New CSSF Circular 18/698 Aug 2018:
On 23 August 2018, the CSSF published the long waited, new CSSF Circular 18/698 on the “authorization and organization of Luxembourgish investment management companies.
The new CSSF circular 18/698 has been expanded; it now applies to both UCITS management companies and alternative investment fund managers, as well as management companies.
The circular sets out the existing practices that were applied by the CSSF as well as some specific new requirements in relation to the governance; central administration and internal controls; the fight against money laundering and terrorist financing; key functions such as delegated activities, marketing, internal administration, and procedures; and valuation.
EBA Consultation Paper June 2018:
On The European Banking Authority (EBA) launched a public consultation on its draft Guidelines on outsourcing. These Guidelines, which review the existing CEBS Guidelines on outsourcing published in 2006, aim at establishing a more harmonised framework for outsourcing arrangements of all financial institutions in the scope of the EBA's action.
The draft Guidelines provide a clear definition of outsourcing and specify the criteria to assess whether or not an outsourced activity, service, process or function (or part of it) is critical or important.
CBI Outsourcing Guide Dec 2018:
The Central Bank of Ireland’s (CBI) latest discussion paper highlights a trend in regulator interest and oversight of outsourced activity by asset managers and other financial firms. The paper turns up the heat on those responsible for overseeing an increasingly complex and globally dispersed supply chain of data and operations.
FCA Sep 2018 Update on Banks and Building Societies Outsourcing
The FCA have completed a review of retail banks’ use of outsourcing. The potential types of harm arising from outsourcing include service disruption (impacting consumers’ access to products and services) and poor customer service. They focused on firms’ approaches to outsourcing and did not test whether these are mitigating the risk of harm in practice. They listed key areas to be considered.
The FCA have updated the draft guidance in the following areas: physical access to business premises, including data centres; the scope of firms’ obligations relating to supply chain and sub-contracting arrangements; clarifying expectations around aspects of risk management, including concentration risk; points around the choice and control in relation to the jurisdictions where data is processed, stored and managed; the provisions to ensure firms have effective access to data; specific expectations around exit plans.
As a direct result of increased regulatory activities such as the FSA ‘Dear CEO’ letter and the Central Bank of Ireland Thematic Review on Outsourcing, in July 2013 an industry-wide group was formed, called the Outsourcing Working Group (OWG), specifically to address the concerns and issues raised by the FCA from the perspective of both the asset management industry and the service provider community. The attached report contains the key findings of the OWG, highlighting a set of ‘Guiding Principles’ and ‘Considerations’ that firms should take into account depending on the nature, size and scope of their outsourced arrangements.
Following a thematic review on outsourcing, the FCA published a report of its findings and recommendations on 4 November 2013. The report focused on two key themes; ‘Resilience Risk’ – asset managers having inadequate contingency plans in place to deal with a failure of their service provider, and ‘Oversight Risk’ – asset managers applying inadequate oversight of their service provider. The report details examples of both good/poor behaviours and/or process, as well as outlining recommended next steps for asset managers.