Implementation of Risk Management Requirements by Investment Firms subject to the Client Asset Regulations

Similar documents
Guidelines on Completing and Submitting Life Insurance, Non- Life Insurance and Reinsurance Applications

Authorisation Requirements for Money Transmission Businesses. Authorisation Requirements and Standards for Money Transmission Businesses

INTERNATIONAL ASSOCIATION OF INSURANCE SUPERVISORS

Anti-Money Laundering Update Domestic and European developments

February. Report on Findings of Thematic Fitness and Probity Inspections in Credit Unions

Consultation Paper 53: Corporate Governance Code for captive Insurance and captive Reinsurance Undertakings

Feedback Statement on CP Consultation on Second Edition of the Central Bank Investment Firms Regulations including changes related to MiFID II

New Methodology to Calculate Funding Levies Consultation Paper 108 Credit Institutions, Investment Firms, Fund Service Providers and EEA insurers

Protocol between the Central Bank of Ireland and the Auditors of Regulated Financial Service Providers The Auditor Protocol

Advent Insurance dac. Solvency and Financial Condition Report ( SFCR ) for the financial year ended 31 December P a g e 1

SOLVENCY & FINANCIAL CONDITION REPORT. SureStone Insurance dac

BERGRIVIER MUNICIPALITY. Risk Management Risk Appetite Framework

INTERNATIONAL ASSOCIATION OF INSURANCE SUPERVISORS

FIL Life Insurance (Ireland) DAC. Solvency and Financial Condition Report as at 30 June 2016

Solvency and Financial Condition Report Aegon Ireland

Fitness and Probity Regime for Credit Unions with assets less than 10m New Regulations commencing 31 December 2015

Becare DAC. Solvency and Financial Condition Report ( SFCR ) for the financial year ended 31 December Page 1

Solvency & Financial Condition Report. Surestone Insurance dac March

Corporate Governance Requirements for Investment Firms and Market Operators 2018

Feedback Statement on CP84 Consultation on the adoption of ESMA s revised guidelines on ETFs and other UCITS issues

GUIDELINE ON ENTERPRISE RISK MANAGEMENT

Guidance Note. Securitization. March Ce document est aussi disponible en français. Revised in October 2018

Vital Blue Insurance DAC

IT Risk in Credit Unions - Thematic Review Findings

GUIDELINES FOR THE INTERNAL CAPITAL ADEQUACY ASSESSMENT PROCESS FOR LICENSEES

Risk Review Committee Charter

INTERNAL CAPITAL ADEQUACY ASSESSMENT PROCESS MODULE

The Central Bank of Ireland (the Central Bank ) recently carried out a thematic review of the payment of performance fees by UCITS.

BERMUDA INSURANCE (GROUP SUPERVISION) RULES 2011 BR 76 / 2011

Audit & Risk Committee Report

Summary Enterprise Risk Management Framework

SOLVENCY AND FINANCIAL CONDITION REPORT EUROLIFE LTD

Rynda Property Investors LLP (the Firm )

AIA Group Limited. Terms of Reference for the Board Risk Committee

Re: Compliance with the Criminal Justice (Money Laundering and Terrorist Financing) Act 2010 ( CJA 2010 )

Re: European Commission Green Paper Audit Policy: Lessons from the Crisis

CORPORATE GOVERNANCE CODE FOR CREDIT INSTITUTIONS AND INSURANCE UNDERTAKINGS

Annual Compliance Statement for Credit Unions Frequently Asked Questions

Société d'assurances Générales Appliquées (SAGA) dac. Solvency and Financial Condition Report ( SFCR ) for the financial year ended 31 December 2016

Asset Concentration Report Guidance Note for Irish Investment Firms

Public Disclosure. For the Financial Year Ended 31 December 2017

Solvency and Financial Condition Report

SOLVENCY AND FINANCIAL CONDITION REPORT EUROLIFE LTD

Guideline. Own Risk and Solvency Assessment. Category: Sound Business and Financial Practices. No: E-19 Date: November 2015

Corporate Governance Code for Credit Institutions and Insurance Undertakings 2013

CATTOLICA LIFE DAC SOLVENCY AND FINANCIAL CONDITION REPORT 31 ST DECEMBER 2017

Intermediary Times. Welcome to the Intermediary Times Special Edition. Issue Special Edition

Internal governance. Supervisory Statement SS21/15. April 2015

Corporate Governance Requirements for Credit Institutions Frequently Asked Questions

