Home
Financial Services
P1801 to 1804 - SIMPLY COMPLY FAIS COMPLIANCE MATURITY AND RISK AUDIT
P1801 to 1804 - SIMPLY COMPLY FAIS COMPLIANCE MATURITY AND RISK AUDIT
Dawn Julyan

P1801 to 1804 - SIMPLY COMPLY FAIS COMPLIANCE MATURITY AND RISK AUDIT

FAIS COMPLIANCE MATURITY AUDIT

Use this Template
Print as PDF
graphic of a hand making an okay sign ×

Free P1801 to 1804 - SIMPLY COMPLY FAIS COMPLIANCE MATURITY AND RISK AUDIT Checklist

Use this Template

Title Page

  • COMPLIANCE RISK ASSESSMENT:

  • FSP NAME

  • FSP No:

  • PERIOD REVIEW

    • QUARTER 1
    • QUARTER 2
    • QUARTER 3
    • QUARTER 4

  • Conducted on

  • PREPARED BY:

    • Dawn Julyan
    • Gerard Schiel
    • Gaylene Booysen
    • Bianca Engelbrecht
    • SIMPLY COMPLY (PTY) LTD
  • LOCATION:

  • PRESENT:

INTRODUCTION

INTRODUCTION

  • TO: THE KEY INDIVIDUALS AND GOVERNING AUTHORITY

    The content of this report is based on our findings of work performed during the period under review, and includes assessment of documentation, sampling and onsite verification. The report should be read in the context of any contemporaneous notes, as well as email correspondence relating to the specific themes.

    The purpose of this engagement is the assessment of compliance maturity within your business. Where you have existing controls, these will be assessed and recommendations made where necessary. Policies and procedures are tested in respect of their effectiveness during our compliance monitoring, however it is important to establish a baseline so as to ensure we can assist in addressing your risk areas, as part of your compliance risk plan.

    Once the report has been completed, we will assist you where required with sample documents, templates or guidance, as part of the process of getting your risks managed as realistically as possible.

    Please note that although we can assist you with administrative functions and tools and templates, it's incumbent on you to ensure implementation. We cannot make you compliant, we can merely assist you with the right tools. It is also essential that these be customised by you to ensure appropriateness for your business.

  • Our process is as follows:
    We provide you with your workflow in advance, and will be reviewing these requirements in the quarter following. Our meetings focus on assessing the extent of your compliance in these predetermined areas, addressing any concerns and assisting you where required. it is incumbent on you to address any non-compliance and ensure we are notified of amendments, and measures taken to rectify these risks.

    We cannot implement and address the workflow for you. This remains your responsibility and the responsibility of your Governing Authority. Failure to address compliance risk places your business at risk of Legislative, Financial and Reputational penalties, which are unnecessary and unproductive. We strongly urge you to complete your workflow and send this to us on a monthly basis so that we can review these prior to our onsite monitoring and assessment, in order for you to reap the most benefit from these reviews.

    Should you need assistance in any of the tasks, please contact our offices and we will assist where possible.

  • The areas covered during the period under review include your adherence to compliance obligations imposed by the FAIS Act, as well as anti money laundering legislation.

    You are provided with a workflow in respect of compliance obligations for such period, to be completed monthly. It is expected that you follow this workflow and record all requirements in your compliance file, so that when we conduct our monitoring, evidence and sampling is easily accessible and in one place.

    Where you supply us with the completed monthly tasks and verification in advance, this allows us to spend more time on value add and assistance with your risk register discussions when we conduct our onsite verification.

  • When we conduct our compliance monitoring, we will be assessing:
    1. The compliance risk
    2. Whether policies and procedures have been adopted to address this risk
    3. The effectiveness of these policies and procedures as a control

    In other words, unless there is sufficient evidence of the adequate implementation and monitoring of the area in question by you, as the FSP, we are required to note the area as deficient.

    Our purpose is to assist you to a degree whereby we believe you have adequate measures in place to address compliance risk whilst still ensuring productive business function and efficiency. Compliance is intended to add to your efficiency and bottom line, not detract from this.

REPORTING

  • Compliance matters which remain unresolved place your business at risk. Please ensure any area which remains a compliance concern is addressed or the matter may have to be reported to the Regulator.

    Any material non-compliance is required to be reported, regardless of whether it is in the process of being addressed or not, and may lead to penalties or regulatory action. Please contact our offices should you require assistance or have any questions as to what is expected.

  • Compliance Monitoring and Reporting The compliance practice believes the information contained within this risk assessment to be correct based on evidence provided to the compliance assessor as at time of audit, together with verifiable evidence. The report is based on matters which were observed or came to the attention of the assessor during the day of the assessment and should not be relied upon as an exhaustive record of all possible risks or hazards that may exist or potential improvements that can be made. It remains the responsibility of the Key Individual and the Managing body of the business to ensure that compliance matters are implemented, monitored and addressed where required.
    A COPY OF THIS REPORT SHOULD BE FORWARDED TO THE KEY INDIVIDUAL AND MANAGING BODY OF THE BUSINESS AND RISKS WHICH HAVE BEEN IDENTIFIED SHOULD BE ADDRESSED AND RECTIFIED AS SOON AS POSSIBLE All areas requiring attention are highlighted in red. A non-compliance process will be implemented in respect of all areas identified as requiring attention. you will be reminded as to areas requiring attention.
    Please note that CONTINUED NON-COMPLIANCE, despite reminders, has to be reported to the Financial Services Board, however, unless the non-compliance is material, a reasonable time is provided to address this before such report is deemed necessary. In the event of there being any template, document or example which you may require to assist you, please contact your compliance officer who will gladly assist. - dawn@legal1.co.za ; gerard@legal1.co.za; gaylene@legal1.co.za ; bianca@legal1.co.za

    Supported by: esther@legal1.co.za (profile changes) anzel@legal1.co.za ; paulette@legal1.co.za (office manager) and zelda@legal1.co.za (finance)

CONFIDENTIALITY

  • Confidentiality Statement In order to maintain the integrity and credibility of the risk assessment processes and to protect the parties involved, it is understood that compliance assessors will not divulge to any unauthorized persons any information obtained during this assessment unless written consent is received or we are obliged to by law (such as the FSB).

    Protection of Personal Information Act: All information obtained is for the purpose of assessing compliance of the business and its staff with applicable legislation. By attaching your signature hereto, you agree that these records may be obtained and retained by the compliance practice indefinitely, in accordance with the confidentiality statement above.

P1801 - GENERAL

  • P1801

COMPLIANCE REVIEW FOR THE FIRST QUARTER OF 2018 - SEPTEMBER 2017 - NOVEMBER 2017

  • 2018 compliance monitoring will be focussing to a large extent on assisting you to adopt, implement and apply the policies, processes and controls required from a financial services provider, as well as provide guidance on your risk identification, recording and management.

    Risk management does not entail the mere adoption of policy, without the alignment of this with your business strategy, your risk management plan, and incorporating these into your standard operating procedures with the appropriate controls. As such, at every engagement, we will be focussing on reviewing your risk plan and effectively assist you in identifying both risk and risk controls which may be required in your business.

