Related provisions for TC 2.2A.2
21 - 40 of 184 items.
A firm should consult SYSC 3.2.2 G to SYSC 3.2.5 G for guidance on reporting lines and delegation of functions within a firm and SYSC 3.2.13 G to SYSC 3.2.14 G for guidance on the suitability of employees and appointed representatives or, where applicable, its tied agents1. This section provides additional guidance on management of employees and other human resources in the context of operational risk.
A firm should establish and maintain appropriate systems and controls for the management of operational risks that can arise from employees. In doing so, a firm should have regard to:(1) its operational risk culture, and any variations in this or its human resource management practices, across its operations (including, for example, the extent to which the compliance culture is extended to in-house IT staff);(2) whether the way employees are remunerated exposes the firm to the
A firm should ensure that all employees are capable of performing, and aware of, their operational risk management responsibilities, including by establishing and maintaining:(1) appropriate segregation of employees' duties and appropriate supervision of employees in the performance of their responsibilities (see SYSC 3.2.5 G);(2) appropriate recruitment and subsequent processes to review the fitness and propriety of employees (see SYSC 3.2.13 G and SYSC 3.2.14 G);(3) clear
The systems and controls function is the function of acting in the capacity of an employee of the firm with responsibility for reporting to the governing body of a firm, or the audit committee (or its equivalent) in relation to:(1) its financial affairs;(2) setting and controlling its risk exposure (see SYSC 3.2.10 G and SYSC 7.1.6 R);(3) adherence to internal systems and controls, procedures and policies (see SYSC 3.2.16 G and SYSC 6.2).
1For a full-scope UK AIFM, the requirement to have an employee responsible for reporting to the governing body of the firm or the audit committee for matters in SUP 10A.8.1R (2) and SUP 10A.8.1R (3) is derived from the AIFMD level 2 regulation, which imposes obligations on such firms to have a permanent risk management function and, where appropriate and proportionate for their business, an internal audit function.
3The material in CASS 1A.3.1BG about how CASS 1A.3 fits into the FCA approved persons regime for relevant authorised persons also applies to a CASS small firm and the function in CASS 1A.3.1R. However:(1) the function in CASS 1A.3.1R is not an FCA specified significant-harm function; and(2) the person performing that function will not necessarily be subject to the employee certification regime described in SYSC 5.2 (Certification Regime).
(1) (a) CASS 1A.3.1AR describes the FCA controlled function known as the CASS operational oversight function (CF10a). The table of FCA controlled functions3 in SUP 10A.4.4R3 together with SUP 10A.7.9R3 specify the CASS operational oversight function as an FCA required function4 for a firm to which CASS 1A.3.1AR applies.3(b) The CASS operational oversight function does not apply to a relevant authorised person.3(2) (a) For a firm that is a UK relevant authorised person5, the function
(1) 3CASS 1A.3.1CR provides a grace period for a firm that is not a relevant authorised person to apply for someone to be approved to perform the CASS operational oversight function. (2) There is no equivalent to CASS 1A.3.1CR for a relevant authorised person, because a person does not need specific FCA approval before carrying out the function. This is explained in (3) to (5), below.(3) As explained in CASS 1A.3.1BG(2), the function in CASS 1A.3.1AR is not, by itself, a controlled
A circular to shareholders about the approval of an employee's share scheme or long-term incentive scheme must:(1) include either the full text of the scheme or a description of its principal terms;(2) include, if directors of the listed company are trustees of the scheme, or have a direct or indirect interest in the trustees, details of the trusteeship or interest;(3) state that the provisions (if any) relating to:(a) the persons to whom, or for whom, securities, cash or other
The resolution approving the adoption of an employees' share scheme or long-term incentive scheme may authorise the directors to establish further schemes based on any scheme which has previously been approved by shareholders but modified to take account of local tax, exchange control or securities laws in overseas territories, provided that any shares made available under such further schemes are treated as counting against any limits on individual or overall participation in
A circular to shareholders about proposed amendments to an employees' share scheme or a long-term incentive scheme must include:(1) an explanation of the effect of the proposed amendments; and(2) the full terms of the proposed amendments, or a statement that the full text of the scheme as amended will be available for inspection.
