TABLE OF CONTENTS 1 Introduction... 10 1.1 Purpose & Scope of the Manual... 10 1.2 Responsibility for the Manual... 11 2 Regulatory Framework... 12 2.1 Introduction to the FCA... 12 2.2 Financial Services Regulatory Framework... 12 2.2.1 FCA's Objectives... 13 2.2.2 FCA Handbook Overview... 13 3 Compliance Program... 15 3.1 Introduction... 15 3.2 Scope of Your Business... 15 3.3 Regulatory Business Plan... 16 3.3.1 INSERT: Organisational Chart... 18 3.4 Status Disclosure Statement... 18 3.5 Compliance Statement... 19 3.5.1 Compliance Monitoring Document... 19 3.6 Compliance Officer... 19 3.7 Compliance Policy... 20 4 Principles for Business (PRIN)... 24 4.1 Introduction... 24 4.2 The Principles... 24 4.2.1 Our Approach to PRIN... 25 5 Conduct of Business (COBS)... 26 5.1 Introduction... 26 5.2 Conduct of Business Obligations (COBS 2)... 26 5.2.1 Conduct of Business Policy... 26 5.3 Client Agreements (COBS 8)... 34 5.3.1 Record Keeping for Client Agreements... 35 5.4 Providing Product Information to Clients (COBS 14)... 35 6 Senior Management Arrangements, Systems & Controls (SYSC)... 38 6.1 Introduction... 38 6.2 General Organisational Requirements... 38 6.2.1 INSERT: Business Continuity... 39 6.3 Compliance... 40 6.3.1 Compliance with the Rules... 40 6.4 Compliance Breach Policy... 41 6.5 Compliance Breach Procedures... 43 6.5.1 Breach Incident Form... 47 2
6.6 Internal Audits... 49 6.7 Audit & Monitoring Policy & Procedures... 49 6.7.1 Compliance Monitoring Assessment Form... 58 6.8 Quality Assurance & Performance Policy & Procedures... 59 6.8.1 Appendix A - Staff Monitoring Form... 64 6.9 Risk Management... 66 6.9.1 Risk Management Policy & Procedures... 66 6.10 Risk Matrix... 78 6.11 Risk Register... 81 6.12 Risk Mitigating Action Plan... 82 6.13 Outsourcing... 83 6.13.1 General Requirements... 83 6.13.2 Introducer/Lead Generator Agreement... 84 6.14 Outsourcing & Supplier Policy & Procedures... 88 6.15 Record Keeping... 97 6.15.1 Guidance on Record Keeping... 97 6.15.2 Meeting Minutes Template... 98 6.16 Records Management Policy... 98 6.16.1 Records Retention Policy... 100 6.17 Records Retention Periods Register... 102 6.18 Change Management Policy... 103 6.18.1 Request for Change Form... 111 6.19 Conflicts of Interest... 112 6.19.1 Chinese Walls... 113 6.20 Conflicts of Interest Policy... 113 6.20.1 Conflict of Interest Register... 117 6.20.2 INSERT: Conflicts of Interest Procedures... 117 6.21 Whistleblowing... 117 6.21.1 Public Interest Disclosure Act... 118 6.22 Whistleblowing Policy & Procedures... 118 6.22.1 Whistleblowing Complaint Form (Template)... 124 6.23 Remuneration... 126 6.23.1 FCA Remuneration Code Principles... 126 6.24 Remuneration Policy... 127 6.24.1 INSERT: Remuneration Procedures... 129 7 Data Protection & Security... 130 7.1 Data Protection... 130 7.1.1 Commitment to Comply with Data Protection Act... 131 7.1.2 Data Protection Principles... 132 7.2 Data Protection Officer... 132 3
7.2.1 Duties of the Data Protection Officer... 133 7.2.2 Designated Data Protection Officer... 133 7.2.3 Deputy Data Protection Officer... 134 7.3 Data Protection Policy & Procedures... 134 7.4 Data Protection Audit... 142 7.4.1 Privacy & Electronic Communications Regulations... 142 7.5 Employee Confidentiality Agreement... 143 7.5.1 Non-Disclosure Agreement (NDA) Template... 144 7.6 Information Security... 147 7.6.1 Information Security Policy... 148 7.6.2 Access Control & Password Policy... 158 7.6.3 BYOD & Remote Access Policy... 165 7.6.4 Asset Management Policy... 170 7.6.5 Information Asset Register (External)... 181 7.6.6 Secure Disposal Policy... 181 7.6.7 Clear Desk Policy... 183 7.7 Information Security Audit... 186 7.8 PCI Compliance... 188 7.8.1 PCI Compliance Policy... 188 8 Financial Crime & AML... 193 8.1 Introduction... 193 8.1.1 Proceeds of Crime Act... 194 8.2 Money Laundering Reporting Officer (MLRO)... 