  • DATE OF AUDIT:

COMPLIANCE CONCERNS WHICH REQUIRE YOUR ATTENTION

  • Any unresolved matters from previous reports, annual or other

  • RISK AREAS

    • Risk area

  • DETAIL:

  • RESPONSIBLE:

    • THE FSP
    • THE BOARD
    • THE GOVERNING AUTHORITY
    • MANAGEMENT
    • THE KI
    • THE INTERMEDIARY
    • THE REPRESENTATIVE
    • ADMINISTRATION
    • COMPLIANCE OFFICER
    • COMPLIANCE - PROFILE CHANGES
    • COMPLIANCE ADMIN
    • Other

  • ACTION:

  • DUE DATE:

  • STATUS:

    • Non-compliant - initial notice!
    • Reminder
    • Matter escalated
    • Escalated to issue
    • Critical risk area
    • The matter has to be reported to the Regulator
    • Material non-compliance
    • Matter addressed

  • REVIEWED:

  • STATUS:

    • Non-compliant - initial notice!
    • Reminder
    • Matter escalated
    • Escalated to issue
    • Critical risk area
    • The matter has to be reported to the Regulator
    • Material non-compliance
    • Matter addressed

ENTITY INFORMATION

  • You are requested to compile a comprehensive record of business and management information to be added to your compliance file. This was discussed with you. It is important to start compiling the information you require for the code of business report.

    1. Your information register for the purposes of identifying any profile changes which may require action
    2. Your information register for the purpose of identifying key roles within your FSP and the responsible persons
    3. Information relating to the background, history and nature of the FSP as well as general business function
    4. Source information in respect of any required registrations and renewals of these, or reporting required, for the purpose of compiling your compliance calendar
    5. General information relevant to the compliance monitoring function

  • TYPE OF FSP:

    • Sole Prop
    • Partnership
    • Trust
    • Close Corporation
    • (PTY) LTD
    • LTD
    • Other

  • REGISTERED NAME OF BUSINESS:

  • REGISTRATION NUMBER:

  • TRADING NAME USED:

  • TRADING NAME:

  • DATE FROM WHEN TRADING NAME USED:

  • MEMBERS AGREEMENT CORRECT (PHOTO)

  • REQUIRES AUDIT (PHOTO)

  • MEMBERS CORRECT - (PHOTO)

  • DETAILS

    • members details

  • NAME:

  • ID/REG NO:

  • TEL:

  • EMAIL:

  • %

  • MEMBERS SUCCESSION PLAN CORRECT

  • A documented succession plan should be formulated to ensure adequate succession and continuity planning of the business, in the event of the death of an equity holder.

  • DETAILS:

  • Add media

  • REQUIRES AUDIT (PHOTO)

  • EQUITY SUCCESSION PLAN CORRECT

  • A documented succession plan should be formulated to ensure adequate succession and continuity planning of the business, in the event of the death of an equity holder.

  • DETAILS:

  • Add media

  • PARTNERSHIP AGREEMENT CORRECT (PHOTO)

  • REQUIRES AUDIT (PHOTO)

  • PARTNERS CORRECT - (PHOTO)

  • DETAILS

    • members details

  • NAME:

  • ID/REG NO:

  • TEL:

  • EMAIL:

  • %

  • EQUITY SUCCESSION PLAN CORRECT

  • A documented succession plan should be formulated to ensure adequate succession and continuity planning of the business, in the event of the death of an equity holder.

  • DETAILS:

  • Add media

  • DEED CORRECT (PHOTO)

  • TRUST DEED REQUIRES AUDIT (PHOTO)

  • TRUSTEES CORRECT - MASTERS LETTER (PHOTO)

  • DETAILS

    • members details

  • NAME:

  • ID/REG NO:

  • TEL:

  • EMAIL:

  • %

  • EQUITY SUCCESSION PLAN CORRECT

  • A documented succession plan should be formulated to ensure adequate succession and continuity planning of the business, in the event of the death of an equity holder.

  • DETAILS:

  • Add media

  • MOI CORRECT (PHOTO)

  • MOI REQUIRES AUDIT (PHOTO)

  • DIRECTORS CORRECT (PHOTO)

  • DETAILS

    • members details

  • TYPE OF DIRECTOR:

  • NAME:

  • ID NO:

  • ROLE:

  • BUSINESS ADDRESS:

  • TEL:

  • EMAIL:

  • DATE OF APPOINTMENT:

  • SHAREHOLDERS CORRECT (PHOTO)

  • DETAILS

    • members details

  • NAME:

  • ID/REG NO:

  • BUSINESS ADDRESS:

  • TEL:

  • EMAIL:

  • %

  • EQUITY/ SHAREHOLDER SUCCESSION PLAN CORRECT

  • A documented succession plan should be formulated to ensure adequate succession and continuity planning of the business, in the event of the death of an equity holder.

  • DETAILS:

  • Add media

CONTACT DETAILS

    Contact

  • BRANCH NAME:

  • BRANCH ADDRESS:

  • TEL:

  • WEBSITE:

  • CONTACT PERSON:

  • ROLE:

  • TEL:

  • EMAIL:

CONTACT PERSON DETAILS

    Contact Persons

  • FULL NAME:

  • ROLE:

  • TEL:

  • EMAIL:

DOCUMENT AND FILE AUDITS

  • Emphasis will be placed on conducting file/ document audits and ensuring these are correct and in order. The results of this will be appended to the report. Where we note non-compliance areas which are a concern, we may conduct further reviews and require additional samples.

    You are requested to ensure that any areas which may be identified as risk areas are attended to and that our offices are informed once this has been finalised.

P1801 - STRUCTURE

  • P1801

OWNERSHIP STRUCTURES - Complete your BUSINFO report with these details

  • DESCRIBE THE OWNERSHIP AND CONTROL STRUCTURE OF THE FSP (e.g shareholding, group structure, key joint ventures). Please ensure that your BUSINFO report is completed with this information.

  • The FSP has an ownership interest in other entities or other entities have an ownership or controlling structure in the FSP

    • Equity Holding

  • NAME:

  • REGISTRATION NUMBER:

  • RELATIONSHIP WITH YOUR FSP:

  • % (percentage)

  • BUSINESS ACTIVITIES:

  • APPROVED SERVICE LEVEL AGREEMENT:

  • FOREIGN DOMICILED:

  • JURISDICTION:

  • REGULATED BUSINESS ACTIVITIES:

    • Regulators

  • NAME OF REGULATOR:

  • REG. NUMBER:

P1801 - BACKGROUND

BUSINESS BACKGROUND - Complete this information in your BUSINFO report

  • DATE FORMED:

  • HISTORY - WHY FORMED ETC.

BUSINESS ACTIVITIES - Complete this information in your BUSINFO report

  • NATURE OF BUSINESS

    • MOTOR DEALERSHIP
    • ADMINISTRATOR
    • INTERMEDIARY - GENERAL
    • INTERMEDIARY - SHORT TERM (NON-LIFE)
    • INTERMEDIARY - HEALTH
    • INTERMEDIARY - LIFE
    • INTERMEDIARY - INVESTMENT
    • UMA
    • CALL CENTRE - OUTBOUND
    • CALL CENTRE - INBOUND
    • INSURER
    • CELL CAPTIVE
    • FUND / CIS
    • OTHER

  • DETAILS:

  • BUSINESS ACTIVITIES:

P1801 - ROLES

  • P1801

ROLE - Complete this information in your ROLE RASCI report

  • The RASCI report needs to be completed with details of the persons who are responsible, accountable, supporting, consulting to, and who require information (reporting) for these activities. All roles must be allocated to appropriate persons who are competent. Roles should be linked to policies. One person may be linked to several roles.

  • The RASCI is complete and implemented

PROFILE CHANGES

  • All profile changes have been noted and the Registrar updated within the required 15 day period

  • NOTES:

DELIVERED/ COLLECTED

  • Any deliveries or collections made

  • DETAILS:

SIGNATURES:

  • FOR COMPLIANCE

  • FOR THE FSP:

P1802 - GOVERNANCE

  • P1802

COMPLIANCE REVIEW FOR THE SECOND QUARTER OF 2018 - DECEMBER 2017 - FEBRUARY 2018

  • 2018 compliance monitoring will be focussing to a large extent on assisting you to adopt, implement and apply the policies, processes and controls required from a financial services provider, as well as provide guidance on your risk identification, recording and management.

