• Outsourcing

    • GEN 3.3.31

      (1) An Authorised Person which outsources any of its functions or activities directly related to Regulated Activities to service providers (including within its Group) is not relieved of its regulatory obligations and remains responsible for compliance with the Regulations and Rules.
      (2) The outsourced function under this Rule shall be deemed as being carried out by the Authorised Person itself.
      (3) An Authorised Person which uses such service providers must ensure that it:
      (a) has undertaken due diligence in choosing suitable service providers;
      (b) effectively supervises the outsourced functions or activities; and
      (c) deals effectively with any act or failure to act by the service provider that leads, or might lead, to a breach of any Regulations or Rules.

    • GEN 3.3.32 GEN 3.3.32

      (1) An Authorised Person must inform the Regulator about any material outsourcing arrangements.
      (2) An Authorised Person which has a material outsourcing arrangement must:
      (a) establish and maintain comprehensive outsourcing policies, contingency plans and outsourcing risk management programmes;
      (b) enter into an appropriate and written outsourcing contract; and
      (c) ensure that the outsourcing arrangements neither reduce its ability to fulfil its obligations to Customers and the Regulator, nor hinder supervision of the Authorised Person by the Regulator.
      (3) An Authorised Person must ensure that the terms of its outsourcing contract with each service provider under a material outsourcing arrangement require the service provider to:
      (a) provide for the provision of information under Rule 8.1 in relation to the Authorised Person and access to their business premises; and
      (b) deal in an open and co-operative way with the Regulator.

      • Guidance

        1. An Authorised Person's outsourcing arrangements should include consideration of:
        a. applicable guiding principles for outsourcing in financial services issued by the Basel Committee on Banking Supervision, IOSCO or any other international body promulgating standards for outsourcing by Financial Institutions; or
        b. any equivalent principles or regulations the Authorised Person is subject to in its home country jurisdiction.
        2. An outsourcing arrangement would be considered to be material if it is a service of such importance that weakness or failure of that service would cast serious doubt on the Authorised Person's continuing ability to remain fit and proper or to comply with the Regulator's administered Regulations and Rules.