Category: Insights

VCC Regime: Singapore to become a fund managers hub

The introduction of the Variable Capital Companies legislation – known as VCC – in Singapore is a game-changer for the fund management industry. The MAS have now issued the third part of their proposed framework for Variable Capital Companies. This development in Singapore looks set to usher in a new era of options for fund and wealth managers from all over APAC and the Globe.

While this scheme has seen a couple of incarnations during the past few years from what was known then as S-VACC to VCC, Singapore looks set to be an attractive business destination and to keep investors hoping to re-domicile locally. The three parts of the framework cover the operational aspects of the VCC set up, its AML/CFT requirements and finally the winding down process for the vehicle.

It’s important for any firm affected by this to revisit and act on each part of the VCC framework. We outline the key points below.

Part 1: Consultation Paper on the Proposed Framework for Variable Capital Companies

The Variable Capital Companies Act was passed in Parliament on 1 October 2018. The Act provides the framework for the incorporation, operation, and regulation of a new corporate structure that is tailored for collective schemes, known as the variable capital company.

Key points in the consultation include the following:

  1. Re-domiciliation of foreign entities to Singapore as VCCs must provide the documents set out in the regulations to the Registrar at the time of registration.
  2. Registration of sub-funds.
  3. Fit and Proper criteria of Directors.
  4. Authorizations / Recognition of a CIS constituted as a VCC or sub-fund in Singapore.
  5. Amendments to the Securities and Futures Regulation (Collective Investment Scheme) – known as SFR(CIS).
  6. Amendments to the CIS Code.

What are the requirements to set up this fund?

  • Audit requirement: VCC will need to be subjected to an annual audit by a Singapore-licenced auditor and audited financial statements must be made available to all shareholders custodians.
  • Fund manager: the VCC must appoint a Fund Manager that is based in Singapore and is licenced or registered with the MAS.
  • Board of Directors: At least one Director who is also a Representative. This applies to fund managers of restricted schemes or at least three Directors for a VCC which is under an authorised scheme.

What are the benefits of setting up this structure?

  • The ease of payment of dividends from capital.
  • Redemption of shares made easy at a given NAV.
  • It is seen to be cost effective by setting-up an umbrella structure with a number of sub-funds.
  • There is a level of privacy as the shareholders will not be made public.
  • Assets and liabilities of each sub-fund will be and should be clearly defined and separated.
  • The sub-funds can share a Board of Directors and have mutual service providers which will allow the company to make substantial operational efficiencies, thus save on costs.

Not to mention Tax Exemption awarded to the fund vehicle, S13R and S13X which removes the requirement to file more than one tax returns for sub-funds.

Part 2: Consultation Paper on the Proposed AMLCFT Notice for Variable Capital Companies

On April the same year, the MAS issued a consultation paper on the proposed notice on prevention of money laundering and countering the financing of terrorism (AML/CFT) for VCCs. The consultation paper sets out the AML/CFT requirements for VCCs and draws reference from international best practices and the standards set by the Financial Action Task Force. Though it is safe to note, these requirements do not stray very far from the existing Notices and Guidelines.

What are the main highlights?

VCCs are required to engage a MAS-regulated financial institution, for example banks or CMSL holders to conduct checks and perform measures to comply with AML/CFT requirements. They are also required to put in place internal policies and procedures, and appropriate compliance, audit, and training procedures. A register of beneficial owners and nominee directors needs to be maintained and made available to law enforcement authorities.

A VCC which acquires another VCC can rely on the customer due diligence measures already performed by the acquired entity on its customers, provided that the VCC has no doubts or concerns about the veracity of the adequacy of the information acquired.

Equally, the VCC must have policies and procedures in place to address compliance, audit and training for all staff including directors of the VCC on its AML/CT obligations.

Part 3: Consultation Paper on the Proposed Framework for Variable Capital Companies

In July, 2019, the MAS issued the Consultation Paper on the Proposed Framework for Variable Capital Companies Part 3, which sets out MAS’ proposed subsidiary legislation relating to the insolvency and winding up of a variable capital company and its sub-funds.

The VCC Act 2018 essentially applies the existing insolvency and winding up regime for companies under the Companies Act and the Bankruptcy Act, with specific modifications for a VCC and its sub-funds. These specific modifications are now elaborated in the proposed VCC Insolvency Regulations.

It should be noted that the existing insolvency and winding up regime for non-VCC companies will be replaced by a new Insolvency, Restructuring and Dissolution Act 2018 (IRDA), which has been passed by Parliament but has not yet come into effect. When the IRDA comes into effect, the MAS intends for the insolvency and winding up regime for a VCC and its sub-funds to be aligned with that of the insolvency and winding up regime for other corporate structures in Singapore under the IRDA.

Bovill can provide advice on any element of the VCC framework as well as the broader regulatory regime in Singapore. Let us know how we can help.

Cracking culture in wholesale brokers

Cracking culture in wholesale brokers

The FCA’s April Dear CEO letter to wholesale brokers raised serious questions about how the industry operates. When it comes to embedding a culture of good conduct and keeping pace with recent regulatory change in wholesale brokers, the FCA has concerns. In their view, culture is poor in many broking firms and is further undermined by ineffective remuneration arrangements and weak governance frameworks. Given culture is at the forefront of the FCA’s agenda, being able to demonstrate you’re meeting expectations in a tangible way is key. Your approach to remuneration is a good place to start. And while SMCR might seem like a burden, it’s also an opportunity to empower senior management to build a strong culture of conduct and compliance.