    Risk management does not entail the mere adoption of policy, without the alignment of this with your business strategy, your risk management plan, and incorporating these into your standard operating procedures with the appropriate controls. As such, at every engagement, we will be focussing on reviewing your risk plan and effectively assist you in identifying both risk and risk controls which may be required in your business.

  • DATE OF AUDIT

GOVERNANCE - Complete this information in your BUSINFO report

  • General requirements and governance framework
    36. (1) An FSP must-
    (a) have the operational ability to effectively function as a particular category of FSP and to render the financial services in relation to the financial product for which that person is authorised; and
    (b) adopt, document and implement an effective governance framework that provides for the prudent management and oversight of the financial services provided by it and which ensures the fair treatment of clients.

  • FIT AND PROPER:
    36(2)The governance framework must -

    (a) be proportionate to the nature, scale and complexity of the business and the risks of the FSP and the financial services related business;

    (b) provide for the development, implementation and effective oversight of policies that clearly define and support the fair treatment of clients, including oversight and governance of the financial services;

    (c) define the roles and responsibilities of persons accountable for the management and oversight of the FSP by clarifying who possesses legal duties and powers to act on behalf of the FSP and under which circumstances;

    (d) set requirements relating to how significant and material decisions are made and how actions are taken including the documenting of such decisions and the reasons for those decisions;

    (e) provide sound and sustainable remuneration policies and practices which promote the alignment of interests of the FSP with those of its clients and which avoid excessive risk taking and unfair treatment of customers;

    (f) provide for corrective actions to be taken in respect of non-compliance or weak oversight, controls or management; and

    (g) include effective systems of corporate governance, conduct risk management (including contingency planning) and internal controls.

  • THE FSP IS PART OF A GROUP:

  • Group structure:

  • Organogram:

GOVERNANCE OR MANAGEMENT COMMITTEES (OR EQUIVALENT) Complete this information in your BUSINFO report

  • The FSP has the following governance or management committees (or equivalent):

    • None
    • Board
    • Management
    • Risk committee
    • Social and ethics committee
    • Remuneration Committee
    • Audit committee
    • TCF or similar customer interests
    • Product development
    • Compliance
    • Other (describe)

  • The following governance or management committees have responsibility for oversight of customer interests:

    • None
    • Board
    • Management
    • Risk committee
    • Social and ethics committee
    • Remuneration Committee
    • Audit committee
    • TCF or similar customer interests
    • Product development
    • Compliance
    • Other (describe)
    • Committees

  • Committee:

    • None
    • Board
    • Management
    • Risk committee
    • Social and ethics committee
    • Remuneration Committee
    • Audit committee
    • TCF or similar customer interests
    • Product development
    • Compliance
    • Other (describe)

  • Details:

INTERNAL CONTROLS - Complete this information in your BUSINFO report

  • FIT AND PROPER
    SECTION 37(1)(b)(vi) a system of controls, processes and supervision sufficient to ensure the FSP its, directors, partners, members, trustees, as the case may be, key individuals and representatives comply with the Act and other applicable laws and to reduce its risk
    of legal or regulatory sanctions, financial loss or reputational damage;

    (vii) adequate policies, procedures and systems to ensure compliance with the Financial Intelligence Centre Act, 2001, and other applicable anti-money laundering or terrorist financing legislation, in the case of FSPs who are accountable institutions as defined in that Act;

    (viii) adequate risk management policies and procedures, including effective procedures for risk assessment, which identify the risks relating to the FSP’s activities, processes and systems, and where appropriate, set the level of risk tolerated by the FSP;

    (ix) adequate policies and procedures designed to detect any risk of failure by the FSP to comply with applicable legislation, and put in place measures and procedures to minimise such risk;

    (x) decision-making procedures and an organisational structure which clearly and in a documented manner specifies reporting lines and allocates functions and responsibilities;

    (xi) adequate internal control mechanisms designed to secure compliance with decisions and procedures at all levels of the FSP;

    (xii) systems and procedures that are adequate to safeguard the security, integrity and confidentiality of information; including- (aa) electronic data security and internal and external cybersecurity; (bb) physical security of assets and records; (dd) system application testing; (ee) back-up and disaster recovery plans and procedures for systems and electronic data;

    (xiii) accounting policies and procedures to enable the FSP to record, report and deliver in a timely manner to the Registrar financial reports which reflect a true and fair view of its financial position and which comply with the applicable reporting and accounting standards and requirements;

    (xiv) general administration processes, accounting transactions and risk control measurements to ensure accurate, complete and timeous processing of data, reporting of information and the assurance of data integrity;

    (xv) effective policies, operational procedures and controls in relation to the FSP’s day-to- day business, including clear policies covering the risk management and internal controls applicable to proprietary trading by the FSP, its officers, employees, key individuals and representatives, where applicable.

  • ATTACH the organogram in respect of delegation and reporting within your business:

POLICIES - Complete this information in your BUSINFO report

  • The FSP has internal policies and procedures in respect of internal business operation, human resources, compliance, ethics etc to ensure appropriate controls and governance compliance

  • Please ensure that the appropriate policies are drafted, approved, and implemented within the business.

  • The Governing Authority approves internal policies

  • Describe the internal approval process:

  • Add media

  • Are policies and procedures being implemented in the business and if yes, how is this controlled

  • Policies are monitored and regularly reviewed, and contain distribution lists, review dates and effective changes

  • The FSP has a Board Charter

  • PHOTO:

  • The FSP has a structured delegation of responsibility

  • PHOTO:

  • The FSP has allocated and documented internal roles and responsibilities

  • PHOTO:

COMPLIANCE REPORTING

  • There is regular reporting to the Governing Authority on compliance matters:

  • Compliance reports are received by the following persons:

  • Which forums/ committees/ senior persons receive the monitoring report?

  • How is non-compliance addressed?

  • What records are available to confirm this?

COMPLIANCE REMEDIATION

  • Who is responsible to ensure that corrective action is taken in response to the report?

  • Provide a copy of your non-compliance register, highlighting how these have been addressed, for the last 12 months

P1802 - FICA

  • P1802

COUNTER MONEY LAUNDERING

  • Are you an accountable or reporting institution

  • Are you correctly registered with the FIC

  • Do you have an appropriate, trained MLCO appointed in terms of a written agreement

  • Have you implemented the amendments to FICA in your business processes

  • Do you have appropriate, approved FICA Rules and a framework, as required by the amendments to the Act, which has been customised for your business

  • Are all staff regularly trained on AML processes and a register maintained, and have the amendments been trained and assessed

  • Do you have a process to risk rate all clients in terms of potential ML / TF (describe / photo)

  • Do you have processes to identify and verify the identity of clients (KYC) with robust documentation to properly KNOW YOUR CLIENT

  • Do you have processes in place to ensure information is kept updated. Describe.

  • Do you have access to the UN sanctions list and is this consulted as part of KYC

  • Do you have PEP policies and processes

  • Do you have processes in place to identify and report threshold transactions

  • Do you have processes in place to identify and report suspicious or unusual transactions

  • Do you have processes in place to identify and report terrorist financing activities

  • Are appropriate records dated and verified, and kept for 5 years

  • Is an annual review done by the MLCO on the efficacy of processes and controls, as well as the risk of AML in the business

P1802 - CONFLICT OF INTEREST

  • P1802

CONFLICT OF INTEREST

  • Do you have an approved, correct and published conflict of interest policy

  • Have all applicable persons been trained on the policy and the necessary records updated

  • What conflicts of interest exist in your business or have arisen in the past two (2) years?

