COVID-19

This webpage will be used by the Authority to publish updates and guidance in relation to its response to the COVID-19.

The majority of Authority staff are now working from the Authority’s offices. The safety of staff remains our paramount concern and, should circumstances change, we will update our arrangements. 

  • If you are visiting our offices or meeting with our staff you should be aware that staff have been asked not to shake hands with others at this time.
  • Our reception is open to external parties, however we do ask that where possible external parties continue to contact us by phone and email, and that if you need to meet with Authority staff this should be arranged in advance;
  • If circumstances mean that a matter cannot be dealt with remotely it will be possible to arrange a meeting with Authority staff at our offices or a firm’s offices, subject to the following:
    • The subject matter of the meeting is such that a face to face meeting is necessary;
    • Appropriate precautions are in place at the meeting venue in accordance with any prevailing government guidance;
  • At this time we are not undertaking standard onsite supervisory inspections but will continue to undertake desk based inspections – this position will be kept under review;
  • We continue to ask that all correspondence and materials are sent in electronic form:
    • documents submitted electronically should be in encrypted PDF form with a password sent by separate cover, unless you are using our secure email solution (TLS). Those using TLS are expected to use the TLS system for all document submissions.
    • where documents would normally require wet signatures the Authority will accept PDFs and, on receipt, will advise if the original document should also be submitted for the file.
    • Receipt of a PDF will be treated as the date of receipt for legislative purposes.

This page will be updated as and when arrangements change.

The Financial Services Authority (‘the Authority’) is aware of current developments around business interruption insurance (‘BI’) and the extent to which individual policies may cover interruption to Isle of Man businesses due to the Covid-19 pandemic. The Covid-19 pandemic is a unique situation and as such the extent to which BI covers business closures due to the pandemic has to be determined under contract law against each specific policy wording.

At this point in time and similar to many other regulators, the Authority has taken the position that it will not intervene in this matter as it is a contract law issue between the policyholder and the insurer.   However we note that the UK Financial Conduct Authority (‘UK FCA’) is seeking to help insurers and policyholders in the UK gain clarity around the coverage of different policy wordings. To do this the UK FCA is participating in a test case in the UK High Court to determine whether certain standard policy clauses, used by many UK insurers, extend to cover the Covid-19 pandemic.  The test case involves 17 different types of wording. Further details about the UK action and the policy wordings included in the test case can be found in the UK FCA press release issued 1 June 2020. The court hearing is expected to take place in the second half of July 2020.

It is worth noting that, in providing details about the forthcoming test case, the UK FCA made clear their “view remains that most SME insurance policies are focused on property damage (and only have basic cover for BI as a consequence of property damage) so, at least in the majority of cases, insurers are not obliged to pay out in relation to the coronavirus pandemic. This case is focused on the remainder of policies that could be argued to include cover.”

Currently there is only one Authority regulated insurer who writes local BI cover and we understand that many local businesses obtain their BI policy through UK regulated insurance companies.  The outcome of the UK test case may inform how this matter is ultimately settled in the Isle of Man.   It is understood that the final UK ruling (post any appeals) will be legally binding for those firms whose policy wording was included in the test case and legally persuasive for other firms that utilise similar policy wording.  English High Court rulings are persuasive to the Isle of Man Courts and as such it is likely that the treatment of any policy written on the Island with similar wordings to those in the UK test case would have a similar treatment locally.

The Authority will continue to monitor the outcome of the UK test case.

The Authority is continuing to progress its supervisory and outreach work remotely and is planning its ongoing work programme for 2020-21 at this time.  In doing this we will continue to focus on key risk areas affecting sectors and particular risks facing individual firms.

When undertaking its work the Authority has a wide range of tools which we use to assess compliance with applicable requirements; some benefit from onsite access, others can be undertaken without physical access to a firm.

Further, whilst working remotely the Authority continues to have the ability to undertake Inspections (previously referred to, for some sectors, as Supervisory Visits).

Traditionally our programme of Inspections has involved a team visiting a firm’s office and reviewing paper and system based records; on a full inspection, focused inspection or sector wide thematic basis.

However, physical access to an office is not essential for a successful Inspection and we would expect firms to be mindful of prevailing government guidance in this regard. Indeed:

  • In many cases, much of the Inspection information is already submitted to the Authority in advance. This information is submitted electronically or in hard copy and is normally reviewed prior to the Inspection.
  • Meetings with staff of a firm can by undertaken by video and/ or tele conference.
  • Other information which would normally be reviewed onsite can be sent to the Authority securely in electronic form for review.

