The Legal & Regulatory Responsibilities Ash Saluja CMS Cameron McKenna LLP @uktisa CASS Oversight Legal & Regulatory Responsibilities Ash Saluja, Partner CMS London 8 March 2016
Looking at The FCA focus What to do if you identify a CASS breach When enforcement takes action and lessons to be learned Handling a CASS investigation 23 The FCA focus (1) FCA statutory objectives: To secure an appropriate degree of protection for consumers To protect and enhance the integrity of the UK financial system. The FCA view The delivery of adequate protection of client money and safe custody assets is seen as a critical component for a successful financial services industry. Weaknesses in firms client asset systems and controls can cause serious financial detriment to customers and counterparties, as well as reputational damage to the FCA and UK markets. The CASS rules set a minimum standard of protection that allows for a competitive market in investment and custodial services not competing on levels of protection but on cost and the quality of services provided 24
The FCA focus (2) CASS oversight part of wider SYSC arrangements: Principle 10 to maintain adequate protection for client assets Compliance officer letter 2009 & Dear CEO letter 2010 Specialist Client Asset Unit created in 2010 Introduction of CF10a function in October 2011 CMAR and Auditor s Client Asset Report Supreme Court decision on LIBE The review of the CASS regime and PS14/9 & PS14/10 25 The FCA focus (3) Protection of Client Assets and Money is still a priority for the Financial Conduct Authority and this is not going to go away David Lawton, Director of Markets FCA December 2014 FCA CASS Conference FCA continues to focus on this area: Increasing the supervision of firms holding client money and safe custody of assets through more intrusive visits to firms, thematic projects and desk-based reviews, actions initiated through CMAR /audit information and taking regulatory action where firm failings are identified. FCA expects firms to learn lessons from enforcement action Other firms with responsibility for client assets should take this as a further warning that there is no excuse for failing to safeguard client assets and to ensure their own processes comply with our rules. Client assets protection continues to be a priority for the FCA and firms who hold client assets should review their processes in line with these findings to ensure full compliance with the Custody Rules 15 April 2015 Georgina Philippou, FCA acting Director of Enforcement Prudential context It is vital for firms to have a good handle on their compliance with the CASS rules, their prudential health and any conduct risks, as the three interact. Nausicaa Delfas, FCA Director of Specialist Supervision 21 May 2015 26
What if you identify a breach of CASS? Identify: What has gone wrong? How significant is it? Length/frequency of breach? Evidence of any weaknesses in controls? Is remedial action required Notify FCA depending on significance/ materiality of breach Principle 11 anything which the regulator might reasonably expect notice SUP 15.3.11R significant breach of rule CASS 7.6.16 R - without delay... if not complied with, or is unable, in any material respect, to comply with the requirements in CASS 7.6.1R [or] CASS 7.6.2R Ensure self reporting is prompt, clear and provides assurance that management is in control and appropriate remedial action is being taken Consequences of failure 27 What goes wrong Triggers for investigation & action: Actual loss for clients Risk of loss to clients and risk of set off by banks Risk of delay in return of money Failure to heed warnings firms.should ensure they continue to strengthen their management, oversight and controls in this area Lengthy breaches Systemic importance of firm Failure to identify, notify & false attestations Governance or cultural failings Previous fines Breaches of: Principle 10 (adequate protection for clients assets) Principle 3 (reasonable systems & controls) CASS APER for individuals 28
What has gone wrong? Failure to: Segregate and comingling with firm s own funds Carry out sufficient due diligence on institutions holding monies Recognise firm is holding client money Obtain trust letters Perform client money calculations and reconciliations accurately and promptly Inadequate records to distinguish one client s money from another Manage acquisitions and re-organisations weakening CASS oversight Record and identify group entity contracting with client Use appropriate naming conventions to make it clear it was client money Cover shortfalls and notify FCA Oversee TPAs Oversee, monitor and obtain adequate MI Train relevant staff Carry out sufficient enquiries before providing affirmations to FCA 29 Penalties New regime for breaches post March 2010 (since Xcap June 2013) Level of seriousness Percentage Client Money Percentage Safe custody assets Level 1 0 0 Level 2 1 0.2 Level 3 2 0.4 Level 4 3 0.6 Level 5 4 0.8 FCA has discretion to increase or decrease in 5 step framework Higher fines - record fines in 2014 ( 38m Barclays ) and 2015 ( 126m Bank of New York Mellon) Risk of individual action against senior management where there is personal responsibility for failings (see Pritchard October 2014) Publication of Warning Notices Most cases settle - 30% discount 30
How to handle a CASS investigation Some practical points Seeking to avoid an enforcement referral Robust systems and controls kept under review Awareness of regulatory developments and actions Prompt and effective notification of any breaches Firm identifies and carries out remedial action on own initiative No risk of loss or delay Good and constructive relationship with supervisors Managing an investigation effectively Prompt and well ordered response to requests for information and well prepared interviewees Put issues in context and show actions were reasonable Seek to understand Regulator s concerns and address them early in the process Demonstrate lack of risk to client assets consider expert IP evidence Show lessons learned and acted on by firm Settle where appropriate 31 CMS Legal Services EEIG (CMS EEIG) is a European Economic Interest Grouping that coordinates an organisation of independent law firms. CMS EEIG provides no client services. Such services are solely provided by CMS EEIG s member firms in their respective jurisdictions. CMS EEIG and each of its member firms are separate and legally distinct entities, and no such entity has any authority to bind any other. CMS EEIG and each member firm are liable only for their own acts or omissions and not those of each other. The brand name CMS and the term firm are used to refer to some or all of the member firms or their offices. CMS locations: Aberdeen, Algiers, Amsterdam, Antwerp, Barcelona, Beijing, Belgrade, Berlin, Bratislava, Bristol, Brussels, Bucharest, Budapest, Casablanca, Cologne, Dubai, Duesseldorf, Edinburgh, Frankfurt, Geneva, Glasgow, Hamburg, Istanbul, Kyiv, Leipzig, Lisbon, Ljubljana, London, Luxembourg, Lyon, Madrid, Mexico City, Milan, Moscow, Munich, Muscat, Paris, Prague, Rio de Janeiro, Rome, Sarajevo, Seville, Shanghai, Sofia, Strasbourg, Stuttgart, Tirana, Utrecht, Vienna, Warsaw, Zagreb and Zurich. www.cmslegal.com 32