What should be on your “to do” list for 2015?

This is the 2015 Deacons’ list of hot compliance items for SFC licensed corporations:

  • What will the company do about marketing to HNW individuals when the new professional investor regime starts in 2016?
  • How will the company conduct “CPI” assessments on prospective corporate clients (and what will happen if they fail to meet the relevant tests?)?
  • Are the company's information security management and system security controls effective (in response to the SFC's cyber security circular of 26 November 2014)?
  • For companies which do electronic trading, have they been documenting their system testing and reviews since the implementation of the electronic trading rules in January 2014?
  • Is the company satisfied with the performance of each of its service providers? What have they done to satisfy themselves and is there an effective paper-trail of this? Has the company assessed and documented the reputational risk it bears in relation to each service provider / delegated service? Does the company have a contingency plan to cover each outsourced service?
  • Is the company expecting any changes to any of its business activities? Has it considered whether those changes will impact its licence status, ability to comply with the SFC’s Financial Resources Rules, and internal control policies and procedures?
  • Does the current compliance monitoring plan need to be updated or revised?
  • Does the company have a 2015 CPT plan?
  • Does the company need to schedule compliance refresher training for staff?
  • How ready is the company and its staff for an SFC onsite inspection?