195 8.2.1 MLRO Annual Report... 195 8.2.2 National Crime Agency (NCA)... 196 8.2.3 The Financial Action Task Force (FATF)... 196 8.3 AML Measures & Controls... 196 8.3.1 Introduction... 196 8.3.2 Anti-Money Laundering Audit... 197 8.3.3 Anti-Money Laundering Policy & Procedures... 198 8.4 Suspicious Activity Reporting... 211 8.4.1 Suspicious Activity Report (SAR) Internal Template... 211 8.5 Bribery & Corruption... 212 8.5.1 Introduction... 212 8.5.2 Anti-Bribery Principles... 213 8.5.3 Anti-Corruption & Bribery Policy... 214 9 Know Your Customer & Due Diligence... 219 9.1 Introduction... 219 9.1.1 Know Your Customer Controls... 219 9.1.2 Enhanced Due Diligence... 220 4
9.1.3 Politically Exposed Persons (PEPs)... 221 9.1.4 Cross-Border Due Diligence... 221 9.1.5 Non-UK Country AML Requirements... 222 9.2 Due Diligence Policy... 222 9.3 Due Diligence Questionnaire... 226 9.4 Due Diligence Checklist... 231 10 Market Abuse... 235 10.1 Introduction... 235 10.2 Market Abuse Policy... 235 10.2.1 Suspicious Transaction or Order Report (STOR) Form... 252 10.2.2 Insider List Template (Excel)... 257 11 Threshold Conditions (COND)... 259 11.1 Introduction... 259 11.1.1 Location of Offices... 259 11.1.2 Effective Supervision... 259 11.1.3 Appropriate Resources... 260 11.1.4 Suitability... 260 11.1.5 Business Model... 260 11.2 Threshold Conditions Policy & Controls... 261 12 Approved Persons & Controlled Functions (APER & FIT)... 271 12.1 Introduction... 271 12.1.1 The Statements of Principle for Approved Persons... 272 12.1.2 The Code of Practice for Approved Persons... 272 12.2 Approved Person & Controlled Functions Policy... 273 12.3 Controlled Functions... 278 12.3.1 Controlled Functions & Approved Persons Register... 279 12.4 SMF Roles... 279 12.5 SMF Manager Handover Policy... 280 13 Recruitment & Induction... 287 13.1 Introduction... 287 13.1.1 Competence... 287 13.1.2 Assessing & Maintaining Competence... 288 13.2 Supervisors... 289 13.3 Employee Recruitment Policy & Procedure... 289 13.3.1 Sample Interview Questions & Scoring... 294 13.4 Employee Induction Policy... 297 13.4.1 Induction Checklist... 300 13.4.2 Job Description Example... 303 14 Employee Training & Assessment... 305 14.1 Training... 305 5
14.2 Training & Development Policy & Procedure... 306 14.2.1 Training Evaluation Form... 310 14.2.2 Training & Development Log... 313 14.2.3 Employee Training Record... 314 14.3 Employee Assessment Papers... 315 14.3.1 Assessment Structure... 315 14.3.2 Assessment Analysis... 315 14.3.3 Assessment Q&A Format... 316 14.4 Arrears & Default Assessment Q&A Papers (external)... 316 14.5 AML & Financial Crime Assessment Q&A Papers (external)... 316 14.6 DPA & Information Security Assessment Q&A Papers (external)... 316 14.7 FCA & Regulation Assessment Q&A Papers (external)... 316 14.8 TCF Assessment Q&A Papers (external)... 317 14.9 Vulnerable Customers Assessment Q&A Papers (external)... 317 14.10 Complaint Handling & Disputes Assessment Q&A Papers (external)... 317 14.10.1 Call Monitoring Checklist & Assessment... 318 15 Responsibilities to Customers... 324 15.1 Treating Customers Fairly (TCF)... 324 15.1.1 What is TCF?... 324 15.1.2 Expectations of Firms... 325 15.1.3 Six TCF Outcomes... 325 15.2 Treating Customers Fairly Policy... 326 15.3 Insert: Treating Customers Fairly Procedures... 331 15.3.1 TCF Procedure Guidance... 331 15.4 Treating Customers Fairly Audit... 334 15.5 Vulnerable Customers... 334 15.5.1 Approach to Vulnerable Customers... 335 15.5.2 Identifying Vulnerable Customers... 335 15.5.3 Debt & Mental Health MALG... 336 15.5.4 Debt & Mental Health Evidence Form (DMHEF)... 336 15.6 Vulnerable Customers Policy & Procedures... 336 15.7 Vulnerable Customer Audit... 346 16 General Provisions (GEN)... 347 16.1 Introduction... 347 16.2 Statutory Disclosure Status... 347 16.2.1 Additional Disclosure Requirements... 347 16.2.2 General Disclosure Notes... 348 16.2.3 Insurance against Penalties... 349 16.3 Consumer Call Charges Rules... 349 16.4 Appointed Representative (AR) Principal Requirements... 350 6
