The Financial Conduct Authority has published details of its expectations for firms implementing remote or hybrid working models. Most firms have adopted, or are considering some form of hybrid working, but up until this point they have done so without a statutory regulatory framework. The FCA recently published its expectations for regulated firms when considering invoking hybrid working plans.
Regulated firms now have to ensure remote working arrangements do not compromise or risk their ability to follow all the rules, regulatory standards and obligations, or might conceivably lead to a failure to meet them.
The FCA now requires access to the work environment wherever that may be.
The FCA will require access to firms’ sites, records and employees and in addition is looking for firms to take responsibility to ensure that employees understand that the FCA has the power to visit any location where work is performed for regulatory purposes. This does include residential addresses.
My home is my principal place of business
If your principal place of business is now your home, the FCA states: "If a firm is considering using a private residential address as a principal place of business, it should consider the effect on any individuals and got necessary approvals. This includes those living at the property who aren’t employees".
Things to think about
If you are considering or have hybrid working, the FCA expectations are broadly drafted, fluid and and will continue to evolve. In general terms if Firms are to adopt a hybrid working model, they should ensure that remote working does not or is unlikely to:
Affect the firm’s location in the UK, or its ability to meet and continue to meet the threshold conditions for the regulated activities.
Prevent the FCA from receiving information about a firm.
Reduce the accuracy of the Financial Services Register.
Affect the ability of the firm to oversee its functions including any outsourced functions.
Cause detriment to consumers and or damage the integrity of the market.
Increase the risk of financial crime.
The FCA ask firms to plan first.
Firms must review and plan before making temporary arrangements permanent and review plans periodically. Plans should cover the following:-
There is governance and oversight under the Senior Managers regime.
Business continuity plan requirements, including when using home networks etc.
Control functions must be in place so that risk, compliance and audit are unaffected .
Systems such as IT to support control functions are robust.
It has appropriate record-keeping procedures in place.
It can meet and continue to meet any specific regulatory requirements, such as call recordings, order and trade surveillance, and consumers being able to access services.
The FCA has also asked firms to monitor the effect on staff including wellbeing, training, diversity and inclusion. It has provided a non-exhaustive indicative list of expectations but their message is unequivocal.
“It's important any form of remote or hybrid working adopted should not risk or compromise the firm's ability to follow all rules, regulatory standards and obligations, or lead to a failure to meet them”.