Circular 2018/3 Outsourcing banks and insurers

Similar documents
Circular 2018/3 Outsourcing Banks and Insurance companies

Circular 2016/4 Insurance groups and conglomerates

Circular 2011/2 Capital buffer and capital planning banks. Capital buffer and capital planning in the banking sector

Recognition of external credit assessment institutions (credit rating agencies)

Duties of operators of organised trading facilities (OTFs)

Accounting rules for banks, securities dealers, financial groups and conglomerates (ARB)

Circular 2008/14 Supervisory Reporting - Banks. Supervisory reporting for annual and semi-annual financial statements in the banking sector

Addressees. Central securities depositories. Central counterparties. Trade repositories. Payment systems. Participants. SICAVs

Circular 2008/11 Disclosure requirements for securities transactions

Circular 2008/3 Public deposits at non-banks. Commercial acceptance of public deposits by non-banks under the Banking Act

Circular 2008/1 Licensing and reporting requirements - banks

Implementing BCBS 368 (Interest Rate Risk in the Banking Book) in Switzerland

Newsletter No. January 2018

Circular 2008/3 Public deposits at non-banks. Commercial acceptance of public deposits by non-banks under the Banking Act

Circular 2019/2 Interest Rate Risks - Banks. Measurement, management, monitoring and control of interest rate risks in the banking book

ZURICH. The New FINMA Outsourcing Circular

FINMA Circular 2013/7 Limitation of Intragroup Positions Banks

Circular 2008/44 SST. Swiss Solvency Test (SST) Addressees BA ISA SESTA CISA AMLA Other

Guidelines. 1 Purpose. 2 Making an enquiry. for enquiries regarding the regulatory framework for initial coin offerings (ICOs)

Circular 2008/20 Market risks - Banks. Capital requirements for market risks at banks

Circular 2019/1 Risk diversification banks. Risk diversification rules for banks

Reporting requirements for participants of SIX Swiss Exchange, Swiss securities dealers and foreign branches of Swiss securities dealers

Synopsis of the most important regulatory developments in insurance Status as at 1 January 2018 Swiss insurance industry what counts

Federal Act on Financial Market Infrastructures and Market Conduct in Securities and Derivatives Trading

(Banking Insolvency Ordinance, BIO-FINMA) of 30 August 2012 (Status as of 1 January 2015)

After the Big Bang: New FINMA Guidance and Guidelines on Financial Market Infrastructures After the enactment of the Swiss Financial

Circular 2008/19 Credit risk - Banks. Overview of capital requirements for credit risks in the banking sector

Guidelines. Purpose. I. Terms used and definitions

Circular 2015/2 Liquidity risks banks. Qualitative liquidity risk management requirements and quantitative liquidity requirements

(FINMA Banking Insolvency Ordinance, BIO-FINMA) of 30 August 2012 (Status as of 1 April 2017)

Swiss Federal Banking Commission Circular: Audit Reports of Banks and Securities Firms. 29 June 2005 (Latest amendment: 24 November 2005)

Ordinance on Collective Investment Schemes

A. PURPOSE AND APPLICABILITY... 1 Art. 1 Purpose... 1 Art. 2 Applicability... 1

Ordinance on Collective Investment Schemes (Collective Investment Schemes Ordinance, CISO)

Ordinance on the Recognition of Foreign Trading Venues for the Trading of Equity Securities of Companies with Registered Office in Switzerland

November 2013 Guidelines on the duty to keep documentary records according to section 24(3) CISA (Collective Investment Schemes Act)

Mutual Recognition of Funds (MRF) between Switzerland and Hong Kong

Federal Act on Financial Services

Circular 2008/10 Self-regulation as a minimum standard

2017 Portfolio Management Guidelines

Transborder data transfers briefly explained

November 2013 Guidelines on the duty to keep documentary records according to section 24(3) CISA (Collective Investment Schemes Act)

Reporting Office Rules for the Fulfilment of the Legal Reporting Requirements for Securities Dealers

CISA Minimum AMLA audit requirements / data submission form

Trading own equity securities with the purpose of ensuring liquidity under the new provisions on market manipulation