ENTERPRISE RISK MANAGEMENT, INTERNAL MODELS AND OPERATIONAL RISK FOR LIFE INSURERS DISCUSSION PAPER DP14-09

ENSURING EFFECTIVE GOVERNANCE AND FINANCIAL REPORTING

Solvency Assessment and Management: Stress Testing Task Group Discussion Document 96 (v 3) General Stress Testing Guidance for Insurance Companies

IMPLEMENTATION NOTE. Corporate Governance Oversight at IRB Institutions

Corporate Governance Requirements for Insurance Undertakings Frequently Asked Questions

DIRECTIVES. (Text with EEA relevance)

TD BANK INTERNATIONAL S.A.

Board Risk & Compliance Committee Charter

CAPITAL ONE FINANCIAL CORPORATION CHARTER OF THE RISK COMMITTEE OF THE BOARD OF DIRECTORS

Investment Firms. Questions and Answers

GUIDANCE NOTE ASSET MANAGEMENT BY AUTHORIZED INSURERS

BERMUDA MONETARY AUTHORITY THE INSURANCE CODE OF CONDUCT FEBRUARY 2010

AUSTRAC Guidance Note. Risk management and AML/CTF programs

Western Captive Insurance Company DAC. Solvency and Financial Condition Report. For Financial Year Ending 31 st December 2016 (the reporting period )

TYRE REINSURANCE (IRELAND) DAC. Solvency and Financial Condition Report. For Financial Year Ending 31 st December 2016 (the reporting period )

TERMS OF REFERENCE. DLC Board Risk Capital Committee

Corporate Governance of Federally-Regulated Financial Institutions

Prudential Standard GOI 3 Risk Management and Internal Controls for Insurers

Money Laundering and Terrorist Financing Risks in the E-Money Sector

Statement regarding IOSCO Principles

Scouting Ireland Risk Management Framework

CORPORATE GOVERNANCE CODE FOR IRISH DOMICILED COLLECTIVE INVESTMENT SCHEMES

Pillar 3 Disclosures. Invesco UK Limited

RISK MANAGEMENT FRAMEWORK

TRUST COMPANY BUSINESS

Solvency and Financial Condition Report. Friends First Managed Pension Funds SOLVENCY AND FINANCIAL CONDITION REPORT

Guidance on the Approval and Supervision of Special Purpose Vehicles under Solvency II

Draft Guideline. Corporate Governance. Category: Sound Business and Financial Practices. I. Purpose and Scope of the Guideline. Date: November 2017

Investment Firms Questions and Answers. 3rd Edition 6 October 2017

Principles applicable to auditors reports to regulators

Supervisory Statement SS5/16 Corporate governance: Board responsibilities. July 2018 (Updating March 2016)

Supervisory Statement SS21/15 Internal governance. April (Updating October 2014)

Pillar 3 Disclosures. 31 December 2013

Bournemouth Primary MAT Risk Management Policy

INTERNATIONAL ASSOCIATION OF INSURANCE SUPERVISORS

Preparing for an Own Risk & Solvency Assessment

Guidance Note for Authorisation under MiFID

Pillar 3 Disclosures. Sterling ISA Managers Limited Year Ending 31 st December 2017

IAIS: Enterprise Risk Management for Capital Adequacy & Solvency Purposes. George Brady. IAIS Deputy Secretary General

BANKUNITED, INC. CHARTER OF THE RISK COMMITTEE

The DFSA Rulebook. Authorised Market Institutions (AMI) AMI/VER16/06-14

Solvency and Financial Condition Report. Friends First Life Assurance Company SOLVENCY AND FINANCIAL CONDITION REPORT

Corporate Governance Guideline

Risk Management Strategy Draft Copy

Solvency II Detailed guidance notes for dry run process. March 2010

Key Principles of Good Governance for Workplace Defined Contribution Pension Plans throughout Europe

Feedback Statement on CP108 Consultation on New Methodology to Calculate Funding Levies in respect of Credit Institutions, Investments Firms, Fund

Auditor Guidance Note 3 (AGN 03) Auditors Work on Value for Money (VFM) Arrangements Version issued on: 10 November 2017

STATUTORY INSTRUMENTS. S.I. No. 604 of 2017 CENTRAL BANK (SUPERVISION AND ENFORCEMENT) ACT 2013 (SECTION 48(1)) (INVESTMENT FIRMS) REGULATIONS 2017