If a firm takes disciplinary action as a result of a conduct breach (see SUP 15.11.6R) against an employee but the employee has appealed or plans to appeal, the firm should still report the disciplinary action under section 64C of the Act but should include the appeal in the notification. The firm should update the FCA on the outcome of any appeal.2
The obligations to make a notification pursuant to2section
64C of the Act apply notwithstanding any agreement (for example a 'COT 3'
Agreement settled by the Advisory, Conciliation and Arbitration Service
(ACAS)) or any other arrangements entered into by a firm and an employee
upon termination of the employee's employment. A firm should not enter
into any such arrangements or agreements that could conflict with its
obligations under this section.
1CASS 11.3.3G(5) to (11)2 also apply to a CASS small debt management firm and the function in CASS 11.3.1R. However:(1) the function in CASS 11.3.1R is not an FCA specified significant-harm function; and(2) the person performing that function will not necessarily be subject to the employee certification regime described in SYSC 5.2 (Certification Regime).
(1) CASS 11.3.4R describes the FCA controlled function known as the CASS operational oversight function (CF10a) in relation to CASS large debt management firms, including not-for-profit debt advice bodies.1(2) As a consequence of CASS 11.3.4R (in conjunction with SUP 10A.4.1R and SUP 10A.7.10R), in a CASS large debt management firm (including a not-for-profit debt advice body fitting into that category) the function described in CASS 11.3.4R is required to be discharged by a director
(1) 1CASS 11.3.5R provides a grace period for a firm that is not a relevant authorised person to apply for someone to be approved to perform the CASS operational oversight function. (2) There is no equivalent to CASS 11.3.5R for a relevant authorised person, because a person does not need specific FCA approval before carrying out the function. This is explained in (3) to (5), below.(3) As explained in CASS 11.3.3G, the function in CASS 11.3.5R is not, by itself, a controlled function.(4)
In setting the method of determining the remuneration of employees involved in the risk management function:(1) firms that SYSC 19D applies to will also need to comply with the dual-regulated firms Remuneration Code; and(2) firms that the remuneration part of the PRA Rulebook applies to will also need to comply with it.16513138
A firm must take reasonable care to ensure that every letter (or electronic equivalent) which it or its employees send to a retail client4, with a view to or in connection with the firm carrying on a regulated activity, includes the disclosure in GEN 4 Annex 1 R (firms that are not PRA-authorised persons) or GEN 4 Annex 1AR (PRA-authorised persons) as applicable15.14
(1) GEN 4.3.1 R (Disclosure in letters to retail clients4) covers letters delivered by hand, sent by post and sent by fax and also electronic mail, but not text messages, account statements, business cards or compliment slips (used as such).4(2) GEN 4.3.1 R (Disclosure in letters to retail clients4) applies in relation to letters sent by any of the firm's employees, which includes its appointed representatives and their employees.4(3) Firms are likely to find it convenient to
(1) 1Where a firm has outsourced activities to a third party processor other than advising on life policies3, GEN 4.3.1 R does not apply to that third party processor when acting as such, so long as the outsourcing firm ensures that the third party processor and its employees comply with that rule as if it was the firm and they were employees of the firm.(2) Where an appointed representative has outsourced insurance mediation activities other than advising on life policies3
(1) A firm'sgoverning body is likely to delegate many functions and tasks for the purpose of carrying out its business. When functions or tasks are delegated, either to employees or to appointed representatives or, where applicable, its tied agents8, appropriate safeguards should be put in place.(2) When there is delegation, a firm should assess whether the recipient is suitable to carry out the delegated function or task, taking into account the degree of responsibility involved.(3)
Where it is made possible and appropriate by the nature, scale and complexity of its business, a firm should segregate the duties of individuals and departments in such a way as to reduce opportunities for financial crime or contravention of requirements and standards under the regulatory system. For example, the duties of front-office and back-office staff should be segregated so as to prevent a single individual initiating, processing and controlling transactions.
