[deleted] 5
Related provisions for SYSC 22.6.5
21 - 40 of 181 items.
Table: To whom does COCON apply? 9
9Persons to whom COCON applies |
Comments9 |
(1) An SMF manager.9 |
|
(2) An employee (“P”) of an SMCR firm12 who:9 (a) performs the function of an SMF manager;9 (b) is not an approved person to perform the function in question; and9 (c) is required to be an approved person at the time P performs that function.9 |
|
(3) An employee of an SMCR firm12 who would be performing an FCA-designated senior management function12 but for SUP 10C.3.13R (The 12-week rule). 9 |
|
(4) A certification employee of an SMCR firm12.9 |
This applies even if the certification employee has not been notified that COCON applies to them or notified of the rules that apply to them.9 |
(5) An employee of an SMCR firm who would be performing an FCA certification function but for SYSC 27.5.1R (Emergency appointments) or SYSC 27.5.3R (Temporary12 UK role). 9 12 |
|
(6) Any employee of an SMCR firm12 not coming within another row of this table, except one listed in column (2) of this row (6) of this table12. 9 |
(A)12 This row (6)12 does not apply to an employee of an SMCR firm12 who only performs functions falling within the scope of the following roles:9 (a) receptionists; (b) switchboard operators; (c) post room staff; (d) reprographics/print room staff; (e) property/facilities management; (f) events management; (g) security guards; (h) invoice processing; (i) audio visual technicians; (j) vending machine staff; (k) medical staff; (l) archive records management; (m) drivers; (n) corporate social responsibility staff; (o) taking part in following activities of the firm:14 14 (i) the firm’s activities as a data controller; or 14(ii) the firm’s activities of data processing; as defined in the data protection legislation, but subject to Note (1) of this table14;data protection legislation;10 (p) cleaners; (q) catering staff; (r) personal assistant or secretary; (s) information technology support (ie, helpdesk); and (t) human resources administrators /processors. 121417 |
(7) [deleted]12 9 |
9 |
(8) A board director of: a UK SMCR firm.12 9999 |
9 |
| 9 | |
14Note (1): A function is only within paragraph (o) of column (2) (Comments) of row (6) of this table if the function does not require the employee concerned to exercise a significant amount of discretion or judgment. |
|
(1) COCON applies to the conduct of 6conduct rules staff set out in (2) 6wherever it is performed.(2) 6This rule applies to:(a) a senior conduct rules staff member; and(b) a certification employee performing FCA certification function (6)12 (material risk takers) in the table in SYSC 27.7.3R for a UK SMCR firm12.12
(1) This rule applies to members of a firm’sconduct rules staff apart from conduct rules staff in COCON 1.1.9R. 6522(2) Subject to (3), COCON only applies to the conduct of persons to whom this rule applies (as set out in (1)) if that conduct:6(a) 6is performed from an establishment maintained in the United Kingdom by the SMCR firm; or12(b) 6involves dealing with a client of the firm in the United Kingdom from an establishment overseas.5(3) 6Paragraph (2)(b) only applies to a
(1) The RDC is separate from the FCA's2 executive management structure. Apart from its Chairman, none of the members of the RDC is an FCA2employee.22(2) All members of the RDC are appointed for fixed periods by the FCA2 Board. The FCA2 Board may remove a member of the RDC, but only in the event of that member's misconduct or incapacity.22
(1) (a) This paragraph CASS 1A.3.1BG describes how CASS 1A.3.1AR applies to SMCR firms.8343(b) The8 function in CASS 1A.3.1AR is not a separate controlled function and performing that function does not require approval as an approved person.837(c) 7However, nothing in paragraphs (1A) to (4) affects the requirement for the function in CASS 1A.3.1AR to be allocated to a single director or senior manager of sufficient skill and authority in accordance with CASS 1A.3.1AR and CASS
Table: What positions need a reference
Position |
When to obtain reference |
Comments |
(A) Permitting or appointing someone to perform an FCA controlled function or a PRA controlled function. |
One month before the end of the application period Where a request for a reference would require: (a) the firm requesting the reference; (b) the employer giving the reference; or (c) any other person; to make a mandatory disclosure prior to P disclosing to its current employer that such application has been made, the date is the end of the application period. |
|
(B) Issuing a certificate under section 63F of the Act (Certification of employees by2 authorised persons). |
Before the certificate is issued |
This includes renewing an existing certificate. |
(C) Appointing someone to any of the following positions (as defined in the PRA Rulebook): (a) a notified non-executive director; (b) a credit union non-executive director; or (c) a key function holder. |
Not applicable |
SYSC 22.2.1R (obligation to obtain a reference) does not apply to a firm appointing someone to the position in column (1). However SYSC 22.2.2R does apply to a firm asked to give a reference to a firm appointing someone to the position in column (1). |
3(D) A firm appointing someone to be a non-SMF board director subject to competence requirements of itself. |
Before appointment |
Only applies where the appointment is by a UK SMCR firm that is: (a) a core SMCR firm; or (b) an enhanced scope SMCR firm. |
Note 1: Mandatory disclosure means an obligation in any applicable laws, regulations or rules to declare or disclose information to the public. |