Culture and mindset

The theme of good culture runs throughout the Dear CEO letter. Indeed, the concerns the FCA outline around remuneration and governance can both be drawn back to their broader issue with culture in the world of broking. Changing your approach to remuneration and governance can also help to foster the good culture so sought after by the regulator. We suggest tangible changes, understanding that discussing culture in the abstract provides little help to firms looking to satisfy an ever-stricter regulator.

Remuneration arrangements

Remuneration is a key tool for any firm looking to foster a culture that puts a premium on good conduct. However, the Dear CEO letter points to a worrying lack of awareness in the industry around the FCA’s expectations for remuneration arrangements. A chief culprit, the FCA say, is the basic model of payments to brokers in proportion to the revenue they generate, with little provision made for adjustments to encourage good conduct.

The challenge for brokers centres around demonstrating their remuneration framework not only rewards staff for making money but also punishes them when it is made in a manner not consistent with FCA rules and principles. And firms need not lose undue sleep when considering what constitutes unacceptable behaviour. The UK is awash with regulation to protect customers and market stability. For many brokers, the problems around conduct stem from staff feeling able to ignore these rules without fear of punishment. You can promptly strengthen your position if you link your remuneration practices to these rules through the consideration of regulatory breaches and failures to follow protocol during salary and bonus reviews. It’s perfectly fine to reward the top biller, but only if this approach is tempered by consideration of the manner in which the money is earned.

Simply put, your top performers and highest paid need to be those who make money for the firm while fulfilling their obligations to their customers and the market. And while any change to remuneration is hard to implement – people are understandably watchful when it comes to their pay packet – improvements in this area will be a sure way to improve your culture and curry favour with the FCA. The regulator accepts that embedding a new culture can take time, but firms need to be able to demonstrate progress and positive direction of travel.

Oversight of fee earners

Linked to the remuneration challenge is the concern that the importance of broking revenue provides the “star performers” on the trading floor with levels of power that neuter efforts to hold them to account. While the FCA’s ideal situation is one in which Risk and Compliance have the final say on matters of customer and market protection, this is often rendered impossible by the need to keep a firm’s main breadwinners happy. There is, they fear, a balance of power that deters senior management from driving an agenda that puts compliance with the rules and respect for the customer front and centre.

The FCA hope that SMCR will act as an antidote for a culture in which senior management are not willing to challenge poor behaviour. With SMCR placing a greater burden on key individuals to own responsibility for good conduct, it will no longer be an option to give the top fee earners free reign. After all, once SMCR has come into force, failure to own responsibility for front-office conduct could cost you your job and even your career. And it’s also worth noting that SMCR is about more than senior managers and certificated persons. Even those who avoid the privilege of falling into these categories will be caught by the Conduct Rules. And with firms being required to inform any future prospective employers of serious shortcomings in employee conduct, it is easy to see the balance of power moving away from the fee earners and towards those who want a balanced approach to making money.

Embedding good culture in wholesale broking

If you have concerns about how your firm is positioned, remember that culture is at the forefront of the FCA’s agenda and brokers need to find tangible ways to change accordingly. A balanced approach to remuneration is one of these very tangibles that can enable you to foster a better culture. And while SMCR might seem burdensome, you should view it as an opportunity to empower senior management to build a strong culture of conduct and compliance.

All brokerages need to ask themselves three questions:

  1. Are we making money in an environment that considers outcomes not only for our balance sheet but also for our customers and the market as a whole?
  2. Is our talk of good culture purely aspirational or do we reward those who follow it during pay and bonus reviews?
  3. And are we using SMCR as an opportunity to better align our business with FCA expectations?

When you’ve honestly considered these questions, you can determine if your firm is where it needs to be. If not, SMCR is three months away and the work required is the perfect opportunity to implement the required change.

Responding to the FCA’s Dear CEO letter to wholesale brokers

Bovill is working with the broker community to respond to the FCA’s Dear CEO letter in a number of areas. We can provide a comprehensive healthcheck against all of the issues raised by the letter, and also regularly help firms to develop their regulatory compliance frameworks.

Available now:

Coming soon:

  • Market Abuse

Singapore Digital Banking Licences met with enthusiasm

The MAS’s recent announcement that it was accepting applications for digital banking licenses was met with enthusiasm in the market. The variety of firms types reported to considering making an application is striking despite the cautious approach being adopted by the Singapore regulator.

On the 29 August 2019, the MAS began to accept applications for new digital bank licences from firms including non-bank players. Up to two licences will be issued to digital full banks, which will be allowed to take deposits from and provide a wide range of financial services to both retail and non-retail customer segments, and up to three digital wholesale bank licences which will be permitted to serve SMEs and other non-retail segments.

The term ‘digital bank’ generally refers to banking entities that operate without brick and mortar branches. Singapore’s reason for going into the digital banking space is to enable these banks to reach a wider segment of customers, lower their costs and potentially automate much of the blockages slowing down typical banking operation. The license is specifically being implemented to help serve underserved segments of the general population, like small businesses.

