Related provisions for SYSC 22.6.5
21 - 40 of 202 items.
(1) The purposes of this section are to:(a) provide UK recognised bodies with guidance regarding the provisions of PIDA; and(b) Encourage UK recognised bodies to consider adopting and communicating to workers appropriate internal procedures for handling workers' concerns as part of an effective risk management system.(2) In this section "worker" includes, but is not limited to, an individual who has entered into a contract of employment.
In accordance with section 1 of PIDA:(1) a "protected disclosure" is a qualifying disclosure which meets the relevant requirements set out in part 4A of the Employment Rights Act 19963;3(2) a "qualifying disclosure" is a disclosure, made in the public interest3, of information which, in the reasonable belief of the worker making the disclosure, tends to show that one or more of the following (a "failure") has been, is being, or is likely to be, committed:3(a) a criminal offence;
(1) UK recognised bodies are encouraged to consider adopting appropriate internal procedures which will encourage their workers with concerns to blow the whistle internally about matters which are relevant to the functions of the FCA.22(2) In considering appropriate internal procedures, UK recognised bodiesmay find the guidance provided to firms in SYSC 18.2.2 G (2) and SYSC 18.2.2 G (3)1 helpful.1
[deleted] 5
Table: To whom does COCON apply? 9
9Persons to whom COCON applies |
Comments9 |
(1) An SMF manager.9 |
|
(2) An employee (“P”) of an SMCR firm12 who:9 (a) performs the function of an SMF manager;9 (b) is not an approved person to perform the function in question; and9 (c) is required to be an approved person at the time P performs that function.9 |
|
(3) An employee of an SMCR firm12 who would be performing an FCA-designated senior management function12 but for SUP 10C.3.13R (The 12-week rule). 9 |
|
(4) A certification employee of an SMCR firm12.9 |
This applies even if the certification employee has not been notified that COCON applies to them or notified of the rules that apply to them.9 |
(5) An employee of an SMCR firm who would be performing an FCA certification function but for SYSC 27.5.1R (Emergency appointments) or SYSC 27.5.3R (Temporary12 UK role). 9 12 |
|
(6) Any employee of an SMCR firm12 not coming within another row of this table, except one listed in column (2) of this row (6) of this table12. 9 |
(A)12 This row (6)12 does not apply to an employee of an SMCR firm12 who only performs functions falling within the scope of the following roles:9 (a) receptionists; (b) switchboard operators; (c) post room staff; (d) reprographics/print room staff; (e) property/facilities management; (f) events management; (g) security guards; (h) invoice processing; (i) audio visual technicians; (j) vending machine staff; (k) medical staff; (l) archive records management; (m) drivers; (n) corporate social responsibility staff; (o) data controllers or processors under the data protection legislation;10 (p) cleaners; (q) catering staff; (r) personal assistant or secretary; (s) information technology support (ie, helpdesk); and (t) human resources administrators /processors. (B) This row (6) also does not apply to an employee of an SMCR insurance firm until 10 December 2019.12 |
(7) [deleted]12 9 |
9 |
(8) A board director of: a UK SMCR firm.12 9999 |
9 |
| 9 | |
(1) COCON applies to the conduct of 6conduct rules staff set out in (2) 6wherever it is performed.(2) 6This rule applies to:(a) a senior conduct rules staff member; and(b) a certification employee performing FCA certification function (6)12 (material risk takers) in the table in SYSC 27.7.3R for a UK SMCR firm12.12
(1) This rule applies to members of a firm’sconduct rules staff apart from conduct rules staff in COCON 1.1.9R. 6522(2) Subject to (3), COCON only applies to the conduct of persons to whom this rule applies (as set out in (1)) if that conduct:6(a) 6is performed from an establishment maintained in the United Kingdom by the SMCR firm; or12(b) 6involves dealing with a client of the firm in the United Kingdom from an establishment overseas.5(3) 6Paragraph (2)(b) only applies to a
(1) The RDC is separate from the FCA's2 executive management structure. Apart from its Chairman, none of the members of the RDC is an FCA2employee.22(2) All members of the RDC are appointed for fixed periods by the FCA2 Board. The FCA2 Board may remove a member of the RDC, but only in the event of that member's misconduct or incapacity.22
Table: What positions need a reference
Position |
When to obtain reference |
Comments |
(A) Permitting or appointing someone to perform an FCA controlled function or a PRA controlled function. |
One month before the end of the application period Where a request for a reference would require: (a) the firm requesting the reference; (b) the employer giving the reference; or (c) any other person; to make a mandatory disclosure prior to P disclosing to its current employer that such application has been made, the date is the end of the application period. |
|
(B) Issuing a certificate under section 63F of the Act (Certification of employees by2 authorised persons). |
Before the certificate is issued |
This includes renewing an existing certificate. |
