[Note: ESMA has also issued guidelines under article 16(3) of the ESMA Regulation covering certain aspects of the MiFID compliance function requirements. See
http://www.esma.europa.eu/content/Guidelines-certain-aspects-MiFID-compliance-function-requirements
.]
For a common platform firm:
(1)
[deleted]
(2)
the rules and guidance apply as set out in the table below:
| Subject | Applicable rule or guidance |
|---|---|
| Adequate policy and procedures | SYSC 6.1.1R, SYSC 6.1.1AG, SYSC 6.1.2-AR |
| Compliance function | SYSC 6.1.3-AR, SYSC 6.1.3-BR, SYSC 6.1.3-CR, SYSC 6.1.4-AG, SYSC 6.1.4-ABG, SYSC 6.1.5AR |
| Internal audit | SYSC 6.2.1R, SYSC 6.2.2G |
| Financial crime | SYSC 6.3.1R to SYSC 6.3.11G |
For a MiFID optional exemption firm and a third country firm:
(1)
the rules and guidance in this chapter apply to them as if they were rules or as guidance in accordance with SYSC 1 Annex 1 3.2CR(1).
(2)
[deleted]
A firm must establish, implement and maintain adequate policies and procedures sufficient to ensure compliance of the firm including its managers, employees and appointed representatives (or where applicable, tied agents) with its obligations under the regulatory system and for countering the risk that the firm might be used to further financial crime.
[Note: article 16(2) of MiFID and article 12(1)(a) of the UCITS Directive]
A firm that is amanagement company or an operator of an electronic system in relation to lending must, taking intoaccount the nature, scale and complexity of its business, and the nature and range of financial services and activities undertaken in the course of that business, establish, implement and maintain adequate policies and procedures designed to detect any risk of failure by the firm to comply with its obligations under the regulatory system, as well as associated risks, and put in place adequate measures and procedures designed to minimise such risks and to enable the FCA to exercise its powers effectively under the regulatory system.
[Note: article 10(1) of the UCITS implementing Directive]
A common platform firm must, taking into account the nature, scale and complexity of its business, and the nature and range of financial services and activities undertaken in the course of its designated investment business, establish, implement and maintain adequate policies and procedures designed to detect any risk of failure by the firm to comply with its obligations under the UK law on markets in financial instruments, as well as associated risks, and put in place adequate measures and procedures designed to minimise such risks and to enable the FCA to exercise its powers effectively under the UK law on markets in financial instruments.
Other firms should take account of the adequate policies and procedures rule (SYSC 6.1.2 R) as if it were guidance (and as if should appeared in that rule instead of must) as explained in SYSC 1 Annex 1 3.3 R(1).
A firm that is amanagement company or an operator of an electronic system in relation to lending must maintain a permanent and effective compliance function which operates independently and which has the following responsibilities:
to monitor and, on a regular basis, to assess the adequacy and effectiveness of the measures and procedures put in place in accordance with SYSC 6.1.2 R, and the actions taken to address any deficiencies in the firm's compliance with its obligations; and
to advise and assist the relevant persons responsible for carrying out regulated activities to comply with the firm's obligations under the regulatory system.
[Note: article 10(2) of the UCITS implementing Directive]
A common platform firm must establish and maintain a permanent and effective compliance function which operates independently and which has the following responsibilities:
To comply with SYSC 6.1.3-AR(1) and (2), the firm's compliance function must conduct an assessment on the basis of which it must establish a risk-based monitoring programme that takes into consideration all areas of the firm'sdesignated investment business and any relevant ancillary services and ancillary activities associated with the firm'sregulated activities, including relevant information gathered in relation to the monitoring of complaints-handling. The monitoring programme must establish priorities determined by the compliance risk assessment ensuring that compliance risk is comprehensively monitored.
In order to enable the compliance function referred to in SYSC 6.1.3-AR and SYSC 6.1.3-BR to discharge its responsibilities properly and independently, a common platform firm must ensure that the following conditions are satisfied:
(1) the compliance function must have the necessary authority, resources, expertise and access to all relevant information;
(2) a compliance officer must be appointed and replaced by the management body and must be responsible for the compliance function and for any reporting as to compliance required in relation to the UK law on markets in financial instruments and by SYSC 4.3.2-AR(3);
(3) the compliance function reports on an ad-hoc basis directly to the management body where it detects a significant risk of failure by the firm to comply with its obligations under the UK law on markets in financial instruments;
(4) the relevant persons involved in the compliance functions must not be involved in the performance of the services or activities they monitor;
(5) the method of determining the remuneration of the relevant persons involved in the compliance function must not compromise their objectivity and must not be likely to do so.
