Prudential Regulation Authority Rulebook

SYSC 1.1A

SYSC 1.1A.1

See Notes

SYSC 1.2

SYSC 1.2.1

See Notes

The purposes of SYSC are:

SYSC 1.4

SYSC 1.4.1

See Notes

SYSC 1.4.1A

See Notes

SYSC 1.4.1B

See Notes

SYSC 1.4.2

See Notes

SYSC 1 Annex 1

SYSC 2.1

SYSC 2.1.1

See Notes

A firm must take reasonable care to maintain a clear and appropriate apportionment of significant responsibilities among its directors and senior managers in such a way that:

SYSC 2.1.1A

See Notes

SYSC 2.1.2

See Notes

SYSC 2.1.3

See Notes

A firm must appropriately allocate to one or more individuals, in accordance with SYSC 2.1.4 R, the functions of:

SYSC 2.1.4

See Notes

SYSC 2.1.5

See Notes

SYSC 2.1.6

See Notes

SYSC 2.2

SYSC 2.2.1

See Notes

SYSC 2.2.2

See Notes

SYSC 2.2.3

See Notes

SYSC 3.1

SYSC 3.1.1

See Notes

SYSC 3.1.2

See Notes

SYSC 3.1.2A

See Notes

SYSC 3.1.3

See Notes

SYSC 3.1.4

See Notes

SYSC 3.1.5

See Notes

SYSC 3.1.6

See Notes

SYSC 3.1.7

See Notes

SYSC 3.1.8

See Notes

SYSC 3.1.9

See Notes

SYSC 3.1.10

See Notes

SYSC 3.2

SYSC 3.2.1

See Notes

SYSC 3.2.2

See Notes

SYSC 3.2.3

See Notes

SYSC 3.2.4

See Notes

SYSC 3.2.5

See Notes

SYSC 3.2.5A

See Notes

SYSC 3.2.5B

See Notes

SYSC 3.2.6

See Notes

SYSC 3.2.6A

See Notes

A firm must ensure that these systems and controls:

SYSC 3.2.6B

See Notes

SYSC 3.2.6C

See Notes

SYSC 3.2.6D

See Notes

SYSC 3.2.6E

See Notes

SYSC 3.2.6F

See Notes

In identifying its money laundering risk and in establishing the nature of these systems and controls, a firm should consider a range of factors, including:

SYSC 3.2.6G

See Notes

A firm should ensure that the systems and controls include:

SYSC 3.2.6H

See Notes

SYSC 3.2.6I

See Notes

A firm must:

SYSC 3.2.6J

See Notes

SYSC 3.2.6K

See Notes

SYSC 3.2.7

See Notes

SYSC 3.2.8

See Notes

SYSC 3.2.9

See Notes

SYSC 3.2.10

See Notes

SYSC 3.2.11

See Notes

SYSC 3.2.12

See Notes

SYSC 3.2.13

See Notes

SYSC 3.2.14

See Notes

SYSC 3.2.15

See Notes

SYSC 3.2.16

See Notes

1. (1) Depending on the nature, scale and complexity of its business, it may be appropriate for a firm to delegate much of the task of monitoring the appropriateness and effectiveness of its systems and controls to an internal audit function. An internal audit function should have clear responsibilities and reporting lines to an audit committee or appropriate senior manager, be adequately resourced and staffed by competent individuals, be independent of the day-to-day activities of the firm and have appropriate access to a firm's records.
2. (2) The term 'internal audit function' refers to the generally understood concept of internal audit within a firm, that is, the function of assessing adherence to and the effectiveness of internal systems and controls, procedures and policies. The internal audit function is not a controlled function itself, but is part of the systems and controls function (CF28).

SYSC 3.2.17

See Notes

A firm should plan its business appropriately so that it is able to identify, measure, manage and control risks of regulatory concern (see SYSC 3.2.11 G (2)). In some firms, depending on the nature, scale and complexity of their business, it may be appropriate to have business plans or strategy plans documented and updated on a regular basis to take account of changes in the business environment.

SYSC 3.2.18

See Notes

It is possible that firms' remuneration policies will from time to time lead to tensions between the ability of the firm to meet the requirements and standards under the regulatory system and the personal advantage of those who act for it. Where tensions exist, these should be appropriately managed.

SYSC 3.2.19

See Notes

A firm should have in place appropriate arrangements, having regard to the nature, scale and complexity of its business, to ensure that it can continue to function and meet its regulatory obligations in the event of an unforeseen interruption. These arrangements should be regularly updated and tested to ensure their effectiveness.

SYSC 3.2.20

See Notes

1. (1) A firm must take reasonable care to make and retain adequate records of matters and dealings (including accounting records) which are the subject of requirements and standards under the regulatory system.
2. (2) Subject to (3) and to any other record-keeping rule in the Handbook, the records required by (1) or by such other rule must be capable of being reproduced in the English language on paper.
3. (3) If a firm's records relate to business carried on from an establishment in a country or territory outside the United Kingdom, an official language of that country or territory may be used instead of the English language as required by (2).

SYSC 3.2.21

See Notes

A firm should have appropriate systems and controls in place to fulfil the firm's regulatory and statutory obligations with respect to adequacy, access, periods of retention and security of records. The general principle is that records should be retained for as long as is relevant for the purposes for which they are made.

SYSC 3.2.22

See Notes

Detailed record-keeping requirements for different types of firm are to be found elsewhere in the Handbook. Schedule 1 to the Handbook is a consolidated schedule of these requirements.

SYSC 4.1

SYSC 4.1.1

See Notes

1. (1) A firm must have robust governance arrangements, which include a clear organisational structure with well defined, transparent and consistent lines of responsibility, effective processes to identify, manage, monitor and report the risks it is or might be exposed to, and internal control mechanisms, including sound administrative and accounting procedures and effective control and safeguard arrangements for information processing systems.
2. (2) A BIPRU firm and a third country BIPRU firm must comply with the Remuneration Code.

[Note: article 22(1) of the Banking Consolidation Directive, article 13(5) second paragraph of MiFID and article 12(1)(a) of the UCITS Directive]

SYSC 4.1.2

See Notes

For a common platform firm, the arrangements, processes and mechanisms referred to in SYSC 4.1.1 R must be comprehensive and proportionate to the nature, scale and complexity of the common platform firm's activities and must take into account the specific technical criteria described in SYSC 4.1.7 R, SYSC 5.1.7 R, SYSC 7 and (for a BIPRU firm and a third country BIPRU firm) SYSC 19A .