ITX Re dac. Solvency & Financial Condition Report For the year ended 31 January 2017

PRISM Supervisory Commentary 2018

Transcription:

T +353 (0)1 224 6000 F +353 (0)1 671 5550 Sráid Wapping Nua, Cé an Phoirt Thuaidh, Baile Átha Cliath 1, Éire. New Wapping Street, North Wall Quay, Dublin 1, Ireland. www.centralbank.ie Chairman of the Board / Director 20 April 2017 Re: Implementation of Risk Management Requirements by Investment Firms subject to the Client Asset Regulations Dear Chairperson The Central Bank of Ireland (the Central Bank ) recently undertook a themed review to assess how investment firms 1 that are permitted to hold client assets, have implemented the new client asset risk management requirements. The aim of the themed review was to evaluate how the role of the Head of Client Asset Oversight (the HCAO ) is discharged and how the Client Asset Management Plan (the CAMP ) has been developed and embedded within each of the inspected investment firms. The purpose of this letter is to provide feedback on the Central Bank s findings and to highlight a number of good practices which you should consider in the context of your firm. The risk management requirements were introduced by the Client Asset Regulations 2 (the CAR ), which were first published in March 2015, and came into effect on 1 October 2015. The CAR Risk Management principle 3 requires investment firms to develop and maintain a CAMP, which must be challenged and approved by the Board, in order to document the risks to safeguarding client assets and how these risks are mitigated. Investment firms are also required to appoint a HCAO 4 in order to oversee the investment firm s arrangements for safeguarding client assets. In the course of the themed review, it was encouraging to note that HCAOs took a considered and constructive approach regarding their new responsibilities. It will be important that HCAOs continue to build on work already undertaken to develop the CAMP and embed it within the investment firm. 1 investment firm as defined in Regulation 2 of the Central Bank (Supervision and Enforcement) Act 2013 (Section 48(1)) Client Asset Regulations 2015 for Investment Firms (S.I. No. 104 of 2015) 2 Central Bank (Supervision and Enforcement) Act 2013 (Section 48(1)) Client Asset Regulations 2015 for Investment Firms (S.I. No. 104 of 2015) 3 Regulation 8 of the CAR 4 Pre-Approval Controlled Function ( PCF )

The HCAO must continue to establish and maintain effective relationships with internal and external stakeholders, in order to ensure effective oversight of client asset responsibilities. The HCAO has a critical role in ensuring that the protection of client assets is a top priority issue in the investment firm on an ongoing basis. It is the Board s responsibility to ensure the HCAO role is allocated to an individual with adequate authority, resources and expertise. The Board should note that the HCAO PCF role is subject to initial and ongoing review by the Central Bank. While the themed review noted a number of good practices, it also identified that further work is required to develop the CAMP and embed it within investment firms. In order to promote a culture of challenge, it is important that the contents of the CAMP are comprehensive and can be readily understood by an independent reader, including independent directors and external parties. The CAMP is a living document and it must be continually re-assessed to ensure it remains current and reflective of the investment firm s evolving business model. In order to effectively embed the CAMP in the investment firm s overall risk management framework, it is necessary to have a comprehensive risk identification process which captures and evaluates emerging firm-specific risks. Improvements to CAMPs are also required in relation to documenting the rationale for key judgements made with regard to the investment firm s business model. Aligned with this, the CAMP must clearly explain the client asset systems and controls in place, and it must be updated in a timely manner to address material changes to the investment firm s business model. Insolvency sections of the CAMP must be developed to ensure sufficient information is captured. Continuous re-assessment and development of materiality metrics, and client asset reporting arrangements, are necessary in order to embed the CAMP. This letter is addressed to the Chairman of the Board, as accountability and responsibility for ensuring that the investment firm has effective arrangements to safeguard client assets rests with the Board. The protection of client assets is a key priority for the Central Bank, as it is for your firm, and any risks to investor protection identified must be effectively managed. Embedding the CAMP within your firm is essential to ensuring client assets risks are effectively managed and the HCAO has a significant role in ensuring this objective is achieved on the Board s behalf. Appendix 1 to this letter outlines the key findings from the themed review in relation to the CAMP, together with the good practices noted. Appendix 2 to this letter outlines observations and good practice noted in relation to the HCAO role. Investment firms are at all times obliged to comply with their legal obligations as set out in the CAR and are expected to comply with related Guidance issued by the Central Bank. The good practices noted during the themed review are not an exhaustive list and investment firms should be continually evaluating their client asset risk management arrangements to ensure they are fit for purpose.

