The Cyprus Securities and Exchange Commission (CySEC) has set new standards to assist Cyprus Investment Firms (CIFs) for the assessment of knowledge and competence of employees who provide information to customers about the entity’s services, the regulator said on Thursday in a circular. The move aims to ensure CIF staff does not provide investment advice regarding financial instruments or, in case the entity is authorized to provide advisory services, then employees should be qualified and competent.
The new standards follow the guidelines for the assessment of knowledge and competence issued by the European Securities and Markets Authority (ESMA) in December last year. The guidelines are to come into force on 3 January, 2018.
CIFs must send the regulator confirmation declaration by 2 May, 2017.
The CySEC requires CIFs to ensure their employees who interact with clients are knowledgeable and competent to meet relevant regulatory requirements and to make sure they posses the required qualification and experience. In addition, entities CIF staff should continuously undergo training to ensure their knowledge is relevant and up-to-date. Certification that meets CySEC’s directives “may be considered as an appropriate qualification”, the regulator noted. The level and intensity of competence should be determined by CIFs themselves, reflecting the scope and degree of the relevant services provided.
Licensees should also also perform regular performance assessments on staff and take measures if internal policies and procedures are not followed. Moreover, the regulator requires CIFs to design an information script or a standard FAQ template with information that could be shares with clients. Employees must be aware of their roles and responsibilities that have been clearly defined by CIFs.
CIFs should also ensure employees who communicate with clients provide their real name and do not give out false information regarding its credentials. Frequent, pressuring or aggressive phone calls and requests to invest or deposit funds initiated by staff are not allowed.
In case an employee violates the above-mentioned requirements, CIFs should provide their details to the CySEC, which will, in turn, take appropriate action.
The Cyprus regulator has set standards for cases when CIFs outsource informational services. In such instances, CIFs should demonstrate that they have access to the business premises of the service provider and can supervise effectively the outsourced activities. If the third-party service provider is situated and authorized in an EU member state, it would be easier to demonstrate that it meets the regulatory standards.
“CySEC emphasises the CIF’s obligation to supervise and effectively oversee the outsourced functions and its obligation to take appropriate measures when it determines that the service provider is not performing the said functions effectively and in accordance with the applicable legislation,” the circular read.
To read the full CySEC circular, follow this link.