  • Describe how these are identified and managed in accordance with your policy

  • The business receives or pays referral fees or lead generation fees

  • Provide details of parties and note whether an agreement is in place

  • List all associates and third parties in which the business holds an interest (shareholding/ directorships/ key individuals)

  • Do you have an updated gifts register which ensures control of the prescribed R1 000 limit

P1802 - CLIENT ENGAGEMENT

  • P1802

CLIENT ENGAGEMENT

  • Do you deal directly with end user clients?

  • Do you have a client marketing strategy? (Describe)

  • Do you rate or categorise your clients? (Describe)

  • Do you utlise a CRM/ Financial Planning system (Describe)

  • Do you have standard internal policies or procedures or standard documentation in respect of client engagement? (photo/ discuss)

  • Do you have the appropriate technical skills before assisting a client (Describe how this is maintained)

  • Describe the process followed when first taking on a client. Complete in your BUSINFO report

  • Describe your documentation / recordkeeping in respect of client onboarding ( describe/ photo).

  • Do you follow the six step Financial Planning process?

  • What are the processes/ documents used when gathering information from a client? (Describe/ photo). Note any software.

  • How do you perform needs analyses on your clients (describe / photo)

  • Do you compile and record your advice or recommendation and provide this to your clients (Photo / Details)

  • Do you have a proper process and adequate record-keeping in respect of any replacements. (describe your understanding of replacement as well as the process / photo)

  • What is your procedure for reviews?

  • Do you have a client offboarding process (photo/ describe)

  • Does your documentation comply with the requirements of TCF, POPI and FAIS

  • Do you check/ monitor advice and process by representatives in respect of client engagement? (describe)

  • Do you get feedback from clients in respect of services other than just complaints (Describe)

P1802 - SUPERVISION

SUPERVISION

  • Do you have any representatives under supervision?

  • Do you have a documented supervision policy?

  • Do you have a supervision process with adequate records? (describe / photo)

  • Have you appointed an appropriate supervisor?

  • Are your supervision records correct and up to date?

  • Does your supervision process include assessing a rep's competence, and ensuring proper skills transfer?

  • Do you have a process to monitor supervisors? (detail)

  • Provide Detail:

  • Are all clients aware that a representative is under supervision?

  • Do you have controls in place to ensure that your risk is identified and mitigated? (Risk plan or other)

  • Do you have an off-boarding process for representatives who are no longer under supervision?

P1802 - RECORDS

  • P1802

RECORDS

  • Do you have a recordkeeping policy or system?

  • Do you have an operational confidentiality policy and process and is everyone trained on this

  • Do you know what business records and Financial services records are required, and for what period

CLIENT RECORDS

  • What client records do you retain

  • Where are these kept and for how long?

  • Who has access to these records (describe any security measures)

  • Do any staff have any confidential information on laptops, iPads, cellphones etc which leave the premises (describe)

  • Do you have measures to ensure that confidentiality and security of information is retained on such devices eg. In case of theft (describe)

GENERAL RECORDS

  • What other records are kept

  • Where are these kept and for how long?

  • Who has access to these records (describe any security measures)

  • Do you have adequate physical security in respect of records

ELECTRONIC RECORDS

  • What records are kept electronically

  • Do you have a working back-up policy and process on all electronic records

  • Are all electronic devices secured with a proper password, antivirus, encryption, anti malware which is regularly updated (describe)

  • Are backups regularly tested and the results of this recorded

REGISTERS

  • Do you have updated registers as required in terms of Section 18 of the FAIS Act

  • Do you have standard operating procedures to ensure registers are regularly updated (describe)

  • Do you use the information contained in these registers as management information, to spot trends, areas for review etc? (Describe)

RECORD DESTRUCTION

  • Do you have a policy in respect of record destruction (how is this controlled)

  • Are all processes followed in respect of record retention and destruction

P1802 - TCF

  • P1802

TREATING CUSTOMERS FAIRLY

  • Do you have an approved, adopted TCF policy and is this part of the business culture

  • Do you have a process or method to measure how TCF is part of the business culture (describe)

  • Have all staff been trained on TCF and do they understand how each of the Pillars is part of the business

  • Do you understand know what management information to keep in respect of the TCF pillars, and is this being collected and processed? (Describe)

  • Do you have full records of your TCF implementation and assessment

PROFILE CHANGES

  • All profile changes have been noted and the Registrar updated within the required 15 day period

  • NOTES:

DELIVERED/ COLLECTED

  • Any deliveries or collections made

  • DETAILS:

SIGNATURES:

  • FOR FSP

  • FOR COMPLIANCE

P1803 - REPRESENTATIVE

  • P1803

COMPLIANCE REVIEW FOR THE THIRD QUARTER OF 2018 - MARCH 2018 - MAY 2018

REPRESENTATIVES

ONBOARDING

  • Appointment of representatives 40. (1) An FSP must ensure that where it appoints a person as a representative -

    (a) the person- (i) has not been declared insolvent or provisionally insolvent; (ii) has not been placed under liquidation, provisional liquidation or business rescue; and (iii) is not subject to any pending proceedings which may lead to an outcome referred to in subparagraph (i) to (ii);

    (b) the person, in the case of a juristic representative, has sufficient operational ability and financial resources to perform the activities for which it is appointed as a representative; and

    (c) such appointment does not- (i) materially increase any risk to the FSP or to the fair treatment of its clients; (ii) materially impair the quality of the governance framework of the FSP, including the FSP’s ability to manage its risks and meet its legal and regulatory obligations; (iii) compromise the fair treatment of or continuous and satisfactory service to clients; (iv) prevent the FSP from acting in the best interests of its clients; or (v) result in key decision making responsibilities being removed from the FSP

  • Do you have a documented on-boarding policy and procedure which includes a due diligence on all representatives? (detail)

  • Do you ensure every representative is trained on internal policy and process and that this is recorded?

  • Appointment of representatives 40.(2) An FSP must ensure that any remuneration or fee paid in respect of an activity or function for which a person is appointed as a representative- (a) is reasonable and commensurate with the actual function or activity; and (b) is not structured in a manner that may increase the risk of unfair treatment of clients.

  • Do you have an approved remuneration policy and process to ensure compliance with Section 40(2) of Fit and Proper

REGISTERS AND RECORDS

  • Is your Register of KI's and Representatives complete and up to date?

  • Do you have a DOFA register and is this complete and up to date?

  • Do you have a DOFA monitoring system to identify key dates for competency?

  • Does every representative have a personal file with required records? (detail / photo)

  • Representatives of FSPs of all categories 41. (1) A representative of an FSP must have the operational ability to effectively function as a representative of the FSP for which that person was appointed.
    (2) A juristic representative must at all times have at least one key individual responsible for managing or overseeing the financial services rendered by the representative.

  • Is every Representative appointed in terms of a written contract detailing duties and responsibilities (photo / notes)

  • Does your contract include confidentiality clauses, Fit and Proper requirements and other FAIS matters?

  • Does your contract include clauses noting what will happen if a representative leaves? (restraint/ client records/ debarment/ switching)

  • Does every representative have a correct disclosure document and Section 13 certificate?

  • Do you ensure every representative is adequately product trained before being permitted to provide financial services (describe)

  • Is every representative product trained on a regular basis (describe system of diarising refresher training

OFFBOARDING

  • 40.(3) An FSP must develop appropriate contingency plans to ensure the continued function of the FSP’s business and continued service to its clients in the event that the appointment of the representative is terminated or becomes ineffective.

  • Is there a process to remove a representative who is no longer Fit and Proper? (describe/ photo)

  • Do you have a drafted debarment policy and procedure which is aligned to your internal HR policies?

