Related provisions for SYSC 4.7.12
1 - 20 of 93 items.
Under section 4(1) of, and Schedule 1 to, the Credit Unions Act 1979 or article 8(1) of, and Schedule 1 to, the Credit Unions (Northern Ireland) Order 1985, as appropriate1, a credit union is required to have a committee of management, managers or other officers, or a board of directors (a governing body)5. This body 5should be competent to control the affairs of a credit union, and have an appropriate range of skills and experience relevant to the activities carried on by the
In accordance with rule SC 2 in COCON 2.2.1R5, it is the responsibility of each individual member of the governing body5 who is a senior conduct rules staff member5to understand, and ensure that the credit union complies with, the requirements of all the relevant Acts, secondary legislation and rules.
(1) The 5credit union'sgoverning body5has responsibility for ensuring that the credit union complies with the requirements of SYSC 4.1.1 R (see CREDS 2.2.1 G and CREDS 2.2.2 G). So, the governing body5 has overall responsibility for:(a) establishing objectives and formulating a business plan;(b) monitoring the financial position of the credit union;(c) determining and documenting policies and procedures;(d) directing and coordinating the work of all employees and volunteers, and
CREDS 2.2.8 R requires a credit union's system of control to be fully documented. The documentation helps the governing body5 to assess if systems are maintained and controls are operating effectively. It also helps those reviewing the systems to verify that the controls in place are those that have been authorised, and that they are adequate for their purpose.
(1) The governing body5 should decide what form this documentation should take, but the governing body5 should have in mind the following points.(a) Documents should be comprehensive: they should cover all material aspects of the operations of the credit union.(b) Documents should be integrated: separate elements of the system should be cross-referred so that the system can be viewed as a whole.(c) Documents should identify risks and the controls established to manage those risks.
Documentation should not be restricted to "lower level" controls applied in processing transactions, but should also cover "high level" controls including:(1) identifying those powers to be exercised only by the governing body5, and the powers delegated to others;(2) the purpose, composition and reporting lines of sub-committees, and senior managers to whom responsibilities are delegated;(3) the specific roles and responsibilities of individual officers;(4) the timing, form and
The main reasons why a credit union should maintain adequate accounting and other records are:(1) to provide the governing body5 with adequate financial and other information to enable it to conduct its business in a prudent manner on a day-to-day basis;(2) to safeguard the assets of the credit union and the interests of members and persons too young to be members; (3) to assist officers of the credit union to fulfil their regulatory and statutory duties in relation to the preparation
(1) Depending on the nature, scale and complexity of its business, it may be appropriate for a credit union to have a separate compliance function.(2) The organisation and responsibilities of a compliance function should be documented.(3) A compliance function should be staffed by an appropriate number of competent staff who are sufficiently independent to perform their duties objectively. It should be adequately resourced and should have unrestricted access to the credit union's
5The governing body must be satisfied that: (1) the information available is sufficiently comprehensive for the proper assessment of the potential risks for the credit union, and in order to determine its need for capital and liquidity; (2) the information available is sufficiently comprehensive to provide a clear statement of the performance and financial position of the credit union; (3) management information reports are prepared with sufficient frequency;(4) sufficient attention
In forming a view on whether the management information system is sufficiently comprehensive, the governing body5should consider whether, where relevant, the substance of reports provides a clear statement of loans, arrears and provisions. These matters should be compared against limits, ratios and other parameters set by the governing body, as well as regulatory requirements.5
The purposes of an internal audit are:(1) to ensure that the policies and procedures of the credit union are followed;(2) to provide the governing body5 with a continuous appraisal of the overall effectiveness of the control systems, including proposed changes;(3) to recommend improvements where desirable or necessary;(4) to determine whether the internal controls established by the governing body5 are being maintained properly and operated as laid down in the policy, and comply
The internal audit work programme should include items such as:(1) verification of cash (counting and reconciliation) without prior notification;(2) bank reconciliation (checking records against bank statements);(3) verification of passbooks or account statements;(4) checking for compliance with policies and procedures;(5) checking for compliance with relevant Acts, secondary legislation and rules;(6) checking minutes and reports of the governing body5 and other sub-committees
The key elements of a satisfactory system of internal audit include the following:(1) Terms of reference. These should be specified with precision and include, amongst other things, scope and objectives of the audit committee and the internal audit function (see CREDS 2.2.11G), access to records, powers to obtain information and explanations for officers, and reporting requirements. These should be approved by the governing body5. (2) Risk analysis. Key risks in each area of the
The governing body5 should be satisfied that the internal audit function (see CREDS 2.2.11 G) is being properly carried out. In order to review the overall effectiveness of the internal audit function it should consider the following:(1) the adequacy and scope of planning;(2) the adequacy and scope of work performed in relation to the plans and programmes;(3) the regularity and level of reporting on matters arising from the inspections;(4) the disposal of points and recommendations
The governing body5should consider the range of possible outcomes in relation to various risks. These risks are increased when a credit union provides ancillary services such as issuing and administering means of payment and money transmission, which result, in particular, in higher liquidity and operational risks.
Table: FCA-prescribed senior management responsibilities for third-country relevant authorised persons.