Singapore’s announcement also comes as Hong Kong recently handed out eight virtual bank licences. The MAS is clearly keen to remain competitive as a Fintech hub, as well as invigorating their domestic banking sector.

Applying for a new digital banking licence in Singapore: what you need to know

Local banks need not re-apply for a Digital Banking Licence

The MAS have clarified that local banks already licenced in Singapore can begin to launch their own digital bank without the need to apply for a separate licence. This “new” licence will be an add-on to the bank’s already approved full banking licence and will continue to be regulated under existing internet banking regulation introduced in 2000.

Two types of Digital Banking Licence

  • Digital full bank licences

    These allow licensees to provide a wide range of financial services and take deposits from retail customers. They will operate as a restricted bank and must have an initial paid-up capital of S$15 million with aggregate deposits capped at S$50 million. Individual deposits will be capped at S$75,000.

  • Digital wholesale bank licences

    These allow licensees to serve SMEs and other non-retail segments. These banks cannot take deposits from individuals (except for fixed deposits at least SG$250,000) but they are free to open and maintain business deposit accounts for SMEs and other businesses.

Getting a Licence in Two Stages

Stage One is the Restricted Digital Full Bank in which the bank can only offer simple credit and investment products. MAS will cap the amount of deposits allowed, and they are not allowed to offer complex investment products, like structured notes, derivatives, and proprietary trading. Deposit and business restrictions will slowly be relaxed once the digital bank has proven that they can manage the risks involved, and if they are delivering on its value proposition.

In Stage Two, once a proven track record of the above is achieved and the Bank are confirmed to not pose any significant supervisory concerns, the MAS will approve a full licence to the Bank. It is at this stage that the deposit caps are lifted, but they have to meet the minimum SG$1.5 billion capital.

Note: The Banks will not be given a set deadlines to graduate into Stage Two. Instead, the MAS will look at whether they have a viable plan to meet the requirements of a full digital bank.

Banks to be based in Singapore

A full digital banking license is only open to companies headquartered in Singapore, and controlled by Singaporeans. Foreign companies are still eligible if they form a joint venture with a local company, and the local firm holds management control over the joint entity.

Companies need to have a track record of operating an existing business in their respective technology or e-commerce fields.

Licences that pose a potential threat would not be approved

The MAS will reject any bank which will engage in value-destructive competition to gain market share. Value-destructive competition is defined as when an established sector that has a lot of value is replaced, and loses value. An example is when the entry and popularity of ride-hailing companies such as Grab, destroys the value of the taxi industry.

The reason is that the MAS is focusing on companies that add value to the existing ecosystem rather than disruptors, as MAS does not want to compromise the position of local banks, which holds a significant market share.

Market interest

As of the date of this article, ride-hailing firm Grab and Standard Chartered are ready to jump on the band wagon with the latter having already joined forces with non-banking partners to win a digital banking licence in Hong Kong, where it is more dominant in serving affluent customers.

Prior to the MAS official announcement, Razer Inc, a global gaming hardware manufacturing company expressed interest in applying to expand their services. Razer Inc was  established in 2005 in San Diego, California by Singaporean entrepreneur Min-Liang Tan and Robert Krakoff, who have since branched into the Fintech space. It now processes billions of dollars in digital payments and its Razer Pay e-wallet is one of the largest in Malaysia, with the Singapore app coming soon.

Outside Singapore, China’s largest insurer Ping An Insurance’s fintech unit, OneConnect, is looking to apply for a digital wholesale bank license for the upcoming digital banking regime, which allows it to provide banking services to small and medium-sized businesses on the island. The Company is said to be reaching out to organizations who are interested in virtual banking solutions and that it sees massive opportunities in the new virtual banking space that reaches out to the under-served segment in Singapore.


Bovill has a wide experience of working with new banks and other innovative financial services firms internationally, as well as a deep knowledge of MAS regulation. Get in touch to find out more.

Paraplanners and Investment Managers’ Assistants caught in SMCR ‘blindspot’

Paraplanners investment managers' assistants SMCR

With just three months until the FCA’s Senior Managers Certification Regime (SMCR) is rolled out across financial planning and wealth management businesses, regulatory consultancy Bovill is warning of an emerging blindspot in firms’ approach to the certification process. The company is stressing the need to undertake thorough reviews of paraplanners and investment managers assistants’ functions if firms are to avoid failing to comply with the new regime.

According to the latest FCA guidance, individuals performing ‘client dealing’ functions must be part of the annual Certification process, unless they are in very basic administrative roles. This includes not only those who perform the regulated activities of advising, arranging or dealing in investments, but also those involved in contacting clients or arranging transactions – activities that paraplanners or assistants to investment managers are often involved in.

Neil Walkling, managing consultant at Bovill, said:

“We’ve been working with a number of financial planning and investment management firms to get them ready for SMCR by 9th of December. What we’re finding is that they have convinced themselves that paraplanners or investment managers’ assistants don’t need to be Certified, just because they are not the decision makers. This is a fallacy and a real SMCR blindspot.