  • Is there a process to off-board any representative who leaves/ is removed from the FSP? (describe)

  • Is your offboarding process aligned to the General Code of Conduct section on cancellations? (Notify clients/ product suppliers/ appoint alternative) Describe.

  • Is there a drafted succession plan for representatives? (photo / comment)

P1803 - KEY INDIVIDUAL

  • P1803

KEY INDIVIDUALS - Complete the BUSINFO report in respect of each key individual (role, function, categories, location)

  • Key individuals of FSPs and of representatives 42. (1) A key individual must have the operational ability to effectively manage and oversee the financial services related activities of the FSP or juristic representative and the financial services in relation to the financial product for which the key individual was approved or appointed.
    (2) A key individual, where he or she is- (a) approved or appointed as a key individual of more than one FSP or juristic representative; or (b) approved or appointed as a key individual of an FSP or juristic representative and appointed as a representative of an FSP other than the first mentioned FSP,
    must be able to demonstrate to the Registrar, in a form and manner which may be determined by the Registrar, that he or she has the required operational ability to effectively and adequately manage or oversee the financial services related activities of all the FSPs or juristic representatives for which the key individual was approved or appointed.
    (3) An FSP must, on a regular basis, assess the operational ability of its key individuals to adequately and effectively perform their functions taking into account individual circumstances, the nature, scale, range and complexity of the FSP’s financial services related activities and whether the key individuals are approved as key individuals or appointed as representatives of other FSPs.

  • Is the KI appointed in terms of agreement detailing duties and responsibilities

  • Is every KI aware of his duties and responsibilities? (comment how)

  • Is there sufficient access to information and resources in order to properly fulfill the role

  • Do you have an approved, implemented and documented process to regularly review the operational ability of your Key Individuals

  • Is the Key Individual part of the decision matrix in respect of the financial services

  • Do you have more than one Key Individual

  • Does each key individual have clearly documented areas of accountability and responsibility (ringfencing agreement)

  • Does the KI have any representatives to monitor?

  • Describe how this monitoring is done.

  • Is there a process to remove a KI who is no longer Fit and Proper? (describe/ photo)

P1803 - FINANCIAL

  • P1803

FINANCIAL

  • SOURCE OF CAPITAL FUNDING OF BUSINESS:

  • SOURCE OF INCOME:

MANAGEMENT INFORMATION - ACCOUNTING Describe how you record and monitor management information, and how you use this in regard to your business activities

  • FINANCIAL SOUNDNESS

    General requirements 44. (1) An FSP and a juristic representative must at all times maintain financial resources that are adequate both as to amount and quality to carry out their activities and supervisory arrangements and to ensure that there is no risk that its liabilities cannot be met as they fall due.
    (2) The assets of the FSP and a juristic representative must at all times exceed the liabilities of the FSP and juristic representative respectively.
    (3) An FSP, other than a Category I FSP that does not hold or receive monies in respect of a financial product, and a juristic representative of such FSP must have sound, effective and comprehensive strategies, processes and systems to assess and maintain, on an ongoing basis, the amounts, types and distribution of financial resources that it considers adequate to cover:
    (a) the nature and level of the risks to which it is, or might be, exposed; (b) the risk that the FSP or juristic representative might not be able to meet the obligations in this Chapter in the future.

  • (4) No person may become or continue as an FSP or juristic representative if-

    (a) declared insolvent or provisionally insolvent; (b) placed under liquidation or provisional liquidation; (c) subject to section 9(3), it is subject to any pending proceedings which may lead to an outcome referred to in paragraph (a) to (b); or (d) subject to section 9(3), it seriously and persistently failed or fails to manage any of its financial obligations satisfactorily, including-

    (i) being the subject of a civil judgement in respect of unpaid debts, which debt remains unpaid or be the subject of any pending proceedings which may lead to such judgement; and (ii) being unable to provide a satisfactory credit record.

    (5) No person may become an FSP or a juristic representative if business rescue proceedings have commenced

  • Do you generate a monthly report for management purposes?

  • DESCRIBE:

  • Do you have a process to ensure that Annual financial statements submitted 4 months after financial year end (check FSB history / photo)

  • Do you have a process to complete your public interest score annually, for submission with your financial statements?

  • Are your Financial /Books/ management accounts brought up to date monthly (photo/notes)

  • Person Responsible for doing monthly accounts:

  • Tel:

  • Email:

  • *Note: Assets – exclude goodwill, intangible assets, investments in and loans to related parties and investments with or loans to persons to whom the FSP renders financial services
    *Note: Liabilities - exclude subordinated loans

    **Annual Expenditure means expenditure set out in the latest financial statements excluding:

    (a) Staff bonuses
    (b) Employees and Director’s, Members or Partners share in profits
    (c) Emoluments (payments) to Directors, Members, Partners or a Sole Proprietor
    (d) Any other appropriation of profits to Directors, Members, Partners
    (e) 50% of commissions or fees paid to representatives that did not form part of their standard remuneration

  • “liquid assets” means- (a) cash;
    (b) a participatory interest in a money market portfolio;
    (c) 70% of the market value of a participatory interest in a registered collective investment scheme as defined in the Collective Investment Schemes Control Act, other than an investment in a money market portfolio or a hedge fund; or
    (d) 70% of the market value of a security listed on a licensed exchange provided it does not constitute more than 50% of total liquid assets, provided that-
    (i) the assets referred to in paragraphs (a) and (b) are capable of being converted, without any penalty or loss or the potential of a loss on capital, into cash as follows:
    (aa) 50% within 7 days; and (bb) 50% within 30 days; and
    (ii) the assets referred to in paragraphs (c) and (d) are capable of being converted into cash within 7 days.

  • Is your FSP financially sound (comment on how this is monitored)

  • Multiple Category FSPs 48. A person authorised as an FSP or appointed as a juristic representative under more than one category of FSP must comply with the most onerous of the financial soundness requirements applicable to the different categories of FSPs for which that person is authorised or appointed.

  • Are you a CAT II, IIA or III?

  • Application of Part 45. (1) The requirements contained in this Part- (a) apply, subject to paragraph (b) to-

    (i) a Category I FSP that holds client assets or that collects, holds or receives premiums or other monies in respect of a financial product; (ii) a Category II, IIA, III and IV FSP; and (iii) a juristic representative of an FSPs referred to in subparagraph (ii);

    (b) does not apply to- (i) a Category I FSP that does not hold client assets or that does not collect, hold or receive premiums or other monies payable in respect of a financial product.

  • Specific requirements 46.(1)The persons referred to in section 45(1)(a) must at all times comply with the additional asset, working capital and liquidity requirements as set out in Table B.

    (2)An FSP referred to in section 45(1)(a) must submit to the Registrar-
    (a) in the case of a Category II, IIA and III FSP, on a half yearly basis calculated in terms of the FSP’s financial year, Form A in Annexure Six; (b) in the case of a Category I FSP, on an annual basis simultaneously with the financial statements of the FSP as contemplated in section 19 of the Act, Form A in Annexure Six.

    (3) A juristic representative referred to in section 45(1)(a) must submit to its FSP, on a half yearly basis calculated in terms of the representative’s financial year, Form A in Annexure Six.
    (4) The form referred to in subsections (2) and (3) must be submitted within 30 days after every half year-end of the FSP or juristic representative as the case may be.

  • no label

  • Do you have a process to ensure that the Financial Soundness Form A is submitted to the Regulator every 6 months, within 30 days of every half year end (calculated from the FSP's financial year end)

  • Do you have a process to ensure your assets under management returns are submitted to the appropriate Regulator every 6 months.

