Senior Management Arrangements, Systems And Controls

Question 1

Explain what the purposes of SYSC are

Answer 1

SYSC sets out rules for how firms should be run, particularly focusing on the responsibility of senior managers:

1. Encourage senior managers to take responsibility: urges firm’s directors and senior managers to ensure they are personally accountable for how the firm is managed
2. Clarify responsibility for management and control: strengthens Principle 3 (Management and Control in PRIN). Firms must organize their affairs properly and have adequate risk management systems
3. Promote responsible organisation: encourages firms to give specific directors and senior managers clear responsibility for making sure the company is run effectively and responsibly.
4. Common set of rules: common platform of organisational and systems and controls requirements for all firms (standard set of rules and controls that all firms must follow)

Question 2

What is a common platform with regards to SYSC for organisational requirements?

Answer 2

1. It’s a Unified set of organisational requirements in SYSC 4-10
2. Applies to all firms except insurers, managing agents and the Society of Lloyd’s.
3. These are high-level rules rather than detailed rules and guidance.
4. SYSC 2-3 do not apply to common platform firms but, apply to all authorised firms that fall outside the scope of the common platform.

Question 3

List what SYSC 4-10 are

Answer 3

SYSC 4: General organisational requirements

SYSC 5: Employees, agents and other relevant persons

SYSC 6: Compliance, internal audit and financial crime

SYSC 7: Risk control

SYSC 8: Outsourcing

SYSC 9: Record keeping

SYSC 10: Conflicts of interest

Question 4

SYSC 4: General organisational requirements

What does this include?

Answer 4

1. A firm’s governance, internal controls and organisation, accounting controls and audit committee -
   A. clear organisational structure with well-defined and consistent lines of responsibility.
   B. effective processes to identify, manage and report risks
   C. sound accounting procedures.
2. A firm’s business continuity -
   A. Have adequate business continuity policy to limit losses, preserve data and maintain or resume activities
3. The persons controlling a firm -
   A. At least two persons should manage a firm
   B. This persons must be experienced and of good repute.
4. Senior management responsibility -
   A. Ensure compliance with regulatory obligations.
   B. Receive frequent reports on actions taken to address deficiencies
5. A firm’s management body should have clear allocation of responsibilities -
   A. Should also have clear responsibility for the risk strategy, business strategy and internal governance of a firm

Question 5

SYSC 5: Employees, agents and other relevant persons

What does this include?

Answer 5

This includes:

1. Skills, knowledge and expertise.
2. Segregation of duties.
3. Awareness of procedures.
4. General requirements.

Question 6

SYSC 6: Compliance, internal audit and financial crime

What does this include?

Answer 6

This includes a firm to:

1. Establish and maintain policies and procedures to ensure effective compliance with regulations.
2. Appoint a compliance officer who was responsible for compliance oversight.
3. Compliance officer should report to the governing body of the firm.
4. Maintain effective and proportionate systems and controls to identify, assess, monitor and manage money laundering risk.

Question 7

What is Money Laundering Risk?

Answer 7

1. Is the risk that a firm may be used to further money laundering
2. When considering whether a firm has breached the rules - we need to check whether it has followed the guidance issued by the Joint Money Laundering Steering Group (JMLSG)

Question 8

SYSC 6: Compliance, internal audit and financial crime

What should a firm’s systems and controls include?

Answer 8

1. Training employees in relation to money laundering.
2. Provision of information to its governing body and senior management at least annually from the firm’s money laundering reporting officer (MLRO).
3. Documentation of risk management policies and risk profile in relation to money laundering.
4. Measures to ensure that money laundering risk is taken into account in day-to-day operations.
5. Measures to ensure procedures for identification of new customers do not unreasonably deny access to its services to potential customers.
6. A firm must appoint a director/ senior manager to have overall responsibility for anti-money laundering systems. They should also appoint a MLRO.

Question 9

SYSC 7: Risk Control

What does this include?

Answer 9

1. Establish and maintain adequate risk management policies and procedures.
2. These policies and procedures should identify and set the tolerable level of risk.
3. Document the organisation and responsibilities of the risk assessment function.

Question 10

SYSC 8: Outsourcing

What does this include?

Answer 10

1. If a firm outsources important tasks to another company, it still remains responsible for making sure those tasks meet regulatory requirements. The firm cannot avoid its duties just because another company is handling the work.
2. Senior managers remain accountable and cannot delegate their responsibilities—even if they outsource certain functions, they must still ensure everything is done properly and in line with regulations.

Question 11

SYSC 9: Record-keeping

What does this include?

Answer 11

1. A firm must keep clear and organised records of its business activities, internal structure, services, and transactions.
2. These records must be detailed enough for the FCA to check whether the firm is following all regulatory rules, especially those related to client obligations.
3. If the firm deals with a MiFID business, it must keep these records for at least five years.

Question 12

SYSC 10: Conflicts of Interest

What does this include?

Answer 12

Also PRINCIPLE 8 of PRIN

1. Take appropriate steps to identify conflict of interest.
2. Maintain and operate effective organisational and administrative arrangements to prevent conflict of interest that risks damage to clients interests.
3. Disclose conflicts as a last resort: firms should first try to manage and prevent conflicts. Disclosure should only be used when there’s no other way to resolve the issue.
4. A firm should establish, implement and maintain an effective conflict of interest policy

Question 13

What is “conflict of interest”?