“We urge firms to review the job descriptions of their paraplanners and investment managers’ assistants against the FCA’s ‘client dealing’ definition, and to challenge themselves with the following question: Are they junior administrative staff, performing simple tasks that don’t require any discretion, judgement or technical skill? In my experience this just isn’t a credible description of the job most of them do. These roles usually involve judgement and often high skill levels which can have a big influence on outcomes for clients. They need to be Certified.”

With estimates of up to 9,000 paraplanners alone working within financial planning companies[1], there is a good deal of work to be done to get the controls in place to Certify these staff.

Bovill is calling on firms to urgently identify staff who are involved in their advice or investment management process, and who need technical skill and judgement to perform their role. These individuals must be covered by a Training and Competence scheme, in order to obtain the evidence required for Certification purposes. On a practical level, companies should consider how client file suitability checks can test the contribution made towards the overall client outcome by any technical staff who are not advisers or investment managers.

Neil Walkling added:

“Depending on how clearly responsibilities are set out in your firm, gathering evidence to assess ongoing competence might not be easy. If you’ve not already worked out how to do this, now would be a good time to sit in a corner with your thinking cap on.”


MAS Payment Services Regulation

MAS Payment Services Regulations

The Payment Services Act, when it comes into force in Singapore, will provide a flexible framework by streamlining payment service under a single legislative framework. It is likely to bring many fintech firms into the scope of payments regulation for the first time. The Act has not yet come into effect, but anyone working in payment services should re-visit the detail of the act and associated consultation paper and guidelines to make sure they are ready for when it does.

The Payment Services are regulated by the MAS under the Payment Systems (Oversight) Act (PSOA) and the Money changing and Remittance Businesses Act (MCRBA). As of February 2019, The Payment Services Act 2019 (PS Act) was gazetted by Parliament but it has not come into effect as yet. And since then, the MAS issued a consultation paper for the Proposed Payment Services Regulations that, when it comes into force, will consolidate the existing regimes governing payment services under a single piece of legislation. The PS Act will also include several new activities that are, to date, unregulated. Once commenced, the Payment Services Act will provide a flexible framework by streamlining payment service under a single legislative framework.

Here are key takeaways:

The Framework

Under the Act, there will be two regulatory frameworks available:

  • A licencing framework for payment service providers; and
  • A designation framework for significant payment systems.

Who’s in scope?

There are seven payment services to be regulated under the Act that would require to be licenced:

  • Account issuance
  • Domestic money transfer
  • Cross border money transfer
  • Merchant acquisition
  • E-money issuance
  • Digital payment token
  • Money changing

There are three types of licence classes:

  1. Money changing
  2. Standard payment Institution
  3. Major Payment Institution

What is the difference between these licences?

The money changing licence will only allow the licence holder to provide money-changing services. Any or all payment services, including money-changing, can be provided under the other two licence classes. For standard payment institutions, these licensees must monitor their financial metrics and apply to upgrade to a major payment licence within a prescribed period when they cross a threshold. That threshold is transactions up to S$3 million for any payment service; or up to S$6 million for two or more payment services within 1 calendar year. A major payment institution licence will be required if the licensee provides one or more payment services, except an e-money account issuance service or a money-changing service; and the monetary threshold remains the same as those of a standard institution.

What does this mean for remittance and money changers?

The remittance businesses will now be regulated as providing cross-border money transfer services. Licensing requirements will extend to both inward (funds received into your bank account) and outward remittance businesses, as well as domestic money transfer services – that is accepting moneys for the purposes of executing or arranging for execution of certain payment transactions. These will now be regulated as providing domestic money transfer services.

Companies that are currently licensed by the MAS under the current regulatory framework may not need to re-apply for a licence. Instead, they will have six months from the date of the commencement of the new Payment Services Act to inform the MAS of the specific activities that they are conducting.

Consultation Paper on Payment Services Guidelines and Notices

In July, the MAS issued a Consultation Paper on Proposed Payment Services Notices and Guidelines. It sets out MAS’ proposed notices and guidelines applicable to entities regulated under the Payment Services Act 2019, to effect the objectives of the Act.

What are the takeaways from the paper?

  • MAS proposes to issue 3 notices on reporting requirements under the PS Act:
  • Submission of regulatory returns.
  • Submission of Statements of transactions and Profit/Loss.
  • Reporting of Suspicious Transactions.
  • MAS technology risk management and cyber hygiene:
  • The new notice on technology risk management (PSN05) will apply to operators and settlement institutions of designated payment systems (DPS) but will exclude Licensees until further consultation with the general public.
  • Notice on cyber hygiene (PSN06) will apply to both Licensees and DPS. The Notice sets out the basic cyber security measures that FI’s would need to implement to establish a baseline for defenses against cyber threats.
  • MAS Notice on Conduct (PSN07)
  • PSN07 sets out conduct requirements across for all licenses in respect of payment services and certain exempt payment services providers.
  • The MAS proposes to introduce three new types of conduct requirements – determining Singapore residency of customers, specifying days and hours for place of business to be manned and determining exchange rate for money to be safeguarded.
  • MAS Notice on Disclosure (PSN08)
  • This notice sets out disclosure and communication requirements to give customers accurate information about the extent to which the FI is regulated under the PS Act and whether customers money is safeguarded.
  • The specific disclosures will differ depending on the licensees class, scope of exemption and payments service provided.