||
Note 2: P refers to the employee or ex-employee about whom the reference is given as defined in more detail in SYSC 22.2.1R and SYSC 22.2.2R. |
||
Note 3: The application period means the period for consideration referred to in section 61 of the Act (Determination of application). |
||
If at any time:(1) a firm3 (B) has given a reference under SYSC 22.2.2R to another firm (A) about an employee or ex-employee of B (P);2(2) B was also an SMCR firm2 when it gave the reference in (1);(3) either of the following applies:(a) B is aware of matters or circumstances that mean that if B had been aware of them when giving that reference, this chapter would have required B to draft the reference differently; or(b) the following applies:(i) B has since giving the reference
If at any time:(1) a firm3 (B) has given a reference under SYSC 22.2.2R to another firm (A) about an employee or ex-employee of B (P);2(2) B asks A whether P is still an employee of A; and(3) B gave A the reference no more than six years ago;A must answer that question as soon as reasonably practicable, even if B does not tell A why it wants to know that information.
1CASS 11.3.3G(5) to (11)2 also apply to a CASS small debt management firm that is an SMCR firm3 and the function in CASS 11.3.1R. However:(1) the function in CASS 11.3.1R is not a separate FCA certification function3; and(2) the person performing that function will not necessarily be subject to the employee certification regime described in SYSC 27 (Senior managers and certification regime: Certification regime3).
(1) [deleted]41(2) As a consequence of CASS 11.3.4R4, in a CASS large debt management firm (including a not-for-profit debt advice body fitting into that category) the function described in CASS 11.3.4R is required to be discharged by a director or senior manager.1(3) [deleted]4313(4) [deleted]413(4A) 3For an SMCR firm, the function in CASS 11.3.4R is not a separate controlled function and performing that function does not require approval as an approved person. Paragraphs (5)
A firm should consult SYSC 3.2.2 G to SYSC 3.2.5 G for guidance on reporting lines and delegation of functions within a firm and SYSC 3.2.13 G to SYSC 3.2.14 G for guidance on the suitability of employees and appointed representatives or, where applicable, its tied agents1. This section provides additional guidance on management of employees and other human resources in the context of operational risk.
A firm should establish and maintain appropriate systems and controls for the management of operational risks that can arise from employees. In doing so, a firm should have regard to:(1) its operational risk culture, and any variations in this or its human resource management practices, across its operations (including, for example, the extent to which the compliance culture is extended to in-house IT staff);(2) whether the way employees are remunerated exposes the firm to the
A firm should ensure that all employees are capable of performing, and aware of, their operational risk management responsibilities, including by establishing and maintaining:(1) appropriate segregation of employees' duties and appropriate supervision of employees in the performance of their responsibilities (see SYSC 3.2.5 G);(2) appropriate recruitment and subsequent processes to review the fitness and propriety of employees (see SYSC 3.2.13 G and SYSC 3.2.14 G);(3) clear
(1) If a firm takes disciplinary action as a result of a conduct breach (see SUP 15.11.6R) against an employee but the employee has appealed or plans to appeal, the firm should still report the disciplinary action under section 64C of the Act but should include the appeal in the notification.5(2) The firm should update the FCA on the outcome of any appeal.52
The obligations to make a notification pursuant to2section
64C of the Act apply notwithstanding any agreement (for example a 'COT 3'
Agreement settled by the Advisory, Conciliation and Arbitration Service
(ACAS)) or any other arrangements entered into by a firm and an employee
upon termination of the employee's employment. A firm should not enter
into any such arrangements or agreements that could conflict with its
obligations under this section.
In setting the method of determining the remuneration of employees involved in the risk management function:(1) firms that SYSC 19D applies to will also need to comply with the dual-regulated firms Remuneration Code; and(2) firms that the remuneration part of the PRA Rulebook applies to will also need to comply with it.16513138
(1) A firm'sgoverning body is likely to delegate many functions and tasks for the purpose of carrying out its business. When functions or tasks are delegated, either to employees or to appointed representatives or, where applicable, its tied agents8, appropriate safeguards should be put in place.(2) When there is delegation, a firm should assess whether the recipient is suitable to carry out the delegated function or task, taking into account the degree of responsibility involved.(3)
Where it is made possible and appropriate by the nature, scale and complexity of its business, a firm should segregate the duties of individuals and departments in such a way as to reduce opportunities for financial crime or contravention of requirements and standards under the regulatory system. For example, the duties of front-office and back-office staff should be segregated so as to prevent a single individual initiating, processing and controlling transactions.