(C) Appointing someone to any of the following positions (as defined in the PRA Rulebook): (a) a notified non-executive director; (b) a credit union non-executive director; or (c) a key function holder. |
Not applicable |
SYSC 22.2.1R (obligation to obtain a reference) does not apply to a firm appointing someone to the position in column (1). However SYSC 22.2.2R does apply to a firm asked to give a reference to a firm appointing someone to the position in column (1). |
Note 1: Mandatory disclosure means an obligation in any applicable laws, regulations or rules to declare or disclose information to the public. |
||
Note 2: P refers to the employee or ex-employee about whom the reference is given as defined in more detail in SYSC 22.2.1R and SYSC 22.2.2R. |
||
Note 3: The application period means the period for consideration referred to in section 61 of the Act (Determination of application). |
||
If at any time:(1) an SMCR firm2 (B) has given a reference under SYSC 22.2.2R to another firm (A) about an employee or ex-employee of B (P);(2) B was also an SMCR firm2 when it gave the reference in (1);(3) either of the following applies:(a) B is aware of matters or circumstances that mean that if B had been aware of them when giving that reference, this chapter would have required B to draft the reference differently; or(b) the following applies:(i) B has since giving the reference
If at any time:(1) an SMCR firm2 (B) has given a reference under SYSC 22.2.2R to another firm (A) about an employee or ex-employee of B (P);(2) B asks A whether P is still an employee of A; and(3) B gave A the reference no more than six years ago;A must answer that question as soon as reasonably practicable, even if B does not tell A why it wants to know that information.
The systems and controls function is the function of acting in the capacity of an employee of the firm with responsibility for reporting to the governing body of a firm, or the audit committee (or its equivalent) in relation to:(1) its financial affairs;(2) setting and controlling its risk exposure (see 6SYSC 7.1.6R, article 23(2) of the MiFID Org Regulation and article 23(2) of the MiFID Org Regulation (as applied in accordance with SYSC 1 Annex 1 2.8AR, SYSC 1 Annex 1 3.2-AR,
1For a full-scope UK AIFM, the requirement to have an employee responsible for reporting to the governing body of the firm or the audit committee for matters in SUP 10A.8.1R (2) and SUP 10A.8.1R (3) is derived from the AIFMD level 2 regulation, which imposes obligations on such firms to have a permanent risk management function and, where appropriate and proportionate for their business, an internal audit function.
3The material in CASS 1A.3.1BG about how CASS 1A.3 fits into the FCA senior managers and certification7 regime for SMCR firms7 also applies to a CASS small firm that is an SMCR firm7 and the function in CASS 1A.3.1R. However:(1) the function in CASS 1A.3.1R is not a separate FCA certification function7; and(2) the person performing that function will not necessarily be subject to the employee certification regime described in SYSC 27 (Senior managers and certification regime:
(1) (a) CASS 1A.3.1AR describes the FCA controlled function known as the CASS operational oversight function (CF10a). The table of FCA controlled functions3 in SUP 10A.4.4R3 together with SUP 10A.7.9R3 specify the CASS operational oversight function as an FCA required function4 for a firm to which CASS 1A.3.1AR applies.3(b) The CASS operational oversight function does not apply to an SMCR firm. For an SMCR firm, the function in CASS 1A.3.1AR is not a separate controlled function
(1) 3CASS 1A.3.1CR provides a grace period for a firm that is not an SMCR firm7 to apply for someone to be approved to perform the CASS operational oversight function. (2) There is no equivalent to CASS 1A.3.1CR for an SMCR firm7, because a person does not need specific FCA approval before carrying out the function. This is explained in (3) to (5), below.(3) As explained in CASS 1A.3.1BG(2), the function in CASS 1A.3.1AR is not, by itself, a controlled function.(4) Therefore,
In setting the method of determining the remuneration of employees involved in the risk management function:(1) firms that SYSC 19D applies to will also need to comply with the dual-regulated firms Remuneration Code; and(2) firms that the remuneration part of the PRA Rulebook applies to will also need to comply with it.16513138
(1) If a firm takes disciplinary action as a result of a conduct breach (see SUP 15.11.6R) against an employee but the employee has appealed or plans to appeal, the firm should still report the disciplinary action under section 64C of the Act but should include the appeal in the notification.5(2) The firm should update the FCA on the outcome of any appeal.52
The obligations to make a notification pursuant to2section
64C of the Act apply notwithstanding any agreement (for example a 'COT 3'
Agreement settled by the Advisory, Conciliation and Arbitration Service
(ACAS)) or any other arrangements entered into by a firm and an employee
upon termination of the employee's employment. A firm should not enter
into any such arrangements or agreements that could conflict with its
obligations under this section.