Action Required The Central Bank requires your firm to consider all findings, observations and good practices listed in Appendix 1 and 2 to this letter against your client asset risk management arrangements. The Central Bank expects that this letter will be discussed and considered by the Board before 31 December 2017, and that the minutes of the relevant Board meeting will record this. In circumstances of non-compliance by an investment firm with any regulatory requirements relevant to the matters raised in this letter, the Central Bank may, in the course of future supervisory engagement, or when exercising its supervisory and/or enforcement powers in respect of such non-compliance, have regard to the consideration given by an investment firm to the matters raised in this letter. Matters raised in this letter may also be considered during the conduct of future inspections. Should you have any queries regarding the content of this letter please contact the Central Bank s Client Asset Specialist Team at: cast@centralbank.ie. Yours sincerely Michael Hodson Director Asset Management Supervision Directorate

Appendix 1 During the themed review, the following key findings and good practices were noted in relation to developing and embedding the CAMP. 1. Risk Identification CAMP Client asset risks specific to an individual investment firm s business model were not always adequately identified or captured in the CAMP. A comprehensive risk identification process specific to the business model of the investment firm is essential to embedding the CAMP in the investment firm s overall risk management framework. Accurate risk identification is necessary in order to effectively evaluate the adequacy of mitigants. Using a risk matrix to comprehensively capture relevant risks, and evaluate those risks against relevant controls and other mitigants. A risk matrix is more readily digestible for an independent reader, thus promoting a greater level of challenge and allowing for more effective oversight. Documenting in the CAMP all risks, including primary (for example, counterparty) and secondary (for example, reputational) risks, reflecting fully the risks to safeguarding client assets, specific to the investment firm s business model and operational arrangements. Documenting in the CAMP outsourcing risks and risks relating to service continuity where there is a material reliance on a third party service provider (for example, for custody or banking services). Continuous evidenced-based evaluation of the risk of fraud, both internal and external, and the adequacy of mitigants. 2. Business Model CAMPs did not always clearly capture key judgements made by investment firms regarding their business models. These key judgements can be fundamental to an investment firm when determining the scope of its obligations under the CAR and developing a clear framework which allows the investment firm to meets its obligations. For example, determining whether products/services are regulated or unregulated has a significant impact on how the client asset obligations apply to the investment firm when providing such products/services. This determination also impacts on the information which must be disclosed to clients in this regard. An independent reader should have a clear understanding of the services/products that are in or out of scope of the CAR, including the basis for, and the implications of, such judgements. Documenting in the CAMP when products/services are deemed to be in or out of scope of the CAR, and capturing the rationales for these key judgements. Clearly incorporating into the CAMP client on-boarding obligations, which detail the investment firm s disclosure to clients in relation to services/products to be provided, including the associated risks and any limitations to protections available to clients.

Including in the CAMP the rationale for the investment firm requiring permission from the Central Bank to hold client assets, and outlining alternative options that were considered. 3. Insolvency Information While it was evident that some investment firms gave careful consideration to developing an insolvency section in respect of client assets in their CAMPs, other insolvency sections were noted to be too high level, with insufficient information captured. The insolvency information must be a stand-alone section in the CAMP and operate as an effective roadmap for a third party insolvency practitioner. It should contain all relevant information which the independent practitioner would need to enable the swift distribution of client assets in the event of the investment firm s insolvency. Regular compliance testing of all content in the insolvency section of the CAMP, including hyperlinks to information and documentation, to ensure the content is up-to-date, functioning correctly and accessible to a third party insolvency practitioner. Completion of an annual independent test of the insolvency section of the CAMP, in order to provide assurance to the board of the investment firm that the content (including hyperlinks and cross-references) of the insolvency section is sufficient and accurate. 4. Materiality Investment firms must identify and regularly re-assess client asset materiality metrics, to ensure that there is regular and meaningful escalation and reporting of client asset matters. In evolving the reporting framework, investment firms should consider other qualitative criteria which may trigger reporting or escalation within the business. Regular re-assessment of materiality criteria to ensure metrics are fit for purpose and appropriately calibrated to the investment firm s evolving business model and client asset transaction cycle. Documenting in the CAMP qualitative criteria which may trigger escalation within the investment firm and/or reporting to the Central Bank. For example, where an investment firm is contemplating the use of non-standard practices in order to facilitate a client, this should trigger an immediate escalation within the investment firm as it may expose the investment firm to increased operational risks, with potential for adverse consequences. Quarterly reporting to the board, or relevant committees within the investment firm, regarding quantitative and qualitative client asset metrics. 5. CAMP Development CAMPs were not always updated in a timely manner in order to reflect material changes to the investment firm s business model or a change in circumstances that affect how the investment firm safeguards client assets. For example, a significant project, acquisition or migration affecting client assets must be promptly and adequately reflected in the CAMP. It is important that the CAMP is viewed as a living document which should be continuously

