Khepri's A to Z: Q, R and S - Buy and Sell-Side Compliance

Know-how
Written By Carlin Sewell

Introduction

In this LinkedIn Article we are bundling together three letters in our A to Z series:

  1. S: Senior Managers,

  2. Q: Questions

  3. R: Records.

In our opinion, asking the right question and keeping good records will help Senior managers comply with their Duty of Responsibility.

Senior Managers’ Duty of Responsibility

Senior Managers can be liable if it can be proved that they failed to take “reasonable steps” to properly manage the business for which they are responsible.

The FCA, the Decision Procedure and Penalties (DEPP) Sourcebook (Chapter 6) discuss the situations where the FCA is able to take action against an Senior Management Function manager under section 66A(5) of FSMA.

When determining under section 66A(5)(d) of the Act whether or not an SMF manager has taken such steps as a person in their position could reasonably be expected to take to avoid the contravention of a relevant requirement by a firm occurring (or continuing) the FCA has set out 18 areas that they would consider – Chapter 6 is a must read for all Senior Managers!

Questions

  1. In light of the above, what questions should Senior Managers’ be asking themselves and their teams:

  2. Do I understand in detail my statement of responsibility? Do I understand how the areas for which I am responsible may impact the business as a whole and the firms overall compliance with applicable rules and regulations?

  3. Is the management information complete and consistent with my understanding of the business being conducted by the teams I am responsible for?

  4. Where the management information is not consistent with my understanding, have I asked for further clarification?

  5. Given the nature, scale and complexity of the business for which I am responsible, if the granularity and frequency of the information I am receiving appropriate?

  6. Where the management information shows there is a highly likelihood of breaches, have I instructed action to be taken and am I tracking those requests?

  7. Do I have the right team in place to help me run the business line I am responsible for?

  8. Do I have the right management structure in place?

  9. Do I have too many or to few direct reports and do I have sufficient time to manage my direct reports?

  10. All their clear escalation channels?

  11. When decisions are to be taken collectively, do I rely to munch on others or do I take the time to understand for myself the relevant facts?

  12. What level of assurance is provided to me by the risk and compliance teams on the implementation and operating effectiveness of the controls that have been established in my business unit?

  13. When an issue arises is it investigated in sufficient detail and is the rationale for taking, or not taking, action understood.

 

Records

In relation to the above questions, what documentation would you provide a regulator to demonstrate that the above has been considered?

Carlin Sewell
Previous

HM Treasury Updates On Financial Promotion Exemptions
Next

Khepri's A to Z: Enhancing Implementation of the Investment Firms Prudential Regime (IFPR) - Buy and Sell-Side Compliance