What other guidance is on the horizon and when do these Guidelines and Notices come into effect?

The MAS are extending the Fit and Proper Guidelines to include the above Licensees. The MAS will provide amendments to the e-payment user protection guidelines to apply to all MPIs (major payments institutions) and exempt payment service providers which will come into effect six months from the commencement of the PS Act.

The Fit and Proper Guidelines will come into force on the commencement date of the PS Act. To ensure the industry has enough time and notice, the MAS will send out a notification at least 4 weeks in advanced before the PS Act commences.

Bovill specialises in advising on MAS regulation and works with payment services providers across Asia, Europe and the US. Get in touch to find out more.

Protecting customer money: lessons for gambling from investment

Gambling - CASS

If you are licensed by the Gambling Commission and hold customer money you need to pay close attention to your regulatory obligations. The same principles around the protection of these funds apply to investment firms in financial services. The approach by the FCA in applying their CASS client money rules can give useful pointers to the gaming industry. There’s hard won experience from investment firms which can be very useful. Increased regulatory scrutiny always hits the bottom line – do the simple things right and you will save money.

Focus areas if you hold customer funds

At Bovill, we’ve helped numerous firms climb the mountain that is the FCA CASS regime, and we apply that experience to our approach to gambling regulation. For us, the key areas of focus are:

  • Governance – it is vital that senior management understand their responsibilities, and take appropriate action, as required.
  • Monitoring – firms need to have a clear view of what monies they hold, and whether they are caught within the regulations
  • Disclosure – providing customers with clear information on what protection is available
  • Segregation – ensuring funds are clearly segregated, without co-mingling

Across these areas, firms that take a step back and consider the requirements are able to put in place control frameworks which work in harmony with the business, to achieve the desired results. A clear and simple process is one that is much more likely to be followed.

Are you holding customer funds?

If you are licensed by the Gambling Commission and holding customer funds you will come under their customer funds regime. The funds in question are any monies held to the credit of your customers. Such funds include the following:

  • Cleared funds deposited for future gambling activity
  • Winnings from previous gambling activities left on deposit by customers
  • Crystallised but unpaid bonuses

Remote operators are most likely to hold such funds. Although the rules cover both remote and non-remote operators, the Commission have been clear that the following would not be considered customer funds:

  • Physical casino chips that customers can retain for future activity
  • Betting slips held by customers
  • Tickets for gaming machines that customers hold to cash in later

And because the first step with any regulation is checking if you are covered, the first step for all firms considering the customer funds regime is to determine if they hold funds such that they are pulled inside the remit of the rules.

What do you need to do? Disclosure

If you determine that you are holding customer funds, you will need to disclose in your terms and conditions whether customer funds are protected in the event of insolvency. You will also need to say how they are protected and to include a statement concerning the quality of this protection.

The quality of protection is something measured by clear and strict criteria, although the task of determining the level of protection remains with each firm. The possible ratings are as follows:

Not protected – No segregation No protection is provided in the event of insolvency. Only non-remote and ancillary remote firms can apply this level of protection.
Not protected – Segregation of customer funds The customer funds are kept in accounts separate to the firm’s own accounts, but the funds would not be protected in the event of insolvency, being treated instead as part of the firm’s balance sheet. This is the minimum requirement for remote operators.
Medium protection The customer funds are kept in accounts separate to the firm’s but are also held such that they are returned to customers in the event of insolvency.
High protection The customer funds are held in a trust account. The account is subject to oversight from either an independent trustee or auditor.

Self-assessment of this variety is common place for financial services firms, as is the requirement to properly inform customers about the protection of their money. Where investment firms fall short on these fronts, the FCA are quick to take such failings as evidence of broader issues within a firm. So, while the Gambling Commission’s requirement to assign and disclose a protection rating to customers might seem like an elementary step, it is not one that firms can afford to get wrong. Increased regulatory scrutiny always hits the bottom line – do the simple things right and you will save money.

Remember also that problems with self-assessment and the accuracy of terms and conditions often materialise following changes in operations or the business model. Make sure that you have safeguards in place to prevent such mistakes. If there are changes that alter your protection framework, a control to ensure that client terms and conditions are updated is vital. Remember that the Gambling Commission can ask for evidence that the level of protection in your terms and conditions is reflective of reality. Do not make a silly mistake here and give the Commission cause to lift further stones within your business.

What do you need to do? Segregation

All remote operators need to need to segregate their customer funds. This is a simple concept that continues to trip up the largest banks and investment managers in the UK. It should be no surprise therefore that gaming firms similarly struggle with this issue.

What are the common pitfalls?

  1. Co-mingling of funds

Effective segregation prevents the co-mingling of firm and customer funds. While such co-mingling can sometimes be traced back to unavoidable human errors, often there are fundamental weaknesses in the firm’s approach to segregation. The only way to manage this risk is with a control framework that is designed to prevent the movement of funds into the wrong bank account and if these preventive controls fail, promptly detects any co-mingling. You might have four-eye checks before transfers of customer funds can be executed to prevent such errors. These in turn could complemented by daily reconciliations to detect any controls failures.