FCA-prescribed senior management responsibility in relation to the branch |
Explanation |
Equivalent PRA-prescribed UK branch senior management responsibility |
(1) Responsibility for the firm’s performance of its obligations under the senior management regime |
The senior management regime means the requirements of the regulatory system applying to relevant authorised persons insofar as they relate to SMF managers performing designated senior management functions, including SUP 10C (FCA senior management regime for approved persons in relevant authorised persons). This responsibility includes: (1) compliance with conditions and time limits on approval; (2) compliance with the requirements about the statements of responsibilities (but not the allocation of responsibilities recorded in them); and (3) compliance by the firm with its obligations under section 60A of the Act (Vetting of candidates by relevant authorised persons). |
PRA-prescribed UK branch senior management responsibility 6.2(1) |
(2) Responsibility for the firm’s performance of its obligations under the employee certification regime |
The employee certification regime means the requirements of sections 63E and 63F of the Act (Certification of employees) and all other requirements of the regulatory system about the matters dealt with in those sections, including SYSC 5.2 (Certification Regime) and the corresponding PRA requirements. |
PRA-prescribed UK branch senior management responsibility 6.2(2) |
(3) Responsibility for compliance with the requirements of the regulatory system about the management responsibilities map |
This responsibility does not include allocating responsibilities recorded in it. |
PRA-prescribed UK branch senior management responsibility 6.2(3) |
(4) Responsibility for management of the firm’s risk management processes in the UK |
PRA-prescribed UK branch senior management responsibility 6.2(4) |
|
(5) Responsibility for the firm’s compliance with the UKregulatory system applicable to the firm |
PRA-prescribed UK branch senior management responsibility 6.2(5) |
|
(6) Responsibility for the escalation of correspondence from the PRA, FCA and other regulators4 in respect of the firm to the governing body and/or the management body of the firm or, where appropriate, of the parent undertaking or holding company of the firm’sgroup |
This includes taking steps to ensure that the senior management of the firm and, where applicable, the group, are made aware of any views expressed by the regulatory bodies and any steps taken by them in relation to the branch, firm or group. |
PRA-prescribed UK branch senior management responsibility 6.2(6) |
(7) Local responsibility for the firm’s policies and procedures for countering the risk that the firm might be used to further financial crime |
(A) This includes the function in SYSC 6.3.8R (a firm must allocate overall responsibility to a director or senior manager within the firm for the establishment and maintenance of effective anti-money laundering systems and controls), if that rule applies to the firm. (B) The firm may allocate this FCA-prescribed senior management responsibility to the MLRO but does not have to. (C) If the firm does not allocate this FCA-prescribed senior management responsibility to the MLRO, this FCA-prescribed senior management responsibility includes responsibility for supervision of the MLRO. (D) Local responsibility is defined in SYSC 4.8.10R (Local responsibility for a branch’s activities, business areas and management functions). |
None |
(8) Local responsibility for the firm’s compliance with CASS |
(A) This responsibility only applies to a firm to which CASS applies. (B) A firm may include in this FCA-prescribed senior management responsibility whichever of the following functions apply to the firm: (1) CASS 1A.3.1R (certain CASS compliance functions for a CASS small firm); (2) CASS 1A.3.1AR (certain CASS compliance functions for a CASS medium firm or a CASS large firm); (3) CASS 11.3.1R (certain CASS compliance functions for certain CASS small debt management firms); or (4) CASS 11.3.4R (certain CASS compliance functions for a CASS large debt management firm); but it does not have to. (C) If the firm does not include the functions in (B) in this FCA-prescribed senior management responsibility, this FCA-prescribed senior management responsibility includes responsibility for supervision of the person performing the functions in (B) that apply to the firm. (D) Local responsibility is defined in SYSC 4.8.10R (Local responsibility for a branch’s activities, business areas and management functions). |
None |
(1) A firm must ensure that, at all times, one or more of its SMF managers has overall responsibility (subject to the branch’sgoverning body) for each of the activities, business areas and management functions of the branch that are under the management of the branch’sgoverning body.(2) A firm must ensure that, at all times, one or more of its SMF managers has responsibility for each of the activities, business areas and management functions of the branch not covered by (1).(3)
(1) The purpose of SYSC 4.8.10R is to avoid gaps. It is to ensure that an SMF manager has responsibility for every part of a branch’s activities, business areas and management functions not otherwise covered by other parts of this section or by the equivalent PRA requirements.(2) SYSC 4.8.10R(1) refers to the activities, business areas and management functions of the branch that are under the management of the branch’sgoverning body. However, the FCA recognises that for some branches,
(1) SYSC 4.8.10R does not mean that the firm has to allocate local responsibility for the running of the branch’sgoverning body or equivalent itself. (2) This means that a person does not have local responsibility for a function under SYSC 4.8.10R just by being a member of a branch’sgoverning body or equivalent.
(1) SYSC 4.8.10R(1) relates to the allocation of overall responsibility for activities, business areas or functions of the branch which are under the management of the branch’sgoverning body.(2) SYSC 4.8.10R(1) refers to overall responsibility. (3) As explained in SYSC 4.8.10R(4), a person who has overall responsibility for a function under SYSC 4.8.10R(1) will have local responsibility for that function. (4) Overall responsibility means the same as it does in SYSC 4.7.8R (Allocation
In accordance with SYSC 4.8.15G(4), when SYSC 4.8.10R(1) refers to a person having overall responsibility for a function, it means a person who has: (1) ultimate responsibility (under the governing body of the branch) for managing or supervising that function; and(2) primary and direct responsibility for:(a) briefing and reporting about that function to the branch’sgoverning body or equivalent; and(b) putting matters for decision about that function to the branch’sgoverning body
(1) SYSC 4.8.10R(2) relates to the allocation of local responsibility for any activities, business areas and functions of the branch which are not under the management of the branch’sgoverning body.(2) SYSC 4.8.10R(3) states that a person who has local responsibility under SYSC 4.8.10R(2) must be directly involved in the management of the activity, business area or management function for which they have responsibility under (2).(3) A person having local responsibility for a function
(1) The FCA would not consider it unusual if a person who has local responsibility for a particular function was not a member of the branch’sgoverning body or equivalent. (2) For example, in some branches, the head of compliance may report directly to the branch’sgoverning body even though the head of compliance is not a member of the governing body.
