Oct 4 / Evdokia Pitsillidou

CIF Organizational and Operational Requirements

about the author

Evdokia Pitsillidou

Director of Risk & Compliance at SALVUS Funds

Evdokia, a partner at SALVUS Funds, is actively advising and working on all matters related to licensing, regulatory compliance, and internal audit for investment firms, funds, Electronic Money Institutions (EMI) & Crypto-Asset Services Providers (CASP).

  • Member of the Global Institute of Internal Auditors (IIA)
  • Member of the Cyprus Investment Funds Association (CIFA)
  • Certified Actuarial Analyst (CAA)
  • CySEC Advanced Certified Person
  • CySEC certified Anti-Money Laundering Compliance Officer (AMLCO)
The financial landscape for Cyprus Investment Firms (CIF) is shaped by stringent regulatory frameworks designed to ensure transparency, client protection, and operational integrity. One of the most critical aspects for CIF entities is adhering to the organizational and operational requirements set out by the Cyprus Securities and Exchange Commission (CySEC). These requirements are not only vital for compliance but also for establishing trust with clients, managing risks effectively, and maintaining a firm’s competitive edge.

Within this blog post,
Evdokia Pitsillidou, an instructor at the institute, will explore the key organizational and operational mandates CIF entities must follow, including how they manage client information, assess the suitability and appropriateness of their services, handle conflicts of interest and comply with cross-border regulations.

Towards the end of this blog post, you will find detailed information about the valuable skills and competencies acquired upon course completion and how they contribute to ensuring that CIF entities meet both regulatory obligations and client expectations.

CIF Operational Requirements

CIF are required to meet several operational requirements under CySEC regulations. One of the key areas is ensuring that information provided to clients is clear, fair, and not misleading. CIF entities must present accurate details regarding the risks associated with investment products and ensure that communication is delivered in a way that is understandable by the target audience. This includes obligations related to the categorization of clients into retail, professional, or eligible counterparties, and disclosing the terms and conditions of services offered. Additionally, CIF entities must explain the risks of financial instruments, including volatility and potential loss, ensuring that clients are well-informed.

Another critical aspect is the assessment of suitability and appropriateness of services provided. For investment advice and portfolio management, CIF must collect comprehensive information from clients, such as their financial situation, investment objectives, and risk tolerance, to recommend products that align with their needs. In cases where CIF provide other investment services, they must evaluate the appropriateness of the offered products based on the client's knowledge and experience in the investment field. CIF entities are also obligated to maintain accurate records of client interactions, including orders and decisions, to ensure transparency and regulatory compliance.

 
CySEC Circulars C576 & C578

CySEC has issued two key circulars, C576 and C578, that provide essential guidelines for CIF regulated entities to align with European regulatory frameworks. Circular C576 focuses on the adoption of European Banking Authority (EBA) Guidelines, introducing new reporting obligations related to remuneration practices, the gender pay gap, and high earners. These obligations apply specifically to CIF entities classified as Class 2 under the Investment Firms Regulation and Directive (IFR/IFD), requiring detailed submissions through CySEC’s XBRL Portal. Firms are required to submit data for both the previous and current financial years, with distinct deadlines for compliance, ensuring transparency and adherence to EBA standards.

Circular C578 addresses guidelines issued by the European Securities and Markets Authority (ESMA) concerning remuneration practices under MiFID II. The focus here is on ensuring that remuneration policies are designed to align the interests of firms with those of their clients while avoiding conflicts of interest. CIF are urged to establish a balance between qualitative and quantitative criteria in their remuneration policies to avoid incentivizing short-term gains. Key considerations include client satisfaction, regulatory compliance, and a clear documentation of performance metrics. This framework is designed to foster fair treatment of clients and mitigate risks that may arise from misaligned incentives.

Both circulars emphasize the need for robust governance and internal controls in managing remuneration practices. CIF entities are required to regularly review and adjust their remuneration policies to reflect any changes in business activities or regulatory requirements. The role of control functions, such as compliance, risk management, and internal audit, is critical in overseeing these policies to ensure objectivity and independence. These measures are intended to safeguard the integrity of the remuneration process, ensuring that it supports the long-term sustainability and ethical operation of investment firms.

What is the “Organizational and Operational Requirements & Client Funds Safeguarding in 2024” course and what does it include?

The “Organizational and Operational Requirements & Client Funds Safeguarding in 2024” course is designed by SALVUS Funds and delivered by their Risk & Compliance Director, Evdokia Pitsillidou. This program is directed for Members of the Board of Directors, Compliance Officers, Officers responsible for the Safeguarding of Client Funds, as well as key function holders in CIF entities and other entities regulated by CySEC.

Professionals undertaking this course will acquire a comprehensive overview of CySEC’s Circulars C576 & C578 on certain aspects of MiFID II remuneration requirements and the collection of remuneration data. In addition, it provides insights on the required arrangements that CIF regulated entities must establish and maintain for the safeguarding of client funds and financial instruments.

The syllabus of the client onboarding course includes:
  • Organizational Requirements of CIFs
- Conditions for authorization
- Board of Directors
- General organizational requirements
- Compliance, Risk Management & Internal Audit
- The responsibility of the Senior Management
- Governance arrangements
- Fees & Charges
- Website
- Complaints handling & Financial Ombudsman
- Remuneration practices
- Persons employed by a CIF
- Policies & Procedures

  • Deep dive on CySEC Circulars C576 & C578 on certain aspects of MiFID II remuneration requirements & data collection
- CySEC Circular C576 – Adoption of the European Banking Authority (the ‘EBA’) Guidelines
o On the benchmarking exercises on remuneration practices and the gender pay gap under Directive (EU) 2019/2034 (EBA/GL/2022/07)
o On the data collection exercises regarding high earners under Directive 2013/34/EU and under Directive (EU) 2019/2034 (EBA/GL/2022/08)
- CySEC Circular C578 – ESMA 35-43-3565 – Guidelines on certain aspects of the MiFID II remuneration requirements
o Design of remuneration policies and practices
o Governance
o Controlling risk related to remuneration policies and practices
o Examples related to conflicts of interest

  • Operational Requirements of CIFs
- Information to clients
- Direct electronic access
- Assessment of suitability & appropriateness
- Reporting obligations
- Best Execution & Client Order Handling
- Personal transactions
- Outsourcing
- Conflicts of interest
- Record-keeping
- Cross border services

  • Safeguarding of Client Funds & Financial Instruments
- Safeguarding client financial instruments & funds
- Depositing client financial instruments & funds
- Statements of client financial instruments & funds
- Use of client financial instruments
- Use of title transfer collateral arrangements
- Single officer
- Reports by external auditors

  • CySEC Circular C458 & Dear CEO Letter
- CySEC Circular C458
- Dear CEO Letter

The material of the “Organizational and Operational Requirements & Client Funds Safeguarding in 2024” course is provided both in PDF slides and online video recordings, suitable for self-paced learning. Learners enrolled in the course have the flexibility to learn wherever and whenever.

Upon completion of the course, learners can evaluate their comprehension of the covered material by answering a series of questions reflecting the gained knowledge.

The completion of this course counts towards the Continuous Professional Development (CPD) annual requirements for professionals, and holders of the CySEC Advanced and Basic certifications.

Get in touch
If you have any questions about Evdokia's course or any other questions related to your training requirements, please contact us
we would love to help.
From all of us at IforPE, the Institute for Professional Excellence,
Ancora Imparo