Related provisions for APER 4.7.8
1 - 20 of 50 items.
SYSC 4.1.1 R requires every firm, including a credit union, to have robust governance arrangements, which include a clear organisational structure with well-defined, transparent and consistent lines of responsibility, effective processes to identify, manage, monitor and report the risks it is or might be exposed to, and internal control mechanisms, including sound administrative and accounting procedures and effective control and safeguard arrangements for information processing
(1) The term 'internal audit function' in CREDS 2.2.10 E refers to the generally understood concept of internal audit within a firm, in other words the function of assessing adherence to and the effectiveness of internal systems and controls, procedures and policies. 5(2) Guidance on internal audit is given in CREDS 2.2.40 G to CREDS 2.2.50 G.
The purposes of an internal audit are:(1) to ensure that the policies and procedures of the credit union are followed;(2) to provide the governing body5 with a continuous appraisal of the overall effectiveness of the control systems, including proposed changes;(3) to recommend improvements where desirable or necessary;(4) to determine whether the internal controls established by the governing body5 are being maintained properly and operated as laid down in the policy, and comply
The internal audit function (see CREDS 2.2.11G) should develop an audit plan, covering all aspects of the credit union's business. The audit plan should identify the scope and frequency of work to be carried out in each area. Areas identified as higher risk should be covered more frequently. However, over a set timeframe (likely to be one year) all areas should be covered. Care should be taken to avoid obvious patterns in assessing the different areas of the credit union's business,
5Failing to take reasonable steps to ensure that procedures and systems of control are reviewed and, if appropriate, improved, following the identification of significant breaches (whether suspended or actual) of the relevant requirements and standards of the regulatory system relating to the regulated activities of the firm in question (as referred to in Statement of Principle 7) falls within APER 4.7.2G (see APER 4.7.13G and APER 4.7.14G).
5In the case of an approved person performing an accountable higher management function responsible for compliance under SYSC 3.2.8R, SYSC 6.1.4R or SYSC 6.1.4AR, failing to take reasonable steps to ensure that appropriate compliance systems and procedures are in place falls within APER 4.7.2G.
An approved person performing an accountable higher management function5 need not themselves5 put in place the systems of control in their5 business (APER 4.7.4G5). Whether he does this depends on his role and responsibilities. He should, however, take reasonable steps to ensure that the business for which he is responsible has operating procedures and systems which include well-defined steps for complying with the detail of relevant requirements and standards of the regulatory
Where the approved person performing an accountable higher management function5 becomes aware of actual or suspected problems that involve possible breaches of relevant requirements and standards of the regulatory system falling within their5 area of responsibility, then they5 should take reasonable steps to ensure that they are dealt with in a timely and appropriate manner (APER 4.7.7G5). This may involve an adequate investigation to find out what systems or procedures may have
Where independent reviews of systems and procedures have been undertaken and result in recommendations for improvement, the approved person performing an accountable higher management function5 should ensure that, unless there are good reasons not to, any reasonable recommendations are implemented in a timely manner (APER 4.7.10G5). What is reasonable will depend on the nature of the inadequacy and the cost of the improvement. It will be reasonable for the approved person performing
Where this section applies with respect to a financial conglomerate, the internal control mechanisms referred to in SYSC 12.1.8R (2) or, for a Solvency II firm, the internal control system referred to in the PRA Rulebook: Solvency II firms: Conditions Governing Business, rule 3,12 must include:(1) mechanisms that are adequate to identify and measure all material risks incurred by members of the financial conglomerate and appropriately relate capital in the financial conglomerate
If this rule applies under SYSC 12.1.14 R to a firm, the firm must:(1) comply with SYSC 12.1.8R (2) in relation to any UK consolidation group or non-EEAsub-group of which it is a member, as well as in relation to its group; and(2) ensure that the risk management processes and internal control mechanisms at the level of any consolidation group or non-EEAsub-group of which it is a member comply with the obligations set out in the following provisions on a consolidated (or sub-consolidated)
Schedule to the Recognition Requirements Regulations, paragraph 32(1)The [UK RIE] must ensure that the systems and controls used in the performance of its [relevant functions] are adequate, and appropriate for the scale and nature of its business.(2)Sub-paragraph (1) applies in particular to systems and controls concerning -(a)the transmission of information;(b)the assessment, mitigation and management of risks to the performance of the [UK RIE'srelevant functions];(c)the effecting
The FCA3 may also have regard to the arrangements for maintaining, recording and enforcing technical and operational standards and specifications for information technology systems, including:3(1) the procedures for the evaluation and selection of information technology systems;(2) the arrangements for testing information technology systems before live operations;(3) the procedures for problem management and system change;(4) the arrangements to monitor and report system performance,
A common platform firm must establish, implement and maintain adequate risk management policies and procedures, including effective procedures for risk assessment, which identify the risks relating to the firm's activities, processes and systems, and where appropriate, set the level of risk tolerated by the firm.[Note: article 7(1)(a) of the MiFID implementing Directive, article 13(5) second paragraph of MiFID]
5A firm should ensure that the systems and controls include:(1) appropriate training for its employees in relation to money laundering;(2) appropriate provision of information to its governing body and senior management, including a report at least annually by that firm'smoney laundering reporting officer (MLRO) on the operation and effectiveness of those systems and controls;(3) appropriate documentation of its risk management policies and risk profile in relation to money laundering,
9(1) Depending on the nature, scale and complexity of its business, it may be appropriate for a firm to delegate much of the task of monitoring the appropriateness and effectiveness of its systems and controls to an internal audit function. An internal audit function should have clear responsibilities and reporting lines to an audit committee or appropriate senior manager, be adequately resourced and staffed by competent individuals, be independent of the day-to-day activities
A firm must ensure the policies and procedures established under SYSC 6.1.1 R include systems and controls that:1(1) enable it to identify, assess, monitor and manage money laundering risk; and(2) are comprehensive and proportionate to the nature, scale and complexity of its activities.