[Note: article 22(2) of the Banking Consolidation Directive]

SYSC 4.1.2A

See Notes

Other firms should take account of the comprehensiveness and proportionality rule (SYSC 4.1.2 R) as if it were guidance (and as if "should" appeared in that rule instead of "must") as explained in SYSC 1 Annex 1.3.3 G.

SYSC 4.1.2B

See Notes

For a management company, the arrangements, processes and mechanisms referred to in SYSC 4.1.1 R must also take account of the UCITS schemes and EEA UCITS schemes managed by the management company.

[Note: article 12(1) second paragraph of the UCITS Directive]

SYSC 4.1.2C

See Notes

A management company must have, and employ effectively, the resources and procedures that are necessary for the proper performance of its business activities.

[Note: articles 12(1)(a) and 14(1)(c) of the UCITS Directive]

SYSC 4.1.3

See Notes

A BIPRU firm must ensure that its internal control mechanisms and administrative and accounting procedures permit the verification of its compliance with rules adopted in accordance with the Capital Adequacy Directive at all times.

[Note: article 35(1) final sentence of the Capital Adequacy Directive]

SYSC 4.1.4

See Notes

A firm (with the exception of a sole trader who does not employ any person who is required to be approved under section 59 of the Act (Approval for particular arrangements)) must, taking into account the nature, scale and complexity of the business of the firm, and the nature and range of the financial services and activities undertaken in the course of that business:

1. (1) (if it is a common platform firm or a management company) establish, implement and maintain decision-making procedures and an organisational structure which clearly and in a documented manner specifies reporting lines and allocates functions and responsibilities;
2. (2) establish, implement and maintain adequate internal control mechanisms designed to secure compliance with decisions and procedures at all levels of the firm;
3. (3) (if it is a common platform firm) establish, implement and maintain effective internal reporting and communication of information at all relevant levels of the firm; and
4. (4) (if it is a management company) establish, implement and maintain effective internal reporting and communication of information at all relevant levels of the management company as well as effective information flows with any third party involved.

[Note: articles 5(1) final paragraph, 5(1)(a), 5(1)(c) and 5(1)(e) of the MiFID implementing Directive and articles 4(1) final paragraph, 4(1)(a), 4(1)(c) and 4(1)(d) of the UCITS implementing Directive]

SYSC 4.1.4A

See Notes

A firm that is not a common platform firm or a management company should take into account the decision-making procedures and effective internal reporting rules (SYSC 4.1.4R (1), (3) and (4)) as if they were guidance (and as if "should" appeared in those rules instead of "must") as explained in SYSC 1 Annex 1.3.3 G.

SYSC 4.1.5

See Notes

A MiFID investment firm and a management company must establish, implement and maintain systems and procedures that are adequate to safeguard the security, integrity and confidentiality of information, taking into account the nature of the information in question.

[Note: article 5(2) of the MiFID implementing Directive and article 4(2) of the UCITS implementing Directive]

SYSC 4.1.6

See Notes

A common platform firm must take reasonable steps to ensure continuity and regularity in the performance of its regulated activities. To this end the common platform firm must employ appropriate and proportionate systems, resources and procedures.

[Note: article 13(4) of MiFID]

SYSC 4.1.7

See Notes

A common platform firm and a management company must establish, implement and maintain an adequate business continuity policy aimed at ensuring, in the case of an interruption to its systems and procedures, that any losses are limited, the preservation of essential data and functions, and the maintenance of its regulated activities, or, in the case of a management company, its collective portfolio management activities, or, where that is not possible, the timely recovery of such data and functions and the timely resumption of those activities.

[Note: article 5(3) of the MiFID implementing Directive, annex V paragraph 13 of the Banking Consolidation Directive and article 4(3) of the UCITS implementing Directive]

SYSC 4.1.7A

See Notes

Other firms should take account of the business continuity rules (SYSC 4.1.6 R and 4.1.7 R) as if they were guidance (and as if "should" appeared in those rules instead of "must") as explained in SYSC 1 Annex 1.3.3 G.

SYSC 4.1.8

See Notes

The matters dealt with in a business continuity policy should include:

1. (1) resource requirements such as people, systems and other assets, and arrangements for obtaining these resources;
2. (2) the recovery priorities for the firm's operations;
3. (3) communication arrangements for internal and external concerned parties (including the FSA , clients and the press);
4. (4) escalation and invocation plans that outline the processes for implementing the business continuity plans, together with relevant contact information;
5. (5) processes to validate the integrity of information affected by the disruption; and
6. (6) regular testing of the business continuity policy in an appropriate and proportionate manner in accordance with SYSC 4.1.10 R.

SYSC 4.1.8A

See Notes

An operator of an electronic system in relation to lending must take reasonable steps to ensure that arrangements are in place to ensure that P2P agreements facilitated by it will continue to be managed and administered, in accordance with the contract terms, if at any time it ceases to carry on the activity of operating an electronic system in relation to lending

SYSC 4.1.9

See Notes

A common platform firm and a management company must establish, implement and maintain accounting policies and procedures that enable it, at the request of the FSA, to deliver in a timely manner to the FSA financial reports which reflect a true and fair view of its financial position and which comply with all applicable accounting standards and rules.

[Note: article 5(4) of the MiFID implementing Directive and article 4(4) of the UCITS implementing Directive]

SYSC 4.1.10

See Notes

A common platform firm and a management company must monitor and, on a regular basis, evaluate the adequacy and effectiveness of its systems, internal control mechanisms and arrangements established in accordance with SYSC 4.1.4 R to SYSC 4.1.9 R and take appropriate measures to address any deficiencies.

[Note: article 5(5) of the MiFID implementing Directive and article 4(5) of the UCITS implementing Directive]

SYSC 4.1.10A

See Notes

Other firms should take account of the regular monitoring rule (SYSC 4.1.10 R) as if it were guidance (and as if "should" appeared in that rule instead of "must") as explained in SYSC 1 Annex 1.3.3 G, but ignoring the cross-reference to SYSC 4.1.5 R and 4.1.9 R.

SYSC 4.1.11

See Notes

Depending on the nature, scale and complexity of its business, it may be appropriate for a firm to form an audit committee. An audit committee could typically examine management's process for ensuring the appropriateness and effectiveness of systems and controls, examine the arrangements made by management to ensure compliance with requirements and standards under the regulatory system, oversee the functioning of the internal audit function (if applicable) and provide an interface between management and external auditors. It should have an appropriate number of non-executive directors and it should have formal terms of reference.

SYSC 4.1.13

See Notes

Firms should also consider the additional guidance on risk-centric governance arrangements for effective risk management contained in SYSC 21.