Recognition of cross-border insolvency measures for banks - the Swiss solution

Ordinance of the Takeover Board on Public Takeover Offers

FINMA Circular 2013/6 Liquidity Banks

Ordinance to the Federal Act on the Swiss National Bank

Insurance and reinsurance in Switzerland: overview

We would like to thank you to give us the opportunity to voice our opinion on the abovementioned

I Legal basis Name of the fund: name and registered office of the fund management company and the custodian bank... 4

Swiss Anti-Money Laundering Ordinance-FINMA

Directive on Information relating to Corporate Governance (Directive Corporate Governance, DCG)

Pictet CH Institutional

ZURICH. Regulatory Aspects of Initial Coin Offerings (ICOs) in Switzerland

SIX Exchange Regulation. Reporting Guide

Circular 2015/1 Accounting banks

Portfolio Managers, Trustees, and Managers of Collective Assets under FinIA the Dawn of a New Age

New rules for the Swiss financial centre in FinSA and FinIA

Articles of Association Zurich Insurance Group Ltd

Entry into force of the new Swiss investment funds regulation

TITLE I STRUCTURE PURPOSE - NAME - REGISTERED OFFICE DURATION OF THE COMPANY

FMA MINIMUM STANDARDS

An AIF shall be managed by a single AIFM responsible for ensuring compliance with the AIFM Law which shall either be:

Federal Act on Financial Services : paradigm shift for practitioners

Securities. Regulatory. News Deals & Cases. Events

Directives. of Federal Office of Private Insurance (FOPI) 15/2006 on Corporate Governance, Risk Management and the Internal Control System

ARTICLES OF ASSOCIATION OF SGS SA

Switzerland s new financial market architecture

Swiss Collective Investment Schemes Act (CISA) Key elements September 2012

16 NOVEMBER Strategic goals

Regulatory update: an overview of the latest developments financial sector Authors: Michèle Steinmann, Andreas Hagi

Investment Regulations

Federal Act on Combating Money Laundering and Terrorist Financing

ToR External Audit of Project Accounts for the Swiss Partner/s

Scheme B - Investment Companies. Entry into force: 2 May 2019

FinIA & FinSA overview

Risks, Rules, and Opportunities in Art Investment. Session 1. Works of art: a common asset class? Philipp Fischer.

Directive on Information relating to Corporate Governance (Directive Corporate Governance, DCG)

INVESTMENT SERVICES RULES FOR RETAIL COLLECTIVE INVESTMENT SCHEMES

Synopsis of the most important regulatory developments

Opinion paper MEGATREND FINANCIAL CENTRE. Insurance industry May 2015

TOB Circular no. 1: Buyback programmes

Directives. of the Federal Office of Private Insurance FOPI

Federal Act on Financial Institutions. Title 1: General Provisions Chapter 1: Subject Matter, Purpose and Scope of Application

Legal risks in cross-border private client business a challenge for the financial centre and the authorities

Federal Act on Combating Money Laundering and Terrorist Financing

Investment Regulations Valid with effect from 1 July 2016

EIOPA facilitates and updates the so8called Helsinki plus list which provides information on EEA insurance groups and their supervision.

Articles of Incorporation of Valora Holding Ltd.

Federal Act on the Institution for the Administration of the Swiss Federal Social Security Funds AHV, IV and EO

NKF Banking, Finance & Regulatory Team Update 4/2017

Federal Act on Financial Institutions (Financial Institutions Act, FINIG)

1. Chapter Objective and principles 3. Art. 1 Objective 3 Art. 2 Fundamentals 3 Art. 3 General principles 4

Articles of Incorporation Zurich Insurance Group Ltd 2016

to the CESR s technical advice on the European commission on the level 2 measures related to the UCITS management company passport CESR/09.