1CASS 11.3.3G(5) to (11)2 also apply to a CASS small debt management firm that is an SMCR firm3 and the function in CASS 11.3.1R. However:(1) the function in CASS 11.3.1R is not a separate FCA certification function3; and(2) the person performing that function will not necessarily be subject to the employee certification regime described in SYSC 27 (Senior managers and certification regime: Certification regime3).
(1) CASS 11.3.4R describes the FCA controlled function known as the CASS operational oversight function (CF10a) in relation to CASS large debt management firms, including not-for-profit debt advice bodies.1(2) As a consequence of CASS 11.3.4R (in conjunction with SUP 10A.4.1R and SUP 10A.7.10R), in a CASS large debt management firm (including a not-for-profit debt advice body fitting into that category) the function described in CASS 11.3.4R is required to be discharged by a director
(1) 1CASS 11.3.5R provides a grace period for a firm that is not an SMCR firm3 to apply for someone to be approved to perform the CASS operational oversight function. (2) There is no equivalent to CASS 11.3.5R for an SMCR firm3, because a person does not need specific FCA approval before carrying out the function. This is explained in (3) to (5), below.(3) As explained in CASS 11.3.3G, the function in CASS 11.3.5R is not, by itself, a controlled function.(4) Therefore, if an approved
A firm should consult SYSC 3.2.2 G to SYSC 3.2.5 G for guidance on reporting lines and delegation of functions within a firm and SYSC 3.2.13 G to SYSC 3.2.14 G for guidance on the suitability of employees and appointed representatives or, where applicable, its tied agents1. This section provides additional guidance on management of employees and other human resources in the context of operational risk.
A firm should establish and maintain appropriate systems and controls for the management of operational risks that can arise from employees. In doing so, a firm should have regard to:(1) its operational risk culture, and any variations in this or its human resource management practices, across its operations (including, for example, the extent to which the compliance culture is extended to in-house IT staff);(2) whether the way employees are remunerated exposes the firm to the
A firm should ensure that all employees are capable of performing, and aware of, their operational risk management responsibilities, including by establishing and maintaining:(1) appropriate segregation of employees' duties and appropriate supervision of employees in the performance of their responsibilities (see SYSC 3.2.5 G);(2) appropriate recruitment and subsequent processes to review the fitness and propriety of employees (see SYSC 3.2.13 G and SYSC 3.2.14 G);(3) clear
A firm must take reasonable care to ensure that every letter (or electronic equivalent) which it or its employees send to a retail client4, with a view to or in connection with the firm carrying on a regulated activity, includes the disclosure in GEN 4 Annex 1 R (firms that are not PRA-authorised persons) or GEN 4 Annex 1AR (PRA-authorised persons) as applicable14.14
(1) GEN 4.3.1 R (Disclosure in letters to retail clients4) covers letters delivered by hand, sent by post and sent by fax and also electronic mail, but not text messages, account statements, business cards or compliment slips (used as such).4(2) GEN 4.3.1 R (Disclosure in letters to retail clients4) applies in relation to letters sent by any of the firm's employees, which includes its appointed representatives and their employees.4(3) Firms are likely to find it convenient to
(1) 1Where a firm has outsourced activities to a third party processor other than advising on life policies3, GEN 4.3.1 R does not apply to that third party processor when acting as such, so long as the outsourcing firm ensures that the third party processor and its employees comply with that rule as if it was the firm and they were employees of the firm.(2) Where an appointed representative has outsourced insurance distribution activities10 other than advising on life policies3
(1) A firm'sgoverning body is likely to delegate many functions and tasks for the purpose of carrying out its business. When functions or tasks are delegated, either to employees or to appointed representatives or, where applicable, its tied agents8, appropriate safeguards should be put in place.(2) When there is delegation, a firm should assess whether the recipient is suitable to carry out the delegated function or task, taking into account the degree of responsibility involved.(3)
Where it is made possible and appropriate by the nature, scale and complexity of its business, a firm should segregate the duties of individuals and departments in such a way as to reduce opportunities for financial crime or contravention of requirements and standards under the regulatory system. For example, the duties of front-office and back-office staff should be segregated so as to prevent a single individual initiating, processing and controlling transactions.