16.4.1 Due Diligence for Appointing AR... 352 16.5 Appointed Representatives (SUP 12)... 353 16.5.1 Appointed Representative Monitoring Procedures... 353 16.5.2 Insert: Appointed Representative Agreement... 356 16.5.3 Insert: Appointed Representative On-boarding Procedures... 356 17 Supervision (SUP)... 357 17.1 Introduction... 357 17.2 General Guidance... 358 17.3 Reports by Skilled Persons... 358 17.4 Notifications to the FCA... 358 17.5 Reporting Requirements... 359 17.5.1 Internal Reports... 359 17.6 Management Information Policy... 359 17.6.1 FCA Reports... 363 17.6.2 Compliance Reporting... 363 18 Decision Procedure and Penalties (DEPP)... 364 18.1 Introduction... 364 18.2 Penalties... 364 19 Dispute Resolution: Complaints (DISP)... 365 19.1 Introduction... 365 19.1.1 Financial Ombudsman Service (FoS)... 365 19.2 Complaint Handling... 366 19.2.1 Complaint Handling Policy & Procedure... 366 19.2.2 Complaint Handling Log (Excel)... 373 19.2.3 Complaint Handling Form... 373 19.3 Complaint Handling & Disputes Audit... 375 20 Consumer Credit Sourcebook (CONC)... 376 20.1 Introduction... 376 20.2 Guidance on Financial Difficulties... 376 20.2.1 Financial Difficulties Policy... 377 20.2.2 Affordability Assessment Calculator (Excel)... 383 20.3 General Principles for Credit-Regulated Activities... 383 20.3.1 Credit Broking... 383 20.3.2 Credit References... 384 20.3.3 Credit Broker Refunds... 385 20.3.4 Transparency of Status... 385 20.3.5 Disclosure of Commission and Fees... 385 20.3.6 INSERT: Services and Costs Disclosure Document... 385 20.4 Lenders... 386 20.4.1 General Conduct... 386 7
20.4.2 Provision of Credit Card Cheques... 386 20.4.3 Credit References... 386 20.5 Responsible Lending Policy... 386 20.6 Affordability & Creditworthiness Policy & Procedures... 391 20.6.1 Income & Expenditure Form... 397 20.7 Debt Counselling, Adjusting and Credit Information Services... 399 20.8 Distance Marketing... 400 20.8.1 Distance Marketing Policy... 402 20.8.2 Distance Marketing Checklist... 407 20.9 E-commerce... 408 20.9.1 E-Commerce Policy... 409 20.10 Financial Promotions & Customer Communication... 413 20.10.1 Communication & Financial Promotion Checklist... 413 20.10.2 Financial Promotions & Communication Policy... 417 20.11 Pre-Contractual Requirements... 428 20.11.1 Pre-Contract Disclosure Policy... 428 20.11.2 Key Features Disclosure Information Leaflet... 436 20.11.3 Pre-Contractual Checklist... 440 20.12 Commissions... 441 20.13 Continuous Payment Authorities... 442 20.13.1 CPA Policy & Procedures... 442 20.14 Post-Contractual Requirements... 446 20.14.1 Post-Contract Policy... 447 20.15 Cancellation & Refund Policy... 453 20.16 Arrears, Default & Recovery... 455 20.16.1 Introduction to Arrears... 456 20.16.2 Arrears & Default Policy & Procedures... 456 20.17 Arrears, Default & Financial Difficulty Audit... 463 20.18 Application of Interest & Charges... 463 20.19 Communication with Customers... 464 20.20 Data Accuracy... 465 20.21 Debt Recovery Policy & Procedures... 465 20.21.1 Debt Advice... 480 20.21.2 Credit Information Services... 481 20.22 Debt Management Plans... 482 20.22.1 Prudential Rules for Debt Management Firms... 482 20.22.2 Debt Advice Policy & Procedures... 483 20.23 Credit Reference Agencies... 489 20.23.1 Cost Cap for High-Cost Short-Term Credit... 491 21 Business Operational Procedures... 493 8
21.1 INSERT: Add Own Procedures Here... 493 21.2 INSERT: Add Own Procedures Here... 493 22 Employee Declaration... 494 22.1 Compliance Declaration Form... 494 23 Compliance Audit Checklists......(External Pages) 494-614 24 Employee Assessment Q&A Papers.....(External Pages) 615-746 25 CASS Manual & Resolution Packs......(External Pages) 747-847 9