SYSC 4.1.14

See Notes

The role undertaken by a non-executive director will vary from one firm to another. Where a non-executive director is an approved person, for example where the firm is a body corporate, his responsibility and therefore liability will be limited by the role that he undertakes.

SYSC 4.2

SYSC 4.2.1

See Notes

The senior personnel of a common platform firm, a management company or of the UK branch of a non-EEA bank must be of sufficiently good repute and sufficiently experienced as to ensure the sound and prudent management of the firm.

[Note: article 9(1) of MiFID, article 7(1)(b) of the UCITS Directive and article 11(1) second paragraph of the Banking Consolidation Directive]

SYSC 4.2.1A

See Notes

Other firms should take account of the senior personnel rule (SYSC 4.2.1 R) as if it were guidance (and as if "should" appeared in that rule instead of "must") as explained in SYSC 1 Annex 1.3.3 G.

SYSC 4.2.2

See Notes

A common platform firm, a management company and the UK branch of a non-EEA bank must ensure that its management is undertaken by at least two persons meeting the requirements laid down in SYSC 4.2.1 R.

[Note: article 9(4) first paragraph of MiFID, article 7(1)(b) of the UCITS Directive and article 11(1) first paragraph of the Banking Consolidation Directive]

SYSC 4.2.3

See Notes

In the case of a body corporate, the persons referred to in SYSC 4.2.2 R should either be executive directors or persons granted executive powers by, and reporting immediately to, the governing body. In the case of a partnership, they should be active partners.

SYSC 4.2.4

See Notes

At least two independent minds should be applied to both the formulation and implementation of the policies of a common platform firm, a management company and the UK branch of a non-EEA bank. Where such a firm nominates just two individuals to direct its business, the FSA will not regard them as both effectively directing the business where one of them makes some, albeit significant, decisions relating to only a few aspects of the business. Each should play a part in the decision-making process on all significant decisions. Both should demonstrate the qualities and application to influence strategy, day-to-day policy and its implementation. This does not require their day-to-day involvement in the execution and implementation of policy. It does, however, require involvement in strategy and general direction, as well as knowledge of, and influence on, the way in which strategy is being implemented through day-to-day policy.

SYSC 4.2.5

See Notes

Where there are more than two individuals directing the business of a common platform firm, a management company or the UK branch of a non-EEA bank, the FSA does not regard it as necessary for all of these individuals to be involved in all decisions relating to the determination of strategy and general direction. However, at least two individuals should be involved in all such decisions. Both individuals' judgement should be engaged so that major errors leading to difficulties for the firm are less likely to occur. Similarly, each individual should have sufficient experience and knowledge of the business and the necessary personal qualities and skills to detect and resist any imprudence, dishonesty or other irregularities by the other individual. Where a single individual, whether a chief executive, managing director or otherwise, is particularly dominant in such a firm this will raise doubts about whether SYSC 4.2.2 R is met.

SYSC 4.2.6

See Notes

If a common platform firm, (other than a credit institution) or the UK branch of a non-EEA bank, is:

1. (1) a natural person; or
2. (2) a legal person managed by a single natural person;

it must have alternative arrangements in place which ensure sound and prudent management of the firm.

[Note: article 9(4) second paragraph of MiFID]

SYSC 4.3

SYSC 4.3.1

See Notes

A firm (with the exception of a sole trader who does not employ any person who is required to be approved under section 59 of the Act (Approval for particular arrangements)), when allocating functions internally, must ensure that senior personnel and, where appropriate, the supervisory function, are responsible for ensuring that the firm complies with its obligations under the regulatory system. In particular, senior personnel and, where appropriate, the supervisory function must assess and periodically review the effectiveness of the policies, arrangements and procedures put in place to comply with the firm's obligations under the regulatory system and take appropriate measures to address any deficiencies.

[Note: article 9(1) of the MiFID implementing Directive and articles 9(1) and 9(3) of the UCITS implementing Directive]

SYSC 4.3.2

See Notes

A common platform firm (with the exception of a sole trader who does not employ any person who is required to be approved under section 59 of the Act (Approval for particular arrangements)) and a management company, must ensure that:

1. (1) its senior personnel receive on a frequent basis, and at least annually, written reports on the matters covered by SYSC 6.1.2 R to SYSC 6.1.5 R, SYSC 6.2.1 R and SYSC 7.1.2 R, SYSC 7.1.3 R and SYSC 7.1.5 R to SYSC 7.1.7 R, indicating in particular whether the appropriate remedial measures have been taken in the event of any deficiencies; and
2. (2) the supervisory function, if any, receives on a regular basis written reports on the same matters.

[Note: article 9(2) and article 9(3) of the MiFID implementing Directive and articles 9(4) and 9(6) of the UCITS implementing Directive]

SYSC 4.3.2A

See Notes

Other firms should take account of the written reports rule (SYSC 4.3.2 R) as if it were guidance (and as if "should" appeared in that rule instead of "must") as explained in SYSC 1 Annex 1.3.3 G.

SYSC 4.3.3

See Notes

The supervisory function does not include a general meeting of the shareholders of a firm , or equivalent bodies, but could involve, for example, a separate supervisory board within a two-tier board structure or the establishment of a non-executive committee of a single-tier board structure.

SYSC 4.4

SYSC 4.4.1

See Notes

This section applies to:

1. (1) an authorised professional firm in respect of its non-mainstream regulated activities unless the firm is also conducting other regulated activities and has appointed approved persons to perform the governing functions with equivalent responsibilities for the firm's non-mainstream regulated activities and other regulated activities;
2. (2) activities carried on by a firm whose principal purpose is to carry on activities other than regulated activities and which is:
1. (a) an oil market participant; or
2. (b) a service company; or
3. (c) an energy market participant; or
4. (d) a wholly-owned subsidiary of:
1. (i) a local authority; or
2. (ii) a registered social landlord; or
5. (e) a firm with permission to carry on insurance mediation activity in relation to non-investment insurance contracts but no other regulated activity;
3. (3) [deleted]
4. (4) [deleted]
5. (5) [deleted]
1. (a) [deleted]
2. (b) [deleted]
6. (6) [deleted]
7. (7) an incoming Treaty firm, an incoming EEA firm or a UCITS qualifier (but only SYSC 4.4.5R (2) applies for these firms); and
8. (8) a sole trader, but only if he employs any person who is required to be approved under section 59 of the Act (Approval for particular arrangements).

SYSC 4.4.2

See Notes

This section does not apply to a common platform firm.

