Please enable JavaScript.
Coggle requires JavaScript to display documents.
Compliance records and reports (Dealing with clients (Copies of all fact…
Compliance records and reports
The basis of providing the evidence needed in order to comply with regulations is the making of adequate assessments of risk that might arise, the making of plans to mitigate that risk and then plans to monitoring compliance
Dealing with clients
Copies of all fact finds, new business questionnaires, application forms, client due diligence documents
Reasons for the recommendations made to clients
The basis of those recommendations and the source of information
Any agreement with clients
Evidence if a transaction was on an execution only basis
Documentary evidence of transactions
Evidence of any conflicts of interest and how they were handled
Documentary evidence of transactions
Internal and external auditing reports should be undertaken on an annual basis as far as is practicable
Financial records
Daily records of income and expenditure, assets and liabilities
Records to enable the internal auditor to satisfy the regulator's requirements
Service providers holding clients' money must observe additional special regulations
All regulated service providers must produce annual accounts but some may be required to produce information to their regulator more frequently, depending on their category
Any capital adequacy and liquidity requirements should be noted
Any large exposures should be identified and monitored and reported as required
Any financial discrepancies, errors and near misses should also be kept on record
Personnel records
Records of the appointment and dismissal of employees and appointed key personnel such as managers and directors should be vetted for fit and proper purposes
The four eyes (or in some cases six eyes) criterion should be monitored and adhered to at all times
Records should show that adequate references and where necessary, that the approval obtained from the regulator were taken up before appointed
Qualifications should be authenticated and if appropriate, Personal Questionnaire Forms completed and tabled with the regulator
Permission for changes and amendments where required has been obtained
Advertising records
Copies of each advertisement
Records of who authorised each advertisement and the date of last issue of an advertisement
Where and when used should also be noted
Periodical reviews
Copies of the reviews and/or returns should be maintained on file and the reviews should highlight what has not been included in the review as well as details of what has been included. This will then evidence the extent of the review boundaries
Complaints records
Details of complaints, resolution and procedures implemented
Risk management
Details of risk mapping and contingency planning should also be capable of being identified, recorded, evaluated and monitored
The examination of worst case scenario should be included and the acceptable risk tolerance set, the reporting system and testing policies should also be included
Reporting to the board
The compliance management information should be reported to the board at their quarterly meetings
Training and education
Details of the training and education plans for all employees, including AML competency and continued personal development (CPD) should be recorded and maintained up to date
Communicating with the regulator
This is an ongoing function of compliance and should ensure that an open and transparent relationship is maintained
Records must be adequate for their purpose and for the needs to the regulators. Ideally they should be in a standard format as this makes checking easier
Records should be retained by the CSP. This will in certain cases relate to the time elapsing after the client relationship and / or employment that been ceased and should be available for inspection by their regulator at any time
The CSP itself may need instant access to records in the event of a complaint, inspection or investigation
Compliance reports
Should be prepared by the compliance department to senior management of the CSP on a regular basis
May include
New and closed account report
Annual account review report
Large cash balances and overdraft report
Revenue and expenses report
Product and profitability report
Customer complaints report
Pending litigation report
Suspense and operational accounts report
Errors and omissions report
Breaches report
Rejected business report
Outstanding fees report
PEP report
Training of employees report
Outstanding periodic reviews report
The potential risks associated with fraud and embezzlement must be considered as part of the compliance and audit role
There must be a clear segregation of duties for keeping accounts and effecting transactions from tat of the officer carrying out the trustee function