(1) The FCA expects that a firm appointing someone to have local responsibility for a function under SYSC 4.8.10R(2) (responsibility for a branch’s activities, business areas and management functions not under the management of a branch’sgoverning body) will appoint the most senior employee or officer of the firm with responsibility for that activity, business area or management function.(2) However, as explained in SYSC 4.8.27G (Setting overall strategy for a branch), the firm
(1) It will be common for a small non-complex branch to divide local responsibility for its activities under the management of the branch’sgoverning body between members of the branchgoverning body or equivalent and not to assign responsibility for any activity to someone who is not a member.(2) However, when deciding how to divide up responsibility for the activities of a branch, a firm should avoid assigning such a wide range of responsibilities to a single individual that
(1) SYSC 4.7.25G to SYSC 4.7.29G (Dividing and sharing management functions between different people) apply for the purposes of the allocation of responsibilities under this section, subject to the modifications in (2).(2) Unless the context otherwise requires, any reference in the guidance above to:(a) SYSC 4.7.5R is a reference to SYSC 4.8.6R;(b) SYSC 4.7.8R is a reference to SYSC 4.8.10R;(c) SYSC 4.7.23G is a reference to SYSC 4.8.28G;(d) “overall responsibility” is a reference
The approach taken in BIPRU 12.3 is to set out:(1) overarching systems and controls provisions in relation to a firm's management of its liquidity risk;(2) provisions outlining the responsibilities of that firm'sgoverning body and senior managers for the oversight of liquidity risk;(3) more detailed provisions covering a number of specific areas, including:(a) pricing liquidity risk;(b) intra-day management of liquidity;(c) management of collateral;(d) management of liquidity
The strategies, policies, processes and systems referred to in BIPRU 12.3.4 R must be proportionate to the complexity, risk profile and scope of operation of the firm, and the liquidity risk tolerance set by the firm'sgoverning body in accordance with BIPRU 12.3.8 R, and must reflect the firm's importance in each EEA State, in which it carries on business2.[Note: article 86(2) (part) of the CRD]42
(1) 2[deleted]2(2) 2[deleted]2(3) A firm should ensure that its strategies, policies, processes and systems in relation to liquidity risk enable it to identify, measure, manage and monitor its liquidity risk positions for:(a) all sources of contingent liquidity demand (including those arising from off-balance sheet activities);(b) all currencies in which that firm is active; and(c) correspondent, custody and settlement activities.(4) 2[deleted]2(5) A firm should ensure that it
A firm must ensure that:(1) its governing body establishes that firm'sliquidity risk tolerance and that this is appropriately documented;2(2) its liquidity risk tolerance is appropriate for its business strategy and reflects its financial condition and funding capacity; and2(3) its liquidity risk tolerance is communicated to all relevant business lines.2[Note: article 86(2) of the CRD]425
As part of the SLRP, the appropriate regulator will assess the appropriateness of the liquidity risk tolerance adopted by an ILAS BIPRU firm to ensure that this risk tolerance is consistent with maintenance by the firm of adequate liquidity resources for the purpose of the overall liquidity adequacy rule. The appropriate regulator will expect a firm to provide it with an adequately reasoned explanation for the level of liquidity risk which that firm'sgoverning body has decided
A firm must ensure that its senior managers:(1) continuously review that firm's liquidity position, including its compliance with the overall liquidity adequacy rule; and(2) report to its governing body on a regular basis adequate information as to that firm's liquidity position and its compliance with the overall liquidity adequacy rule and with BIPRU 12.3.4R.
Although a firm'ssenior managers are likely to develop strategies, policies and practices for the management of that firm'sliquidity risk, it is the responsibility of a firm'sgoverning body to approve those strategies, policies and practices as adequate. In determining the adequacy of those strategies, policies and practices, a firm'sgoverning body should have regard to that firm'sliquidity risk tolerance established in accordance with BIPRU 12.3.8R.