(1) Depending on the nature, scale and complexity of its business, it may be appropriate for a firm to have a separate compliance function. The organisation and responsibilities of a compliance function should be documented. A compliance function should be staffed by an appropriate number of competent staff who are sufficiently independent to perform their duties objectively. It should be adequately resourced and should have unrestricted access to the firm's relevant records as
(1) Depending on the nature, scale and complexity of its business, it may be appropriate for a firm to have a separate risk assessment function responsible for assessing the risks that the firm faces and advising the governing body and senior managers on them.(2) The organisation and responsibilities of a risk assessment function should be documented. The function should be adequately resourced and staffed by an appropriate number of competent staff who are sufficiently independent
(1) The 5credit union'sgoverning body5has responsibility for ensuring that the credit union complies with the requirements of SYSC 4.1.1 R (see CREDS 2.2.1 G and CREDS 2.2.2 G). So, the governing body5 has overall responsibility for:(a) establishing objectives and formulating a business plan;(b) monitoring the financial position of the credit union;(c) determining and documenting policies and procedures;(d) directing and coordinating the work of all employees and volunteers, and
5Under section 63E(1) of the Act, a relevant authorised person (including a credit union) should take reasonable care to ensure that no employee of the firm performs an FCA-specified significant-harm function under an arrangement entered into by the firm in relation to the carrying on by that firm of a regulated activity, unless the employee has a valid certificate issued by that firm to perform the function to which the certificate relates. The definition of employee for these
(1) A credit union must not make a loan to: (a) one of its officers, certification employees2 or approved persons on terms more favourable than those available to other members of the credit union unless: 2(i) that person is a paid employee (other than a director) of the credit union; and (ii) the registered rules of the credit union provide explicitly for the making of loans to paid employees on such terms; (b) (in the case of a Great Britain credit union) 1a relative of, or
(1) To prevent conflicts of interest, a credit union should have clear arrangements for dealing with loans to the persons specified in CREDS 7.2.7 R.(2) In relation to staff, the prohibition in CREDS 7.2.7 R applies only to those who are officers, certification employees2 or approved persons.2(3) "Connected" in CREDS 7.2.7 R includes any close business or personal relationship.
2Generally, the FCA would expect to use private warnings in the context of firms, approved persons and conduct rules staff1. However, the FCA may also issue private warnings in circumstances where the persons involved may not necessarily be authorised or approved. For example, private warnings may be issued in potential cases of market abuse; cases where the FCA has considered making a prohibition order or a disapplication order; or cases involving breaches of provisions imposed
2In each case, the FCA will consider the likely impact of a private warning on the recipient and whether any risk that person poses to the statutory objectives requires the FCA to take more serious action. Equally, where the FCA gives a private warning to an approved person or conduct rules staff1, the FCA will consider whether it would be desirable and appropriate to inform the person's1firm (or employer, if different) of the conduct giving rise to the warning and the FCA's
The following factors may be relevant
to determining the appropriate length of the period of suspension, restriction or condition3 to be imposed on a person under
the Act:(1) DeterrenceWhen determining
the appropriate length of the period of suspension, restriction or condition3 the FCA2 will
have regard to the principal purpose for which it imposes sanctions, namely
to promote high standards of regulatory and/or market conduct by deterring persons who have committed breaches
The FCA2 may delay the commencement of the period of suspension or restriction.
In deciding whether this is appropriate, the FCA2 will take into account all the circumstances of a case. Considerations
that may be relevant in respect of an authorised
person, sponsor or primary
information provider2 include:22(1) the impact of the suspension or
restriction on consumers;(2) any practical measures the authorised person, sponsor or primary information provider2 needs to take before
The FCA4 uses various methods of information gathering on its own initiative which require the cooperation of firms:55(1) Visits may be made by representatives or appointees of the FCA4. These visits may be made on a regular basis, on a sample basis, for special purposes such as theme visits (looking at a particular issue across a range of firms), or when the FCA4 has a particular reason for visiting a firm. Appointees of the FCA4 may include persons who are not FCA4 staff, but
In complying with Principle 11, the FCA4 considers that a firm should take reasonable steps to ensure that the following persons act in the manner set out in SUP 2.3.3 G: (1) its employees, agents and appointed representatives; and(2) any other members of its group, and their employees and agents.(See also, in respect of appointed representatives, SUP 12.5.3 G (2)).