GUIDANCE NOTE ASSET MANAGEMENT BY AUTHORIZED INSURERS

A primer on the regulation of FX trading and the asset management of FX in Switzerland

Disclosure Office Notice of 7 April 2009 I/09

Transcription:

Circular 2018/3 Outsourcing banks and insurers Outsourcing at banks and insurance companies Reference: FINMA Circ. 18/3 Outsourcing banks and insurers Date: 21 September 2017 Entry into force: 1 April 2018 Concordance: former FINMA Circ. 08/7 Outsourcing banks, dated 20 November 2008 Legal framework: FINMASA Article 7 para. 1 let. b BA Article 3 para. 2 let. a SESTA Article 10 para. 2 let. a SESTO Article 19 ISA Article 4 para. 2 let. j, Article 5 para. 2, Article 14 para. 3, Article 47 para. 2 Addressees Banks Financial groups and congl. Other intermediaries Insurers Insurance groups and congl. Insurance intermediaries Securities dealers Trading venues Central counterparties Central securities depositaries Trade repositories Payment systems Participants Fund management companies SICAVs Limited partnerships for CISs SICAFs Custodian banks Asset managers of CISs Distributors Representatives of foreign CISs Other intermediaries SROs DSFIs SRO-supervised institutions Audit firms Rating agencies BA ISA SESTA FMIA CISA AMLA Other X X X Laupenstrasse 27 3003 Bern Tel. +41 (0)31 327 91 00 Fax +41 (0)31 327 91 01 www.finma.ch

Index I. Purpose II. III. IV. Definition of terms Scope of application Admissibility A. Joint provisions B. Insurance companies V. Requirements for outsourcing companies A. Inventory of outsourced functions B. Selection, instruction and monitoring of the service provider C. Outsourcing within a group or conglomerate D. Responsibility E. Security F. Audit and supervision G. Outsourcing to another country H. Agreement VI. VII. Conditions and exceptions Transitional provisions 1 2 4 5 6 7 13 7 9 10 13 14 35 14 15 16 21 22 23 24 25 26 29 30 31 32 35 36 37 38 2/6

I. Purpose This circular defines the supervisory requirements applicable to outsourcing solutions at banks, securities dealers and insurance companies in terms of appropriate organisation and risk limitation. II. Definition of terms A company is understood to mean an institution (bank, securities dealer and insurance company) that falls within this circular s scope of application. Outsourcing within the meaning of this circular occurs when a company mandates a service provider to perform all or part of a function that is significant to the company s business activities independently and on an ongoing basis. Significant functions are those that have a material effect on compliance with the aims and regulations of financial market legislation. III. Scope of application This circular applies to: banks and securities dealers with a registered office in Switzerland as well as Swiss branches of foreign banks and securities dealers; insurance companies with their registered office in Switzerland and branches of foreign insurance companies requiring authorisation to commence business operations under Articles 3 and 6 Insurance Supervision Act (ISA) (initial authorisation) or authorisation for individual elements of the business plan under Article 4 in conjunction with Article 5 ISA (authorisation for changes). IV. Admissibility A. Joint provisions Subject to the exceptions outlined below (Margin nos. 8 13), all significant functions may be outsourced. Direction, supervision and control by the supreme governing body, central executive management functions and functions that involve strategic decision-making may not be outsourced, nor may decisions concerning the commencement and termination of business relationships. Companies in supervisory categories 1 3 have an autonomous control body in the form of a separate risk control and compliance function. For companies in supervisory categories 4 and 5, it is sufficient for a member of executive management to be assigned responsibility for these functions. Operational risk management and compliance tasks may be outsourced in all supervisory categories. 3/6

B. Insurance companies Under Article 4 para. 2 let. j in conjunction with Article 5 para. 2 ISA, the outsourcing of significant functions and the partially admissible outsourcing of control functions are relevant to the business plan and thus require authorisation. The scope of permitted outsourcing of management and control functions is wider for insurance captives than other insurance companies. The following are admissible: outsourcing the management of direct and reinsurance captives with their registered office in Switzerland (including central executive management functions) to companies appropriately specialised in the management of captives; outsourcing the management of branches of foreign direct insurance captives within the group or to companies appropriately specialised in the management of captives. Such outsourcing must not restrict the function of the general agent in accordance with supervisory law provisions (Arts. 17 and 18 Insurance Supervision Ordinance, ISO). V. Requirements for outsourcing companies A. Inventory of outsourced functions An inventory of outsourced functions must be drawn up and kept up to date at all times. It must contain a description of the outsourced function and indicate the service provider (including subcontractors), the service recipient and the unit responsible within the outsourcing company (see 20). Insurance companies keep this inventory in conjunction with business plan form J. B. Selection, instruction and monitoring of the service provider The service specifications must be agreed in line with the aims of the outsourcing and documented before the agreement is signed. This includes conducting a risk analysis that takes account of the main economic and operational considerations as well as the associated risks and opportunities. The service provider must be chosen with due regard to, and subject to checks of, its professional capabilities as well as its financial and human resources. Where multiple functions are outsourced to the same service provider, the concentration of risk must be taken into account. Furthermore, the eventuality of a change of service provider and the possible consequences of such a change must be considered when deciding to outsource and selecting the service provider. The service provider must offer a guarantee of permanent service provision. Provision must be made for insourcing the outsourced function in an orderly manner. The duties of the company and the service provider must be contractually agreed and delimited, in particular with regard to interfaces and responsibilities. The outsourced function must be integrated into the company s internal control system. The main risks associated with the outsourcing must be systematically identified, monitored, quantified and controlled. A unit within the company must be named as 4/6

