2021 saw minimal change to the regulatory sourcebook for client assets, with firms taking the opportunity to consolidate their CASS operating model and improve the robustness of control environments whilst ensuring critical CASS processes continued uninterrupted during the ongoing pandemic.
Despite the increasing level of maturity across CASS firms, with compliance to the more fundamental and technical aspects of the sourcebook being achieved, rule breaches and regulatory enforcement continue to occur. In response, the FCA has continued to maintain its focus in this critical area, ensuring consumers receive appropriate levels of protection.
CASS compliance can be challenging and with ever increasing levels of regulatory scrutiny, a firm seeking to improve its governance, risk management controls to facilitate positive engagement with auditors must expect to manage significant programmes of change.
Correspondingly, appropriate change management is a key area of attention for CASS Auditors and firms must be able to demonstrate and evidence how it identifies, assesses and responds to change that can impact its CASS Model
Significant change events such as; organic growth, market entrance or market exit, updates to products and services will likely have a direct impact on a firm’s regulatory permissions and the degree to which CASS applies to its activities going forward. Such change will require appropriate levels of assessment and planning and firms should be mindful of the FCA taking a firmer stance with firms that fail to operate within their permissions.
Other aspects of a firm’s CASS model that may change and need to be managed accordingly are broad in nature and consideration should be taken across a change of custodial or banking arrangements, the IT implementation of software that receives, processes or onwardly transmits CASS related transactional data and any outsourcing arrangements a firm may have in place.
Firms will need to ensure the design of their CASS processes and controls mitigates identified risks and are effectively designed, tested, implemented and remain operationally effective throughout their lifespan.
Geo-political change in the form of Brexit continues to pose a CASS challenge for firms leveraging the TPR and CASS 14 rules and those firms requiring an adaptation of their respective CASS operating models to meet requirements and reporting obligations.
A change of CASS audit firm may be on the agenda this year for many firms. It is worth noting that, in addition to the commercial parameters, firms should be assessing the depth of
capability, the sector specificity and annual effectiveness assessment offering of potential audit partners in addition to exploring their frequency and level of interaction with the FCA around
Firms should be mindful of allowing adequate time to initiate and complete any tender process for an incoming Audit firm and should be performed well in advance of initial planning or
preparatory phases of such audits.
Firms are being encouraged to support the use of interim testing, specifically across firms,
which, by virtue of their business model, operate in a high incident occurrence environment.
Such testing reduces the risk of audit bottlenecks at crucial stages of the audit engagement,
ensuring timely and complete audit activities and opinion submission.
The evolving nature of the pandemic will require continuous attention from firms. Although firms
have generally responded positively to hybrid working and the robust application of CASS
controls being completed via a virtual model, the FCA will expect firms to keep controls up to
date and effective, capable of being demonstrably evidenced as working approaches continue
To see how Grath can assist in assessing and evidencing your firm’s regulatory perimeter please speak to a member of our team today.
Visit our contact page Contact – Grath
Or follow our LinkedIn page for more insights! www.linkedin.com/company/grath