CASS and Third Party Administrators
As 2018 draws to a close, it has again proven to be a year of change within the CASS world; significantly, from a talent perspective, additional layers of CASS expertise have been recruited within multiple firms across financial services. We are seeing more CASS SMEs sitting within compliance functions to assist with the early identification of potential breaches, and following the implementation of the FRC Assurance Standards, firms have also increased resources from a 3rd
Throughout the year we have witnessed an increased demand for additional resources and upskilling within Third Party Administrators (
Outsourcing may indeed help a business streamline its processes and assist in cost reduction, but it also entails a high degree of responsibility, which can sometimes be overlooked. The consequences of mishandling such responsibility have been clearly illustrated by the fines administered by the FCA this year to firms for failing to adequately protect client assets when certain functions have been outsourced to TPAs.
Under the FCA rules, it remains the outsourcer’s duty to fully discharge their regulatory responsibilities and ensure that robust procedures for assessing the standards of performance from their selected TPA
Agreeing clearly defined responsibilities with TPAs, showing rigorous tracking of how and when they protect client assets, is imperative. However, as the CASS rulebook is open to interpretation, to reach a consensus from both parties in relation to forming a Service Level Agreement around these regulatory responsibilities can prove difficult. This is made all the more challenging if there is a lack of deep CASS knowledge in both parties, as ambiguity can easily creep in, leading to a lack of governance and effective oversight with regards to the use of TPAs.
As a result, the use of
Aside from the financial consequences and reputational damage, any remediation required from potential breaches can result in a lengthy process and require the commitment of significant resource. In this regard, the value of a comprehensive and well thought-out CASS governance and controls package at the earliest stages of outsourcing far exceeds the potential opportunity cost of non-compliance.
Colin Weir is an Associate within Carlyle, who