A planned upgrade will take place on 16/05/2024 between 17:00 BST and 19:00 BST. During this time, some features that require authentication may be unavailable.
Related provisions for SYSC 3.2.6C
21 - 40 of 62 items.
In determining whether the UK recognised body meets the recognition requirement in Regulation 6(3), the FSA may have regard to whether that body has ensured that the person who performs that function on its behalf:(1) has sufficient resources to be able to perform the function (after allowing for any other activities);(2) has adequate systems and controls to manage that function and to report on its performance to the UK recognised body;(3) is managed by persons of sufficient
In determining whether a UK recognised body continues to satisfy the recognition requirements where it has made arrangements for any function to be performed on its behalf by any person , the FSA may have regard, in addition to any of the matters described in the appropriate section of this chapter, to the arrangements made to exercise control over the performance of the function, including:(1) the contracts (and other relevant documents) between the UK recognised body and the
A sponsor must notify the FSA in writing as soon as possible if:(1) the sponsor ceases to satisfy the criteria for approval as a sponsor set out in LR 8.6.5 R; or(2) the sponsor, or any of its employees whose names are on the list maintained by the sponsor under LR 8.6.15 R, are:(a) convicted of any offence involving fraud, theft or other dishonesty; or(b) the subject of a bankruptcy proceeding, a receiving order or an administration order; or(3) any of its employees whose names
A firm should establish and maintain appropriate systems and controls for the management of the risks involved in expected changes, such as by ensuring:(1) the adequacy of its organisation and reporting structure for managing the change (including the adequacy of senior management oversight);(2) the adequacy of the management processes and systems for managing the change (including planning, approval, implementation and review processes); and(3) the adequacy of its strategy
The high level requirement for appropriate systems and controls at SYSC 3.1.1 R applies at all times, including when a business continuity plan is invoked. However, the FSA recognises that, in an emergency, a firm may be unable to comply with a particular rule and the conditions for relief are outlined in GEN 1.3 (Emergency).
(1) Threshold condition 4 (Adequate resources), requires the FSA to ensure that a firm has adequate resources in relation to the specific regulated activity or regulated activities which it seeks to carry on, or carries on.(2) In this context, the FSA will interpret the term 'adequate' as meaning sufficient in terms of quantity, quality and availability, and 'resources' as including all financial resources, non-financial resources and means of managing its resources; for example,
(1) When assessing whether a firm will satisfy and continue to satisfy threshold condition 4, the FSA will have regard to all relevant matters, whether arising in the United Kingdom or elsewhere.(2) Relevant matters may include but are not limited to:(a) whether there are any indications that the firm may have difficulties if the application is granted (see COND 2.4.6 G), at the time of the grant or in the future, in complying with any of the FSA'sprudential rules (see the relevant
Before entering into, or significantly changing, an outsourcing arrangement, a firm should:(1) analyse how the arrangement will fit with its organisation and reporting structure; business strategy; overall risk profile; and ability to meet its regulatory obligations;(2) consider whether the agreements establishing the arrangement will allow it to monitor and control its operational risk exposure relating to the outsourcing;(3) conduct appropriate due diligence of the service
In some circumstances, a firm may find it beneficial to use externally validated reports commissioned by the service provider, to seek comfort as to the adequacy and effectiveness of its systems and controls. The use of such reports does not absolve the firm of responsibility to maintain other oversight. In addition, the firm should not normally have to forfeit its right to access, for itself or its agents, to the service provider's premises.
The model review process may be conducted through a series of visits covering various aspects of the firm's control and IT environment. Before these visits the FSA may ask the firm to provide some information relating to its waiver request accompanied by some specified background material. The model review visits are organised on a timetable that allows a firm being visited sufficient time to arrange the visit and provide the appropriate pre-visit information.
As part of the model review process, the following may be reviewed: organisational structure and personnel; details of the firm's market position in the relevant products; profit and risk information; valuation and reserving policies; operational controls; IT systems; model release and control procedures; risk management and control framework; risk appetite and limit structure and future developments relevant to model recognition.
(1) A firm should have a conceptually sound risk management system which is implemented with integrity and should meet the minimum standards set out in this paragraph.(2) A firm should have a risk control unit that is independent of business trading units and reports directly to senior management. The unit should be responsible for designing and implementing the firm's risk management system. It should produce and analyse daily reports on the risks run by the business and on the
In determining whether a matter is significant, a firm should have regard to:(1) the size of any monetary loss or potential monetary loss to itself or its customers (either in terms of a single incident or group of similar or related incidents);(2) the risk of reputational loss to the firm; and(3) whether the incident or a pattern of incidents reflects weaknesses in the firm's internal controls.
Recognised bodies may receive complaints from time to time from their members and other people, both about the conduct of members and about the recognised body itself. A UK recognised body will need to have satisfactory arrangements to investigate these complaints in order to satisfy the relevant recognition requirements (see REC 2.15 and REC 2.16).