  • Fidelity cover in place - minimum R1 000 000 (photo/ comment)

  • Auditor correct (photo)

  • Early warning requirements 47.(1) An FSP referred to in section 45(1)(a) must, in writing, immediately notify the Registrar when-
    (a) the assets of the FSP or that of its juristic representative exceed the liabilities by less than 10%; (b) the current assets of the FSP or that of its juristic representative exceeds the current liabilities by less than 10%; (c) in respect of a Category IIA and III FSP..... (d) the FSP or its juristic representative does not meet any of the requirements in this Chapter; or (e) the FSP becomes aware of an event or situation that may or will result in the effect contemplated in paragraphs (a), (b) and (c).

    (2) The notification referred to in subsection (1) must be certified by the chief executive officer, controlling member, managing or general partner, or trustee, of the FSP as the case may be.
    (3) The requirements set out in subsection (1) apply, with the necessary changes to a juristic representative referred to in section 47(1)(a)(iii), provided that the notification referred to in that subsection must be made to the FSP of the juristic representative.

    (4) If any of the factors in subsection (1) arises, the FSP may not directly or indirectly make any payments by way of a loan, advance, bonus, dividend, repayment of capital or other distribution of assets to any director, officer, partner, shareholder, related party or associate without the prior written approval of the Registrar

  • Do you have a documented, implemented process whereby an early warning system as required has been implemented within the business

  • Product categories where premiums collected

    • 1 Long Term A
    • 2 Short Term Personal
    • 3 Long Term B1
    • 4 Long Term C
    • 5 Retail Pension
    • 6 Short Term Commercial
    • 7 Pension Funds (EB)
    • 8 Shares
    • 9 Money Market
    • 10 Debentures and securitised debt
    • 11 Warrants, certificates, rights to subscribe to dispose of or convert securities
    • 12 Bonds
    • 13 Derivatives (excl. warrants)
    • 14 Collective Investment Schemes
    • 15 Forex
    • 16 Health
    • 17 Long Term Deposits
    • 18 Short Term Deposits
    • 19 Friendly Society
    • 20 Long Term B2

  • Separate bank account (check details/ FSB registration)

  • Liquidity requirements correct (photo / comment). Include subordination agreement if applicable.<br>

  • Are you a CAT I FSP where premiums collected or held?

  • Application of Part 45. (1) The requirements contained in this Part- (a) apply, subject to paragraph (b) to-

    (i) a Category I FSP that holds client assets or that collects, holds or receives premiums or other monies in respect of a financial product; (ii) a Category II, IIA, III and IV FSP; and (iii) a juristic representative of an FSPs referred to in subparagraph (ii);

    (b) does not apply to- (i) a Category I FSP that does not hold client assets or that does not collect, hold or receive premiums or other monies payable in respect of a financial product.

  • Specific requirements 46.(1)The persons referred to in section 45(1)(a) must at all times comply with the additional asset, working capital and liquidity requirements as set out in Table B.

    (2)An FSP referred to in section 45(1)(a) must submit to the Registrar-
    (a) in the case of a Category II, IIA and III FSP, on a half yearly basis calculated in terms of the FSP’s financial year, Form A in Annexure Six; (b) in the case of a Category I FSP, on an annual basis simultaneously with the financial statements of the FSP as contemplated in section 19 of the Act, Form A in Annexure Six.

    (3) A juristic representative referred to in section 45(1)(a) must submit to its FSP, on a half yearly basis calculated in terms of the representative’s financial year, Form A in Annexure Six.
    (4) The form referred to in subsections (2) and (3) must be submitted within 30 days after every half year-end of the FSP or juristic representative as the case may be.

  • no label

  • Liquidity requirements correct (photo / comment). Include subordination agreement if applicable.<br>

  • FSB registration correct (photo)

  • Do you have a process to ensure that the Financial Soundness Form A is submitted to the Regulator annually, simultaneously with the submission of the annual financial statements

  • Early warning requirements 47.(1) An FSP referred to in section 45(1)(a) must, in writing, immediately notify the Registrar when-
    (a) the assets of the FSP or that of its juristic representative exceed the liabilities by less than 10%; (b) the current assets of the FSP or that of its juristic representative exceeds the current liabilities by less than 10%; (c) in respect of a Category IIA and III FSP..... (d) the FSP or its juristic representative does not meet any of the requirements in this Chapter; or (e) the FSP becomes aware of an event or situation that may or will result in the effect contemplated in paragraphs (a), (b) and (c).

    (2) The notification referred to in subsection (1) must be certified by the chief executive officer, controlling member, managing or general partner, or trustee, of the FSP as the case may be.
    (3) The requirements set out in subsection (1) apply, with the necessary changes to a juristic representative referred to in section 47(1)(a)(iii), provided that the notification referred to in that subsection must be made to the FSP of the juristic representative.

    (4) If any of the factors in subsection (1) arises, the FSP may not directly or indirectly make any payments by way of a loan, advance, bonus, dividend, repayment of capital or other distribution of assets to any director, officer, partner, shareholder, related party or associate without the prior written approval of the Registrar

  • Do you have a documented, implemented process whereby an early warning system as required has been implemented within the business

  • Fidelity cover in place - minimum R1 000 000 (photo/ comment)

  • Auditor correct (photo)

  • Product categories where premiums collected

    • 1 Long Term A
    • 2 Short Term Personal
    • 3 Long Term B1
    • 4 Long Term C
    • 5 Retail Pension
    • 6 Short Term Commercial
    • 7 Pension Funds (EB)
    • 8 Shares
    • 9 Money Market
    • 10 Debentures and securitised debt
    • 11 Warrants, certificates, rights to subscribe to dispose of or convert securities
    • 12 Bonds
    • 13 Derivatives (excl. warrants)
    • 14 Collective Investment Schemes
    • 15 Forex
    • 16 Health
    • 17 Long Term Deposits
    • 18 Short Term Deposits
    • 19 Friendly Society
    • 20 Long Term B2

  • Separate bank account (check details/ FSB registration)

  • Product supplier authority (photo)

  • IGF/ Bank Guarantee (photo)

P1803 - CONTRACTS AND 3RD PARTIES

  • P1803

CONTRACTS AND THIRD PARTIES

  • Do you have a written agreement with each supplier? (IT, Accounts, Software, Records storage etc.)

  • Does your disaster recovery plan/ risk plan account for a loss of supplier?

PRODUCT SUPPLIERS

  • Do you have a product supplier register

  • Is there a documented due diligence on suppliers

  • Are all Signed contracts on file (photo)

  • Do you know what the breach/ cancellation terms are and what will happen to your clients/ commission?

  • Are Codes / Subcodes correct - check against reps S13 and disclosures

  • Do you receive regular commission statements to ensure VAT compliance?

  • Is there regular product training and accreditation - how regular? tested? level of training? (details)

  • Is all product training recorded in a register?

  • Is there a drafted procedure to notify providers if representative leaves (note procedure)

P1803 - RISK

  • P1803

RISK

  • Has the business identified its risk universe (legislation) and risk rated the most critical of these

  • Has the business identified and addressed its governance obligations (Duties of the Board, Duties of Directors, Members, Minutes, Risk Planning, Business Planning)

  • Has the business identified risks to which it is exposed and developed a plan to mitigate or control these

  • Describe how you assess risk to your business and/or your customers - Complete this information in your BUSINFO report

RISK MANAGEMENT - Complete this information in your BUSINFO report

  • How you are managing the identified risks

  • Do you have a documented risk management process in place?

RISK RECORDING - Complete this information in your BUSINFO report

  • How do you record the risks that you have identified?

  • Where do you record the risks that you have identified?

  • Do you have a process to regularly review, update and address risks in a risk plan/ risk register (Describe)

  • Is sufficient recordkeeping in place to evidence this (describe)

PROFESSIONAL INDEMNITY - Complete this information in your BUSINFO report

  • Do you have updated PI insurance?