Answer 13

1. Personal relationships or financial incentives influence business decisions.
2. These are not taken with the clients’ best interests in mind

Question 14

What should be included in the “conflict of interest” policy?

Answer 14

1. Identify the specific services and activities carried out by or on behalf of the firm.
2. Circumstances which constitute or may give rise to a conflict of interest entailing a material risk of damage to the interests of one or more clients.
3. Specify procedures to be followed and measures to be adopted in order to manage such conflicts

Question 15

What do SYSC 11-17 include?

Answer 15

1. Set out the risk management and Prudential require requirements relating to banks and insurance companies.
2. Cover risk management systems for liquidity risk, operational risk, group risk, credit risk, market risk, insurance risk and Prudential requirements

Question 16

SYSC 18: Whistleblowing

What does this include?

Answer 16

1. Public Interest Disclosure Act 1998 (PIDA) - establishes a framework for protection of employees in cases of whistleblowing
2. The new formal whistleblowing procedures apply to:
   A. UK Banks and building societies that hold over £250 million in assets.

B. Certain investment firms that are specially regulated by the PRA (Prudential Regulation Authority).

C. Insurance companies that are also regulated by the PRA.

Question 17

SYSC 18: Whistleblowing

What are the new rules published by the FCA and PRA on formal whistleblowing procedures?

Answer 17

1. Have internal whistleblowing arrangements in place and inform the UK based employees about these arrangements.
2. Inform the UK based employees that they can blow the whistle to the FCA or the PRA.
3. Offer protection to all whistleblowers, whatever their relationship with the Pham and whatever the topic of the disclosure.
4. Include a provision/rule in new employment contracts and settlement agreements clarifying that nothing in that agreement prevents an employee or an ex-employee from making a protected disclosure
5. Appoint a “whistleblowers” champion”

Question 18

SYSC 18 - Whistleblowing.

Rule 1 states “Have internal whistleblowing arrangements in place and inform the UK based employees about these arrangements”

What does this exactly include?

Answer 18

Firms should have:

1. Written procedures on whistleblowing.
2. Respect whistleblowers’ confidentiality.
3. Assess and escalate whistleblowers’ reports appropriately. Informed the regulators and/or law enforcement where appropriate.
4. Track the outcome of the whistleblowing report and the whistleblowers themselves
5. Take all reasonable steps to ensure no one in the firm victimises/ punishes whistleblowers

Question 19

SYSC 18 - Whistleblowing.

Rule 5 states “Appoint a “whistleblowers” champion”

What does this exactly include?

Answer 19

This is a senior individual (a non-executive director who is a senior manager) who is responsible for:

1. Overseeing the effectiveness of the firm’s whistleblowing policy
2. Preparing an annual report to the board regarding the operation of the policy.
3. When an employee takes their company to an employment tribunal for whistleblower mistreatment (e.g. unfair dismissal or retaliation) and wins the case, the company must report this outcome to the Financial Conduct Authority (FCA).

Question 20

SYSC 19: Remuneration Codes

What does this include?

Answer 20

1. Preventing excessive risk-taking – ensures firms don’t reward employees in ways that encourage risky behavior, and they don’t pay out more than they can afford.
2. These codes apply to all banks, building societies, large alternative investment fund managers and capital adequacy directive (CAD) investment firms
3. MiFID II rules – Investment firms offering services to clients cannot link pay directly to sales (firms can’t pay employees purely on sales performance). This protects investors by ensuring that advisors focus on what’s best for the client, rather than earning commissions. (investor protection and the protection of client interests)
4. The codes apply to senior management., risk takers and staff and control functions - known as the “code staff”

Question 21

SYSC 19: Remuneration Codes

What are the main provisions of the remuneration codes?

Answer 21

1. Deferring Bonuses
   A. At least 40% of a bonus must be deferred for at least 3 years for all “code staff” (senior management, risk-takers, and control function staff).

B. For senior management/ if the bonus is over £500,000, at least 60% must be deferred.

2. Bonus in Shares or Non-Cash Instruments
   A. At least 50% of any bonus must be paid in shares, share-linked instruments, or similar non-cash forms.

B. These must have an appropriate retention period to align with long-term company performance. (Cannot be sold/ cashed immediately)

3. Guaranteed Bonuses
   A. Firms cannot offer guaranteed bonuses for more than one year.

B. Exceptions apply only in exceptional cases for new hires, and only for the first year.

4. Risk Management - ensure remuneration policies support sound risk management.
5. Governance & Disclosure
   A. Senior management must review and oversee pay policies regularly.

B. Firms must disclose details of their remuneration policies at least once a year.

Question 22

SYSC 19: Remuneration Codes

Under MiFID II, FCA introduced a new remuneration code called SYSC 19F.

What does this entail?

Answer 22

Restrictions on Pay in Investment Firms

1. Firms must not pay or assess staff performance in ways that conflict with client interests.
2. They cannot set pay, sales targets, or incentives that encourage staff to recommend unsuitable financial products.