As such, whilst we are currently working remotely, we can undertake focused and thematic Inspections where this is appropriate, recognising that timeframes may need to be modified to take account of the current circumstances.

Regulated Entities – New Draft Guidance from Isle of Man Government for return to the office where working from home is not possible

 

The Authority notes that Isle of Man Government (IOMG) continues to require employers take all necessary steps to allow employees to work from home and where this is possible this should continue.   

 

The current restrictions currently provide that employers must ensure “so far as it is practicable that persons at the premises are able to remain at least 2 metres away from any other person.”   Additionally they “must ensure that no more persons are present at any one time than is necessary for the effective operation of the business.”  

 

In light of the move towards a medium term response, it is recognised that the effective operation over a sustained period might require some further onsite presence and businesses may wish to start considering how to phase back some of the roles which are currently being performed remotely.    It is also recognised businesses may want to implement measures to effect longer term social distancing operations such as desk reconfiguration and this may require additional facilities staff and professional trades to attend.

 

In support of this medium term response, IOMG has produced further guidance that all employers of office-based businesses must consider before allowing employees to return.  The earliest date for such a return is 25 May 2020 but this date is subject to confirmation nearer to the date.  The Authority notes and fully supports this guidance.

 

The guidance is accompanied by a draft example Template Risk Assessment which usefully identifies;

  • general Identified Hazard/s;
  • Persons Considered at Risk from such hazards; and
  • suggested Control Measures.

 

Specific considerations for regulated entities

 

In responding to the Coronavirus Pandemic regulated entities have activated their business continuity arrangements and, wherever possible, this has meant employees working from home. The Authority’s general requirements are that regulated entities should have appropriate risk management policies and procedures. We would expect entities to undertake a risk assessment prior to commencing any return to the office. This should include a consideration of  their Health and Safety obligations to employees and any third parties who may attend the premises. Regulated entities should  review the IOMG Guidance and use this to inform their considerations. 

 

Where regulated entities are returning employees to the office, the Authority views this as the next stage in those entities business continuity planning arrangements and thus their plans should be updated to reflect the risks and strategies associated with this change in working arrangements.  Furthermore, entities should consider their key operational controls and decision making processes. These should be reviewed and updated to reflect any change in the balance between remote and onsite working from the arrangements that are currently in place.  

 

Regulated entities are reminded that they should contact the Authority immediately about any difficulties that may cause an interruption to their services to clients or endanger their ability to continue. There are also standard notification requirements in the regulatory frameworks which should be met where practicable.

 

Finally, the Authority would stress that there is no requirement to return to office-based working and businesses must continue to allow staff to work from home wherever possible. If working from home is not possible entities should only allow staff to return to the office if they can provide a safe office environment to work in.

The Authority notes and is fully supportive of the above Risk Assessment document issued by the Financial Intelligence Unit, which we draw to the attention of all regulated entities and DNFPBs. We are also drawing your attention to the FATF publication on Risks and Policy Responses to Covid-19 Related Money Laundering and Terrorist Financing.

These timely publications identify current patterns of behaviour which criminals are cynically utilising internationally and on the Island to exploit new vulnerabilities exposed by remote working practices, time pressure, vulnerability and residents desire to help others in need.

Regulated Entities and DNFPBs should review the publications carefully to identify any vulnerabilities that their business may be subject to, and take appropriate steps to address those vulnerabilities, including revising processes, updating their business risk assessment accordingly and briefing staff on increased risk patterns. Entities should also be aware of risks posed to customers using their services and take appropriate steps to mitigate and monitor these risks.

Businesses are reminded of their ongoing Anti Money Laundering / countering the financing of terrorism responsibilities, including reporting obligations.

The Authority continues its work with industry during the pandemic

The Authority is working predominantly from home. We appreciate the assistance of industry in providing materials to us electronically; this has helped us to remain responsive and avoid unnecessary delays.

During this time we have continued our normal activities with some minor modifications, including authorisation, supervision and enforcement. It is worth noting that we are dealing with licence enquiries and licence applications received after the start of the pandemic lockdown.

Whilst we are not currently undertaking onsite inspections of regulated entities, our desk based work includes consideration of entity, sector and industry risk. Where appropriate we will continue to ask entities for additional detailed information to support this work.