SYSC 4.4.3

See Notes

A firm must take reasonable care to maintain a clear and appropriate apportionment of significant responsibilities among its directors and senior managers in such a way that:

1. (1) it is clear who has which of those responsibilities; and
2. (2) the business and affairs of the firm can be adequately monitored and controlled by the directors, relevant senior managers and governing body of the firm.

SYSC 4.4.5

See Notes

A firm must appropriately allocate to one or more individuals, in accordance with the following table, the functions of:

1. (1) dealing with the apportionment of responsibilities under SYSC 4.4.3 R; and
2. (2) overseeing the establishment and maintenance of systems and controls under SYSC 4.1.1 R.

SYSC 4.4.6

See Notes

Frequently asked questions about allocation of functions in SYSC 4.4.5 R

SYSC 5.1

SYSC 5.1.1

See Notes

A firm must employ personnel with the skills, knowledge and expertise necessary for the discharge of the responsibilities allocated to them.

[Note: article 5(1)(d) of the MiFID implementing Directive, articles 12(1)(a) and 14(1)(c) of the UCITS Directive and article 5(1) of the UCITS implementing Directive]

SYSC 5.1.2

See Notes

SYSC 5.1.3

See Notes

SYSC 5.1.4

See Notes

SYSC 5.1.4A

See Notes

SYSC 5.1.5

See Notes

SYSC 5.1.5A

See Notes

SYSC 5.1.6

See Notes

A common platform firm and a management company must ensure that the performance of multiple functions by its relevant persons does not and is not likely to prevent those persons from discharging any particular functions soundly, honestly and professionally.

[Note: article 5(1)(g) of the MiFID implementing Directive and article 5(3) of the UCITS implementing Directive]

SYSC 5.1.7

See Notes

The senior personnel of a common platform firm must define arrangements concerning the segregation of duties within the firm and the prevention of conflicts of interest.

[Note:annex V paragraph 1 of the Banking Consolidation Directive]

SYSC 5.1.7A

See Notes

SYSC 5.1.8

See Notes

SYSC 5.1.9

See Notes

A firm should normally ensure that no single individual has unrestricted authority to do all of the following:

1. (1) initiate a transaction;
2. (2) bind the firm;
3. (3) make payments; and
4. (4) account for it.

SYSC 5.1.10

See Notes

SYSC 5.1.11

See Notes

Where a common platform firm outsources its internal audit function, it should take reasonable steps to ensure that every individual involved in the performance of this service is independent from the individuals who perform its external audit. This should not prevent services from being undertaken by a firm's external auditors provided that:

1. (1) the work is carried out under the supervision and management of the firm's own internal staff; and
2. (2) potential conflicts of interest between the provision of external audit services and the provision of internal audit are properly managed.

SYSC 5.1.12

See Notes

A common platform firm and a management company must ensure that its relevant persons are aware of the procedures which must be followed for the proper discharge of their responsibilities.

[Note: article 5(1)(b) of the MiFID implementing Directive and article 4(1)(b) of the UCITS implementing Directive]

SYSC 5.1.12A

See Notes

SYSC 5.1.13

See Notes

The systems, internal control mechanisms and arrangements established by a firm in accordance with this chapter must take into account the nature, scale and complexity of its business and the nature and range of financial services and activities undertaken in the course of that business.

[Note: article 5(1) final paragraph of the MiFID implementing Directive and articles 4(1) final paragraph and 5(4) of the UCITS implementing Directive]

SYSC 5.1.14

See Notes

A common platform firm and a management company must monitor and, on a regular basis, evaluate the adequacy and effectiveness of its systems, internal control mechanisms and arrangements established in accordance with this chapter, and take appropriate measures to address any deficiencies.

[Note: article 5(5) of the MiFID implementing Directive and articles 4(5) of the UCITS implementing Directive]

SYSC 5.1.15

See Notes

SYSC 6.1

SYSC 6.1.1

See Notes

A firm must establish, implement and maintain adequate policies and procedures sufficient to ensure compliance of the firm including its managers, employees and appointed representatives(or where applicable, tied agents) with its obligations under the regulatory system and for countering the risk that the firm might be used to further financial crime.

[Note: article 13(2) of MiFID and article 12(1)(a) of the UCITS Directive]

SYSC 6.1.1A

See Notes

SYSC 6.1.2

See Notes

A common platform firm and a management company must, taking intoaccount the nature, scale and complexity of its business, and the nature and range of financial services and activities undertaken in the course of that business, establish, implement and maintain adequate policies and procedures designed to detect any risk of failure by the firm to comply with its obligations under the regulatory system, as well as associated risks, and put in place adequate measures and procedures designed to minimise such risks and to enable the FSA to exercise its powers effectively under the regulatory system and to enable any other competent authority to exercise its powers effectively under MiFID or the UCITS Directive.

[Note: article 6(1) of the MiFID implementing Directive and article 10(1) of the UCITS implementing Directive]

SYSC 6.1.2A

See Notes

SYSC 6.1.3

See Notes

A common platform firm and a management company must maintain a permanent and effective compliance function which operates independently and which has the following responsibilities:

1. (1) to monitor and, on a regular basis, to assess the adequacy and effectiveness of the measures and procedures put in place in accordance with SYSC 6.1.2 R, and the actions taken to address any deficiencies in the firm's compliance with its obligations; and
2. (2) to advise and assist the relevant persons responsible for carrying out regulated activities to comply with the firm's obligations under the regulatory system.

[Note: article 6(2) of the MiFID implementing Directive and article 10(2) of the UCITS implementing Directive]

SYSC 6.1.3A

See Notes

1. (1) Other firms should take account of the compliance function rule (SYSC 6.1.3 R) as if it were guidance (and as if should appeared in that rule instead of must) as explained in SYSC 1 Annex 1.3.3 G.
2. (2) Notwithstanding SYSC 6.1.3 R, as it applies under (1), depending on the nature, scale and complexity of its business, it may be appropriate for a firm to have a separate compliance function. Where a firm has a separate compliance function the firm should also take into account SYSC 6.1.3 R and SYSC 6.1.4 R as guidance.

SYSC 6.1.4

See Notes

In order to enable the compliance function to discharge its responsibilities properly and independently, a common platform firm and a management company must ensure that the following conditions are satisfied:

1. (1) the compliance function must have the necessary authority, resources, expertise and access to all relevant information;
2. (2) a compliance officer must be appointed and must be responsible for the compliance function and for any reporting as to compliance required by SYSC 4.3.2 R;
3. (3) the relevant persons involved in the compliance functions must not be involved in the performance of services or activities they monitor;
4. (4) the method of determining the remuneration of the relevant persons involved in the compliance function must not compromise their objectivity and must not be likely to do so.

