Content Options

Add to favourites

View Options

More Resources:

External link Handbook Publications

SYSC 6.1 Compliance

SYSC 6.1.1 R RP

1A common platform firm must establish, implement and maintain adequate policies and procedures sufficient to ensure compliance of the firm including its managers, employees and appointed representatives with its obligations under the regulatory system.

[Note: article 13(2) of MiFID]

SYSC 6.1.2 R RP

A common platform firm must, taking in toaccount the nature, scale and complexity of its business, and the nature and range of investment services and activities undertaken in the course of that business, establish, implement and maintain adequate policies and procedures designed to detect any risk of failure by the firm to comply with its obligations under the regulatory system, as well as associated risks, and put in place adequate measures and procedures designed to minimise such risks and to enable the FSA to exercise its powers effectively under the regulatory system and to enable any other competent authority to exercise its powers effectively under MiFID.

[Note: article 6(1) of the MiFID implementing Directive]

SYSC 6.1.3 R RP

A common platform firm must maintain a permanent and effective compliance function which operates independently and which has the following responsibilities:

  1. (1)

    to monitor and, on a regular basis, to assess the adequacy and effectiveness of the measures and procedures put in place in accordance with SYSC 6.1.2 R, and the actions taken to address any deficiencies in the firm's compliance with its obligations;

  2. (2)

    to advise and assist the relevant persons responsible for carrying out regulated activities to comply with the firm's obligations under the regulatory system.

[Note:

article 6(2) of the MiFID implementing Directive]

SYSC 6.1.4 R RP

In order to enable the compliance function to discharge its responsibilities properly and independently, a common platform firm must ensure that the following conditions are satisfied:

  1. (1)

    the compliance function must have the necessary authority, resources, expertise and access to all relevant information;

  2. (2)

    a compliance officer must be appointed and must be responsible for the compliance function and for any reporting as to compliance required by SYSC 4.3.2 R;

  3. (3)

    the relevant persons involved in the compliance functions must not be involved in the performance of services or activities they monitor;

  4. (4)

    the method of determining the remuneration of the relevant persons involved in the compliance function must not compromise their objectivity and must not be likely to do so.

[Note:

article 6(3) first paragraph of the MiFID implementing Directive]

SYSC 6.1.5 R RP

A common platform firm need not comply with SYSC 6.1.4 R (3) or SYSC 6.1.4 R (4) if it is able to demonstrate that in view of the nature, scale and complexity of its business, and the nature and range of investment services and activities, the requirements under those rules are not proportionate and that its compliance function continues to be effective.

[Note:

article 6(3) second paragraph of the MiFID implementing Directive]

SYSC 6.2 Internal audit

SYSC 6.2.1 R RP

A common platform firm must, where appropriate and proportionate in view of the nature, scale and complexity of its business and the nature and range of investment services and activities undertaken in the course of that business, establish and maintain an internal audit function which is separate and independent from the other functions and activities of the firm and which has the following responsibilities:

  1. (1)

    to establish, implement and maintain an audit plan to examine and evaluate the adequacy and effectiveness of the firm's systems, internal control mechanisms and arrangements;

  2. (2)

    to issue recommendations based on the result of work carried out in accordance with (1);

  3. (3)

    to verify compliance with those recommendations;

  4. (4)

    to report in relation to internal audit matters in accordance with SYSC 4.3.2 R.

[Note:

article 8 of the MiFID implementing Directive]

SYSC 6.3 Financial crime

SYSC 6.3.1 R RP

A common platform firm must ensure the policies and procedures established under SYSC 6.1.1 R include systems and controls that:

  1. (1)

    enable it to identify, assess, monitor and manage money laundering risk; and

  2. (2)

    are comprehensive and proportionate to the nature, scale and complexity of its activities.

SYSC 6.3.2 G RP

"Money laundering risk" is the risk that a firm may be used to further money laundering. Failure by a firm to manage this risk effectively will increase the risk to society of crime and terrorism.

SYSC 6.3.3 R RP

A common platform firm must carry out regular assessment of the adequacy of these systems and controls to ensure that it continues to comply with SYSC 6.3.1 R.

SYSC 6.3.4 G RP

A common platform firm may also have separate obligations to comply with relevant legal requirements, including the Terrorism Act 2000, the Proceeds of Crime Act 2002 and the Money Laundering Regulations. SYSC 6.1.1 R and SYSC 6.3.1 R to SYSC 6.3.10 G are not relevant for the purposes of regulation 3(3) of the Money Laundering Regulations, section 330(8) of the Proceeds of Crime Act 2002 or section 21A(6) of the Terrorism Act 2000.

SYSC 6.3.5 G RP

The FSA, when considering whether a breach of its rules on systems and controls against money laundering has occurred, will have regard to whether a common platform firm has followed relevant provisions in the guidance for the United Kingdom financial sector issued by the Joint Money Laundering Steering Group.

SYSC 6.3.6 G RP

In identifying its money laundering risk and in establishing the nature of these systems and controls, a common platform firm should consider a range of factors, including:

  1. (1)

    its customer, product and activity profiles;

  2. (2)

    its distribution channels;

  3. (3)

    the complexity and volume of its transactions;

  4. (4)

    its processes and systems; and

  5. (5)

    its operating environment.

SYSC 6.3.7 G RP

A common platform firm should ensure that the systems and controls include:

  1. (1)

    appropriate training for its employees in relation to money laundering;

  2. (2)

    appropriate provision of information to its governing body and senior management, including a report at least annually by that firm'smoney laundering reporting officer (MLRO) on the operation and effectiveness of those systems and controls;

  3. (3)

    appropriate documentation of its risk management policies and risk profile in relation to money laundering, including documentation of its application of those policies (see SYSC 9);

  4. (4)

    appropriate measures to ensure that money laundering risk is taken into account in its day-to-day operation, including in relation to:

    1. (a)

      the development of new products;

    2. (b)

      the taking-on of new customers; and

    3. (c)

      changes in its business profile; and

  5. (5)

    appropriate measures to ensure that procedures for identification of new customers do not unreasonably deny access to its services to potential customers who cannot reasonably be expected to produce detailed evidence of identity.

SYSC 6.3.8 R RP

A common platform firm must allocate to a director or senior manager (who may also be the money laundering reporting officer) overall responsibility within the firm for the establishment and maintenance of effective anti-money laundering systems and controls.

The money laundering reporting officer

SYSC 6.3.9 R RP

A common platform firm must:

  1. (1)

    appoint an individual as MLRO, with responsibility for oversight of its compliance with the FSA'srules on systems and controls against money laundering; and

  2. (2)

    ensure that its MLRO has a level of authority and independence within the firm and access to resources and information sufficient to enable him to carry out that responsibility.

SYSC 6.3.10 G RP

The job of the MLRO within a firm is to act as the focal point for all activity within the firm relating to anti-money laundering. The FSA expects that a firm'sMLRO will be based in the United Kingdom.