We have convened special working groups to consider internal and external risks posed by the pandemic to the Authority, our regulated sectors and the Isle of Man economy. To inform our risk assessments we are closely monitoring recommendations from International Standard Setters and steps taken by other regulators.

Whilst we have not been able to conduct face to face meetings, our staff remain contactable by email, phone and video/ audio conference call and this has allowed our work to progress.

The Authority is, to the extent possible, continuing business as usual whilst working in this unprecedented economic and physical environment.

 

The need to ensure activities stay within regulatory permissions

We are aware that regulated entities are receiving an increased volume of enquiries from their existing customers about how the economic situation may impact the client’s financial position. In some cases clients may be very concerned or distressed, particularly where the value of their assets has been affected by stock market downturns, and may push staff for their opinion.

The Authority reminds regulated entities that providing advice on specific investments is a class 2(7) regulated activity under the Financial Services Act 2008.

  • Any entities that do not hold this permission should not deliberately or inadvertently stray into giving advice, or allow a client to gain the impression that they have been advised about what to do with their investments. This includes situations where the value of a life assurance policy is linked to the value of external assets.
  • Where firms hold requisite permission they must ensure that only staff who are allowed to provide advice provide such advice.

 

Outreach to regulated entities on financial stability monitoring

The Authority’s statutory objectives include “maintenance of confidence in the Island’s financial services, insurance and pensions industries through effective regulation, thereby supporting the Island’s economy and its development as an international financial centre”. When discharging its functions the Authority is required to consider factors including “the impact of its decision on the stability of the financial system of the Island”.

Clearly, the Island is not immune from the Global Economic downturn resulting from the international response to the Covid-19 pandemic. When assessing industry resilience, in the light of the current situation and ongoing economic uncertainties surrounding the Covid-19 pandemic, a key focus of the international business community has been on short and medium term cash flow forecasts against stress scenarios.

The Authority therefore needs to understand the impact of the current situation to ensure that it can be supportive of industry and balanced in its approach to the current situation. The resilience of industry will be a key factor in the Island’s future economic success.

There is already a strong focus on prudential resilience and stress testing in the Banking and Insurance sectors. The Authority continues to work closely with these sectors at this time.

The Authority’s standard financial reporting and regulatory requirements for other sectors is partly based on audited financial figures, and as such is focused on historic trends. The new environment means that historic trends and data, whilst still very important, may not be a reliable guide to the current economic environment.

The Authority has therefore commenced work to further its understanding of the potential impact of the Covid-19 pandemic on regulated entities’ businesses and cash flow and how they may readjust their business model and operations. We do not believe that this will result in significant additional work for the regulated entities we approach, as they will already be closely monitoring their own cash flow and resilience against potential stress scenarios.

This work is being undertaken on a representative sample basis of relevant firms in the investment and fiduciary sectors.  The Authority is not asking for information from all entities at this time.

 

The importance of Director prudence when exercising fiduciary obligations

There remains very significant uncertainty about the ultimate impact of the pandemic and the timeframe before normal economic patterns return. In our press release of 3 April we highlighted the ongoing need for prudence in directors’ decision making at this time. We would like to take this opportunity to remind directors of regulated entities of their fiduciary obligations in managing the business through this time of uncertainty. As such the Authority expects that the Boards of regulated entities will act prudently, taking account of the risks and threats, when considering decisions about dividends, upstreaming excess capital or liquidity, intercompany loans or any other decision that could materially financially weaken the Isle of Man regulated entity.

 

Notifications to the Authority

Regulated entities are reminded that they should contact the Authority immediately about any difficulties that may cause an interruption to their services to clients or endanger their ability to continue. There are also standard notification requirements in the regulatory frameworks which should be met where practicable. If delays are necessary, notifications should be made as soon as possible thereafter.

  • Notification where a regulated entity is under significant financial strain If there are concerns that the financial position and ongoing viability of a regulated entity is threatened, or likely to be threatened, relevant supervisory team should be notified as soon as practicable. In the current circumstances it would not be appropriate to wait until a regulatory threshold or trigger was breached before making a notification in such a situation.
  • Notification of significant operational issues Regulated entities should continue to operate as far as practicable in line with the regulatory framework and notify the Authority of any material operational issues.

 

The Authority reminds Regulated Entities and Auditors of Regulated Entities that at this time all submissions to the Authority, including Annual Regulatory Reporting, Financial Resources Reporting, Audited Accounts and Audit Reports should be sent in electronic form.