[Note: article 6(3) first paragraph of the MiFID implementing Directive and article 10(3) of the UCITS implementing Directive]

SYSC 6.1.4-A

See Notes

SYSC 6.1.4A

See Notes

1. (1) A firm which is not a common platform firm or management company and which carries on designated investment business with or for retail clients or professional clients must allocate to a director or senior manager the function of:
1. (a) having responsibility for oversight of the firm's compliance; and
2. (b) reporting to the governing body in respect of that responsibility.
2. (2) In SYSC 6.1.4A R (1) compliance means compliance with the rules in:
1. (a) COBS (Conduct of Business sourcebook);
2. (b) COLL (Collective Investment Schemes sourcebook) and CIS (Collective Investment Schemes sourcebook) (where appropriate);
3. (c) CASS (Client Assets sourcebook); and
4. (d) ICOBS (Insurance: Conduct of Business sourcebook).

SYSC 6.1.5

See Notes

A common platform firm and a management company need not comply with SYSC 6.1.4 R (3) or SYSC 6.1.4 R (4) if it is able to demonstrate that in view of the nature, scale and complexity of its business, and the nature and range of financial services and activities, the requirements under those rules are not proportionate and that its compliance function continues to be effective.

[Note: article 6(3) second paragraph of the MiFID implementing Directive and article 10(3) second paragraph of the UCITS implementing Directive]

SYSC 6.1.6

See Notes

SYSC 6.1.7

See Notes

1. (1) This rule applies to a common platform firm conducting investment services and activities from a branch in another EEA State.
2. (2) References to the regulatory system in SYSC 6.1.1R, SYSC 6.1.2 R and SYSC 6.1.3 R apply in respect of a firm's branch as if regulatory system includes a Host State's requirements under MiFID and the MiFID implementing Directive which are applicable to the investment services and activities conducted from the firm's branch.

[Note: article 13(2) of MiFID]

SYSC 6.2

SYSC 6.2.1

See Notes

A common platform firm and a management company must, where appropriate and proportionate in view of the nature, scale and complexity of its business and the nature and range of its financial services and activities, undertaken in the course of that business, establish and maintain an internal audit function which is separate and independent from the other functions and activities of the firm and which has the following responsibilities:

1. (1) to establish, implement and maintain an audit plan to examine and evaluate the adequacy and effectiveness of the firm's systems, internal control mechanisms and arrangements;
2. (2) to issue recommendations based on the result of work carried out in accordance with (1);
3. (3) to verify compliance with those recommendations;
4. (4) to report in relation to internal audit matters in accordance with SYSC 4.3.2 R.

[Note: article 8 of the MiFID implementing Directive and article 11 of the UCITS implementing Directive]

SYSC 6.2.1A

See Notes

SYSC 6.2.2

See Notes

SYSC 6.3

SYSC 6.3.1

See Notes

A firm must ensure the policies and procedures established under SYSC 6.1.1 R include systems and controls that:

1. (1) enable it to identify, assess, monitor and manage money laundering risk; and
2. (2) are comprehensive and proportionate to the nature, scale and complexity of its activities.

SYSC 6.3.2

See Notes

SYSC 6.3.3

See Notes

SYSC 6.3.4

See Notes

SYSC 6.3.5

See Notes

SYSC 6.3.6

See Notes

In identifying its money laundering risk and in establishing the nature of these systems and controls, a firm should consider a range of factors, including:

1. (1) its customer, product and activity profiles;
2. (2) its distribution channels;
3. (3) the complexity and volume of its transactions;
4. (4) its processes and systems; and
5. (5) its operating environment.

SYSC 6.3.7

See Notes

A firm should ensure that the systems and controls include:

1. (1) appropriate training for its employees in relation to money laundering;
2. (2) appropriate provision of information to its governing body and senior management, including a report at least annually by that firm's money laundering reporting officer (MLRO) on the operation and effectiveness of those systems and controls;
3. (3) appropriate documentation of its risk management policies and risk profile in relation to money laundering, including documentation of its application of those policies (see SYSC 9);
4. (4) appropriate measures to ensure that money laundering risk is taken into account in its day-to-day operation, including in relation to:
1. (a) the development of new products;
2. (b) the taking-on of new customers; and
3. (c) changes in its business profile; and
5. (5) appropriate measures to ensure that procedures for identification of new customers do not unreasonably deny access to its services to potential customers who cannot reasonably be expected to produce detailed evidence of identity.

SYSC 6.3.8

See Notes

SYSC 6.3.9

See Notes

A firm (with the exception of a sole trader who has no employees) must:

1. (1) appoint an individual as MLRO, with responsibility for oversight of its compliance with the FSA's rules on systems and controls against money laundering; and
2. (2) ensure that its MLRO has a level of authority and independence within the firm and access to resources and information sufficient to enable him to carry out that responsibility.

SYSC 6.3.10

See Notes

SYSC 6.3.11

See Notes

SYSC 7.1

SYSC 7.1.1

See Notes

SYSC 7.1.2

See Notes

A common platform firm must establish, implement and maintain adequate risk management policies and procedures, including effective procedures for risk assessment, which identify the risks relating to the firm's activities, processes and systems, and where appropriate, set the level of risk tolerated by the firm.

[Note: article 7(1)(a) of the MiFID implementing Directive, article 13(5) second paragraph of MiFID]

SYSC 7.1.2A

See Notes

SYSC 7.1.2B

See Notes

SYSC 7.1.3

See Notes

A common platform firm must adopt effective arrangements, processes and mechanisms to manage the risk relating to the firm's activities, processes and systems, in light of that level of risk tolerance.

[Note: article 7(1)(b) of the MiFID implementing Directive]

SYSC 7.1.4

See Notes

The senior personnel of a common platform firm must approve and periodically review the strategies and policies for taking up, managing, monitoring and mitigating the risks the firm is or might be exposed to, including those posed by the macroeconomic environment in which it operates in relation to the status of the business cycle.

[Note: annex V paragraph 2 of the Banking Consolidation Directive]

SYSC 7.1.4A

See Notes

SYSC 7.1.4B

See Notes

SYSC 7.1.5

See Notes

A common platform firm must monitor the following:

1. (1) the adequacy and effectiveness of the firm's risk management policies and procedures;
2. (2) the level of compliance by the firm and its relevant persons with the arrangements, processes and mechanisms adopted in accordance with SYSC 7.1.3 R;
3. (3) the adequacy and effectiveness of measures taken to address any deficiencies in those policies, procedures, arrangements, processes and mechanisms, including failures by the relevant persons to comply with such arrangements or processes and mechanisms or follow such policies and procedures.