(1) Depending on the nature, scale and complexity of its business, it may be appropriate for a firm to have a separate compliance function. The organisation and responsibilities of a compliance function should be documented. A compliance function should be staffed by an appropriate number of competent staff who are sufficiently independent to perform their duties objectively. It should be adequately resourced and should have unrestricted access to the firm's relevant records as
(1) Depending on the nature, scale and complexity of its business, it may be appropriate for a firm to have a separate risk assessment function responsible for assessing the risks that the firm faces and advising the governing body and senior managers on them.(2) The organisation and responsibilities of a risk assessment function should be documented. The function should be adequately resourced and staffed by an appropriate number of competent staff who are sufficiently independent
A firm must take reasonable care to ensure that every letter (or electronic equivalent) which it or its employees send to a retail client4, with a view to or in connection with the firm carrying on a regulated activity, includes the disclosure in GEN 4 Annex 1 R (firms that are not PRA-authorised persons) or GEN 4 Annex 1AR (PRA-authorised persons) as applicable14.14
(1) GEN 4.3.1 R (Disclosure in letters to retail clients4) covers letters delivered by hand, sent by post and sent by fax and also electronic mail, but not text messages, account statements, business cards or compliment slips (used as such).4(2) GEN 4.3.1 R (Disclosure in letters to retail clients4) applies in relation to letters sent by any of the firm's employees, which includes its appointed representatives and their employees.4(3) Firms are likely to find it convenient to
(1) 1Where a firm has outsourced activities to a third party processor other than advising on life policies3, GEN 4.3.1 R does not apply to that third party processor when acting as such, so long as the outsourcing firm ensures that the third party processor and its employees comply with that rule as if it was the firm and they were employees of the firm.(2) Where an appointed representative has outsourced insurance distribution activities10 other than advising on life policies3
(1) The 5credit union'sgoverning body5has responsibility for ensuring that the credit union complies with the requirements of SYSC 4.1.1 R (see CREDS 2.2.1 G and CREDS 2.2.2 G). So, the governing body5 has overall responsibility for:(a) establishing objectives and formulating a business plan;(b) monitoring the financial position of the credit union;(c) determining and documenting policies and procedures;(d) directing and coordinating the work of all employees and volunteers, and
5Under section 63E(1) of the Act, an SMCR firm6 (including a credit union) should take reasonable care to ensure that no employee of the firm performs an FCA certification function6 under an arrangement entered into by the firm in relation to the carrying on by that firm of a regulated activity, unless the employee has a valid certificate issued by that firm to perform the function to which the certificate relates. The definition of employee for these purposes goes beyond a conventional
(1) SYSC 22.2.1R (Obligation to obtain references3) applies even if the employer has already got a reference for the employee. For example:2(a) a firm3 should have a reference whenever it renews the certificate of a certification employee; and2(b) changing jobs within the same firm3 may require a reference. 2(2) However, the firm3 does not necessarily need to obtain a new reference each time (a) or (b) above occurs. That is because an existing reference will very often still be
2Generally, the FCA would expect to use private warnings in the context of firms, approved persons and conduct rules staff1. However, the FCA may also issue private warnings in circumstances where the persons involved may not necessarily be authorised or approved. For example, private warnings may be issued in potential cases of market abuse; cases where the FCA has considered making a prohibition order or a disapplication order; or cases involving breaches of provisions imposed
2In each case, the FCA will consider the likely impact of a private warning on the recipient and whether any risk that person poses to the statutory objectives requires the FCA to take more serious action. Equally, where the FCA gives a private warning to an approved person or conduct rules staff1, the FCA will consider whether it would be desirable and appropriate to inform the person's1firm (or employer, if different) of the conduct giving rise to the warning and the FCA's
A firm should ensure (subject to any legal requirements) that adequate and accurate information it holds about a customer in relation to a debt is made available to persons involved on its behalf in the debt recovery process. Information relating to the customer which should be made available to agents or employees includes, for example:(1) being in financial difficulties;(2) being particularly vulnerable;(3) disputing the debt;(4) a repayment plan or forbearance being in place;(5)
(1) SYSC 22.9.1R applies to keeping records created before the date this chapter came into force as well as ones created afterwards.(2) A3firm does not breach the requirements of this chapter by failing to include something in a reference or by failing to have records2 because it destroyed the relevant records before the date this chapter came into force in accordance with the record keeping requirements applicable to it at the time of destruction.2(3) (1) also applies to records