Back to the office or working remotely?: The FCA expectations
While the number of firms returning to the office has seen a significant increase over the past few months, the adoption of hybrid/remote working arrangements remains the prevailing choice for many businesses since lockdown restrictions began to ease earlier this year.
Although there are benefits working from home provides, the trend to maintain these unconventional working arrangements presents inherent risks to both consumers and the market, a reservation expressed by the UK’s financial regulator.
In a recent publication, the FCA released a set of expectations for firms operating in hybrid or remote working arrangements, displaying concerns in the ability of firms operating in this manner to provide a sufficient standard of regulatory oversight, in addition to the impact this would have on their supervisory capacity.
Under this publication, the FCA has asked hybrid/remote working firms to display how they ensure to mitigate the damage they may have on the integrity of the market, such as a reduction in competition or an increase in the risk of financial crime that may occur through insufficient internal control. Moreover, firms must show that they have in place the necessary systems and controls to continue to meet their consumers needs effectively, ensuring their working arrangements provide no detriment to the end client.
Firms will need to be able to prove they have considered the associated risks and can supervise the operations of the firm and any outsourced functions at each level of the organisation. Details outlining the implementation of policies and procedures across the business which address financial crime risk and the various documentation requirements should be included, as well as control functions for assessing and mitigating risks and ensuring regulatory compliance. This includes internal audits and conducting appliable senior management functions mandated by the SMF regime.
Furthermore, the FCA make specific reference to the threshold conditions of authorisation and registration to conduct the regulated activities for which they have been granted permission, meaning firms must ensure the principal place of business and registered office remains within the guidelines for incorporation in the UK. The physical location of directors and other senior managers has been identified as an important factor in meeting the threshold to be located within the UK, in addition to the location of central administration and compliance functions. For firms operating in the absence of an office location, it must be proved that the nature, scale and complexity of the firm’s activities are reasonable to warrant this form of organisation.
The FCA’s supervision
In the intent to effectively supervise the operations of firms, the FCA has demanded full disclosure of any location where the business activities of the firm are carried out, including the home addresses of employees, and outline how this information will be kept up to date. Firms must also indicate that employees will be made aware of the possibility for both supervisory and enforcement visits to their residences and acknowledge the impact that working from home (if this is the location of work) may have upon other individuals at their residences.
Lastly, the potential exacerbation of data, cyber and security risks associated with hybrid/remote working arrangements need to be considered. Firms should address how and where both physical and digital files will be securely stored and accessed, the extent of the firm’s digitalisation, and the mitigation measures in place to protect this data from cybercrime.
For firms currently authorised in the UK, the arrangements will be assessed on a “case-by-case” basis. Any material changes in authorised firms’ business models should be notified to the FCA in accordance with the principle 11 requirements. For firms applying for authorisation or registration, applications should cover the aspects outlined above as a supplement to meeting the current obligations.
Find out more
Laven, our consultants are on hand to help identify the actions your firm needs to take to ensure you are compliant with new regulations and aware of all the risks outlined in this report. Whether this is through assisting with new policies and procedures that need to be put in place or providing online/in-person training for staff to make them fully aware of the regulatory burden.
Laven has also built Laven Tech, a unique Regulatory Technology (RegTech) solution that leverages advanced technology combined with our vast subject matter expertise. Our RegTech solution is designed to assist fund managers, service providers and investors to meet today’s growing demands.
