An applicant seeking authorisation to provide data reporting services shall include in its application for authorisation a programme of operations referred to in regulation 7 of the Data Reporting Services Regulations 2017. The programme of operations shall include the following information:
information on the organisational structure of the applicant, including an organisational chart and a description of the human, technical and legal resources allocated to its business activities;
information on the compliance policies and procedures of the data reporting services provider, including:
the name of the person or persons responsible for the approval and maintenance of those policies;
the arrangements to monitor and enforce the compliance policies and procedures;
the measures to be undertaken in the event of a breach which may result in a failure to meet the conditions for initial authorisation;
a description of the procedure for reporting to the competent authority any breach which may result in a failure to meet the conditions for initial authorisation;
a list of all outsourced functions and resources allocated to the control of the outsourced functions;
A data reporting services provider offering services other than data reporting services shall describe those services in the organisational chart.
Status: Please note you should read all Brexit changes to the FCA Handbook and BTS alongside the main FCA transitional directions. Where these directions apply the 'standstill', firms have the choice between complying with the pre-IP completion day rules, or the post-IP completion day rules. To see a full list of Handbook modules affected, please see Annex B to the main FCA transitional directions.