[Note: article 7(1)(c) of the MiFID implementing Directive]

SYSC 7.1.6

See Notes

A common platform firm must, where appropriate and proportionate in view of the nature, scale and complexity of its business and the nature and range of the investment services and activities undertaken in the course of that business, establish and maintain a risk management function that operates independently and carries out the following tasks:

1. (1) implementation of the policies and procedures referred to in SYSC 7.1.2 R to SYSC 7.1.5 R; and
2. (2) provision of reports and advice to senior personnel in accordance with SYSC 4.3.2 R.

[Note: MiFID implementing Directive Article 7(2) first paragraph]

SYSC 7.1.7

See Notes

Where a common platform firm is not required under SYSC 7.1.6 R to maintain a risk management function that functions independently, it must nevertheless be able to demonstrate that the policies and procedures which it has adopted in accordance with SYSC 7.1.2 R to SYSC 7.1.5 R satisfy the requirements of those rules and are consistently effective.

[Note: article 7(2) second paragraph of the MiFID implementing Directive]

SYSC 7.1.7A

See Notes

SYSC 7.1.7B

See Notes

SYSC 7.1.7C

See Notes

SYSC 7.1.8

See Notes

1. (1) SYSC 4.1.3 R requires a BIPRU firm to ensure that its internal control mechanisms and administrative and accounting procedures permit the verification of its compliance with rules adopted in accordance with the Capital Adequacy Directive at all times. In complying with this obligation, a BIPRU firm should document the organisation and responsibilities of its risk management function and it should document its risk management framework setting out how the risks in the business are identified, measured, monitored and controlled.
2. (2) The term 'risk management function' in SYSC 7.1.6 R and SYSC 7.1.7 R refers to the generally understood concept of risk assessment within a firm , that is, the function of setting and controlling risk exposure. The risk management function is not a controlled function itself, but is part of the systems and controls function (CF28).

SYSC 7.1.9

See Notes

A BIPRU firm must base credit-granting on sound and well-defined criteria and clearly establish the process for approving, amending, renewing, and re-financing credits.

[Note: annex V paragraph 3 of the Banking Consolidation Directive]

SYSC 7.1.10

See Notes

A BIPRU firm must operate through effective systems the ongoing administration and monitoring of its various credit risk-bearing portfolios and exposures, including for identifying and managing problem credits and for making adequate value adjustments and provisions.

[Note: annex V paragraph 4 of the Banking Consolidation Directive]

SYSC 7.1.11

See Notes

A BIPRU firm must adequately diversify credit portfolios given its target market and overall credit strategy.

[Note: annex V paragraph 5 of the Banking Consolidation Directive]

SYSC 7.1.12

See Notes

SYSC 7.1.13

See Notes

A BIPRU firm must address and control by means of written policies and procedures the risk that recognised credit risk mitigation techniques used by it prove less effective than expected.

[Note: annex V paragraph 6 of the Banking Consolidation Directive]

SYSC 7.1.14

See Notes

A BIPRU firm must implement policies and processes for the measurement and management of all material sources and effects of market risks.

[Note: annex V paragraph 10 of the Banking Consolidation Directive]

SYSC 7.1.15

See Notes

A BIPRU firm must implement systems to evaluate and manage the risk arising from potential changes in interest rates as they affect a BIPRU firm's non-trading activities.

[Note: annex V paragraph 11 of the Banking Consolidation Directive]

SYSC 7.1.16

See Notes

A BIPRU firm must implement policies and processes to evaluate and manage the exposure to operational risk, including to low-frequency high severity events. Without prejudice to the definition of operational risk, BIPRU firms must articulate what constitutes operational risk for the purposes of those policies and procedures.

[Note: annex V paragraph 12 of the Banking Consolidation Directive]

SYSC 7.1.16A

See Notes

In meeting the general standard referred to in SYSC 7.1.16 R, a BIPRU firm that undertakes market-related activities should be able to demonstrate to the FSA:

1. (1) in the case of a BIPRU firm calculating its ORCR using the basic indicator approach or standardised approach, that it has considered; or
2. (2) in the case of a BIPRU firm with an AMA permission, compliance with

the Committee of European Banking Supervisors Guidelines on the management of operational risk in market-related activities, published in October 2010. These can be found at http://www.eba.europa.eu/documents/Publications/Standards---Guidelines/2010/Management-of-op-risk/CEBS-2010-216-(Guidelines-on-the-management-of-op-.aspx

SYSC 7.1.16B

See Notes

SYSC 8.1

SYSC 8.1.1

See Notes

A common platform firm must:

1. (1) when relying on a third party for the performance of operational functions which are critical for the performance of regulated activities, listed activities or ancillary services (in this chapter "relevant services and activities") on a continuous and satisfactory basis, ensure that it takes reasonable steps to avoid undue additional operational risk;
2. (2) not undertake the outsourcing of important operational functions in such a way as to impair materially:
1. (a) the quality of its internal control; and
2. (b) the ability of the FSA to monitor the firm's compliance with all obligations under the regulatory system and, if different, of a competent authority to monitor the firm's compliance with all obligations under MiFID.

[Note: article 13(5) first paragraph of MiFID]

SYSC 8.1.1A

See Notes

SYSC 8.1.2

See Notes

SYSC 8.1.3

See Notes

SYSC 8.1.4

See Notes

For the purposes of this chapter an operational function is regarded as critical or important if a defect or failure in its performance would materially impair the continuing compliance of a common platform firm with the conditions and obligations of its authorisation or its other obligations under the regulatory system, or its financial performance, or the soundness or the continuity of its relevant services and activities.

[Note: article 13(1) of the MiFID implementing Directive]

SYSC 8.1.5

See Notes

Without prejudice to the status of any other function, the following functions will not be considered as critical or important for the purposes of this chapter:

1. (1) the provision to the firm of advisory services, and other services which do not form part of the relevant services and activities of the firm, including the provision of legal advice to the firm, the training of personnel of the firm, billing services and the security of the firm's premises and personnel;
2. (2) the purchase of standardised services, including market information services and the provision of price feeds;

[Note: article 13(2) of the MiFID implementing Directive]

1. (3) the recording and retention of relevant telephone conversations or electronic communications subject to COBS 11.8.