A firm should ensure that the systems and controls include:1(1) appropriate training for its employees in relation to money laundering;(2) appropriate provision of information to its governing body and senior management, including a report at least annually by that firm'smoney laundering reporting officer (MLRO) on the operation and effectiveness of those systems and controls;(3) appropriate documentation of its risk management policies and risk profile in relation to money laundering,
(1) A common platform firm and a management company5 must establish, implement and maintain an effective conflicts of interest policy8 that is set out in writing and is appropriate to the size and organisation of the firm and the nature, scale and complexity of its business.(2) Where the common platform firmor the management company5 is a member of a group, the policy must also take into account any circumstances, of which the firm is or should be aware, which may give rise
A firm should establish and maintain appropriate systems and controls for managing operational risks that can arise from inadequacies or failures in its processes and systems (and, as appropriate, the systems and processes of third party suppliers, agents and others). In doing so a firm should have regard to:(1) the importance and complexity of processes and systems used in the end-to-end operating cycle for products and activities (for example, the level of integration of systems);(2)
The precise role and organisation of internal controls can vary from firm to firm. However, a firm'sinternal controls should normally be concerned with assisting its governing body and relevant senior managers to participate in ensuring that it meets the following objectives:(1) safeguarding both the assets of the firm and its customers, as well as identifying and managing liabilities;(2) maintaining the efficiency and effectiveness of its operations;(3) ensuring the reliability
9When determining the adequacy of its internal controls, a firm should consider both the potential risks that might hinder the achievement of the objectives listed in SYSC 14.1.28 G, and the extent to which it needs to control these risks. More specifically, this should normally include consideration of:(1) the appropriateness of its reporting and communication lines (see SYSC 3.2.2 G);(2) how the delegation or contracting of functions or activities to employees, appointed representatives
As part of the process for dealing with an application for a VaR model permission the following may be reviewed: organisational structure and personnel; details of the firm's market position in the relevant products; revenue and risk information; valuation and reserving policies; operational controls; information technology systems; model release and control procedures; risk management and control framework; risk appetite and limit structure; future developments relevant to model
4A sponsor will generally be regarded as having appropriate systems and controls for identifying and managing conflicts6 if it has in place effective policies and procedures:(1) to ensure that decisions taken on managing conflicts of interest are taken by appropriately senior staff and on a timely basis;(2) to monitor whether arrangements put in place to manage conflicts are effective; and6(3) to ensure that individuals within the sponsor are appropriately trained to enable them
The Listing Principles are as follows:Listing3 Principle 1A listed company must take reasonable steps to establish and maintain adequate procedures, systems and controls to enable it to comply with its obligations.33Listing3 Principle 2A listed company must deal with the FCA in an open and co-operative manner.33Principle 3[deleted]33Principle 4[deleted]33Principle 5[deleted]33Principle 6[deleted]33
Listing Principle 13 is intended to ensure that listed companies have adequate procedures, systems and controls to enable them to comply with their obligations under the listing rules, disclosure requirements4, transparency rules and corporate governance rules.3 In particular, the FCA considers that listed companies should place particular emphasis on ensuring that they have adequate procedures, systems and controls in relation to, where applicable:333(1) identifying whether any
(1) The term 'internal audit function' in SYSC 6.2.1R (and SYSC 4.1.11G) refers to the generally understood concept of internal audit within a firm, that is, the function of assessing adherence to and the effectiveness of internal systems and controls, procedures and policies.6(2) 6For a firm that is not a relevant authorised person, the internal audit function is not a controlled function itself, but is part of the systems and controls function or the PRA's systems and controls
The requirement in MCOB 13.3.1 R(2) for a written policy and procedures is intended to ensure that a firm has addressed the need for internal systems to deal fairly with any customer in financial difficulties. MCOB 13.3.1 R(2) does not oblige a firm to provide customers with a copy of the written policy and procedures. Nor, however, does it prevent a firm from providing customers with either these documents or a more customer-orientated version.
Table: This table belongs to COLL 6.3.2 G (2) (a) and COLL 6.3.3 R (Valuation)1.Valuation and pricing1The valuation of scheme property(1)Where possible, investments should be valued using a reputable source. The reliability of the source of prices should be kept under regular review.(2) For some or all of the investments comprising the scheme property, different prices may quoted according to whether they are being bought (offer prices) or sold (bid prices). The valuation of a