  1. Weak reconciliations

A common criticism of client money reconciliations is that they do not compare independent sets of data and as such are unlikely to identify errors in the firm’s records. Ultimately, a process does not amount to a reconciliation if the data sets are not independent. You need two sets of data that are fed from different sources if your process is to add any value. Ask yourself if your two sets of data will ever not align. Paradoxically, you want the answer to be yes – if you are answering no to this question, you either have the perfect process or a flawed process. It’s likely the latter.

  1. Prompt segregation

A challenge for both investment management and gaming firms is the need to promptly segregate customer funds as they arise. Of course, this is not just a case of segregating new deposits. Just as investment firms need to segregate paid dividends, gaming firms need to segregate winnings and bonuses accrued by their customers. The first step to satisfying the regulation is identifying all sources of new customer funds. Have you conducted a total capture exercise to ensure that all sources have been identified? If not, do so and make it an annual exercise. And importantly, foster a culture of challenge and improvement. Your operational boots on the ground are in the best position to identify instances where money is not being segregated as required and empowering them to flag weaknesses will save you time and money in the long term.

What do you need to do? Governance

Try as you might, there will always be unexpected issues that can derail even the best controls. There will always be moving parts, whether it is internal business change or external customer actions. The risk of human error too, while possible to mitigate, will never be eliminated. Regulators are not looking for an approach that has eliminated every conceivable risk – they are looking for an approach that takes all necessary steps to manage identified risks and is adaptable where new risks arise.

Firms can only adapt to such changes if there is a governance framework in place capable of identifying unexpected or new challenges and managing a response. Key stakeholders within your firm should be monitoring the efficacy of existing customer fund protocol. What errors are occurring? What controls are failing? Such questions should be easily answerable once there is comprehensive MI created to fuel management oversight. Without this oversight you will not be able to gauge the efficacy of your controls and you will not be able to adapt to new risks. In such a scenario, it will likely fall to the Commission to inform you of your shortcomings…much better then to get ahead of the problem.

In summary:

  1. Make sure you have properly understood the extent to which the customer fund rules apply to your business.
  2. If you are covered, avoid silly mistakes with something as simple as a customer disclosure – do not give the Commission an excuse to focus more broadly on your firm.
  3. Recognise that the segregation of customer funds is not easy – look at what tripped up investment firms in this sphere and avoid these mistakes at your firm.
  4. And lastly, a good segregation framework will only endure if it has the governance that enables it to grow and adapt – convene a committee now and make sure they are fuelled with comprehensive MI.

Helping gambling firms with regulation

This article is part of a series looking in detail at areas of regulatory scrutiny in gambling firms – in particular where there are lessons to be learnt from financial services. Other topics include:

Available now:

Coming soon:

  • Governance
  • GDPR
  • Vulnerable Customers

Why your paraplanners and investment managers’ assistants should be certified staff under SMCR

Why your paraplanners and investment managers’ assistants should be Certified staff under SMCR

One of the challenges currently facing wealth management and financial planning businesses is working out which staff should be covered by the annual Certification process. This isn’t as clear-cut as you might think.

We know that the certified population is wider than the individuals who currently appear on the FCA Register as CF30s.

These certified individuals include, for example:

  • Supervisors/managers of current CF30s
  • Individuals holding ‘significant management functions’, such as Heads of departments or business units who aren’t performing prescribed SMF – or Senior Management Function – roles
  • Individuals performing the ‘client dealing’ function.

The client dealing function can be particularly complex in a wealth management or financial planning business. Essentially, staff who are involved in the advice, arranging or investment management process, who need technical skill and judgement to perform their role, should be covered by your T&C scheme, in order to demonstrate their ongoing competence for Certification purposes. With the SM&CR deadline just three months away, making sure this is done effectively is crucial.

What is the client dealing function?

The definition of the client dealing function is found in the FCA’s SYSC sourcebook (from SYSC 28.8.18 through to 22.8.22B). The definition is complex and long-winded but, for our purposes, it covers individuals who either:

  • Perform the regulated activities of advising, arranging or dealing in investments (i.e. current CF30s who are required to hold specified qualifications), or
  • Are dealing with clients or their property in connection with those regulated activities (e.g. they are involved in contacting clients or arranging the transaction)

What staff are exempt from being caught by the client dealing function?

In its recent SM&CR Policy Statement (PS19/20) the FCA confirmed that certain junior staff who, on the face of it, are involved in ‘client dealing’ activities would be exempt from the Certification process:

  • Staff performing purely administrative roles, even if they involve customer contact;
  • Staff who have no scope to choose, decide or reach a judgement on what should be done in a given situation, and whose tasks do not require them to exercise significant technical skill;
  • Staff performing roles that are simple, or largely automated.

The FCA commented in PS19/20 that its definition allows the flexibility for firms to exercise judgement about which roles require Certification.

Where does this leave paraplanners and investment managers’ assistants?

Of course the roles performed by staff with similar job titles can vary a lot between firms. But, based on the tasks that paraplanners and assistant IMs tend to be responsible for in most firms, arguably most of them should be Certified staff. Why? Ask your paraplanners or assistant IMs the following question: ‘Are you purely administrative staff, performing simple tasks that don’t require exercising any discretion, judgement or technical skill?’ ‘Yes’ isn’t a credible answer to this question, and your colleagues carrying out those roles would be justifiably insulted if you were to suggest any such thing.