A firm should ensure (subject to any legal requirements) that adequate and accurate information it holds about a customer in relation to a debt is made available to persons involved on its behalf in the debt recovery process. Information relating to the customer which should be made available to agents or employees includes, for example:(1) being in financial difficulties;(2) being particularly vulnerable;(3) disputing the debt;(4) a repayment plan or forbearance being in place;(5)
The purpose of ICOBS 8.4 is to assist individuals with claims arising out of their course of employment in the United Kingdom for employers carrying on, or who carried on, business in the United Kingdom, to identify an insurer or insurers that provided employers' liability insurance (other than certain co-insurance and excess cover arrangements)2 by requiring insurers to produce an employers’ liability register and to conduct effective searches for historical policies3. In particular
(1) A firm carrying out contracts of insurance, or a managing agent managing insurance business, including in either case business accepted under reinsurance to close, which includes United Kingdom commercial lines employers' liability insurance, must:(a) produce an employers’ liability register complying with the requirements in (2) and ICOBS 8 Annex 1;(b) obtain and submit to the FCA2 a written statement, by a director of the firm responsible for the production of the employers’
(1) 3Where a firm has established that a historical policy does exist, the response should confirm what cover was provided and set out any available information that is relevant to the request received.(2) Where there is evidence to suggest that a historical policy does exist, but the firm is unable to confirm what cover was provided, the response should set out any information relevant to the request and describe the next steps (if any) the firm will take to continue the search.
2If a firm requires employees who are not subject to a qualification7 requirement in TC to pass a relevant examination from the list of recommended examinations maintained by the Financial Skills Partnership7, the appropriate regulator will take that into account when assessing whether the firm has ensured that the employee satisfies the knowledge component of the competent employees rule.777
The exposure of a firm to operational risk may increase during times of significant change to its organisation, infrastructure and business operating environment (for example, following a corporate restructure or changes in regulatory requirements). Before, during, and after expected changes, a firm should assess and monitor their effect on its risk profile, including with regard to:(1) untrained or de-motivated employees or a significant loss of employees during the period of
A firm should establish and maintain appropriate systems and controls for the management of the risks involved in expected changes, such as by ensuring:(1) the adequacy of its organisation and reporting structure for managing the change (including the adequacy of senior management oversight);(2) the adequacy of the management processes and systems for managing the change (including planning, approval, implementation and review processes); and(3) the adequacy of its strategy
(1) If a firm'sremuneration policy is not aligned with effective risk management, it is likely that employees will have incentives to act in ways that might undermine effective risk management. (2) The BIPRU Remuneration Code covers all aspects of remuneration that could have a bearing on effective risk management including salaries, bonuses, long-term incentive plans, options, hiring bonuses, severance packages and pension arrangements. In applying the BIPRU Remuneration Code,
(1) The specific remuneration requirements in this chapter may apply only to certain categories of employee. However, the FCA expects firms, in complying with the BIPRU Remuneration Codegeneral requirement, to apply certain principles on a firm-wide basis.(2) In particular, the FCA considers that firms should apply the principle relating to guaranteed variable remuneration on a firm-wide basis (Remuneration Principle 12(c); SYSC 19C.3.40 R to SYSC 19C.3.43 G. (3) The FCA also
A firm should ensure that the systems and controls include:1(1) appropriate training for its employees in relation to money laundering;(2) appropriate provision of information to its governing body and senior management, including a report at least annually by that firm'smoney laundering reporting officer (MLRO) on the operation and effectiveness of those systems and controls;(3) appropriate documentation of its risk management policies and risk profile in relation to money laundering,
A firm (with the exception of a sole trader who has no employees)21 must:12(1) appoint an individual as MLRO, with responsibility for oversight of its compliance with the FCA'srules on systems and controls against money laundering; and(2) ensure that its MLRO has a level of authority and independence within the firm and access to resources and information sufficient to enable him to carry out that responsibility.