  • DETERMINING PI LIMITS:
    Jurisdiction: FAIS Ombud has a maximum jurisdiction of R800 000. This may be per claim

    Contractual obligations:
    These are obligations assumed by you under professional service agreements

    Perceived Exposures:
    This involves an assessment of the possible causes of loss, injury or damage that may give rise to a professional negligence claim against you, either as a maximum exposure in terms of losses and expenses total, or maximum exposure single claim

    Perceived value:
    Will the PI cover your particular event? Only if the action occurs during the cover period. Anything which occurred before (causa) is not included unless you buy retrospective cover. PI cover lapses as soon as you cancel the policy. Even if the claim comes to light when the policy was in place, i.e. the error was made 6 months prior to the policy’s cancellation, you still won’t be covered.

    Financial Loss
    Monetary loss suffered by a party as a result of an actual or alleged breach of professional duty. Add in legal expenses and possible penalties.

    Your willingness and ability to carry financial risk
    This requires an assessment of the extent to which you are prepared to expose your assets by either carrying a higher excess or lower policy limit and your ability to control the risk or transfer liability to other parties involved.

    Affordability
    With PI being a significant overhead you will need to weigh up the above factors against what is economically viable for you. In this regard increasing the limit may not seem feasible however carrying a higher limit opens up the possibility for additional clients.

  • How do you determine the limits of your PI?

    • Jurisdiction (R800k Ombud)
    • Maximum exposure (single claim)
    • Maximum exposure (total claim)
    • Perceived value
    • Additional legal fees
    • Affordability
    • Minimum legislated amount
    • Other

  • DETAILS:

BUSINESS CONTINUITY

  • FIT AND PROPER
    37. (1) Without limiting section 36, an FSP must -
    (B) establish, implement and maintain:
    (iv) a recovery plan for the restoration of its financial situation following a significant deterioration and viable resolution plan setting out options for the orderly resolution of the FSP in the case of failure;

  • Do you have a documented disaster recovery/ business continuity arrangement/ plan to ensure our business can continue in the event of a fire/ flood/ destruction of property

  • Is this in writing, approved and stored safely?

  • How often do you stress test the DRP? Note the date of last test and provide details of how this was done.

SUCCESSION PLAN

  • Do you have a documented succession plan for the owners of the business

  • Do you have a documented succession plan for the Key Individuals of the business

  • Do you have a documented succession plan for the Key role players of the business

OPERATIONAL RISK

  • FIT AND PROPER
    37. (1) Without limiting section 36, an FSP must - (a) at all times have- (i) a fixed physical business address from where the business is operated or controlled; (ii) adequate access to communication facilities, including a full-time telephone or cell phone service, as well as typing and document duplication facilities; (iii) adequate storage and filing systems for the safe-keeping of records, business communications and correspondence;

    (b) establish, implement and maintain - (i) adequate and appropriate human, technical and technological resources necessary for the proper functioning and management of the FSP; (iii) regular monitoring and evaluation of the adequacy and effectiveness of its systems, processes and internal control mechanisms and measures to address any deficiencies and to determine whether it serves reasonably ensure: (aa) the integrity of the FSP’s practices, including the treatment of all clients with due care and in a fair, honest and professional manner; (bb) appropriate segregation of key duties and functions, particularly those duties and functions which, when performed by the same individual, may result in undetected errors or may be susceptible to abuses which expose the FSP or its clients to inappropriate risks

  • (iv) a recovery plan for the restoration of its financial situation following a significant deterioration and viable resolution plan setting out options for the orderly resolution of the FSP in the case of failure; (v) a business plan setting out the aims and scope of the business, the business strategies and related matters; (vi) a system of controls, processes and supervision sufficient to ensure the FSP its, directors, partners, members, trustees, as the case may be, key individuals and representatives comply with the Act and other applicable laws and to reduce its risk of legal or regulatory sanctions, financial loss or reputational damage; (vii) adequate policies, procedures and systems to ensure compliance with the Financial Intelligence Centre Act, 2001, and other applicable anti-money laundering or terrorist financing legislation, in the case of FSPs who are accountable institutions as defined in that Act; (viii) adequate risk management policies and procedures, including effective procedures for risk assessment, which identify the risks relating to the FSP’s activities, processes and systems, and where appropriate, set the level of risk tolerated by the FSP; (ix) adequate policies and procedures designed to detect any risk of failure by the FSP to comply with applicable legislation, and put in place measures and procedures to minimise such risk; (x) decision-making procedures and an organisational structure which clearly and in a documented manner specifies reporting lines and allocates functions and responsibilities; (xi) adequate internal control mechanisms designed to secure compliance with decisions and procedures at all levels of the FSP; (xii) systems and procedures that are adequate to safeguard the security, integrity and confidentiality of information; including- (aa) electronic data security and internal and external cybersecurity;
    (bb) physical security of assets and records; (dd) system application testing; (ee) back-up and disaster recovery plans and procedures for systems and electronic data;

  • (xv) effective policies, operational procedures and controls in relation to the FSP’s day-to- day business, including clear policies covering the risk management and internal controls applicable to proprietary trading by the FSP, its officers, employees, key individuals and representatives, where applicable.

  • Do you have documented standard operating procedures which have identified risk areas and included appropriate controls?

  • DESCRIBE:

  • Do you have documented procedures to address non-compliance, including, but not limited to, performance management. DESCRIBE

  • DESCRIBE:

OPERATIONAL RISK - INFORMATION SECURITY

  • FIT AND PROPER
    Section 37. (1) Without limiting section 36, an FSP must:
    (a) at all times have-
    (xii)systems and procedures that are adequate to safeguard the security, integrity and confidentiality of information; including- (aa) electronic data security and internal and external cybersecurity; (bb) physical security of assets and records; (dd) system application testing; (ee) back-up and disaster recovery plans and procedures for systems and electronic data;

  • Do you have documented standard operating procedures which have identified risk areas and included appropriate controls?

  • DESCRIBE:

  • Do you have documented procedures to address non-compliance, including, but not limited to, performance management. DESCRIBE

  • DESCRIBE:

OPERATIONAL RISK - ACCOUNTING POLICIES AND PROCEDURES

  • FIT AND PROPER
    Section 37. (1) Without limiting section 36, an FSP must:
    (a) at all times have-
    (xiii) accounting policies and procedures to enable the FSP to record, report and deliver in a timely manner to the Registrar financial reports which reflect a true and fair view of its financial position and which comply with the applicable reporting and accounting standards and requirements; (xiv) general administration processes, accounting transactions and risk control measurements to ensure accurate, complete and timeous processing of data, reporting of information and the assurance of data integrity;

  • Do you have documented standard operating procedures which have identified risk areas and included appropriate controls?

  • DESCRIBE:

  • Do you have documented procedures to address non-compliance, including, but not limited to, performance management. DESCRIBE

  • DESCRIBE:

P1803 - MANAGEMENT INFO

  • P1803

MANAGEMENT INFORMATION - NEW BUSINESS Describe how you record and monitor information and how you use this information in regard to our business activities

  • Do you generate a monthly report from your new business register for management purposes?

  • DESCRIBE:

  • Do you identify and action trends where there may be risk

  • DESCRIBE:

  • Do you add these to your risk register, manage them accordingly and update your risk plan

  • DESCRIBE:

MANAGEMENT INFORMATION - REPLACEMENTS Describe how you record and monitor information and how you use this information in regard to our business activities

  • Do you generate a monthly report from your new business register for management purposes?

