Status: Please note you should read all Brexit changes to the FCA Handbook and BTS alongside the main FCA transitional directions. Where these directions apply the 'standstill', firms have the choice between complying with the pre-IP completion day rules, or the post-IP completion day rules. To see a full list of Handbook modules affected, please see Annex B to the main FCA transitional directions.

Status: This chapter was amended on 31 December 2020 as a result of Brexit. However, it is subject to the FCA Prudential Transitional Direction, which means that firms should not comply with these provisions yet. Instead, firms must follow this link and continue to comply with pre-IP completion day requirements (unless specified otherwise in the Direction). To see a full list of Handbook modules affected, please see Section B of the Annex to the Direction.

IFPRU 2.4 Reporting of breaches

  1. (1)

    A firm must have appropriate procedures in place for its employees to report breaches internally through a specific, independent and autonomous channel.

  2. (2)

    The channel in (1) may be provided through arrangements provided for by social partners, subject to the Public Interest Disclosure Act 1998 and the Employment Rights Act 1996 to the extent that they apply.

[Note: article 71(3) of CRD]


SYSC 18 (Whistleblowing) contains1 requirements on UK SMCR banking firms3 and certain insurers (see SYSC 18.1.1AR) in relation to the adoption and communication of appropriate internal procedures for handling reportable concerns as part of an effective risk management system. SYSC 18.1.1CG provides that firms not otherwise subject to SYSC 18 may nonetheless wish to adopt the provisions in that chapter as best practice1.