Regulatory Principles and Rules

What is the “general prohibition” under regulatory principles

It is an offence to carry out regulated activities unless you are authorised or exempt.

What is the key rule for authorised persons

They can only carry out regulated activities that they have specific permission for

What happens if a firm is previously authorised under older legislation (Banking Act 1987, Insurance Companies Act 1982, FSA 1986)

They are automatically re-authorised (grandfathered in).

Are firms authorised by Recognised Professional Bodies (RPBs) automatically carried over

No, they are not grandfathered and must apply for fresh authorisation.

What must new firms do to carry out regulated activities

They must apply for authorisation; if refused, they can appeal to the Upper Tribunal (Tax and Chancery Chamber).

What does “by way of business” mean for regulated activities

It considers continuity, commercial element, and scale of activity

What are regulated activities

• Banking activities: accepting deposits/issuing e-money

• Insurance activities: affecting/carrying/administering out contracts of insurance

• Investment activities: arranging, managing, dealing, safeguarding investments

• Home finance activities: advising or arranging home finance activities

• Scheme operator activities: establishing, operating or winding up collectives or stakeholder pension schemes

• Investment intermediary

• Insurance intermediary

• Investment management

• Credit-related

What does “exempt status” mean

Carrying out regulated activities without authorisation under specific exemptions (e.g. appointed representatives, DPBs, public bodies)

What is an appointed representative

A firm acting under a contract with an authorised principal who accepts responsibility in writing for its activities.

Who is responsible for an appointed representative’s actions?

The principal (the authorised firm).

What is a Designated Professional Body (DPB) exemption

Members (e.g. accountants, actuaries) can carry out incidental regulated activities without authorisation.

When do DPB firms need full authorisation

When carrying out non-incidental activities like selling life insurance or arranging investments.

What is required to carry out regulated activities as a firm

Part 4A permission from the regulator (FCA/PRA depending on activity).

Can authorisation be transferred when a firm changes legal status?

No — firms must re-apply for authorisation.

What are other exempt bodies from authorisation

Bank of England, local authorities, and various government bodies

What are authorised firms responsible for and what must they do

• conduct of all employees, agents and ARs

• have systems in place to manage risks (including capital adequacy)

• ensure all individuals carrying out senior manager functions / controlled functions are approved by FCA

• responsible for advice given by representatives

Senior managers regime

• Have statement of responsibilities

• Firm responsibilities map ties statements together

• Require pre-approval

• Fit and proper assessed yearly

• Statutory duty to take reasonable steps to prevent regulatory breach – can be held personally accountable

• Directly authorised by PRA/FCA

Certification regime applies to

• Significant management functions

• Proprietary traders

• CASS operational oversight function

• Functions subject to qualification requirements (e.g. advisers and their supervisors)

• Client dealing function

• Supervisors of certified functions where they are not a senior manager

• Material risk takers

• Algorithmic trading

• Paraplanners, depending on the scope of their duties

What is required of the certification regime

• Do not require FCA approval – instead, assessed and certified by own firm

• Must be re-assessed annually

• Certificate provided each time

• Must be listed in the Directory

Conduct rules

• Apply to senior managers, certified persons and most employees in authorised firms

• Two tiers, first for all then second for seniors only

• Firm’s responsibility to ensure everyone aware of rules and to take action if people don’t follow them

Three tiers of firms

• Core – comply with base line requirements

• Limited scope – small firms, exempt from some base line requirements

• Enhanced – very large firms, additional requirements, additional senior management roles, extra prescribed responsibilities, an overall responsibility requirement, responsibilities maps and handover requirements

Main senior management functions

• Governing – including chief executive, executive director, group entity senior manager, chairs of governing body, risk, audit, remuneration and nominations committees, senior independent director, head of 3rd country branch, partner

• Systems and control – chiefs of finance, risk and operations, head of internal audit

• Required – compliance oversight, money laundering reporting officer, other overall responsibility, limited scope function

Disciplinary powers

• FCA/PRA can remove approval, fine, make a prohibition order

• Individuals are held accountable for breaches if don’t take reasonable care to prevent them

Authorised person

Business carrying on regulated activities (can be company, partnership or sole trader)

Approved person (appointed reps and non-SM&CR firms)

Individual approved to carry out controlled function

Controlled functions are those which involve

• Significant influence on conduct of authorised person’s affairs

• Dealing with customers in regulated activity

• Dealing with property of customers in connection with regulated activity

Significant influence function (you need to be an approved person to perform a significant function)

• Governing function

• Required function

• Systems and controls function

• Significant management function

• Customer function (CF30), includes financial advisers

Appointed representatives (ARs)

• Has contract with authorised person – their principal – who takes responsibility for their action in writing

• Full ‘AR’ – gives advice

• Introducer AR – makes introductions and distributes adverts

Appointed representatives cannot

• be both an AR and authorised

• hold client assets for longer than necessary to deal with them (max 28 days) and cannot hold client money

Appointment of AR

Firm appointing AR must ensure appointment does not mean breach of threshold condition, that AR is solvent, has no close links and that firm has adequate controls and will comply with requirements

Multi-principals

• Investment business can only be AR of one firm

• Mortgage business can have separate principals for different classes of business

• Insurance business can have number of principals

• If AR has more than on principal, needs multi-principal agreement with all firms

Termination

If principal terminates, must advise AR in writing and notify FCA within ten business days

Oversight of ARs

FCA rules in 2022 regarding effective oversight of ARs intended to prevent misconduct undermining safe market operations

Record Keeping

• Indefinitely - pensions transfers, pension opt-outs and FSAVCs

• Five years - life and pension contracts (financial promotions six years)

• Five years – most other cases, non MiFID - three-year requirement

FCA requires regular returns and to be informed of developments on

• Shareholdings (10%)

• Close business links (20%) e.g. subsidiaries

• Financial resources

• Complaints

• Electronic reporting on RegData system

Persistency

Product providers must report annually on figures over first 4 years of a contract

Complaints

Firms must submit reports twice yearly split by product type

Notification requirements

• Must deal with regulator in open and cooperative way

• Tell FCA immediately of regulatory issues

• Tell FCA in advance of changes to core info, e.g. address, legal status

• If give wrong info and discover this, tell FCA

Training and Competence (T&C)

• Rules apply to retail business only

• Rules no longer apply to non-UK domiciled firms

• Applies to specific employees, including advisers, their supervisors and overseers of key administration functions

Recruitment and competence

• Must take into account existing knowledge and skills plus qualifications

• Employees cannot engage in activities unless assessed as competent in that area or are supervised

• Cannot deal with retail clients unless passed approved exams and have adequate knowledge/skills

• 35 hours appropriate CPD a year, including 21 hours structured

Additional CPD requirements

• Extra 15 hours CPD for pension transfer specialists (on top of 35 hours)

• 15 hours CPD for those covered by Insurance Distribution Directive (can be part of 35 hours, providing it is relevant)

Training records and exams

• Keep at least three years (non-MiFID) or five years (MiFID) or indefinitely in the case of pension transfer specialists

• List of appropriate exams for various authorised activities

• Specific exams for various specialised activities

• New entrants have 48 months to complete exams

Supervision

• Supervisors need an appropriate qualification

• Should have technical knowledge, assessment & coaching skills

• High intensity of supervision for pre-competent advisers

A firm must notify FCA if any of its advisers

• assessed as competent is no longer competent

• failed to attain qualification within prescribed time

• perform a regulated activity without being competent and without supervision