(1) Depending on the nature, scale and complexity of its business, it may be appropriate for a firm to have a separate compliance function. The organisation and responsibilities of a compliance function should be documented. A compliance function should be staffed by an appropriate number of competent staff who are sufficiently independent to perform their duties objectively. It should be adequately resourced and should have unrestricted access to the firm's relevant records as
(1) Depending on the nature, scale and complexity of its business, it may be appropriate for a firm to have a separate risk assessment function responsible for assessing the risks that the firm faces and advising the governing body and senior managers on them.(2) The organisation and responsibilities of a risk assessment function should be documented. The function should be adequately resourced and staffed by an appropriate number of competent staff who are sufficiently independent
A circular to shareholders about the approval of an employee's share scheme or long-term incentive scheme must:(1) include either the full text of the scheme or a description of its principal terms;(2) include, if directors of the listed company are trustees of the scheme, or have a direct or indirect interest in the trustees, details of the trusteeship or interest;(3) state that the provisions (if any) relating to:(a) the persons to whom, or for whom, securities, cash or other
The resolution approving the adoption of an employees' share scheme or long-term incentive scheme may authorise the directors to establish further schemes based on any scheme which has previously been approved by shareholders but modified to take account of local tax, exchange control or securities laws in overseas territories, provided that any shares made available under such further schemes are treated as counting against any limits on individual or overall participation in
A circular to shareholders about proposed amendments to an employees' share scheme or a long-term incentive scheme must include:(1) an explanation of the effect of the proposed amendments; and(2) the full terms of the proposed amendments, or a statement that the full text of the scheme as amended will be available for inspection.
If:(1) a firm (A) is thinking of employing someone (P);(2) P is employed by a group services company (D) that is not a firm; (3) P (in their capacity as an employee of D) performs a function or service for a firm (B) in the same group as D such that P is also an employee of B; and(4) A intends to appoint (P) to a position that entitles A to obtain a reference from B;then: (5) (if A is an SMCR firm2) A should ask both B and D for a reference;(6) B is obliged to give the reference
If:(1) a firm (A) is thinking of appointing someone (P) to a position that entitles A to obtain a reference from another firm (B); and (2) P was an employee of other members of B’s group as well as of B;then:(3) (if A is an SMCR firm2) A should ask all the group members that employed P for a reference; (4) B should give a reference if A asks it to (whether or not A is an SMCR firm2);(5) P’s employers in that group (including any that are not firms) may give a single joint reference;
(1) The 5credit union'sgoverning body5has responsibility for ensuring that the credit union complies with the requirements of SYSC 4.1.1 R (see CREDS 2.2.1 G and CREDS 2.2.2 G). So, the governing body5 has overall responsibility for:(a) establishing objectives and formulating a business plan;(b) monitoring the financial position of the credit union;(c) determining and documenting policies and procedures;(d) directing and coordinating the work of all employees and volunteers, and
5Under section 63E(1) of the Act, an SMCR firm6 (including a credit union) should take reasonable care to ensure that no employee of the firm performs an FCA certification function6 under an arrangement entered into by the firm in relation to the carrying on by that firm of a regulated activity, unless the employee has a valid certificate issued by that firm to perform the function to which the certificate relates. The definition of employee for these purposes goes beyond a conventional
(1) A credit union must not make a loan to: (a) one of its officers, certification employees2 or approved persons on terms more favourable than those available to other members of the credit union unless: 2(i) that person is a paid employee (other than a director) of the credit union; and (ii) the registered rules of the credit union provide explicitly for the making of loans to paid employees on such terms; (b) (in the case of a Great Britain credit union) 1a relative of, or
(1) To prevent conflicts of interest, a credit union should have clear arrangements for dealing with loans to the persons specified in CREDS 7.2.7 R.(2) In relation to staff, the prohibition in CREDS 7.2.7 R applies only to those who are officers, certification employees2 or approved persons.2(3) "Connected" in CREDS 7.2.7 R includes any close business or personal relationship.