The outsourcing policy published by the Jersey Financial Services Commission (JFSC) on March 1 2017 achieves much by doing away with the distinction between delegation and outsourcing, which has historically been a source of confusion for registered persons conducting financial services business in Jersey.
However, it has added an extra layer of regulatory burden on registered persons and non-regulated entities alike by broadening the definition of 'outsourced' activity to capture activity which in itself is not regulated, but by virtue of its ability to materially affect the provision of services for which the registered person is licensed falls within the activities that will henceforth be covered by the policy.
The policy will come into effect three months from its date of publication (ie, June 1 2017). In practice, this means that:
- the policy applies to all new outsourcing arrangements entered into from June 1 2017;
- existing outsourcing arrangements have until June 1 2018 to comply with the policy;
- outsourcing arrangements entered into between March 1 2017 and June 1 2017 may choose to comply with the 2011 policy or the 2017 policy;
- where a registered person chooses to opt into the policy before June 1 2017 in respect of existing outsourcing arrangements, it must:
- file an outsourcing notification;
- confirm in writing that it will adhere to the policy; and
- agree to be supervised by the JFSC in conformity with the policy; and
- notwithstanding any of the above timelines, all outsourcing arrangements must comply with the policy from June 1 2018.
The underlying premise of the policy is that registered persons remain fully responsible and accountable to the JFSC for any outsourced activity.
Business risk assessment It is clear that any outsourcing arrangements entered into by a registered person must be risk assessed by the registered person before entering into such arrangements. This complies with existing requirements under the relevant codes of practice and anti-money laundering compliance requirements to which registered persons are subject. In addition, registered persons must ensure that any sub-outsourcing arrangements comply with the policy.
Corporate governance In keeping with the requirement to assess the risk associated with any outsourcing, the policy provides that due diligence must be conducted on the service provider, which includes considering any conflicts of interest or concentration or jurisdictional risks involved. The JFSC will expect to see board minutes and internal policies and procedures as evidence that due diligence has been conducted on a service provider.
Outsourcing contracts All outsourcing arrangements must be governed by documented, legally binding and enforceable agreements. Among other things, these contracts must:
- specify the activity to be outsourced;
- provide the circumstances under which any sub-outsourcing is allowed (if applicable);
- specify the service provider's performance standards and reporting requirements;
- include termination provisions; and
- grant the JFSC access rights to information and records relating to the outsourced activity.
Termination of outsourcing contracts With respect to the termination of outsourcing arrangements, the policy imposes an additional burden on registered persons. A registered person must ensure that:
- contingency plans are documented and in place to enable alternative arrangements to be put in place "without undue delay and with minimum disruption to its business";
- contingency plans include provisions which allow the registered person or member of the group to take over the activity or transfer such to another suitable service provider (it is reasonable to assume that the JFSC will expect these suitable providers to be risk assessed and due diligence to be undertaken in respect of all such proposed alternate service providers);
- contingency plans are periodically tested; and
- no outsourcing arrangement is terminated until either:
- the JFSC is notified that the registered person will undertake the activity outsourced itself; or
- the JFSC's written no objection has been procured for proposed new arrangements.
Outsourcing notification and no objection The notification form is available on the JFSC's website and seeks information on, among other things:
- the type of activity outsourced;
- the reasons for the outsourcing; and
- a summary of how the activity affects the regulated activity of the registered person, including a risk assessment.
Any proposal to outsource or make material changes to an existing outsourcing arrangement will require a prior no objection from the JFSC. The JFSC will seek to respond within 20 days and, as such, notice of such proposed outsourcing arrangements should be given early in the process. No outsourcing arrangements may be entered into until a no objection is received.
Funds and fund services business providers There are certain exemptions from adherence to the policy provided to funds and fund service providers, which are available as long as the following conditions are met:
- The service providers to the fund must be clearly disclosed to the JFSC and investors in the offer document.
- Any change of service providers following authorisation of the fund – where the offer document need not be updated and investor consent is not required – must be notified to investors.
- The offer document or investor notification seeking investor consent regarding a change in the service provider must make clear and unequivocal (in a manner suitable to the level of the investors' financial sophistication) statements regarding:
- the nature of any activity to be undertaken by such service providers;
- any material risks connected with the activity (including any conflicts of interest); and
- where the fund's investors should deal directly with those service providers in respect of the activities that they carry out.
- For completeness, where a custodian or prime broker acting in relation to a certified fund is a member of an international corporate group and the sub-custodians engaged by the custodian are also members of the same group, the JFSC will not expect the fund prospectus to list or describe each sub-custodian separately.
Where the service provider to the fund enters into any sub-outsourcing or any of the above conditions are not met, the policy will apply.
Other relevant exemptions Certain activities that might otherwise be considered outsourcing for the purposes of the policy are exempt from compliance, including:
- 'manager of a managed entity' arrangements;
- provisions of advisory and other services to a registered person – for example, the purchase of investment advisory services (where investment advice is not part of the licensed or regulated activity conducted by the registered person) or the purchase of standardised services (eg, market information services); and
- activities which are performed by a branch on behalf of its head office or another branch where all of these entities are parts of the same legal person.
The policy is flexible and applications can be made to the JFSC in order to vary the requirements of the policy under certain circumstances. The JFSC will consider each application on a case-by-case basis. Notwithstanding this flexibility, all arrangements with service providers (even those which are ostensibly not defined as 'outsourcing' or 'delegation' under the 2011 policy) must be reviewed to ensure that they are not captured by the policy and, if they are, must comply with the policy by June 1 2018.
For further information on this topic please contact Matthew Shaxson or Tara Kapur at Ogier by telephone (+44 1534 514 000) or email (firstname.lastname@example.org or email@example.com). The Ogier website can be accessed at www.ogier.com.
This article was first published by the International Law Office, a premium online legal update service for major companies and law firms worldwide. Register for a free subscription.