[Note: ESMA has also issued guidelines under article 16(3) of the ESMA Regulation covering certain aspects of the MiFID compliance function requirements. See http://www.esma.europa.eu/content/Guidelines-certain-aspects-MiFID-compliance-function-requirements.]
A firm's systems and controls should enable it to satisfy itself of the suitability of anyone who acts for it. This includes assessing an individual's honesty and competence. This assessment should normally be made at the point of recruitment. An individual's honesty need not normally be revisited unless something happens to make a fresh look appropriate.
Any assessment of an individual's suitability should take into account the level of responsibility that the individual will assume within the firm. The nature of this assessment will generally differ depending upon whether it takes place at the start of the individual's recruitment, at the end of the probationary period (if there is one) or subsequently.
2If a firm requires employees who are not subject to a qualification7 requirement in TC to pass a relevant examination from the list of recommended examinations maintained by the Financial Skills Partnership7, the appropriate regulator will take that into account when assessing whether the firm has ensured that the employee satisfies the knowledge component of the competent employees rule.7 7 7
A common platform firm and a management company6 must ensure that the performance of multiple functions by its relevant persons does not and is not likely to prevent those persons from discharging any particular functions soundly, honestly and professionally.
The effective segregation of duties is an important element in the internal controls of a firm in the prudential context. In particular, it helps to ensure that no one individual is completely free to commit a firm's assets or incur liabilities on its behalf. Segregation can also help to ensure that a firm'sgoverning body receives objective and accurate information on financial performance, the risks faced by the firm and the adequacy of its systems.
Where a common platform firm outsources its internal audit function, it should take reasonable steps to ensure that every individual involved in the performance of this service is independent from the individuals who perform its external audit. This should not prevent services from being undertaken by a firm's external auditors provided that:
the work is carried out under the supervision and management of the firm's own internal staff; and
potential conflicts of interest between the provision of external audit services and the provision of internal audit are properly managed.
The systems, internal control mechanisms and arrangements established by a firm in accordance with this chapter must take into account the nature, scale and complexity of its business and the nature and range of financial services and activities 3undertaken in the course of that business.
A common platform firm and a management company6 must monitor and, on a regular basis, evaluate the adequacy and effectiveness of its systems, internal control mechanisms and arrangements established in accordance with this chapter, and take appropriate measures to address any deficiencies.