relation to money laundering;(2) appropriate provision of information to its governing body and senior management, including a report at least annually by that firm'smoney laundering reporting officer (MLRO) on the operation and effectiveness of those systems and controls;(3) appropriate documentation of its risk management policies and risk profile in relation to money laundering,
(1) A firm should have a conceptually sound risk management system which is implemented with integrity and should meet the minimum standards set out in this paragraph.(2) A firm should have a risk control unit that is independent of business trading units and reports directly to senior management. The unit should be responsible for designing and implementing the firm's risk management system. It should produce and analyse daily reports on the risks run by the business and on the
A firm should establish and maintain appropriate systems and controls for the management of its IT system risks, having regard to:(1) its organisation and reporting structure for technology operations (including the adequacy of senior management oversight);(2) the extent to which technology requirements are addressed in its business strategy;(3) the appropriateness of its systems acquisition, development and maintenance activities (including the allocation of responsibilities
4The financial risk assessment should be based on a methodology which provides a reasonable estimate of the potential business losses which a UK RIE might incur in stressed but plausible market conditions. The FCA5 would expect a UK RIE to carry out a financial risk assessment at least once in every twelve-month period, or more frequently if there are material changes in the nature, scale or complexity of the UK RIE's operations or its business plans that suggest such financial
A firm should establish and maintain appropriate systems and controls for the management of the risks involved in expected changes, such as by ensuring:(1) the adequacy of its organisation and reporting structure for managing the change (including the adequacy of senior management oversight);(2) the adequacy of the management processes and systems for managing the change (including planning, approval, implementation and review processes); and(3) the adequacy of its strategy
(1) The FCA2 will determine a figure that reflects the seriousness of the breach. In many cases, the amount of revenue generated by a firm from a particular product line or business area is indicative of the harm or potential harm that its breach may cause, and in such cases the FCA2 will determine a figure which will be based on a percentage of the firm’s revenue from the relevant products or business areas. The FCA2 also believes that the amount of revenue generated by a firm