The FCA is hot on the heels of firms that try to set up or run non-statutory trust (NST) client money accounts without the required auditor sign-off.
Firms that operate a non-statutory trust (NST) under CASS rules must obtain an up to date NST systems and controls letter from their auditors. This is to confirm that their NST systems and controls are adequate to monitor and manage the credit risks arising from running an NST account.
Contrary to popular belief, this confirmation is not embedded in the client money audit report. It is acknowledged separately and should be refreshed periodically and updated as necessary.
The confirmation is required on the initial set-up of the account. It is needed to confirm to the FCA that the firm has established systems and controls to enable them to monitor and manage the credit risk arising from the operation of the NST account. This is required to be sent to the FCA prior to the regulator granting the firm permission to hold client money under an NST CASS environment.
Many auditors issue a caveat saying that they cannot yet confirm compliance, as the firm will not have begun operating the NST account. But they add that, should the firm start with systems and controls as stated, it would be compliant.
Auditor confirmation of systems and controls
As part of the firm’s regulatory reporting, it must also confirm to the FCA that, if operating an NST account, it has obtained an auditor’s confirmation of systems and controls as required by CASS 5.4.4R(2).
There is some discussion in the market as to how regularly this confirmation must be obtained. Some auditors, including PKF, provide it annually, along with the CASS assurance report. Others provide it just once, on initial set-up of the account.
The FCA has said the auditor’s confirmation must be ‘refreshed periodically’. This could mean as and when there are changes to the NST environment. We take the view that this is best interpreted by refreshing the confirmation annually. But certainly, there is a general consensus that it should be more often than just on initial set-up, particularly given the fact that at that stage no trading has taken place.
Consequences of non-compliance
The FCA takes a very dim view of firms that have not received an updated and current NST systems and controls letter. It sees this as a fundamental breach of their obligations under CASS 5.4.4 and will very quickly engage with those firms and set a time limit for obtaining the NST letter. If they fail to do so, they will be obliged to cease holding client money under an NST account immediately and revert to a statutory trust arrangement.
The FCA’s concern is that a lack of sound and robust credit control processes and funding policies and procedures goes hand-in-hand with opaque and untidy ledgers. These in turn mask problems on recovery of debts which would inevitably lead to bad debts and capital resource issues.
Reasons for non-compliance
A firm’s failure to obtain an NST systems sign-off letter is usually for one of two reasons. They may be unaware of the requirement, believing the confirmation is inherent in the CASS assurance report. Alternatively, auditors may be unable to issue an NST systems sign-off letter given the pervasive and systemic nature of the firm’s CASS breaches. This is referred to as an ‘adverse CASS 5 opinion’.
Either reason requires prompt and effective engagement with the FCA, putting a plan in place to rectify any breaches and obtaining the required confirmation letter.
The regulator is becoming increasingly strict on those firms without the NST letter – and is easily able to obtain this information via RMA-C. Is your firm compliant with the requirement?
For more information or advice regarding NST letters, please contact Paul Goldwin.