responsible for monitoring and controlling the service provider. The latter s services must be monitored and assessed on an ongoing basis so that any necessary measures can be taken promptly. To this end, the company must ensure that its agreement with the service provider grants it the necessary rights of instruction and control. C. Outsourcing within a group or conglomerate With regard to the requirements set out in Margin nos. 16 21 and 32 35, relationships within the group or conglomerate may be considered to the extent that the risks typically associated with outsourcing are demonstrably absent or certain requirements are not relevant or are met in some other way. D. Responsibility The company remains accountable to FINMA in the same way as it would if it performed the outsourced function itself. Proper business conduct must be assured at all times. E. Security Where security-relevant functions are outsourced (particularly in information technology), the company and the service provider must contractually agree security requirements. The company must monitor compliance with these requirements. The company and the service provider must draw up a security framework to ensure that the outsourced function can continue to be performed in an emergency. In doing so, the company must apply the same degree of care and attention as it would if it performed the outsourced function itself. F. Audit and supervision The company, its audit firm and FINMA must be able to verify the service provider s compliance with supervisory regulations. They must have the contractual right to inspect and audit all information relating to the outsourced function at any time without restriction. Auditing may be delegated to the service provider s auditors if these are adequately qualified. Where this is done, the company s audit firm may use the findings of the service provider s auditors for its audit. The outsourcing of a function must not make supervision by FINMA more difficult, in particular if the function is outsourced to another country. If the service provider is not supervised by FINMA, it must enter into a contractual obligation with the company to provide FINMA with all the information and documentation concerning the outsourced functions, which are necessary for FINMA's supervisory activities. If auditing is delegated to the service provider s auditors, their report must be supplied, on request, to FINMA as well as to the outsourcing company s internal auditors and audit firm. 5/6

G. Outsourcing to another country Outsourcing to another country is admissible if the company can expressly guarantee that it, its audit firm and FINMA can assert and enforce their right to inspect and audit information. The possibility of restructuring or resolving the company in Switzerland must be assured. Access to the information required for this purpose must be possible in Switzerland at all times. H. Agreement A written outsourcing agreement must be signed. In addition to naming the parties and describing the function, this agreement must also contain the following as a minimum (Margin nos. 33 34): The company must make the use of subcontractors for significant functions contingent on its prior approval. Where subcontractors are used, they must also be bound by the obligations and guarantees on the part of the service provider that are necessary to comply with this circular. The agreement must include measures to ensure implementation of the requirements set out in this circular, in particular in Margin nos. 21, 24, 26, 29, 30 and 31. The company must specify the internal approval procedures for outsourcing projects as well as the responsibilities for signing outsourcing agreements. VI. Conditions and exceptions In justified cases, FINMA may impose conditions on a company or grant a company partial or total exemption from compliance with this circular. VII. Transitional provisions This circular applies directly to outsourcing relationships entered into or altered by banks and securities dealers after it enters into force. Existing outsourcing relationships entered into by banks and securities dealers prior to the circular's entry into force must be adapted within a transition period of five years from its entry into force such that they meet the requirements of the new circular. For insurance companies, the circular applies to initial authorisations from its entry into force. It applies to authorisations for changes from the time when a change to the business plan is submitted or communicated to FINMA for approval. 6/6

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback