governance,
third parties,
CASS,
client assets,
resolution pack,
outsourcing,
client money
In 2020 the FCA issued three Dear CEO letters. The letters were a reminder to firms of the obligations relating to client assets and client money. FCA reminded firms of the importance of maintaining adequate measures to protect client money and assets in the current...
Read More
governance,
culture,
corporate governance,
monitoring,
controls,
communication,
audit trail,
data sharing
How well can your firm demonstrate effective systems and controls? Corporate Governance isn’t just about who sits on your board and how often the board meets. It’s about the systems and controls as well as the standards set within a firm. It’s about ensuring that the...
Read More
accountability,
oversight,
SOX,
trust,
audit trail,
audit reform,
UK SOX
In 2002, the USA implemented the Sarbanes Oxley Act (SOX). It caused quite a stir at the time due to the time and effort required to make changes to comply with it. Some felt that it was too onerous. Others felt it was an overreaction to some large corporate failures....
Read More
governance,
accountability,
SM&CR,
MIC regime,
FAR,
BEAR,
SEAR
Since the financial crisis of 2008 regulators worldwide have been introducing reforms to improve individual accountability within firms. Regulators were criticised for their lack of action and not preventing the crisis. Further criticism was aimed at firms’ failings...
Read More
third parties,
culture,
breach management,
risk management,
issues,
data sharing
A firm’s operational error log can provide a great deal of information about its compliance culture. Consider the following: Is it always the same individuals recording all the issues? Has the log remained untouched for several months? Are the identified issues...
Read More
assessments,
monitoring,
audit trail,
data sharing
All regulated firms are obliged to conduct compliance monitoring. The compliance function is required to monitor and test compliance by performing sufficient and representative compliance testing. Then the results are reported up through the compliance reporting line...
Read More
third parties,
accountability,
corporate governance,
oversight,
risk management,
operational resilience,
monitoring,
audit trail,
BCBS,
IOSCO
We’re all aware that operational resilience requires an holistic view of a firm’s operations. The Financial Services industry operates globally and requires a coordinated effort to establish a resilient framework. Current work to improve resilience focuses on being...
Read More
Implementation of the Senior Managers and Certification Regime is currently underway and may well have an impact on your firm’s existing CASS arrangements. This is because the FCA, as part of the SM&CR rules, has introduced a new Prescribed Responsibility for firms...
Read More
governance,
third parties,
accountability,
operational resilience
Build Resilient Payment Services in an Evolving Regulatory Landscape This was the view of the Payment Systems Regulator (PSR) back in 2015 when the PSR was still relatively new. Six years later and it’s fair to say that payments systems are even more critical today....
Read More
governance,
third parties,
oversight,
operational resilience,
data sharing,
outsourcing,
EBA
Strengthening Resilience: How to Build Robust Third Party Risk Management Chains Both the Prudential Regulation Authority (PRA) and the Financial Conduct Authority (FCA) require firms to identify and manage their risks. Over the years we’ve seen both regulators focus...
Read More
accountability,
SM&CR,
certification,
conduct rules
HM Treasury issued a consultation earlier in July. The proposals signal HMT’s intention to extend the Senior Managers & Certification Regime (SM&CR) to include Financial Market Infrastructures (FMIs). Interested parties should submit their responses by 22 October 2021....
Read More
governance,
third parties,
oversight,
risk management,
operational resilience,
outsourcing
Build a Stronger Operational Resilience Framework With the publication of final policy statements there is a clear message that firms must look externally at third party relationships as part of their Operational Resilience framework. The requirements are designed to...
Read More