The submission process remains:

  • documents should be submitted electronically in password protected PDF form with a password sent by separate cover
  • where documents would normally require wet signatures the Authority will accept scanned PDFs of the original signed document or an electronically signed document
  • Receipt of documents submitted electronically will be treated by the Authority as the date of receipt for legislative purposes.

Hard copy information should only be sent to the Authority where the Authority has requested the information to be submitted in hard copy.

The Authority would also remind Regulated Entities and Auditors of the press releases issued on

  • 7 April concerning Arrangements for Submission of Audited Financial Statements and Annual Compliance Returns and
  • 20 March which requested that returns be submitted in PDF form.

As referred to in our update of 30 March, the Authority has reviewed the requirements for financial and regulatory returns in the light of the Covid-19 pandemic. The Authority will continue to keep a watching brief and monitor the situation to identify whether other regulatory requirements may require a different approach.

Audited Financial Statements, other Audit Confirmations, and Annual Compliance Returns

The Authority is mindful that, for some regulated entities, the current situation has led to unavoidable delays in finalising Audited Financial Statements and potentially other Audit Confirmations (for example audit management letters). This is particularly the case for regulated entities whose normal deadline for submission is four months after the financial year end. Accordingly, the table below shows where the Authority will allow some flexibility for those regulated entities where their audit has been affected by Covid-19 related issues. For regulated entities whose normal deadline for submission is six months after the financial year end, no changes apply.

Normal deadline for submission of Audited Financial Statements

New deadline for submission of Audited Financial Statements

Other returns to be submitted with the Audited Financial Statements

Four months after the financial year end

Where it is not possible to complete the audit due to Covid-19 issues, regulated entities can submit up to six months after the  regulated entity’s financial year end

  • Annual Compliance Return and attachments
  • Audit confirmations (e.g. management letter, other audit certificates)

If the audited financial statements (or audit confirmations) are delayed, only submit this information alongside the audited financial statements (within 6 months).

If fully complete prior to the usual four month deadline, and the audited financial statements are not delayed, submit all information as normal.

Six months after the financial year end

No change

No change

Regulated entities are encouraged to submit information to us (in one pack) before the extended deadlines, where possible. If the extended deadlines cannot be met, we ask that you engage with the Authority in a timely manner; there is no requirement to notify us in advance that you are partaking of the extended deadline.

If a regulated entity fails to meet the six month deadline, this will be treated as a breach in the normal way.

Quarterly Financial Resource Returns – annual audited expenditure figure

Certain regulated entities are required to submit quarterly Financial Resources Returns (FRRs).

Where a delay to the audit means a regulated entity does not have a new annual audited expenditure figure for inclusion in a quarterly FRR, the regulated entity should use the last audited expenditure figure from the previous financial year end. If a regulated entity’s expected new annual expenditure figure (unaudited) would result in its financial position falling below or within 110% of any of the minimum regulatory requirements, the FRR using the previous audited figure should be accompanied by a notification explaining the situation.

Other Requirements

The regulatory requirements applicable to regulated entities continue to apply.

Prudence in decision making

Our regulatory framework is based upon the principle that Directors of regulated entities are ultimately responsible for managing their business, within the constraints of the legal and regulatory framework. Regulated entities are operating in an environment of extreme uncertainty in terms of how their staff and business will respond to the emerging external environment, combined with uncertainty about how long the covid-19 pandemic and resultant economic threats will continue.

The Authority expects directors to fulfil their ongoing duties towards regulated entities and clients, regardless of whether they act for a standalone local business or a firm which is part of a larger group.  

The Authority understands the potential for certain regulated entities to experience financial strain due to market conditions. Directors are specifically reminded of the requirements to maintain sufficient Financial Resources, both capital and liquidity as required by the regulatory framework.   Directors are expected to act prudently when making decisions about dividends, upstreaming excess capital or liquidity, intercompany loans or any other decision that could materially financially weaken the Isle of Man regulated entity.

Liaison with Regulated Entities

As indicated in our 17 March Update, the Authority is continuing its outreach to regulated entities, through a mixture of focused firm specific engagement, and sector overview work.

In identifying the appropriate level of outreach the Authority considers the systemic impact and risks that individual firms or sectors may pose to the international and local financial system, how those firms interact with their customers, and the types of customer they serve.  Where a business provides daily services to retail customers, such as payments, the resilience of that firm and its ability to continue servicing retail customers is important.