In our experience, the skill and judgements exercised by paraplanners and IMs’ assistants can have a significant influence on client outcomes, even though they are not the individuals authorised to sign off on any advisory recommendations or discretionary transactions. Indeed, the FCA comments in PS19/20 that paraplanners may be required to exercise judgement on behalf of clients.

Despite this, some firms have convinced themselves that their paraplanners and IMs’ assistants don’t need to be Certified. This is apparently on the grounds that they are not authorised to approve recommendations or discretionary transactions, and that their work is (in theory) overseen and supervised by someone who does have such authority. In my view, while this might be a good argument to explain why they are not currently CF30s, it does not get them off the hook from counting as ‘client dealing’ staff under the Certification regime.

What this means in practice for your paraplanners and IM assistants

The bottom line is that staff who are involved in the advice, arranging or investment management process, and who need technical skill and judgement to perform their role, should be covered by your T&C scheme, in order to demonstrate their ongoing competence for Certification purposes. Among other things, you’ll need to consider how your client file suitability checks can test the quality of the contribution made towards the overall client outcome by any technical staff who are not advisers or investment managers. Depending on how clearly responsibilities are set out in your firm, this may be easier said than done. If you’ve not already worked out how to do this, now would be a good time to sit in a corner with your thinking cap on.



Dear CEO letter: focus on market abuse for retail firms

Dear CEO letter focus on market abuse for retail firms

The recent FCA Dear CEO letter to Wealth Managers and Stockbrokers is a timely reminder that the FCA continues to increase its scrutiny on firms’ implementation of the Market Abuse Regulation. Now is a good time to have a look at your controls.

The Market Abuse Regulation – or MAR – was initially overshadowed by MiFID II and perhaps has not always got the level of focus it warranted. But it’s clear that market abuse controls should now be firmly at the front of compliance officers’ minds.

The statement of intent in the Dear CEO letter should also be viewed in the context of the FCA’s wider efforts to counter abuse, fraud and money laundering in financial markets, with wholesale brokers likewise being put on notice to improve their controls in a parallel Dear CEO letter. In the same period, the FCA also published a thematic review on money laundering risks in capital markets, which will be of interest to Wealth Managers and Stockbrokers as significant end-users of such markets.

In the case of Wealth Managers and Stockbrokers, the FCA’s stated focus is on the risk that firms’ own staff may misuse clients funds for the purpose of fraud or market abuse, or that firms may get caught up in investment scams. In turn, the FCA sees a risk that if firms do not have in place sufficient controls to prevent such activity, that there is a risk that confidence in the sector will be undermined.

But firms should also be aware of the other market abuse and money laundering risks inherent in their business. Where you offer execution only services, the risk of market abuse from clients will be an equally important consideration, with the execution only business line likely requiring different controls and surveillance activities.

What you should do to stay ahead of the Market Abuse Regulation

Conversations with the regulator on market abuse typically begin with a focus on the firm’s own risk assessment. You should ensure that you have in place a robust, comprehensive risk assessment, which:

  • weighs different sources of risk, such as staff versus client
  • considers all risks identified by MAR – and ideally supplemented by the delegated acts, guidelines, and recent FCA cases
  • presents a realistic view of your current control environment, looking at net versus gross risk.

The control environment should then be designed around the risks faced by the firm. A mix of controls will likely be needed, to match the various sources of risk, and should include robust PA dealing restrictions, physical and logical environment considerations, and surveillance activity tailored to the specific risks faced.

Once established, the risk assessment and control environment should then be reviewed regularly, to account for changes in the business mix and the risk environment.

How Bovill can help

Bovill regularly works with firms to provide an independent assessment of their financial crime and market abuse risks. We also assist firms to develop an appropriate, risk-based control environment, linked to the risk assessment.

Smaller firms may find that getting the right technology solution and resourcing for market abuse surveillance is a challenge. Bovill offer a managed service outsourcing model for market abuse surveillance activities, tailored to the needs of smaller firms.

Need to know: getting insider lists right

SMCR Project Plan

The FCA’s most recent edition of MarketWatch highlights that when it comes to insider lists, there’s a tricky balance between failing to disclose names, and including ones which are superfluous.

Marketwatch 60 opens with a pretty damning conclusion from the recent UBS insider dealing case, that ‘while Ms Abdel-Malek was named on the relevant insider lists, she had no business need to access the information concerned.’ Perhaps more shockingly, later in the article the FCA highlights an example from their work with another firm where over 600 support team members were included as insiders on one particular deal.

From these examples and others, it seems that firms are struggling to get insider lists right. Furthermore, a number of other examples cited by the FCA suggest that firms have not yet implemented proper controls around information flow, which had been flagged as a concern by the FCA in a thematic review in 2015.

Understanding the insider list and information flow challenge

The update to the insider list process resulting from MAR has resulted in a cottage industry of list production and maintenance for capital markets firms. In compiling insider list, firms are caught between two competing priorities arising from the rules and the FCA’s own guidance:

  • Failing to disclose the name of an  individual privy to inside information could hinder the FCA’s investigation of potential market abuse, and in certain cases could attract regulatory censure; however
  • Casting insider lists too widely and including staff with no good reason to have access to the data, does not conform with the guidance around controls on information flow.

