This page contains a Flash digital edition of a book.

“Whatever its form might be, satisfy yourself over the content of any confirmation or assurance that you might provide to the regulator.”

reasonable steps. For example, SYSC 3.2.6 provides that a firm must take reasonable care to establish and maintain effective systems and controls for compliance with applicable requirements and standards under the regulatory system. Therefore, you should resist making an unqualifed assertion that, for instance, there have been no breaches of the client money rules. Instead, you should state that you have taken reasonable steps to confirm that appropriate procedures and processes are in place to comply with the CASS rules.

Can I refuse or negotiate the wording? You should never sign an attestation if you are not confident about providing the assurance requested; the consequences of doing so are far worse. The FCA accept attestations need to be specific, and achievable with demanding but realistic time lines. It is accepted that there should be an open dialogue between firms and supervisors, and you should be ready to remind them of that fact if necessary. Should you have concerns you might suggest to the supervisors alternative wording, qualify the statements you are being asked to make or seek further time to carry out the work necessary to have sufficient comfort to sign. Remember, if the FCA were to query the accuracy of the statement at a future date, providing there was a reasonable basis for making it with appropriate due diligence, you will have a defence to disciplinary action.

What steps are necessary? This will of course depend on the nature of the request and the circumstances. At a minimum you should ask questions of colleagues, challenge assertions and assumptions and make sure that you understand the issues, processes and if applicable any product or service. In some cases it may be necessary to use a firm’s control functions such as audit or compliance, and in other cases to appoint outside consultants. You are likely to want to take advice from your firm’s legal advisers and where you consider that there might be a divergence of interest between you and your employer seek independent legal advice.

How much due diligence is necessary? Again, this is a question of judgment which will depend on the nature of the request and its circumstances. In certain cases the amount of any initial assessment carried out when taking up the role may help you to decide. The FCA, in its arguments to the Information Commissioner, indicated that a degree of uncertainty by firms over what they needed to do was helpful to its supervision. Nonetheless, it does not expect firms to create onerous assurance processes that could skew prioritization of management focus. Clearly, there will exist a tension in deciding how much to do but ultimately the obligation is to take reasonable steps. THFJ



DAVID HEFFRON David Heffron advises on regulatory and commercial matters in the financial services sector, including all aspects of the Financial Services & Markets Act 2000 and the FCA Handbook. He advises on structures and distribution of financial services products, authorization and conduct of business issues and on regulatory issues relating to acquisitions and disposals. He has advised on a number of transfers under Part VII of the Act. He has particular experience of distribution agreements for the sale of a wide range of products.


1. Readers will also find helpful the note on “Individual Attestations by Approved Persons of July 2013” by Chris Lawrenson, head of legal services, BSA.

2. See, for example, FCA, “The FCA’s Approach to Supervision for C1 Groups”, March 2014.

3. FCA & PRA, “Strengthening Accountability in Banking: A New Regulatory Framework for Individuals”, Consultation Paper FCA CP14/13/PRA CP14/14, July 2014.

4. “A Sustainable Conduct Environment”, Speech by Clive Adamson, FCA Director of Supervision, 23 March 2014.

5. Exchange of correspondence on the FCA use of attestations between the FCA’s director of supervision and Graham Beale of the FCA practitioner panel published on 26 August 2014.

6. See above. 7. See note 5. 8. See note 3. 9. In 2015 a new C-CON source-book will replace APER for senior managers and certified employees of banks, building societies and larger investment firms. These will include a similar obligation to “take reasonable steps to ensure that the business of the firm for which you are responsible complies with the relevant requirements and standards of the regulatory system.”

10. APER 2.1A, Statement of Principle 4 and PRIN 2.1.1, Principle 11.

11. Information Commissioner’s office, Decision Notice Ref: FS50529860, 9 June 2014.

12. See note 5. 13. Upper Tribunal (Tax and Chancery Chamber), Reference no. FS/2010/33.

14. APER 3.1.4G. See also the Decision Procedure and Penalties manual (DEPP) at DEPP 6.2.4 to 9. 15. Sections 66A, 66B FSMA.

Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52  |  Page 53  |  Page 54  |  Page 55  |  Page 56  |  Page 57  |  Page 58  |  Page 59  |  Page 60  |  Page 61  |  Page 62  |  Page 63  |  Page 64  |  Page 65  |  Page 66  |  Page 67  |  Page 68  |  Page 69  |  Page 70  |  Page 71  |  Page 72