Table: FCA-prescribed senior management responsibilities
FCA-prescribed senior management responsibility |
Explanation |
Equivalent PRA-prescribed senior management responsibility |
Part One (applies to all firms) |
||
(1) Responsibility for the firm's performance of its obligations under the senior management regime |
The senior management regime means the requirements of the regulatory system applying to relevant authorised persons insofar as they relate to SMF managers performing designated senior management functions, including SUP 10C (FCA senior management regime for approved persons in relevant authorised persons). This responsibility includes: (1) compliance with conditions and time limits on approval; (2) compliance with the requirements about the statements of responsibilities (but not the allocation of responsibilities recorded in them); and (3) compliance by the firm with its obligations under section 60A of the Act (Vetting of candidates by relevant authorised persons). |
|
(2) Responsibility for the firm's performance of its obligations under the employee certification regime |
The employee certification regime means the requirements of sections 63E and 63F of the Act (Certification of employees) and all other requirements of the regulatory system about the matters dealt with in those sections, including SYSC 5.2 (Certification Regime) and the corresponding PRA requirements. |
|
(3) Responsibility for compliance with the requirements of the regulatory system about the management responsibilities map |
This responsibility does not include allocating responsibilities recorded in it |
|
(4) Overall responsibility for the firm's policies and procedures for countering the risk that the firm might be used to further financial crime |
(1)2 This includes the function in SYSC 6.3.8R (firm must allocate to a director or senior manager overall responsibility within the firm for the establishment and maintenance of effective anti-money laundering systems and controls), if that rule applies to the firm. (2)2 The firm may allocate this FCA-prescribed senior management responsibility to the MLRO but does not have to. (3)2 If the firm does not allocate this FCA-prescribed senior management responsibility to the MLRO, this FCA-prescribed senior management responsibility includes responsibility for supervision of the MLRO. |
None |
2(4A) Acting as the firm’swhistleblowers’ champion |
The whistleblowers’ champion’s allocated responsibilities are set out in SYSC 18.4.4R |
|
Part Two (applies to all firms except for small CRR firms and credit unions) |
||
(5) Responsibility for: (a) leading the development of; and (b) monitoring the effective implementation of; policies and procedures for the induction, training and professional development of all members of the firm'sgoverning body. |
||
(6) Responsibility for monitoring the effective implementation of policies and procedures for the induction, training and professional development of all persons performing designated senior management functions on behalf of the firm other than members of the governing body. |
||
(7) Responsibility for: (a) safeguarding the independence of; and (b) oversight of the performance of; the internal audit function, in accordance with SYSC 6.2 (Internal Audit) |
This responsibility includes responsibility for: (a) safeguarding the independence of; and (b) oversight of the performance of; a person approved to perform the PRA's Head of Internal Audit designated senior management function for the firm. |
|
(8) Responsibility for: (a) safeguarding the independence of; and (b) oversight of the performance of; the compliance function in accordance with SYSC 6.1 (Compliance ). |
This responsibility includes responsibility for: (a) safeguarding the independence of; and (b) oversight of the performance of; the person performing the compliance oversight function for the firm. |
|
(9) Responsibility for: (a) safeguarding the independence of; and (b) oversight of the performance of; the risk function, in accordance with SYSC 7.1.21R and SYSC 7.1.22R (Risk control). |
This responsibility includes responsibility for: (a) safeguarding the independence of; and (b) oversight of the performance of; a person approved to perform the PRA's Chief Risk designated senior management function for the firm. |
|
(10) Responsibility for overseeing the development of and implementation of the firm's remuneration policies and practices in accordance with SYSC 19D (Remuneration Code) |
||
Part Three (applies in specified circumstances) |
||
(11) Overall responsibility for the firm's compliance with CASS |
(A) This responsibility only applies to a firm to which CASS applies. (B) A firm may include in this FCA-prescribed senior management responsibility whichever of the following functions apply to the firm: (a) CASS 1A.3.1R (certain CASS compliance functions for a CASS small firm); (b) CASS 1A.3.1AR (certain CASS compliance functions for a CASS medium firm or a CASS large firm); (c) CASS 11.3.1R (certain CASS compliance functions for certain CASS small debt management firms); or (d) CASS 11.3.4R (certain CASS compliance functions for a CASS large debt management firm); but it does not have to. (C) If the firm does not include the functions in (B) in this FCA-prescribed senior management responsibility, this FCA-prescribed senior management responsibility includes responsibility for supervision of the person performing the functions in (B) that apply to the firm. |
None |
Allocation of overall responsibility for a firm’s activities, business areas and management functions
When SYSC 4.7 refers to a person having overall responsibility for a function, it means a person who has: (1) ultimate responsibility (under the governing body) for managing or supervising that function; and(2) primary and direct responsibility for: (a) briefing and reporting to the governing body about that function; and(b) putting matters for decision about that function to the governing body.
(1) A person with overall responsibility for a matter will either be a member of the governing body or will report directly to the governing body for that matter.(2) For example, a firm appoints A to be head of sales. A is not on the governing body. A reports to an executive director (B) and B reports to the governing body about the sales function. In this example B, rather than A, has overall responsibility for sales.
(1) A person who reports to another, or is subject to oversight by another, may still have overall responsibility for a function.(2) For example, a head of compliance may report direct to the governing body but be subject to performance appraisal by the chief executive. In this example, the head of compliance will still have overall responsibility for compliance.(3) If a person (A):(a) reports directly to the firm'sgoverning body about a particular matter; but(b) is not a member
(1) SYSC 4.7.8R (Allocation of overall responsibility for a firm’s activities, business areas and management functions) does not mean that the firm has to allocate overall responsibility for the running of the governing body itself.(2) This is because SYSC 4.7.8R is about assigning responsibility subject to the overall control of the governing body (see SYSC 4.7.12G).(3) This means that a person does not have overall responsibility for a function under SYSC 4.7.8R just by being
The FCA would not consider it unusual if a person who has overall responsibility for a particular function was not a member of the governing body. For example, in some firms, the head of compliance reports directly to the governing body even though the head compliance is not a member of the governing body.
(1) A person may have overall responsibility for a matter without being a member of the firm'sgoverning body, which means that (ignoring (2)) a relatively junior person could have overall responsibility for an activity of a firm.(2) However, the FCA expects that anyone who has overall responsibility for a matter:(a) will be sufficiently senior and credible; and(b) will have sufficient resources and authority;to be able to exercise his management and oversight responsibilities
(1) It will be common for a small non-complex firm to divide overall responsibility for its activities between members of its governing body and not to assign overall responsibility for any activity to someone who is not a member.(2) However, when deciding how to divide up overall responsibility for its activities, a firm should avoid assigning such a wide range of responsibilities to a particular person so that the person is not able to carry out those responsibilities effectively.
(1) SYSC 4.7.8R (Allocation of overall responsibility for a firm’s activities, business areas and management functions) requires overall responsibility for various aspects of a firm's affairs to be allocated to an SMF manager.(2) This requirement does not prevent a firm from relying on an employee of a company in the same group to perform the function.(3) A firm has two main choices about how to fit such arrangements into the senior management regime for relevant authorised persons.(a)
(1) Unless a firm cannot reasonably compare a maturity payment with a calculated asset share, it must:(a) set a target range for the maturity payments that it will make on:(i) all of its with-profits policies; or(ii) each group of its with-profits policies;(b) ensure that each target range:(i) is expressed as a percentage of unsmoothed asset share; and(ii) includes 100% of unsmoothed asset share; and(c) manage its with-profits business, and the business of each with-profit fund,
At least once a year (or, in the case of a non-directive friendly society, at least once in every three years) and whenever a firm is seeking to make a reattribution of its inherited estate,2 a firm'sgoverning body must determine whether the firm'swith-profits fund, or any of the firm'swith-profits fund, has an excess surplus.
A mutual may pay compensation or redress due to a policyholder, or formerpolicyholder, from a with-profits fund, but may only pay from assets that would otherwise be attributable to asset shares if, in the reasonable opinion of the firm'sgoverning body, the compensation or redress cannot be paid from any other assets in the with-profits fund. 1
A firm must not effect new contracts of insurance in an existing with-profits fund unless:22(1) the firm'sgoverning body is satisfied, so far as it reasonably can be, and can demonstrate, having regard to the analysis in (2), that the terms on which each type of contract is to be effected are likely to have no adverse effect on the interests of the with-profits policyholders whose policies are written into that fund; and2(2) the firm has:(a) carried out or obtained appropriate
A firm, other than a Solvency II firm,5 must not:2(1) use with-profits assets to finance the purchase of a strategic investment, directly or by or through a connected person; or2(2) retain an investment referred to in (1);2unless its governing body is satisfied, so far as it reasonably can be, and can demonstrate, that the purchase or retention is likely to have no adverse effect on the interests of its with-profits policyholders whose policies are written into the relevant f
(1) 2In order for a firm to comply with COBS 20.2.36 R, a firm'sgoverning body should consider:(a) the size of the investment in relation to the with-profits fund;(b) the expected rate of return on the investment;(c) the risks associated with the investment, including, but not limited to, liquidity risk, the capital needs of the acquired business or investment and the difficulty of establishing fair value (if any);(d) any costs that would result from divestment;(e) whether the
A firm will be taken to have ceased to effect new contracts of insurance in a with-profits fund:(1) when any decision by the governing body to cease to effect new contracts of insurance takes effect; or(2) where no such decision is made, when the firm is no longer:(a) actively seeking to effect new contracts of insurance in that fund; or(b) effecting new contracts of insurance in that fund, except by increment; or2(3) if the firm:2(a) (i) is no longer effecting a material volume
(1) A Chief Risk Officer should:(a) be accountable to the firm'sgoverning body for oversight of firm-wide risk management;(b) be fully independent of a firm's individual business units;(c) have sufficient authority, stature and resources for the effective execution of his responsibilities; (d) have unfettered access to any parts of the firm's business capable of having an impact on the firm's risk profile; (e) ensure that the data used by the firm to assess its risks are fit for
(1) The Chief Risk Officer should be accountable to a firm'sgoverning body.(2) The FCA9 recognises that in addition to the Chief Risk Officers primary accountability to the governing body, an executive reporting line will be necessary for operational purposes. Accordingly, to the extent necessary for effective operational management, the Chief Risk Officer should report into a very senior executive level in the firm. In practice, the FCA9 expects this will be to the chief executive,
(1) The FCA9 considers that, while the firm'sgoverning body is ultimately responsible for risk governance throughout the business, firms should consider establishing a governing body risk committee to provide focused support and advice on risk governance.(2) Where a firm has established a governing body risk committee, its responsibilities will typically include:(a) providing advice to the firm'sgoverning body on risk strategy, including the oversight of current risk exposures
In carrying out their risk governance responsibilities, a firm'sgoverning body and governing body risk committee should have regard to any relevant advice from its audit committee or internal audit function concerning the effectiveness of its current control framework. In addition, they should remain alert to the possible need for expert advice and support on any risk issue, taking action to ensure that they receive such advice and support as may be necessary to meet their responsibilities
In order to ensure compliance with the overall liquidity adequacy rule and with BIPRU 12.3.4R and BIPRU 12.4.-1 R, a firm must:(1) conduct on a regular basis appropriate stress tests so as to:(a) identify sources of potential liquidity strain;(b) ensure that current liquidity exposures continue to conform to the liquidity risk tolerance established by that firm'sgoverning body; and(c) identify the effects on that firm's assumptions about pricing; and(2) analyse the separate and
Consistent with BIPRU 12.3.5R, the expects that the extent and frequency of such testing, as well as the degree of regularity of governing body review under BIPRU 12.4.2R, should be proportionate to the nature scale and complexity of a firm's activities, as well as to the size of its liquidity risk exposures. Consistent with the appropriate regulator's statutory objectives under the Act, in assessing the adequacy of a firm's stress testing arrangements (including their frequency
(1) A firm should ensure that the results of its stress tests are:(a) reviewed by its senior managers;(b) reported to that firm'sgoverning body, specifically highlighting any vulnerabilities identified and proposing appropriate remedial action;(c) reflected in the processes, strategies and systems established in accordance with BIPRU 12.3.4R;(d) used to develop effective contingency funding plans;(e) integrated into that firm's business planning process and day-to-day risk management;
A4firm must have in place liquidity recovery4plans setting out adequate strategies and proper implementation measures in order to address possible liquidity shortfalls, including in relation to branches established in another EEA State.4 Those plans must be tested at least annually,4 updated on the basis of the outcome of the alternative scenarios set out in BIPRU 12.4.-1 R, and be reported to and approved by the firm'sgoverning body, so that internal policies and processes can
