COMPLIANCE OFFICERS

1
COMPLIANCE OFFICERS WORKSHOP 

• MiFID Systems and Controls

2
MiFID

• Agenda
• Overview
• Areas Applicable
• General Organisation including Business
  Continuity
• Employees including Senior Managers

3
MiFID

• Agenda
• Compliance and Internal Audit
• Risk Controls
• Outsourcing
• Record Keeping
• Conflicts of Interest
• Deilverables included in your pack

4
MiFID

• Overview
• Common Platform
• Super equivalence
• Remember proportionality
• New SYSC Rulebook
• Commencement 1st January 2007 for CRD firms and
  1st November 2007 for MiFID firms

5
MiFID

• General Organisation
• Tightening of requirements and increased Senior
  Management responsibilities compared to SYSC 3
• Requirements are
• Robust Governance
• Sound decision making
• Clear and effective Organisational structure

6
MiFID

• General Organisation
• Adequate Internal Controls
• Effective Internal communication (MI)
• Adequate safeguards for the security, integrity
  and confidentiality of information
• Accounting unified standard
• Obligation of continuous Monitoring

7
MiFID

• General Organisation
• Formal Verification of Compliance with the
  Regulatory System -
• Very much only under consideration at the moment
• Retain guidance on the Audit Committee
• Business Continuity

8
MiFID

• General Organisation
• MiFID requirements wider
• Require planning for an interruption to
  business activities
• FSA Policy on the responsibilities of Senior
  Managers under review
• Likely to increase

9
MiFID

• Employees
• FSA will require
• Awareness of procedures
• Segregation of duties
• Employees to be competent and have the
  appropriate skills, knowledge and expertise
• Firms to monitor both their systems and
  individual employees on a ongoing basis

10
MiFID

• Compliance
• Creation of a good Compliance culture a priority
• Compliance to be independent (unless
  disproportionate)
• However, then a test of effectiveness applies

11
MiFID

• Compliance
• Regular Monitoring Programme
• Effective Policies and procedures
• Identification of Risks if non compliant
• Compliance Officer to report to Board

12
MiFID

• Internal Audit
• Viewed as part of the Compliance arrangements
• Must be separate from Compliance and/or Risk
• Internal Auditor responsible for audit plan and
  verifying compliance with recommendations

13
MiFID

• Internal Audit
• Internal Audit review of Compliance?

14
MiFID

• Risk
• Guidance replaced with High Level Rules
• Covers all employees
• Risk Management Strategy covering
• Risk assessment
• Sets the level of Risk tolerance
• Risk management arrangements

15
MiFID

• Risk
• Create Risk strategies and policies
• Regular Monitoring of compliance
• Provision of Reports to Board (MI)
• Risk function to be independent of Compliance and
  Internal Audit
• Internal Auditor to review Risk function

16
MiFID

• Risk
• For Firms also subject to the CRD the following
  will also be part of the Risk Management
  Strategy
• Credit and Counterparty Risk
• Residual Risk
• Market Risk

17
MiFID

• Risk
• Operational Risk covering identification,
  management, monitoring and reporting of operating
  risks including low frequency high severity risks

18
MiFID

• Outsourcing
• MiFID requirements apply to outsourcing of
  critical or important functions
• Will apply to all firms activities
• Outsourcing must not
• Impair Internal Control
• Ability of FSA to supervise Firm

19
MiFID

• Outsourcing
• Result in the delegation by Senior Managers of
  their responsibility
• Relationship with clients must not be altered
• A series of conditions set out in SYSC 8.1.8 must
  be fulfilled (see pack)

20
MiFID

• Record Keeping
• Documents to be retained for a minimum of 5 years
• Little change here
• Taped Telephone Conversations to be retained for
  1 year

21
MiFID

• Conflicts of Interest
• A recurring theme in MiFID
• Of huge interest to FSA
• Refer to Dear CEO Letters of November 2005
• Applies to all categories of clients
• Disclosure is no longer the default position

22
MiFID

• Conflicts of Interest
• Firm must have a written Conflicts policy
• Firms to identify potential conflicts and how
  these are to be managed
• Also applies to Conflicts that employees might
  have or cause the firm to have
• Firm should create appropriate procedures to
  manage Conflicts

23
MiFID

• Conflicts of Interest
• Examples when Disclosure not an appropriate
  measure
• Firms trades as a principal and has advisory or
  discretionary clients
• Firm is advising an issuer and has advisory or
  discretionary clients interested in investing in
  the offer

24
MiFID

• Conflicts of Interest
• Firms clients have competing interests
• Conflicts affecting retail clients
• Disclosure appropriate only in limited
  circumstances affecting professional clients
• When a firm is a member of a Group the interests
  of other parts of the Group need to be considered

25
MiFID

• Conclusion
• Increased documentation and procedures
• Greater responsibilities for Senior Managers
• Greater Responsibility for Compliance Officer and
  Internal Auditor
• Mostly revised policies but some IT implications
• Especially the need for greater MI

26
MiFID

• William Macdonald
• Managing Director
• Craigcrook Management Services
• 198 Craigcrook Road, Edinburgh
• Tel 0131-312-7501 Mobile07889-534743
• Email william.macdonald_at_craigcrookms.co.uk