CASS Compliance and Transfer Agent Oversight
A UK-based investment management company with more than £50 Billion assets under management (AUM). The firm is a FTSE 250 company listed on the London Stock Exchange.
A manual approach to CASS compliance
The client is a large CASS firm and is therefore required to comply with applicable FCA client money rules. The company currently outsources elements of its CASS operations to a transfer agent and as per the relevant CASS outsource rules was required to put in place the necessary processes and controls to oversee that critical outsource relationship.
To facilitate compliance with the CASS rules and the FRC standards, the firm relied on an Excel spreadsheet to manage its CASS control matrix. Rules were sourced manually from the FCA website and copied and pasted into the spreadsheet. The CASS team was then faced with a set of challenging tasks including:
manually mapping the applicable rules to the appropriate controls, risks and related business processes
documenting attestations to
creating and maintaining an up-to-date resolution pack (maintained in SharePoint)
recording risk events and breaches (also managed in spreadsheets), and
ensuring that all these disparate elements of their CASS framework were kept up to date on an ongoing basis
Prior to implementing Ruleguard, the approach used by the firm was very manual, tedious, and introduced a number of risks into the business.
To assist the firm in addressing the challenges outlined above, we introduced Ruleguard’s software-as-a-service (SaaS) proposition which has been designed specifically to enable firms to comply with applicable CASS rules.
Users have access to an automated and up-to-date feed of the CASS handbook from the FCA. The rules are kept up to date by Ruleguard. The CASS team at the firm are informed weeks in advance of a proposed rule change, giving them ample time to evidence compliance with the rules.
The platform has a multidimensional rule mapping feature which enables users to easily map rules to processes and related controls.
Automating CASS control matrix and incident/breach reporting
On implementation, the Ruleguard team transferred the firm’s control matrix, currently maintained in Excel, into the software solution. A gap analysis was conducted as part of the user-acceptance testing to confirm that all rules had been appropriately mapped to the relevant artefacts and processes in the system.
The information required to generate the CASS resolution pack (RP) was also uploaded into the system, eliminating the current manual approach to maintaining the RP.
Ruleguard's third party oversight portal is used by the transfer agent (TA) to which the firm outsources some of its CASS operations. CASS oversight is therefore straightforward: the TA and the client firm communicate and share information via the Ruleguard platform, eliminating the current manual and inconsistent approach to CASS oversight. The implementation project took no more than 3 months from start to finish.
The firm now has access to a robust rules-mapping solution for maintaining its CASS control matrix, access to the most up to date CASS rules and fully configurable dashboards for management information reporting.