  • DESCRIBE:

  • Do you identify and action trends where there may be risk

  • DESCRIBE:

  • Do you add these to your risk register, manage them accordingly and update your risk plan

  • DESCRIBE:

MANAGEMENT INFORMATION - CLIENT FEEDBACK Describe how you record and monitor information and how you use this information in regard to our business activities

  • Do you have a process. Whereby client feedback (not just complaints) is obtained?

  • DESCRIBE:

  • Do you identify and action trends where there may be risk

  • DESCRIBE:

  • Do you add these to your risk register, manage them accordingly and update your risk plan

  • DESCRIBE:

P1803 - DIRECT MARKETING

DIRECT MARKETING

  • Is the FSP a direct marketer?

  • Is the registration detail nat the Regulator correct, noting that the FSP is a direct marketer

  • Do you have a proper voice logging system in place? (Describe)

  • Do you have an SLA with your voicelogging product supplier?

  • Are all calls properly and regularly backed up, and tested for integrity

  • Are all calls voice logged, properly labelled and retrievable if required? (Describe)

  • Do you have a QA process (describe)

  • Does your QA process including checking FAIS compliance?

  • Are all scripts approved for compliance with Section 15 of the General Code of Conduct, before any campaigns are done?

  • Do you have records of this to prove compliance?

P1803 - COMPLAINTS

  • P1803

COMPLAINTS

  • Have you appointed an appropriately qualified complaints officer?

  • Do you have an updated complaints policy and process upon which all staff have been trained

  • Does your complaints policy align with Pillar 6 of TCF

  • Does your complaints policy provide for complaints categorization in order to do trend identification.

  • Does your complaints policy provide for root cause analysis in order to do trend identification.

  • Does your complaints policy provide for risk mitigation to avoid a repetition

  • Have you had any complaints in the last 12 months

  • Please provide us with an updated copy of your complaints register.

PROFILE CHANGES

  • All profile changes have been noted and the Registrar updated within the required 15 day period

  • NOTES:

DELIVERED/ COLLECTED

  • Any deliveries or collections made

  • DETAILS:

SIGNATURES:

  • FOR FSP

  • FOR COMPLIANCE

P1804 - LICENCE - FSB

  • P1804

COMPLIANCE REVIEW FOR THE FOURTH QUARTER OF 2018 - JUNE 2018 - AUGUST 2018

  • DATE OF AUDIT

LICENCING AND REGISTRATION

FSB

  • Condition 1 to licencing requires that every FSP notify the Regulator with 15 days, in respect of any change to licencing information. it is therefore important to have a process to:
    1. Check the information on the FSB website
    2. Update the FSB within 15 days of any change

  • Licence Category

    • CAT I
    • CAT II
    • CAT IV

  • CAT I - Product Category

    • 1 Long Term A
    • 2 Short Term Personal
    • 3 Long Term B1
    • 4 Long Term C
    • 5 Retail Pension
    • 6 Short Term Commercial
    • 7 Pension Funds (EB)
    • 8 Shares
    • 9 Money Market
    • 10 Debentures and securitised debt
    • 11 Warrants, certificates, rights to subscribe to dispose of or convert securities
    • 12 Bonds
    • 13 Derivatives (excl. warrants)
    • 14 Collective Investment Schemes
    • 15 Forex
    • 16 Health
    • 17 Long Term Deposits
    • 18 Short Term Deposits
    • 19 Friendly Society
    • 20 Long Term B2

  • ORG Registration correct (photo CMS website)

  • BR Registration correct (photo CMS website)

  • CAT II - Product Category

    • 1 Long Term A
    • 2 Short Term Personal
    • 3 Long Term B1
    • 4 Long Term C
    • 5 Retail Pension
    • 6 Short Term Commercial
    • 7 Pension Funds (EB)
    • 8 Shares
    • 9 Money Market
    • 10 Debentures and securitised debt
    • 11 Warrants, certificates, rights to subscribe to dispose of or convert securities
    • 12 Bonds
    • 13 Derivatives (excl. warrants)
    • 14 Collective Investment Schemes
    • 15 Forex
    • 16 Health
    • 17 Long Term Deposits
    • 18 Short Term Deposits
    • 19 Friendly Society
    • 20 Long Term B2

  • Every CAT II FSP must have an appointed auditor.
    Every CAT II FSP may only provide intermediary services.
    Every CAT II FSP must have an approved mandate.

  • Mandate approved (photo)

  • Licence and product category correct on FSB website

  • Advice/ Intermediary services correct (insert in notes)

  • Financial year end correct - (insert photo). <br>Note: before a financial year end may be amended, consent is required from the FSB

  • Auditor/ Accountant correct (insert details/ photo)

  • Contact details correct (insert photo)<br>

  • Compliance details correct (insert photo)<br>

  • Key Individuals - product and conditions correct (insert photo/s). <br>If conditions are noted, what are these?

  • Representatives details correct (insert photo/s). Check products, advice, intermediary service, supervision<br>

  • Premium collection correct:

  • Direct Marketer correct:

NOTES AND TASKS

NOTES AND TASKS

NOTES AND ACTIONS

  • Notes and Tasks

    • Info and to do

  • DATE:

  • PERIOD UNDER REVIEW

  • Add media

  • NOTES:

  • TASKS

  • RESPONSIBLE

    • THE FSP
    • THE BOARD
    • THE GOVERNING AUTHORITY
    • MANAGEMENT
    • THE KI
    • THE INTERMEDIARY
    • THE REPRESENTATIVE
    • ADMINISTRATION
    • COMPLIANCE OFFICER
    • COMPLIANCE - PROFILE CHANGES
    • COMPLIANCE ADMIN
    • Other

  • Role:

  • ACTION

  • DUE

  • STATUS

    • Non-compliant - initial notice!
    • Reminder
    • Matter escalated
    • Escalated to issue
    • Critical risk area
    • The matter has to be reported to the Regulator
    • Material non-compliance
    • Matter addressed

  • REVIEWED

  • DELIVERED or PROVIDED:

  • Details:

  • FOR THE FSP

  • COMPLIANCE OFFICER:

P1801 to 1804 - SIMPLY COMPLY FAIS COMPLIANCE MATURITY AND RISK AUDIT
Dawn Julyan

P1801 to 1804 - SIMPLY COMPLY FAIS COMPLIANCE MATURITY AND RISK AUDIT

FAIS COMPLIANCE MATURITY AUDIT

Use this Template
The templates available in our Public Library have been created by our customers and employees to help get you started using SafetyCulture's solutions. The templates are intended to be used as hypothetical examples only and should not be used as a substitute for professional advice. You should seek your own professional advice to determine if the use of a template is permissible in your workplace or jurisdiction. You should independently determine whether the template is suitable for your circumstances.

Related checklists

P1701 to 1704 - FAIS COMPLIANCE ONSITE ASSESSMENT REPORT
Dawn Julyan
P1701 to 1704 - FAIS COMPLIANCE ONSIT...
39 Downloads
P1804 - SIMPLY COMPLY ANNEXURE 1 TO THE ANNUAL COMPLIANCE REPORT
Dawn Julyan
P1804 - SIMPLY COMPLY ANNEXURE 1 TO T...
25 Downloads
SIMPLY COMPLY - NCR AUDIT 2017
Dawn Julyan
SIMPLY COMPLY - NCR AUDIT 2017
18 Downloads
P1704 - SIMPLY COMPLY ANNEXURE 1 TO THE ANNUAL COMPLIANCE REPORT - version 3
Dawn Julyan
P1704 - SIMPLY COMPLY ANNEXURE 1 TO T...
17 Downloads
FAIS CLIENT FILE AUDITS
Dawn Julyan
FAIS CLIENT FILE AUDITS
15 Downloads
back arrow for carousel
back arrow for carousel
iAuditor Logo Icon ©SafetyCulture 2022