This approach means some firms will receive more regular contact from the Authority, and be expected to update the Authority more frequently, compared to others.  In addition, even though individual firms may not pose the highest impact or systemic risk, the Authority may approach small and medium sized firms to understand the position and risks within a sector of the industry.  Notwithstanding and as set out below we expect that firms will take a proactive stance in keeping the Authority informed of any material matters.

Notifications

Regulated entities are reminded that they should contact the Authority immediately about any difficulties that may cause an interruption to their services to clients or endanger their ability to continue. There are also standard notification requirements in the regulatory frameworks which should be met where practicable. If delays are necessary, notifications should be made as soon as possible thereafter.

  • Notification where a regulated entity is under significant financial strain If there are concerns that the financial position and ongoing viability of a regulated entity is threatened, or likely to be threatened, relevant supervisory team should be notified as soon as practicable. In the current circumstances it would not be appropriate to wait until a regulatory threshold or trigger was breached before making a notification in such a situation.
  • Notification of significant operational issues Regulated entities should continue to operate as far as practicable in line with the regulatory framework and notify the Authority of any material operational issues.

Consideration of material outsourcing

Where a regulated entity has material outsourcing in place they should review the arrangements as part of the business continuity planning and consider what alternative arrangements they can put in place in the event that the outsourced party is unable to provide the outsourced service.

Key Workers

As you will be aware, financial services has been deemed a critical sector by Isle of Man Government. The Authority expects regulated entities to consider their business continuity arrangements and whether a specific role is necessary for the continuation of their essential public service and the guidance issued by Isle of Man Government when identifying which staff members should be key workers. Key workers must be supplied with a letter from their employer to confirm their status.

Cyber and Financial Crime

There is evidence of a rise in covid-19 related fraud attempts at the current time. Regulated entities should continue to notify us of any attempted or successful cyber-attack or fraudulent activity and comply with their obligations for suspicious activity reporting under the AML/CFT framework.

In the current circumstances, notifications are important as we use this information to identify thematic risks and emerging trends across industry.

The Financial Intelligence Unit

We draw attention to an update from the Director of the FIU about their working arrangements and focus at this time https://www.fiu.im/news/update-from-the-director/.

This update covers 4 key areas:


1. Staff of the Authority working from home
2. Home working and increased risk of cybercrime
3. AML/CFT FAQs about Covid 19
4. Framework for appropriate regulatory forbearance is being developed
 
1. Staff of the Authority working successfully from home


The transition of Authority staff to home working has been successful and the team are fully operational. As previously notified, we are grateful for your support in sending requests and post electronically in the first instance. This is helping to ensure we can fulfil our role without undue delays.


2. Home working and increased risk of Cybercrime


We are aware that regulated entities may be facing increased attention from cybercriminals. The National Cyber security Centre has issued some useful guidance on this and is good source of reference for cyber security matters more generally.


3. AML/CFT Frequently Asked Questions about Covid 19


The Authority has been receiving queries regarding COVID-19 and how this affects meeting customers / certification of documents. The AML/CFT team have prepared some frequently asked questions to help regulated entities and DNFPBs understand how the requirements may operate at this time.


We have not needed to introduce any new requirements around CDD, instead we have taken some key points from the AML/CFT Handbook, particularly around electronic verification of documents in one place which we hope will be helpful.


It is intended that the document will be updated over time to address any new questions which may have generic application.


4. Framework for appropriate regulatory forbearance is being developed


The Authority is conscious that firms will be experiencing operational issues as they transition to an environment in which many of their staff are working from home. 

  1. We have already recognised that there may be difficulties in finalising audits in the normal timeframes and confirmed that we will not be treating such delays as breaches. Regulated entities have also raised some other audit related matters with us, and we will be providing further guidance as part of our regulatory forbearance work (see below).
  2. The Authority is currently considering other regulatory requirements and the areas where it will be appropriate to consider regulatory forbearance at this difficult time. Once this review is concluded we will issue guidance for regulated entities to help them in complying with the requirements and understanding where deadlines and requirements have been adjusted
  3. We expect regulated entities to continue to notify the Authority where they are experiencing difficulties in complying with the requirements. It should be noted that the Authority will not consider new individual rule modifications at this time.

The Financial Services Authority (“Authority”) is closely monitoring the coronavirus (Covid-19) situation and how it is impacting the financial system.