A firm must ensure that its contingency funding plan:(1) outlines strategies, policies and plans to manage a range of stresses;(2) establishes a clear allocation of roles and clear lines of management responsibility;(3) is formally documented;(4) includes clear invocation and escalation procedures;(5) is regularly tested and updated to ensure that it remains operationally robust;(6) outlines how that firm will meet time-critical payments on an intra-day basis in circumstances
1A firm must, in relation to each with-profits fund it operates:(1) appoint:(a) a with-profits committee; or(b) a with-profits advisory arrangement (referred to in this section as an ‘advisory arrangement’), but only if appropriate, in the opinion of the firm'sgoverning body, having regard to the size, nature and complexity of the fund in question;(2) ensure that the with-profits committee or advisory arrangement operates in accordance with its terms of reference; and(3) make
(1) Ultimate responsibility for managing a with-profits fund rests with the firm through its governing body. The role of the with-profits committee or advisory arrangement is, in part, to act in an advisory capacity to inform the decision-making of a firm'sgoverning body. The with-profits committee or advisory arrangement also acts as a means by which the interests of with-profits policyholders are appropriately considered within a firm's governance structures. The with-profits
A firm must ensure that the terms of reference contain, as a minimum, terms having the following effect:(1) the role of the with-profits committee or advisory arrangement is, as relevant, to assess, report on, and provide clear advice and, where appropriate, recommendations to the firm'sgoverning body on:(a) the way in which each with-profits fund is managed by the firm and, if a PPFM is required, whether this is properly reflected in the PPFM;(b) if applicable, whether the firm
A firm must: (1) ensure that its governing body, in the context of its consideration of issues referred to in COBS 20.5.3R (1)(a) to (d) and (2)(b)(i) to (x):(a) obtains, as relevant, assessments, reports, advice and/or recommendations of the with-profits committee or advisory arrangement, if the governing body, the with-profits committee or advisory arrangement considers that significant issues concerning the interests of with-profits policyholders need to be considered by the
(1) COBS 20.5.5R (2) requires that a firm provides a with-profits committee or advisory arrangement with sufficient resources. A with-profits committee or advisory arrangement should be able to obtain external professional, including actuarial, advice, at the expense of the firm, if the with-profits committee or advisory arrangement considers the advice to be necessary to perform its role effectively. In a proprietary firm the with-profits committee or advisory arrangement should
(1) The FCA expects the governing body of the firm to decide whether a member of the with-profits committee or a person (other than a non-executive director) carrying out the advisory arrangement is independent. The FCA expects a firm'sgoverning body to adopt the following approach and have regard to the following factors when making this assessment:(a) the governing body should determine whether the person is independent in character and judgment and whether there are relationships
(1) If a firm considers it appropriate, having regard to the size, nature and complexity of the relevant schemes it operates, it may establish a governance advisory arrangement instead of an IGC.(2) If a firm has decided to establish a governance advisory arrangement rather than an IGC, this section (other than COBS 19.5.9R (2), COBS 19.5.9R (3), COBS 19.5.10 G, COBS 19.5.11 R and COBS 19.5.12 G) apply to the firm by reading references to the IGC as references to the governance
(1) Firms with large or complex relevant schemes should establish an IGC. For the purposes of this section, a firm may determine whether it has large relevant schemes by reference to:(a) the number of relevant policyholders in relevant schemes; (b) the funds under management in relevant schemes; and(c) the number of employers contributing to relevant schemes.(2) Examples of features that might indicate complex schemes include: (a) schemes that are operated on multiple information
A firm must include, as a minimum, the following requirements in its terms of reference for an IGC:(1) the IGC will act solely in the interests of relevant policyholders;(2) the IGC will assess the ongoing value for money for relevant policyholders delivered by relevant schemes particularly, though not exclusively, through assessing:(a) whether default investment strategies within those schemes:(i) are designed and executed in the interests of relevant policyholders;(ii) have
(1) An IGC is expected to act in the interests of relevant policyholders both individually and collectively. Where there is the potential for conflict between individual and collective interests, the IGC should manage this conflict effectively. An IGC is not expected to deal directly with complaints from individual policyholders. (2) The primary focus of an IGC should be the interests of relevant policyholders. Should a firm ask an IGC to consider the interests of other members,
(1) A firm that is significant in terms of its size, internal organisation and the nature, scope and complexity of its activities must establish a remuneration committee. (2) The remuneration committee must be constituted in a way that enables it to exercise competent and independent judgment on remuneration policies and practices and the incentives created for managing risk, capital and liquidity. (3) The chairman and the members of the remuneration committee must be members
(1) A firm should be able to demonstrate that its decisions are consistent with an assessment of its financial condition and future prospects. In particular, practices by which remuneration is paid for potential future revenues whose timing and likelihood remain uncertain should be evaluated carefully and the governing body or remuneration committee (or both) should work closely with the firm's risk function in evaluating the incentives created by its remuneration system. (2)
(1) This Remuneration Principle stresses the importance of risk adjustment in measuring performance, and the importance of applying judgment and common sense. A firm should ask the risk management function to validate and assess risk-adjustment techniques and to attend a meeting of the governing body or remuneration committee for this purpose. (2) A number of risk-adjustment techniques and measures are available, and a firm should choose those that are most appropriate to its
(1) Variable remuneration may be justified, for example, to incentivise employees involved in new business ventures which could be loss-making in their early stages. (2) The governing body (or, where appropriate, the remuneration committee) should approve performance adjustment policies, including the triggers under which adjustment would take place. The FCA may ask firms to provide a copy of their policies and expects firms to make adequate records of material decisions to operate
(1) A firm must have in place contingency funding plans setting out adequate strategies and proper implementation measures in order to address potential liquidity shortfalls. (2) The contingency funding plans must be: (a) in writing;(b) approved by the firm'sgoverning body;(c) regularly tested; and(d) updated on the basis of the outcome of the stress tests, testing alternative scenarios set out in MIPRU 4.2D.8 R.