SYSC 8.1.5A

See Notes

SYSC 8.1.6

See Notes

If a firm outsources critical or important operational functions or any relevant services and activities, it remains fully responsible for discharging all of its obligations under the regulatory system and must comply, in particular, with the following conditions:

1. (1) the outsourcing must not result in the delegation by senior personnel of their responsibility;
2. (2) the relationship and obligations of the firm towards its clients under the regulatory system must not be altered;
3. (3) the conditions with which the firm must comply in order to be authorised, and to remain so, must not be undermined;
4. (4) none of the other conditions subject to which the firm's authorisation was granted must be removed or modified.

[Note: article 14(1) of the MiFID implementing Directive]

SYSC 8.1.7

See Notes

A common platform firm must exercise due skill and care and diligence when entering into, managing or terminating any arrangement for the outsourcing to a service provider of critical or important operational functions or of any relevant services and activities.

[Note: article 14(2) first paragraph of the MiFID implementing Directive]

SYSC 8.1.8

See Notes

A common platform firm must in particular take the necessary steps to ensure that the following conditions are satisfied:

1. (1) the service provider must have the ability, capacity, and any authorisation required by law to perform the outsourced functions, services or activities reliably and professionally;
2. (2) the service provider must carry out the outsourced services effectively, and to this end the firm must establish methods for assessing the standard of performance of the service provider;
3. (3) the service provider must properly supervise the carrying out of the outsourced functions, and adequately manage the risks associated with the outsourcing;
4. (4) appropriate action must be taken if it appears that the service provider may not be carrying out the functions effectively and in compliance with applicable laws and regulatory requirements;
5. (5) the firm must retain the necessary expertise to supervise the outsourced functions effectively and to manage the risks associated with the outsourcing,and must supervise those functions and manage those risks;
6. (6) the service provider must disclose to the firm any development that may have a material impact on its ability to carry out the outsourced functions effectively and in compliance with applicable laws and regulatory requirements;
7. (7) the firm must be able to terminate the arrangement for the outsourcing where necessary without detriment to the continuity and quality of its provision of services to clients;
8. (8) the service provider must co-operate with the FSA and any other relevant competent authority in connection with the outsourced activities;
9. (9) the firm, its auditors, the FSA and any other relevant competent authority must have effective access to data related to the outsourced activities, as well as to the business premises of the service provider; and the FSA and any other relevant competent authority must be able to exercise those rights of access;
10. (10) the service provider must protect any confidential information relating to the firm and its clients;
11. (11) the firm and the service provider must establish, implement and maintain a contingency plan for disaster recovery and periodic testing of backup facilities where that is necessary having regard to the function, service or activity that has been outsourced.

[Note: article 14(2) second paragraph of the MiFID implementing Directive]

SYSC 8.1.9

See Notes

A common platform firm must ensure that the respective rights and obligations of the firm and of the service provider are clearly allocated and set out in a written agreement.

[Note: article 14(3) of the MiFID implementing Directive]

SYSC 8.1.10

See Notes

If a common platform firm and the service provider are members of the same group, the firm may, for the purpose of complying with SYSC 8.1.7 R to SYSC 8.1.11 R and SYSC 8.2 and SYSC 8.3, take into account the extent to which the common platform firm controls the service provider or has the ability to influence its actions.

[Note: article 14(4) of the MiFID implementing Directive]

SYSC 8.1.11

See Notes

A common platform firm must make available on request to the FSA and any other relevant competent authority all information necessary to enable the FSA and any other relevant competent authority to supervise the compliance of the performance of the outsourced activities with the requirements of the regulatory system.

[Note: article 14(5) of the MiFID implementing Directive]

SYSC 8.1.11A

See Notes

SYSC 8.1.12

See Notes

As SUP 15.3.8 G explains, a firm should notify the FSA when it intends to rely on a third party for the performance of operational functions which are critical or important for the performance of relevant services and activities on a continuous and satisfactory basis.

[Note: recital 20 of the MiFID implementing Directive]

SYSC 8.1.13

See Notes

A management company must retain the necessary resources and expertise so as to monitor effectively the activities carried out by third parties on the basis of an arrangement with the firm, especially with regard to the management of the risk associated with those arrangements.

[Note: article 5(2) of the UCITS implementing Directive]

SYSC 8.1.14

See Notes

SYSC 8.2

SYSC 8.2.1

See Notes

1. (1) In addition to the requirements set out in the MiFID outsourcing rules, when a MiFID investment firm outsources the investment service of portfolio management to retail clients to a service provider located in a non-EEA state, it must ensure that the following conditions are satisfied:
1. (a) the service provider must be authorised or registered in its home country to provide that service and must be subject to prudential supervision;
2. (b) there must be an appropriate cooperation agreement between the FSA and the supervisor in the non-EEA state;
3. (in this chapter the "conditions").
1. [Note: article 15(1) of the MiFID implementing Directive]
2. (2) In addition to complying with the common platform outsourcing rules, if one or both of the conditions are not satisfied, a MiFID investment firm may enter into such an outsourcing only if it gives prior notification in writing to the FSA containing adequate details of the proposed outsourcing and the FSA does not object to that arrangement within a reasonable time following receipt of that notification.
1. [Note: article 15(2) and (4) of the MiFID implementing Directive]
3. (3) For the purposes of this rule a "reasonable time" is within one month of receipt of a notification. However, the FSA may seek further information from the MiFID investment firm in relation to the outsourcing proposal if this is necessary to enable the FSA to make a decision. Any effect this may have on the FSA's response time will be notified to the MiFID investment firm and that revised response time will constitute a reasonable time for the purposes of this rule.

SYSC 8.2.2

SYSC 8.2.3

See Notes

SYSC 8.2.4

See Notes

SYSC 8.2.5

See Notes

SYSC 8.2.6

See Notes

SYSC 8.2.7

See Notes

SYSC 8.2.8

See Notes

A notification under this section should include:

1. (1) details on which of the conditions is not met;
2. (2) if applicable, details and evidence of the service provider's authorisation or regulation including the regulator's contact details;
3. (3) the firm's proposals for meeting its obligations under this chapter on an ongoing basis;
4. (4) why the firm wishes to outsource to the service provider;
5. (5) a draft of the outsourcing agreement between the service provider and the firm;
6. (6) the proposed start date of the outsourcing; and
7. (7) confirmation that the firm has had regard to the guidance in SYSC 8.3, or if it has not, why not.

SYSC 8.2.9

See Notes

SYSC 8.3

SYSC 8.3.1

See Notes

SYSC 8.3.2

See Notes

This guidance sets out examples of the type of actions that a firm proposing to outsource should have undertaken when assessing the suitability of the service provider and its ability to carry on the outsourced activity.