We have identified some sensible precautions consumers can take to help protect their finances. We recommend you read our advice below and be aware of any possible impact on your finances.

As you would expect, we are in contact with regulated firms and we expect them to be looking at their business continuity plans.

General information for consumers is available in the consumer area of the Authority's website.

Be Scam Aware

There is already some evidence that scams are on the increase during the current coronavirus outbreak and we advised you to be extra vigilant at this time.

Watch out for scams related to coronavirus (Covid-19) and for an increase in traditional scams. These scams take many forms and could be about insurance policies, pension transfers, or high-return investment opportunities, including investments in cryptoassets.

Scammers are sophisticated, opportunistic and will try many things and they will target the vulnerable. Beware of investments that appear to be too good be true. If you decide to invest in something offering a high return or in a cryptoasset, you should be prepared to lose all your money.

To help protect yourself:

  • Reject offers that come out of the blue.
  • Beware of adverts on social media channels and paid for/sponsored adverts online.
  • Check who you are dealing with; are they regulated and reputable?
  • Do not click links or open emails from senders you don't already know.
  • Avoid being rushed or pressured into making a decision.
  • If you are contacted unexpectedly by someone saying they are from your product provider, call back on a number already known to you for that provider.
  • If you are contacted by someone purporting to be from the fraud team at your bank, again be very cautious and check they are who they say they are.
  • Do not give out personal details (bank details, address, existing insurance/ pensions/ investment details).

If you suspect a scam:

  • Contact the police straight away to report the scam.
  • If you have made a payment contact your bank or credit card company.
  • If you have provided personal details, change your passwords and tell the providers of your affected accounts.
  • Monitor your finances for any suspicious activity.

Treating customers fairly

We are engaged with firms to understand the potential impacts on consumers of coronavirus and how they are addressing their customers’ needs. Firms are expected to treat customers fairly.

We are aware some consumers, both individuals and businesses, may be put under additional financial pressure, so if you are experiencing payment difficulties, we recommend you contact your credit provider or mortgage lender as soon as possible and explain your situation.

Access to cash

As part of their plans in the Isle of Man banks are taking additional measures to ensure that there is no disruption to cash supplies and that ATMs remain fully operational. Some banks are also increasing withdrawal limits to enable customers to withdraw higher daily amounts from ATMs.  

Insurance

At this time it is important that you continue to make sure you have adequate insurance and that renewals are dealt with in good time. For individuals this includes mandatory insurances, such as car insurance, and other significant insurances such as house insurance and life insurance. For businesses this includes premises insurance, public liability insurance and other standard insurances.

You should be aware that insurance cover differs from policy to policy. If you are unsure whether your policy covers you for the outbreak, you should contact your provider directly. Insurance providers should be able to clearly highlight any exclusions that may exist.   

Consumers specifically concerned about their travel insurance can take a number of steps in advance to find out if they are covered:

  • Check your travel insurance wording carefully before you travel.
  • Read the latest travel advice from the Foreign and Commonwealth Office (link is external) before you leave.
  • Take some extra time to make sure the policy you intend to buy covers all your needs.
  • Contact your insurer directly before you travel if you are in doubt. 

Checking whether someone is regulated and other queries

If you are looking want to check that a firm is regulated by the Authority please check our public register.

If you want to check that a firm is authorised in the United Kingdom please check the UK Financial Services Register (link is external).

For all other queries including impacts of the coronavirus, please contact your product provider, their details can be found on your documentation. Please be aware that they might be busier than normal and it might therefore take longer than normal to get through to them at this time.

As you will be aware the situation on the Island continues to change on a daily basis. We understand that regulated entities are prioritising the wellbeing of their staff, their ongoing communication and wellbeing of customers and managing the minimisation of the impact on their financial soundness. However, it is essential that regulated entities continue to comply with their legal and regulatory obligations.

This update sets out some general matters that we ask regulated entities to consider at this time.

 

The Authority’s Office

From Monday 23 March, the majority of Authority staff will be working remotely, with only a skeleton staff in the office for logistical purposes.

The office will not be open to external visitors and staff will not attend face-to-face meetings with 3rd parties.

 

Contacting the Authority

We encourage regulated entities to communicate with us by email wherever possible. If a subsequent phone call is required this can then be arranged.

Whilst we have made arrangements to have phones answered we would encourage regulated entities to communicate with us by email wherever possible.  We will then make appropriate arrangements for phone calls / conference calls.