So it is a delicate balance that firms must strike.

The challenge on information flow is perhaps more daunting – capital markets activity brings extremely sensitive information into the work environment, which must be strictly controlled. Firms must consider both logical restrictions (folder trees, system access, etc.) and the physical environment, in the context of an activity where the level of involvement of key individuals can be quite fluid and dynamic. Ensuring that only the right individuals have access to the right information at any given time can quickly become a full time job for one or more people.

In the face of these challenges, the FCA’s work suggests that some firms may have taken a shortcut – simply granting blanket access to senior management, deal teams or support functions, and disclosing as many names on the insider list as possible. The UBS case is a clear illustration of the risks inherent in such an approach.

What should firms do next

The ongoing presence of highly sensitive information in the work environment requires a nuanced approach. To ensure that appropriate controls are implemented, firms should consider:

  • The nature of the information which is being handled by individuals;
  • The constraints of the physical environment (physical separation, Chinese walls, etc.)
  • How best to implement appropriate logical controls (password protection, restricted access, etc.)
  • The role to be played by support staff – i.e. assigning named individuals to clients and/or deals, rather than granting blanket access
  • Ensuring insider lists closely reflect the reality of the situation.

Clear guidelines on how insiders should be identified, how insider lists are constructed and how information flow is restricted, will all be necessary parts of the compliance framework, if not in place already.

How Bovill can help

Good market abuse controls begin with a robust risk assessment – Bovill has helped a wide range of firms to properly characterise and document their market abuse risk. In addition, Bovill regularly assists firms in designing appropriate controls for handling inside information and constraining information flow.

Gambling Commission cracks down on lax AML and problem gambling controls

UK Gambling Commission

We’ve seen a notable uptick in regulatory focus on the gaming sector over the past year as the Gambling Commission continues its work on raising industry standards. Ladbrokes Coral is the latest firm in the spotlight and has been fined £5.9m for “systematic failings” in preventing money-laundering and problem gambling. Amongst a string of social responsibility failings related to problem gamblers, Ladbrokes allowed significant sums to pass through their business without performing due diligence on the source of these funds. It’s a timely reminder not only to be aware of your obligations, but also to make sure you can demonstrate you are compliant.

The Gambling Commission – the governmental body responsible for regulating and supervising the gaming sector in the UK – has performed more than 160 assessments of gaming operators in the past 12 months alone, resulting in revocation of licenses and £25.5m of penalty charges for firms’ failure to comply with anti-money laundering (AML) and social responsibility requirements.

Ladbrokes is the second firm to be hit with a penalty in a single month; Casino 36 received a £300,000 fine in early July following the Commission’s investigation into the firm’s operations, which revealed a number of AML and social responsibility weaknesses. Specifically, that Casino 36 failed to conduct adequate enhanced due diligence and perform source of wealth/source of funds checks on customers allowed to gamble significant sums, as well as failing to identify and address customers displaying signs of problem gambling.

Common compliance failings in gaming operators

These recent cases follow a string of penalties issued earlier in the year to firms such as InTouchGames, MT Secure Trade, BestBet, Platinum Gaming and JackPotJoy. Many of the fines represented common failings by firms to:

  • Perform an adequate, subjective risk assessment
  • Establish and maintain adequate, risk-sensitive policies, procedures and controls
  • Perform appropriate customer due diligence and enhanced customer due diligence
  • Conduct appropriate ongoing monitoring
  • Obtain information on customers’ source of wealth and source of funds
  • Implement robust processes for identifying politically exposed persons
  • Demonstrate compliance with the UK suspicious activity reporting regime
  • Ensure staff are suitably trained

This report, and the enforcement activity behind it, should serve as an important reminder to those operating in this sector of their legal, regulatory and licensing obligations to guard against money laundering, and to help make gaming safer and crime-free. The regulator has proven its willingness to take tough action against those failing to meet its expectations and has specifically called out firms’ failures to heed guidance available to them. This trend is expected to continue as the regulator strives to drive standards up. Firms should be cognisant not only of the requirements upon them but how they can demonstrate competent compliance with these requirements under the regulator’s watchful eye.

Self-assessment: reviewing your compliance and AML controls

  • Do you understand what constitutes ‘adequate’ and ‘appropriate’ in terms of AML controls?
  • Are you able to objectively assess yourself against these measures?
  • How do you balance regulatory obligations with commercial objectives?
  • Would you be confident with your staff members being assessed by the Commission?
  • How do you demonstrate competent compliance with regulatory requirements and expectations?

How we can help

Bovill’s Financial Crime Advisory team has a wealth of experience helping firms, both in gaming and in the wider regulated community, in understanding and complying with their obligations under the UK anti-money laundering/counter-terrorist financing regime. Our work ranges from bespoke reviews of firms’ policies/procedures and/or processes for managing money laundering risk, to full reviews of firms’ AML control frameworks.


Helping gambling firms with regulation

This article is part of a series looking in detail at areas of regulatory scrutiny in gambling firms – in particular where there are lessons to be learnt from financial services. Other topics include:

Available now:

Coming soon:

  • Governance
  • GDPR
  • Vulnerable Customers