(1) If a firm is a body corporate (other than a limited liability partnership), the director function is also the function of acting in the capacity of a person:(a) who is a director, partner, officer, member (if the parent undertaking or holding company is a limited liability partnership), senior manager, or employee of a parent undertaking or holding company of the firm; and(b) whose decisions or actions are regularly taken into account by the governing body of the firm.(2)
(1) If a firm is a body corporate, the non-executive director function is also the function of acting in the capacity of a person:(a) who is a non-executive director of a parent undertaking or holding company; and(b) whose decisions or actions are regularly taken into account by the governing body of the firm.(2) However, (1) does not apply if that parent undertaking or holding company has a Part 4A permission or is regulated by an EEA regulator.
This function is having the responsibility, alone or jointly with one or more others, under the immediate authority of the governing body:(1) for the conduct of the whole of the business (or relevant activities); or(2) in the case of a branch in the United Kingdom of an overseas firm, for the conduct of all of the activities subject to the UKregulatory system.
A person performing the chief executive function may be a member of the governing body but need not be. If the chairman of the governing body is also the chief executive, he will be discharging this function. If the responsibility is divided between more than one person but not shared, there is no person exercising the chief executive function. But if that responsibility is discharged jointly by more than one person, each of those persons will be performing the chief executive
(1) Each person on the non-directive friendly society'sgoverning body will be taken to have responsibility for its regulated activities, unless the firm has apportioned this responsibility to one particular individual to whom it is reasonable to give this responsibility.(2) The individual need not be a member of the governing body.
An AIFM must ensure the implementation of the remuneration policy is, at least annually, subject to central and independent internal review for compliance with policies and procedures for remuneration adopted by the governing body in its supervisory function.[Note: paragraph 1(d) of Annex II of AIFMD]
(1) An AIFM that is significant in terms of its size, internal organisation and the nature, the scope and the complexity of its activities must establish a remuneration committee. (2) The remuneration committee must be constituted in a way that enables it to exercise competent and independent judgment on remuneration policies and practices, and the incentives created for managing risk.(3) The chairman and the members of the remuneration committee must be members of the governing
An AIFM must ensure the remuneration of the senior officers in the risk management and compliance functions is directly overseen by the remuneration committee, or, if such a committee has not been established, by the governing body in its supervisory function.[Note: paragraph 1(f) of Annex II of AIFMD]
1A firm must take reasonable steps to ensure that an actuary who is to be, or has been, appointed under PRA rules made under section 340 of the Act, or for the purposes of PRA Rulebook: Solvency II firms: Conditions Governing Business, 69:8(1) does not perform the function of chairman or chief executive of the firm, or does not, if he is to perform the with-profits actuary function, become a member of the firm's governing body; and(2) does not perform any other function on behalf
1Both the actuarial function and the with-profits actuary function may be performed by employees of the firm or by external consultants, and performing other functions on behalf of the firm will not necessarily give rise to a significant conflict of interest. However, being a director, or a senior manager responsible, say, for sales or marketing in a firm (or for finance in a proprietary firm), is likely to give rise to a significant conflict of interest for an actuary performing
An actuary appointed to perform the actuarial function must, in respect of those classes of the firm's long-term insurance business which are covered by his appointment1:1(1) advise the firm's management, at the level of seniority that is reasonably appropriate, on1 the risks the firm runs in1 so far as they may have a material impact on the firm's ability to meet liabilities to policyholders in respect of long-term insurance contracts as they fall due and on the capital needed
1An actuary appointed to perform the with-profits actuary function must:(1) advise the firm's management, at the level of seniority that is reasonably appropriate, on key aspects of the discretion to be exercised affecting those classes of the with-profits business of the firm in respect of which he has been appointed;(2) [deleted]88(2A) where the firm is a Solvency II firm, advise the firm'sgoverning body as to whether the assumptions used to calculate the future discretionary
A firm must require and allow any actuary appointed to perform the with-profits actuary function1 to perform his duties and must1:11(1) keep him informed of the firm's business and other plans (including, where relevant, those of any related firm, to the extent it is aware of these);(2) provide him with sufficient resources (including his own time and access to the time of others);(3) hold such data and establish such systems as he reasonably requires;(4) request his advice about
(1) A CASS small debt management firm, other than a not-for-profit debt advice body, must allocate to a director or senior manager1 responsibility for:1(a) oversight of the firm's operational compliance with CASS 11;1(b) reporting to the firm'sgoverning body in respect of that oversight; and1(c) completing and submitting a CCR005 return in accordance with SUP 16.12.29CR.1(2) A firm that is not a relevant authorised person must make the allocation in (1) to a director or senior
A CASS small debt management firm that is a not-for-profit debt advice body must allocate to a director or senior manager:(1) oversight of the firm's operational compliance with CASS 11; (2) reporting to the firm'sgoverning body in respect of that oversight; and(3) completing and submitting a CCR005 return in accordance with SUP 16.12.29C R.
A CASS large debt management firm must allocate to a director or senior manager the function of: (1) oversight of the operational effectiveness of that CASS debt management firm's systems and controls that are designed to achieve compliance with CASS 11; (2) reporting to the CASS debt management firm'sgoverning body in respect of that oversight; and(3) completing and submitting a CCR005 return to the FCA in accordance with SUP 16.12.29C R.