 

Returns and notifications by PDF

The Authority expects that, to the extent possible, returns and notifications will continue to be submitted. The Authority’s staff will continue to process such matters as normal.

To facilitate working arrangements we ask that:

  • documents are submitted electronically in encrypted PDF form with a password sent by separate cover.
  • where documents would normally require wet signatures the Authority will accept PDFs and, on receipt, will advise if the original document should also be submitted for the file.
  • Receipt of a PDF will be treated as the date of receipt for legislative purposes.

Impact on Customers

As per our regulatory requirements, regulated entities are expected to have in place robust BCP arrangements which are regularly tested. This should ensure that the impact of the current situation on your consumers is minimised.

We welcome the taking of initiatives going beyond usual business practices to support customers.

We still expect regulated entities to deal with complaints promptly. However, where the pandemic prevents this, please contact us.

 

Audited Financial Statements

We are aware that there may be some issues in relation to completion of audits. If this is the case, please liaise with the relevant supervisory team as to what financial information should be submitted pending the audited accounts. In these circumstances the Authority will not treat late submission of the final audited accounts as a breach and will not issue an administrative civil penalty (where that would normally apply). All other required information should continue to be submitted via PDF at the appropriate time.

 

CPD

We have received queries about the ability of regulated entities’ staff to complete their mandatory CPD requirements due to cancellation of courses. The Authority will be guided by the stance taken by professional bodies and is understanding of the difficulties that lack of face-to-face CPD opportunities pose. However, where staff are working remotely it may be that use can be taken of the many online training courses available.

 

Signatures on official business documents

The Authority has received enquiries about what steps regulated entities should take concerning wet signatures on their business documents.

The Authority expects regulated entities to consider whether a wet signature is required for legal efficacy or whether an electronic signature is acceptable legally and by the counterparty, and consider arrangements for witnessing such signatures where relevant.

The Electronic Transactions Act 2000 (ETA2000) will also be relevant in this regard.

Section 1 of the ETA2000 provides that a transaction will not be invalid merely because it takes place wholly or partly by means of one or more electronic communications.

The requirement for a written signature of a person is taken to have been met under the ETA2000 in relation to an electronic communication if:

  1. a method is used to identify him and indicate his approval of that which is communicated;
  2. having regard to all the relevant circumstances at the time, the method is as reliable as is appropriate for the purpose of the information communicated, and;
  3. the receiver consents to that method.

The AML/CFT Handbook also allows client due diligence (CDD) documentation to be obtained electronically. The AML/CFT Handbook provides that where CDD is obtained electronically, the authenticity of the electronic document must be verified by appropriate measures.

If moving from wet signatures to electronic signatures, regulated entities should undertake and document a business and technological risk assessment.

We encourage you to continue to review your current arrangements in light of the evolving situation and to manage the risks to your employees, customers, and your business and the impact on the industry.

For some time, the Authority has been working on its operational readiness in relation to the COVID-19 pandemic. Following the Chief Minister’s announcement of emergency measures on 16 March 2020, we are moving to the next stage of our business continuity plan. Effective Wednesday 18 March the majority of our staff will be working from home on a rotating basis.  This approach will allow us to further test our connectivity and working from home processes.  For our stakeholders, this move should be seamless as staff will continue to be accessible by traditional means - phones and emails.

One change however will be our protocols on face to face meetings, as we will be switching to meetings via teleconference and/or video-conference.   These changes may result in some initial disruption but are considered necessary in the current circumstances. 

Further, we would also ask our regulated entities to send correspondence to the Authority in a secure electronic form as opposed to, or in addition to, hard copies delivered to the Authority’s offices.  We believe this is a sensible readiness step to take.  Where regulated entities do not have a secure e-mail connection with the Authority we would remind regulated entities that correspondence should be appropriately encrypted and that passwords are then separately communicated.

The FSA remains open for business with these modified work practices. We will be reviewing our operating approach on a daily basis and will update our website to reflect any adjustments, in accordance with further developments.

In relation to regulated entities, all such firms are required to have robust business continuity plans which are proportionate to the nature and scale of their operations. We are aware that many firms have been reviewing and, in some cases activating, elements of their business continuity plans. The Authority is currently engaging with various firms across the different regulated sectors and may widen this engagement, as necessary. Firms are reminded that they should proactively make the Authority aware of any material issues in respect of their ability to operate in compliance with their business continuity arrangements.