Prepare ahead of an inspection by CySEC
about the author
- Member of the Global Institute of Internal Auditors (IIA)
- Member of the Cyprus Investment Funds Association (CIFA)
- Certified Actuarial Analyst (CAA)
- CySEC Advanced Certified Person
- CySEC certified Anti-Money Laundering Compliance Officer (AMLCO)
The Cyprus Securities and Exchange Commission (CySEC) supervises the investment services and securities market carried out in the Republic of Cyprus, since 2001. Its mandate is to ensure investor protection and establish the Cyprus securities market as one of the safest, most reliable, and attractive destinations for investment. To achieve that, CySEC has the responsibility to inspect its regulated entities, ensuring compliance with the applicable laws and regulations.
In this blog post, Evdokia Pitsillidou , an instructor at the institute, demonstrates an in-depth analysis of CySEC’s authority to investigate and monitor its obliged entities, providing insights and compliance tips on the key inspection areas.
To this end, a comprehensive and detailed course titled How to Get Prepared by the Regulator in 2024 is available through the IforPE platform. This course emphasises the importance for supervised entities to achieve regulatory compliance by employing a proactive approach and enhance the internal policies and procedures.
Towards the end of this blog post, you will find detailed information about the skills and competencies acquired upon course completion and how they contribute to ensuring a successful CySEC inspection at any given time.
CySEC Powers
CySEC maintains numerous investigative powers which is extremely important for regulated entities to get accustomed with their compliance obligations, and avoid failing any of the following:
- Collection of information – CySEC can request in written form the collection of information from its supervised entities.
- Carrying out inspections – the regulator grants the authority to examine information; records, books, accounts, as well as documents and computer-stored data.
- Entrance and investigation– CySEC has the right to enter and search offices and the business premises, performing onsite inspections.
- Organisational structure and personnel changes - examining if the electronic record is updated, and if the Chinese Walls along with the documented Employee Replacement Policy are in place,
- Employment Contracts and Remuneration - checking if the remuneration, employee recruitment, staff knowledge and competence policy and practices are established,
- Personnel Training - assessing its adequacy and quality as well as the employee awareness,
- Senior Management & BoD - ensuring the obeyance of their duties and responsibilities, their suitability and awareness on the firm’s operations,
- Compliance Function - ascertaining that all required compliance processes are in place, including risk assessment and monitoring procedures.
- Risk Management Function - reviewing the risk management plan, interviewing the key personnel is employed, and if they report directly to the BoD,
- Internal Audit Function - analyzing whether its findings were reported to CySEC through the Electronic Record, and communicated to the BoD in a timely manner,
- Shareholders Holdings, Tied Agents, Inducements, Cross-Border, ICF - inspecting if appointment or intention of such services has been communicated to CySEC,
- Internal Operations Manual - checking whether the documented procedures are adequate and sufficient, and reflect the current procedures in practice,
- Conflicts of Interest & Personal Transactions - investigating if a Conflict of Interest policy is implemented and if appropriate measures are taken to prevent or detect such phenomenon.
- Client Complaints - assessing the complaints handling policy and procedures and if the annual fee payment has been made to the Financial Ombudsman,
- Outsourcing - analyzing the adequacy and competence of outsourcing arrangements,
- Business Continuity & Disaster Recovery- ensuring if appropriate procedures and policies are in place,
- Product Governance - reviewing whether a Product Governance policy and product approval process is implemented.
- The Cyprus Securities and Exchange Commission
- About CySEC
- CySEC responsibilities
- CySEC regulated entities
- CySEC powers
- Governance arrangements & organisational requirements
- Governance arrangements
- Organisational requirements
- Inspection areas & compliance tips
- Policies & procedures
- Policies & procedures
- Organisational requirements - inspection areas & methodology
- Operating conditions - inspection areas & methodology- Client accounts: opening & closing
- Departmental inspection areas & compliance tips
- Back office department
- AML department
- Accounting & finance
- Provision of services
- Business development & marketing
- Customer support- Information technology
- ESMA common supervisory actions
- What is an ESMA CSA?
- National Competent Authorities
- MiFID II Product Governance rules
- MiFID II cost and charges disclosure rules- MiFID II marketing communications
- Inspection tips & results
- Compliance tips
- Post-inspection communication
- Inspection results- 2023 CySEC investor protection fine
If you have any questions about Evdokia's course or any other questions related to your training requirements, please contact us; we would love to help.
Ancora Imparo
navigate
The Institute for Professional Excellence is protected under a registered European trade mark. The figurative trade mark registration number is 018854840. This trade mark is protected under the European Union's legislation.