Return to site

Regulatory round-up: June 2017

Cyber security and Appointed Representatives in the spotlight

· Regulatory update,Cyber Security

June's FCA round-up is dominated by the issue of cyber security. We know from recent client training days that this is a real growth area for compliance officers - especially in the FinTech sector, where cyber often underpins whole business models. Never one to miss a trick, the FCA has this month published a new one-page reference guide on good cyber security for regulated firms.

According to the FCA's stats, it received 90 cyber-related notifications last year, up from single figures two years ago. And it's probably worth questioning whether this is comprehensive, as we suspect many firms don't realise they have a regulatory duty to report material breaches. If a cyber incident results in data loss, unauthorised access to information, or could impact large numbers of clients, firms are required to make a PRIN 11 notification.

With the number of high profile cyber incidents growing, it's worth taking time to review your firm's approach, and consider whether your disaster recovery and business continuity plans are fully up to date.

Also on the FCA's radar this month is a recently completed piece of follow up work on Appointed Representatives (ARs), that will be of interest to both principal firms and ARs themselves. In July last year, the FCA conducted a thematic review of AR relationships in the general insurance sector, and found many shortcomings. This month, it has released the findings of follow up work showing:

  • Widespread failings in how principals are overseeing relationships with their ARs. In particular, the review found that firms are not giving adequate consideration to the impact of an AR's appointment on their business, and are often not undertaking adequate due diligence.
  • Problems with ARs involved in the sale of warranty insurance products.
While the second issue is clearly insurance-specific, firms across all sectors would do well to take note the more general findings. In our view, it's entirely possible that this sectoral review could form the basis of a wider FCA inquiry into AR relationships - especially since the regulator wasn't happy with what it found.
If you'd like a refresher on the various FCA rules affecting AR principals - including pre-appointment checks, ongoing monitoring, training, and financial solvency checks - please don't hesitate to get in touch with a member of the team.
All Posts

Almost done…

We just sent you an email. Please click the link in the email to confirm your subscription!

OKSubscriptions powered by Strikingly