This week, the UK Financial Services Authority published another “Dear CEO” letter, this time aimed at compelling insurance brokers and investment firms to improve the way they protect client assets, including record keeping considerations. The letter, sent by the FSA’s managing director of risk, Sally Dewar, warns that firms must take heed of the regulator’s client money and custody requirements (CASS) or face further action.
Dewar’s letter is a response to the findings of the regulator’s recent report into firms’ compliance with FSA Principle 10, which states that a firm must arrange adequate protection for clients’ assets when it is responsible for them. The report is itself a follow up to the FSA’s “Dear Compliance Officer” letter, issued back in March last year, in which it warned firms of the impending research into their client asset management practices.
The FSA has indicated that many of the 50 firms it surveyed during the six month research period were found wanting in terms of their control of client assets, including their recordkeeping and data management around the storage of these assets. Thus far the regulator has taken action against four firms by freezing one firms assets, banning another from taking on new business and referring two others to its enforcement division for possible disciplinary action.
This is all part of the regulator’s crackdown on the systems and controls aspects of its overall regulatory reporting regime. It is seeking to prove its seriousness in cracking down on those that are found to be lacking. “This intensive supervision will persist and we will continue to take action where we believe that client assets are not sufficiently protected,” warns Dewar in her letter.
The range of problems identified in the report must be tackled immediately and due diligence must be restored, the FSA contends. Much like the FSA’s recent letter on liquidity risk, these CEOs must now write back and confirm that they are taking heed of these problems.
The next month or so should see an increase in investment in firms’ compliance systems and controls in order to meet these demands. This will likely include an extra level of data scrutiny with regards to providing an audit trail for the storage of these client assets.