Other firms should take account of the compliance function rule (SYSC 6.1.3 R) as if it were guidance (and as if should appeared in that rule instead of must) as explained in SYSC 1 Annex 1 3.3 R(1).
Notwithstanding SYSC 6.1.3 R, as it applies under (1), depending on the nature, scale and complexity of its business, it may be appropriate for a firm to have a separate compliance function. Where a firm has a separate compliance function the firm should also take into account SYSC 6.1.3 R and SYSC 6.1.4 R as guidance.
In order to enable the compliance function to discharge its responsibilities properly and independently, a firm that is amanagement company or an operator of an electronic system in relation to lending must ensure that the following conditions are satisfied:
the compliance function must have the necessary authority, resources, expertise and access to all relevant information;
a compliance officer must be appointed and must be responsible for the compliance function and for any reporting as to compliance required by SYSC 4.3.2 R;
the relevant persons involved in the compliance functions must not be involved in the performance of the services or activities they monitor;
the method of determining the remuneration of the relevant persons involved in the compliance function must not compromise their objectivity and must not be likely to do so.
[Note: article 10(3) of the UCITS implementing Directive]
In setting the method of determining the remuneration of relevant persons involved in the compliance function:
[deleted]
firms that SYSC 19D applies to will also need to comply with the dual-regulated firms Remuneration Code;
firms that the remuneration part of the PRA Rulebook applies to will also need to comply with it; and
firms that SYSC 19G applies to will also need to comply with the MIFIDPRU Remuneration Code.
In setting the method of determining the remuneration of relevant persons involved in the compliance function, full-scope UK AIFMs will need to comply with the AIFM Remuneration Code.
(1)
This guidance is relevant to an SMCR firm required to appoint a compliance officer under SYSC 6.1.4R or SYSC 6.1.3-CR as applicable.
(2)
Taking account of the nature, scale and complexity of its activities, the firm should have appropriate procedures to ensure that the removal or any other disciplinary sanctioning of the compliance officer does not undermine the independence of the compliance function.
(3)
In the FCA's view, it will be appropriate, in many cases, for the removal or any other disciplinary sanctioning of the compliance officer to require the approval of a majority of the management body, including at least a majority of its members who do not perform any executive function in the firm.
A firm which is not a common platform firm or management company and which carries on designated investment business with or for retail clients or professional clients must allocate to a director or senior manager the function of:
having responsibility for oversight of the firm's compliance; and
reporting to the governing body in respect of that responsibility.
In SYSC 6.1.4A R (1) compliance means compliance with the rules in:
A firm in (2) or (3) must appoint a compliance officer to be responsible for ensuring the firm meets its obligations under SYSC 6.1.1R for any compliance function the firm has and for any reporting as to compliance which may be made under SYSC 4.3.2R.
This rule applies to:
a debt management firm; and
This rule also applies to a firm that meets the following conditions:
it is a Class 1 firm as defined in CMCOB 7.2.5R(1); and
SUP 10C (FCA senior managers regime for approved persons in SMCR firms) applies the compliance oversight function to it.
A firm that is amanagement company or an operator of an electronic system in relation to lending need not comply with SYSC 6.1.4 R (3) or SYSC 6.1.4 R (4) if it is able to demonstrate that in view of the nature, scale and complexity of its business, and the nature and range of financial services and activities, the requirements under those rules are not proportionate and that its compliance function continues to be effective.
[Note: article 10(3) second paragraph of the UCITS implementing Directive]
A common platform firm need not comply with SYSC 6.1.3-CR(4) or SYSC 6.1.3-CR(5) if it is able to demonstrate that in view of the nature, scale and complexity of its business, and the nature and range of its designated investment business, the requirements under those rules are not proportionate and that its compliance function continues to be effective. In that case, a common platform firm must assess whether the effectiveness of the compliance function is compromised, and the assessment must be reviewed on a regular basis.
Other firms should take account of the proportionality rule (SYSC 6.1.5 R) as if it were guidance (and as if should appeared in that rule instead of must) as explained in SYSC 1 Annex 1 3.3R(1).
The exemptions in SYSC 6.1.5R are unlikely to apply to a firm that is an operator of an electronic system in relation to lending where that firm offers lenders a P2P portfolio with a target rate.