Where the FSA receives a complaint about a recognised body, it will, in the first instance, seek to establish whether the complainant has approached the recognised body. Where this is not the case, the FSA will ask the complainant to complain to the recognised body. Where the complainant is dissatisfied with the handling of the complaint, but has not exhausted the recognised body's own internal complaints procedures (in the case of a complaint against a UK recognised body, including
(1) CASS
5.4 permits a firm, which
has adequate resources, systems and controls, to declare a trust on terms
which expressly authorise it, in its capacity as trustee, to make advances
of credit to the firm'sclients. The client
money trust required by CASS
5.4 extends to such debt obligations
which will arise if the firm,
as trustee, makes credit advances, to enable a client's premium obligations
to be met before the premium is
remitted to the firm and similarly
if it allows claims
A firm may
not handle client money in accordance
with the rules in this section
unless each of the following conditions is satisfied:(1) the firm must have and maintain systems and controls
which are adequate to ensure that the firm is
able to monitor and manage its client money transactions
and any credit risk arising from the operation of the trust arrangement and,
if in accordance with CASS 5.4.2 R a firm complies
with both the rules in CASS
5.3 and CASS
5.4, such systems and
BIPRU 7.10 sets out the minimum standards that the FSA expects firms to meet before granting a VaR model permission. The FSA will not grant a VaR model permission unless it is satisfied that the requirements of BIPRU 7.10 are met and it is satisfied about the procedures in place at a firm to calculate the model PRR. In particular the FSA will not normally grant a VaR model permission unless it is satisfied about the quality of:(1) the internal controls and risk management relating
As part of the process for dealing with an application for a VaR model permission the following may be reviewed: organisational structure and personnel; details of the firm's market position in the relevant products; revenue and risk information; valuation and reserving policies; operational controls; information technology systems; model release and control procedures; risk management and control framework; risk appetite and limit structure; future developments relevant to model
In assessing whether the VaR model is implemented with integrity as described in BIPRU 7.10.58R (Stress testing), the FSA will consider in particular the information technology systems used to run the model and associated calculations. The assessment may include:(1) feeder systems; risk aggregation systems; time series databases; the VaR model system; stress testing system; the backtesting system including profit and loss cleaning systems where appropriate; data quality; reconciliations
A firm should consider whether it should notify the FSA under Principle 11 if:(1) the firm expects or knows its auditor will qualify his report on the audited annual financial statements or add an explanatory paragraph; or (2) the firm receives a written communication from its auditor commenting on internal controls (see also SUP 15.3).
Under Principle 11 and SUP 15.3.1 R, a firm must notify the FSA immediately of any operational risk matter of which the FSA would reasonably expect notice. SUP 15.3.8 G provides guidance on the occurrences that this requirement covers, which include a significant failure in systems and controls and a significant operational loss.
(1) As the authorised fund manager normally controls the issue, cancellation, sale and redemption of an authorised fund'sunits, it occupies a position that could, without appropriate systems and controls, involve a conflict of interest between itself and its clients.(2) SYSC 3.1.1 R (Systems and controls) requires that a firm take reasonable care to establish and maintain such systems and controls as are appropriate to its business and Principle 8 requires a firm to manage conflicts
Explanatory table: This table belongs to COLL 6.2.2 G (4) (Purpose).
Correction of box management errors |
||
1 |
Controls by authorised fund managers |
|
An authorised fund manager needs to be able to demonstrate that it has effective controls over: |
||
(1) |
its calculations of what units are owned by it (its 'box'); and |
|
(2) |
compliance with COLL 6.2.8 R which is intended to prevent a negative box. |
|
2 |
Controls by depositaries |
|
(1) |
Under COLL 6.6.4 (General duties of the depositary), a depositary should take reasonable care to ensure that a scheme2 is managed in accordance with COLL 6.2 (Dealing) and COLL 6.3 (Pricing and valuation). |
|
(2) |
A depositary should therefore make a regular assessment of the authorised fund manager's box management procedures (including supporting systems) and controls. This should include reviewing the authorised fund manager's controls and procedures when the depositary assumes office, on any significant change and on a regular basis, to ensure that a series of otherwise minor changes do not have a cumulative and a significant effect on the accuracy of the controls and procedures. |
|
3 |
Recording and reporting of box management errors |
|
(1) |
An authorised fund manager should record all errors which result in a breach of COLL 6.2.8 R (Controls over the issue and cancellation of units) and as soon as an error is discovered, the authorised fund manager should report the fact to the depositary, together with details of the action taken, or to be taken, to avoid repetition of the error. |
|
(2) |
A depositary should report material box management errors to the FSA immediately. Materiality should be determined by taking into account a number of factors including:
|
|
(3) |
A depositary should also make a return to the FSA (in the manner prescribed by SUP 16.6.8 R) on a quarterly basis. |
|
Firms should also consider whether their systems and controls provide sufficient information to permit senior management to identify the crystallisation of risks in a timely manner so as to provide them with the opportunity to respond and allow the firm to obtain the full value of the modelled management action. Firms should also analyse the wider implications of the management actions, particularly where they represent significant divergence from the business plan and use this
(1) A transaction in a derivative must:(a) be in an approved derivative; or(b) be one which complies with COLL 5.2.23 R (OTC transactions in derivatives).(2) The underlying of a transaction in a derivative must consist of any one or more of the following to which the scheme is dedicated:(a) transferable securities;(b) money-market instruments permitted under COLL 5.2.18 R (Investment in money-market instruments);(c) deposits permitted under COLL 5.2.26 R (Investment in deposits);(d)
An approved person performing a significant influence function will not
always manage the business on a day-to-day basis himself. The extent to which
he does so will depend on a number of factors, including the nature, scale
and complexity of the business and his position within it. The larger and
more complex the business, the greater the need for clear and effective delegation
and reporting lines. The FSA will look to the approved person performing a significant
influence function