[Note: article 15(3) of the MiFID implementing Directive]

SYSC 8.3.3

See Notes

SYSC 8.3.4

See Notes

SYSC 8.3.5

See Notes

SYSC 8.3.6

See Notes

The following should be taken into account where the service provider is not authorised or registered in its home country and/or not subject to prudential supervision.

1. (1) The firm should examine, and be able to demonstrate, to what extent the service provider may be subject to any form of voluntary regulation, including self-regulation in its home state.
2. (2) The firm should be able to satisfy the FSA that the service provider is committed for the term of the outsourcing agreement to devoting sufficient, competent resources to providing the service.
3. (3) In addition to the requirement to ensure that a service provider discloses any developments that may have a material impact on its ability to carry out the outsourcing (SYSC 8.1.8 R (6)), where the conditions are not met the developments to be disclosed should include, but are not limited to:
1. (a) any adverse effect that any laws or regulations introduced in the service provider's home country may have on its carrying on the outsourced activity; and
2. (b) any changes to its capital reserve levels or its prudential risks.
4. (4) The firm should satisfy itself that the service provider is able to meet its liabilities as they fall due and that it has positive net assets.
5. (5) The firm should require that the service provider prepares annual reports and accounts which:
1. (a) are in accordance with the service provider's national law which, in all material respects, is the same as or equivalent to the international accounting standards;
2. (b) have been independently audited and reported on in accordance with the service provider's national law which is the same as or equivalent to international auditing standards.
6. (6) The firm should receive copies of each set of the audited annual report and accounts of the service provider. If the service provider expects or knows its auditor will qualify his report on the audited report and accounts, or add an explanatory paragraph, the service provider should be required to notify the firm without delay.
7. (7) The firm should satisfy itself, and be able to demonstrate, that it has in place appropriate procedures to ensure that it is fully aware of the service provider's controls for protecting confidential information.
8. (8) In addition to the requirement at SYSC 8.1.8 R (10) that the service provider must protect any confidential information relating to the firm or its clients, the outsourcing agreement should require the service provider to notify the firm immediately if there is a breach of confidentiality.
9. (9) The outsourcing agreement should be governed by the law and subject to the jurisdiction of an EEA state.

SYSC 8.3.7

See Notes

The following should be taken into account by a firm where there is no cooperation agreement between the FSA and the supervisory authority of the service provider or there is no supervisory authority of the service provider.

1. (1) The outsourcing agreement should ensure the firm can provide the FSA with any information relating to the outsourced activity the FSA may require in order to carry out effective supervision. The firm should therefore assess the extent to which the service provider's regulator and/or local laws and regulations may restrict access to information about the outsourced activity. Any such restriction should be described in the notification to be sent to the FSA.
2. (2) The outsourcing agreement should require the service provider to provide the firm's offices in the United Kingdom with all requested information required to meet the firm's regulatory obligations. The FSA should be given an enforceable right under the agreement to obtain such information from the firm and to require the service provider to provide the information directly.

SYSC 9.1

SYSC 9.1.1

See Notes

A firm must arrange for orderly records to be kept of its business and internal organisation, including all services and transactions undertaken by it, which must be sufficient to enable the FSA or any other relevant competent authority under MiFID or the UCITS Directive to monitor the firm's compliance with the requirements under the regulatory system, and in particular to ascertain that the firm has complied with all obligations with respect to clients.

[Note: article 13(6) of MiFID, article 5(1)(f) of the MiFID implementing Directive, article 12(1)(a) of the UCITS Directive and article 4(1)(e) of the UCITS implementing Directive]

SYSC 9.1.2

See Notes

A common platform firm must retain all records kept by it under this chapter in relation to its MiFID business for a period of at least five years.

[Note: article 51 (1) of the MiFID implementing Directive]

SYSC 9.1.3

See Notes

In relation to its MiFID business, a common platform firm must retain records in a medium that allows the storage of information in a way accessible for future reference by the FSA or any other relevant competent authority under MiFID, and so that the following conditions are met:

1. (1) the FSA or any other relevant competent authority under MiFID must be able to access them readily and to reconstitute each key stage of the processing of each transaction;
2. (2) it must be possible for any corrections or other amendments, and the contents of the records prior to such corrections and amendments, to be easily ascertained;
3. (3) it must not be possible for the records otherwise to be manipulated or altered.

[Note: article 51(2) of the MiFID implementing Directive]

SYSC 9.1.4

See Notes

SYSC 9.1.5

See Notes

SYSC 9.1.6

See Notes

Schedule 1 to each module of the Handbook sets out a list summarising the record-keeping requirements of that module.

[Note: article 51(3) of MiFID implementing Directive]

SYSC 9.1.7

See Notes

SYSC 10.1

SYSC 10.1.1

See Notes

1. (1) This section applies to a firm which provides services to its clients in the course of carrying on regulated activities or ancillary activities or providing ancillary services (but only where the ancillary services constitute MiFID business).
2. (2) This section also applies to a management company.

SYSC 10.1.2

See Notes

The requirements in this section only apply where a service is provided by a firm . The status of the client to whom the service is provided (as a retail client, professional client or eligible counterparty) is irrelevant for this purpose.

[Note: recital 25 of MiFID implementing Directive]

SYSC 10.1.3

See Notes

A firm must take all reasonable steps to identify conflicts of interest between:

that arise or may arise in the course of the firm providing any service referred to in SYSC 10.1.1 R.

[Note: article 18(1) of MiFID]

SYSC 10.1.4

See Notes

For the purposes of identifying the types of conflict of interest that arise, or may arise, in the course of providing a service and whose existence may entail a material risk of damage to the interests of a client, a common platform firm and a management company must take into account, as a minimum, whether the firm or a relevant person, or a person directly or indirectly linked by control to the firm:

1. (1) is likely to make a financial gain, or avoid a financial loss, at the expense of the client;
2. (2) has an interest in the outcome of a service provided to the client or of a transaction carried out on behalf of the client, which is distinct from the client's interest in that outcome;
3. (2A) in the case of a management company providing collective portfolio management services for a UCITS scheme, (2) also applies where the service is provided to, or the transaction is carried out on behalf of, a client other than the UCITS scheme;
4. (3) has a financial or other incentive to favour the interest of another client or group of clients over the interests of the client;
5. (4) carries on the same business as the client; or in the case of a management company, carries on the same activities for the UCITS scheme and for another client or clients which are not UCITS schemes; or
6. (5) receives or will receive from a person other than the client an inducement in relation to a service provided to the client, in the form of monies, goods or services, other than the standard commission or fee for that service.