If, at the time a CASS debt management firm that is not a relevant authorised person1becomes a CASS large debt management firm in accordance with CASS 11.2.8 R, the firm is not able to comply with CASS 11.3.4 R because it has no director or senior manager who is an approved person in respect of the CASS operational oversight function, the firm must:(1) take the necessary steps to ensure that it complies with CASS 11.3.4 R as soon as practicable, which must at least include submitting
(1) A firm'sgoverning body is likely to delegate many functions and tasks for the purpose of carrying out its business. When functions or tasks are delegated, either to employees or to appointed representatives or, where applicable, its tied agents8, appropriate safeguards should be put in place.(2) When there is delegation, a firm should assess whether the recipient is suitable to carry out the delegated function or task, taking into account the degree of responsibility involved.(3)
5A firm should ensure that the systems and controls include:(1) appropriate training for its employees in relation to money laundering;(2) appropriate provision of information to its governing body and senior management, including a report at least annually by that firm'smoney laundering reporting officer (MLRO) on the operation and effectiveness of those systems and controls;(3) appropriate documentation of its risk management policies and risk profile in relation to money laundering,
(1) Depending on the nature, scale and complexity of its business, it may be appropriate for a firm to have a separate compliance function. The organisation and responsibilities of a compliance function should be documented. A compliance function should be staffed by an appropriate number of competent staff who are sufficiently independent to perform their duties objectively. It should be adequately resourced and should have unrestricted access to the firm's relevant records as
(1) Depending on the nature, scale and complexity of its business, it may be appropriate for a firm to have a separate risk assessment function responsible for assessing the risks that the firm faces and advising the governing body and senior managers on them.(2) The organisation and responsibilities of a risk assessment function should be documented. The function should be adequately resourced and staffed by an appropriate number of competent staff who are sufficiently independent
(1) 24A firm's arrangements should be such as to furnish its governing body with the information it needs to play its part in identifying, measuring, managing and controlling risks of regulatory concern. Three factors will be the relevance, reliability and timeliness of that information.(2) Risks of regulatory concern are those risks which relate to the fair treatment of the firm'scustomers, to the protection of consumers, to effective competition and to the integrity of the UK
(1) Key individuals include the persons who, under the operational or managerial arrangements of the UK recognised body, are appointed to manage the departments responsible for carrying out its relevant functions, whether or not they are members of its governing body. A person appointed to carry out specific tasks, such as to conduct a particular investigation into a specific set of facts, would not usually be a key individual.(2) A key individual need not be an employee of a
Where the governing body of a UK recognised body delegates any of its functions (which relate to that UK recognised body'srelevant functions) to a standing committee, or appoints a standing committee to manage or oversee the carrying out of any of that UK recognised body'srelevant functions, that UK recognised body must immediately notify the FCA3 of that event and give the FCA3 the following information:33(1) the names of the members of that standing committee; and(2) the terms
(1) Standing committees include permanent committees with executive, supervisory, policy-making or rule-making responsibilities. Committees appointed for particular tasks or committees established for purely consultative or advisory purposes would not usually be considered to be standing committees.(2) Committees which include persons who are not members of the governing body can be standing committees.
(1) A CASS small firm must allocate to a director3 or a senior manager3 responsibility for:3(a) oversight of the firm’s operational compliance with CASS; and3(b) reporting to the firm'sgoverning body in respect of that oversight.3(2) A CASS small firm that is not a relevant authorised person must make the allocation in (1) to a director or senior manager who is approved to perform a significant influence function for that firm.31
1A CASS medium firm and a CASS large firm must allocate to a director or senior manager the function of:(1) oversight of the operational effectiveness of that firm’s systems and controls that are designed to achieve compliance with CASS;(2) reporting to the firm’sgoverning body in respect of that oversight; and(3) completing and submitting a CMAR to the FCA in accordance with SUP 16.14.
2If, at the time a firm that is not a relevant authorised person3becomes a CASS medium firm or a CASS large firm in accordance with CASS 1A.2.12 R (1) or CASS 1A.2.12 R (2), the firm is not able to comply with CASS 1A.3.1A R because it has no director or senior manager who is an approved person in respect of the CASS operational oversight function, the firm must:(1) take the necessary steps to ensure that it complies with CASS 1A.3.1A R as soon as practicable, which must at least
A management responsibilities map must include:(1) (a) the names of all the firm's:(i) approved persons (including PRA approved persons); (ii) members of its governing body and (if different) management body who are not approved persons; (iii) senior management; and(iv) senior personnel; and(b) details of the responsibilities which they hold;(2) all responsibilities described in any current statement of responsibilities; (3) details of the management and governance arrangements
(1) This provision gives guidance on specific aspects of SYSC 4.5.5R and SYSC 4.5.7R.(2) A firm need only include summary details of the persons in SYSC 4.5.7R(1).(3) A firm'sSMF managers and members of its governing body may overlap with its senior management and senior personnel. If so, the firm does not have to give the same details twice.(4) A firm should include details of individuals in addition to those in SYSC 4.5.7R(1), (3) and (5) if they are needed to make the management
(1) SYSC 4 Annex 1G is not comprehensive. While it is intended to cover most front-line business activities of a relevant authorised person, it does not cover all internal oversight and monitoring functions.(2) For example, it does not cover compliance or internal audit or the firm'sgoverning body or its committees.
(1) Where the firm's rating systems are used on a unified basis under article 20(6) of the EU CRR, the FCA considers that the governance requirements in article 189 of the EU CRR can only be met if the subsidiaries have delegated to the governing body or designated committee of the EEA parent institution, EEA parent financial holding company or EEA parent mixed financial holding company responsibility for approval of the firm's rating systems.(2) The FCA expects an appropriate