Insert: Business Continuity
[As a BCP/ DR plan is comprehensive, confidential and business specific, you should reference the location of the document here as oppose to including the full content in your manual. We have included a basic BCP Template in 02_Manual_Supporting_Documents.]
7.3 Compliance
The company has a regulatory and ethical responsibility to ensure that we develop, implement and maintain adequate and effective policies and procedures to ensure that the firm, it’s business activities, staff and manager are all compliant with their obligations under the regulatory system.
This Compliance Manual provides the policies, procedures and guidance information that is used to ensure this compliance and the training and dissemination of any such documents throughout the firm.
7.3.1 Compliance With the Rules
SUP 15.3.11 of the FCA Handbook requires a firm to notify the regulator (and any other relevant party, e.g. the customer, ICO, 3rd parties etc) of any breaches of rules and other requirements in or under the Consumer Credit Act 1974 or breaches of the FCA Handbook rules. the company has robust and documented compliance breach procedures for any instance of compliance failings, which are disseminated to staff within this manual and as part of their induction and ongoing compliance training.
SUP 15.3.11 states that a firm must notify the FCA of:
- A significant breach of a rule (which includes a Principle, a Statement of Principle or a COCON rule)
- A significant breach of any requirement imposed by the CCA or by regulations or an order made under the CCA
- A breach of any requirement imposed by the Act or by regulations or an order made under the Act by the Treasury
- The bringing of a prosecution for, or a conviction of, any offence under the Act or the CCA
- A breach of a directly applicable provision in the MiFID Regulation
- A breach of a directly applicable provision in the EU CRR or any directly applicable regulations made under CRD or the EU CRR
- A breach of any requirement in regulation 4C(3) (or any successor provision) of the Financial Services and Markets Act 2000 Regulations 2007
Notifications made by the company of any compliance breach under SUP 15.3.11, the ICO regulations or our own internal breach protocols include: –
- Information about any circumstances relevant to the breach or offence
- Identification of the rule, requirement or offence
- Information about any steps that the firm or authorised person has taken or intends to take to rectify or remedy the breach or prevent any future potential occurrence