reassessed and evolve with the business, thus promoting increased engagement and challenge. Extensive internal and external consultation during the development and ongoing review and updating of the CAMP. Capturing in the CAMP how each of the seven core principles of the CAR are addressed by the investment firm. Quarterly HCAO reviews of the CAMP in order to ensure it is kept up-to-date. Semi-annual board reviews of the CAMP to ensure it adequately captures any changes to the investment firm s business model which affects the manner in which client assets are held. 6. Effective Risk Mitigation CAMPs did not always contain sufficient information in relation to an investment firm s client asset controls and key IT systems in order to demonstrate how these systems and controls meet the principles of the client assets regime. It is important that the CAMP contains detailed explanations with regard to how the controls in place mitigate key operational risks, as this facilitates greater challenge in evaluating the effectiveness of the controls implemented. It is also important that an independent reader can understand the interactions and dependencies between key IT systems relevant to client asset processes. Including in the CAMP a clear explanation of client asset controls to mitigate client asset risks, particularly key operational risks. Using a risk mitigation matrix was noted as an effective way of achieving this. Providing in the CAMP a clear explanation of the various IT systems used by the investment firm in respect of client asset processes, and how these systems interact with each other. Documenting in the CAMP how access is controlled and monitored for key IT systems.

Appendix 2 During the themed review, the following observations and good practices were noted in relation to embedding the role of the HCAO. 1. Conflicts of Interest HCAO Observation: Independence from day-to-day operational client asset processes is important for the HCAO role to be effective. In addition, the person appointed to the role of HCAO should be free from any conflicts of interest in performing the role. Where a conflict of interest is unavoidable, it should be identified and adequately managed. Documenting in the CAMP the rationale for the nomination and appointment of the HCAO, including the criteria used by the investment firm in making this appointment. Documenting clear and distinct reporting obligations for the HCAO, where the HCAO holds other roles within the investment firm. Capturing in the CAMP the measures in place to manage any potential conflicts of interest which may arise from the performance of the HCAO role (for example, where the HCAO holds other PCF roles within the investment firm). 2. Effectiveness in carrying out the HCAO role Observation: Building and maintaining relationships with key stakeholders is essential to ensuring the HCAO role is effectively discharged. The HCAO has a significant role to play in ensuring that relevant stakeholders have adequate knowledge regarding the firm s obligations to safeguard client assets and that there exists a forum for regular discussion of client asset matters among stakeholders. Periodic re-assessment of HCAO resourcing requirements by the investment firm. In relation to the Control Function holder (the CF ) identified to provide cover in the HCAO s absence, documenting this arrangement in the CAMP, and providing and evidencing initial and ongoing training to the CF. The provision of client asset training by the HCAO to the investment firm employees, including board members, in order to increase knowledge and awareness of client asset arrangements and obligations, and to promote an increased level of engagement and challenge. Using existing fora (for example, Risk Committee) or establishing a stand-alone forum in order to facilitate open consultation and information sharing on client asset matters with relevant stakeholders within the investment firm. HCAO maintaining regular and open engagement with the external auditors.

3. Oversight and Reporting Observation: HCAOs drive the evolution of how oversight responsibilities are discharged, including the regular reporting of client asset information to the board and relevant committees. It is important that HCAOs consider how oversight is exercised in relation to any outsourcing arrangement relevant to client assets. HCAO undertaking a quarterly review of the investment firm s client asset obligations and formally reporting the findings to the board and/or relevant committees. HCAO introducing a tailored oversight approach incorporating a combination of daily and other less frequent monitoring activities. HCAO development of an oversight framework in relation to any significant outsourcing arrangement relevant to client assets in order to ensure its ongoing robustness.

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback