Προς όλα τα μέλη του Συνδέσμου
Τεχνική Εγκύκλιος Αρ. 58
Από την Επιτροπή Χρηματοοικονομικών Υπηρεσιών
17 Απριλίου 2014
Θέμα: Ενδεικτικό πρόγραμμα λογιστικού ελέγχου σε σχέση με την έκδοση της Έκθεσης
Ανεξάρτητου Ελεγκτή προς την Επιτροπή Κεφαλαιαγοράς Κύπρου δυνάμει του Άρθρου
116 του περί Επενδυτικών Υπηρεσιών και Δραστηριοτήτων και Ρυθμιζόμενων Αγορών
Νόμου του 2007 ως τροποποιήθηκε το 2009 και το 2012
To Άρθρο 116 των περί Επενδυτικών Υπηρεσιών και Δραστηριοτήτων και Ρυθμιζόμενων Αγορών
Νόμων του 2007 μέχρι 2012 [Ν144(Ι)/2007, Ν106(Ι)/2009, Ν141(Ι)/2012 και Ν154(Ι)/2012]
(ενοποιημένοι εφεξής αναφερόμενοι ως ο «Νόμος»), απαιτεί από τους εξωτερικούς ελεγκτές μιας
Κυπριακής Επιχείρησης Παροχής Επενδυτικών Υπηρεσιών («KEΠEY») να υποβάλλουν στην
Επιτροπή Κεφαλαιαγοράς Κύπρου («EK»), εντός τεσσάρων μηνών από τη λήξη κάθε οικονομικού
έτους, έκθεση σχετικά με την καταλληλότητα των μέτρων που έλαβε η ΚΕΠΕΥ για τη διαφύλαξη των
περιουσιακών στοιχείων πελατών, σύμφωνα με τις απαιτήσεις του Μέρους VI της Οδηγίας ΟΔ1442007-01 της ΕΚ για τις προϋποθέσεις χορήγησης άδειας και λειτουργίας των ΚΕΠΕΥ (η «Οδηγία»).
Για σκοπούς γενικής καθοδήγησης σε σχέση με την πιο πάνω έκθεση, η Επιτροπή
Χρηματοοικονομικών Υπηρεσιών του Συνδέσμου έχει ετοιμάσει, στην Αγγλική γλώσσα, το
συνημμένο πρόγραμμα ελέγχου το οποίο περιέχει προτεινόμενες διαδικασίες λογιστικού ελέγχου, που
στοχεύουν στην ικανοποίηση των απαιτήσεων του μέρους VI της Οδηγίας.
Τονίζεται ότι τα γεγονότα και οι περιστάσεις που ισχύουν για κάθε ΚΕΠΕΥ πιθανόν να
διαφέρουν από περίπτωση σε περίπτωση, επομένως το προτεινόμενο πρόγραμμα λογιστικού
ελέγχου πρέπει να θεωρείται μόνο ως ενδεικτική αλλά όχι πλήρης λίστα των αναγκαίων
διαδικασιών λογιστικού ελέγχου. Πρόσθετες διαδικασίες λογιστικού ελέγχου πρέπει να
λαμβάνονται υπόψη κατά περίπτωση.
Συνημμένο
Technical Circular No. 58, 17 April 2014
To all members of the Institute
Technical Circular No. 58
From the Financial Services Committee
17 April 2014
Subject:
Indicative audit program in relation to the issuance of the Independent Auditor’s
Report to the Cyprus Securities and Exchange Commission pursuant to Section 116
of the Investment Services and Activities and Regulated Markets Law of 2007 as
amended in 2009 and 2012
Section 116 of the Investment Services and Activities and Regulated Markets Laws of 2007 to 2012
[L144(I)/2007, L106(I)/2009, L141(I)/2012 and L154(I)/2012] (consolidated hereafter referred to as
the “Law”), requires the external auditors of a Cyprus Investment Firm (“CIF”) to submit to the Cyprus
Securities and Exchange Commission (“CySEC”), within four months from the end of each financial
year, a report in relation to the suitability of the measures taken by the CIF for the safeguarding of
client assets, pursuant to the provisions of Part VI of the CySEC Directive DI144-2007-01 of 2012 for
the Authorization and Operating Conditions of CIFs (the “Directive”).
For general guidance purposes in relation to the abovementioned report, the Financial Services
Committee of the Institute has prepared the attached indicative audit program, in English, with
suggested audit procedures aimed at addressing the specific provisions of Part VI of the Directive.
It is emphasized that the facts and circumstances of each CIF may vary from case to case,
therefore the proposed audit program should be considered only as an indicative but not
exhaustive list of the necessary audit procedures. Additional audit procedures must be
considered on a case by case basis.
Attachment
2
Technical Circular No. 58, 17 April 2014
APPENDIX
Indicative audit program in relation to the issuance of the Independent Auditor’s
Report to the Cyprus Securities and Exchange Commission pursuant to section 116 of
the Investment Services and Activities and Regulated Markets Law of 2007 as
amended in 2009 and 2012
1.
Safeguarding of clients financial instruments and funds (section 1 of 6)
Article
18(1)(a)
Requirement
Indicative audit procedures
The CIF must keep such (I) (a) Obtain the company's client list from the system which should
records and accounts as
contain as a minimum the following for each client: Client ID
are necessary to enable it
number, Client name, categorization (e.g. professional vs. retail)
at any time and without
and closing balance as of the end of the reporting period.
delay to distinguish assets
(b) Select a sample of clients from this list and check that the
held for one client from
company's systems (i.e. trading platforms and back office) can
assets held for any other
produce, at any point in time, a snapshot of each client's holdings,
client, and from its own
showing client name and/or ID, amount and type of investments,
assets.
transaction date and time, opening and closing balance. In case of
companies with own investments, check that the system can
produce a similar snapshot for the own equity (i.e. cash and
investments), giving particular attention to the name in which the
own assets are recorded.
(II) Review the company's procedures for distinguishing assets held for
one client from those held for another by verifying that each client is
recorded in the system with a unique identification code (ID).
(III) (a) Take a sample of client money receipts and payments (e.g.
deposits, withdrawals, dividends, interest, transaction settlements,
etc.) and test that they are paid into or out of the client bank
account no later than 3 business days after they have been
received/need to be paid. In cases where there are no other
alternatives or a client erroneously deposits money into a
company own bank account, check and verify that it is paid into a
client bank account no later than the next business day following
receipt. Withdrawals of client money should take place only
based on prescribed purposes.
(b) Test, on a sample basis, that client transactions (i.e. purchases and
sales of client instruments) are recorded promptly and properly in
the Company's internal records (trading platform, back office,
accounting). Also check that internal records are updated
promptly and properly with regards to the receipt of documents of
title or other assets in physical form on behalf of clients, and their
transfer to clients or other parties upon clients' request.
3
Technical Circular No. 58, 17 April 2014
1.
Safeguarding of clients financial instruments and funds (section 2 of 6)
Article
18(1)(b)
Requirement
Indicative audit procedures
The CIF must maintain its (IV) (a)
records and accounts in a
way that ensures their
accuracy, and in
particular their
correspondence to the
financial instruments and
funds held for clients.
Check whether the Company maintains accurate records of the
following items:
(i) Daily opening and closing balances, per client
(ii) List of open positions providing trade details such as trade
date and time, open price, instrument type, numbers of
lots/units, unrealised profit/loss, etc.
(iii) Information on cash movements, i.e. deposits, withdrawals,
receipts, transfers, credit limits, charges, fees, etc., per client
(iv) Information on interest earned and bonus granted, per client,
indicating amounts and dates paid to each client (here, also
check the Company's workings for the calculation of the
interest and bonus paid to each customer)
(v) Client money and Client instruments reconciliations
(vi) Statements of holdings sent to clients on a periodic basis (in
this respect, check also that statements are sent to clients at
the required intervals, as specified by the client agreements)
(b) Review customer complaints and correspondence with the Cyprus
Securities and Exchange Commission for evidence of any issues
concerning the accuracy of the internal records of the Company.
4
Technical Circular No. 58, 17 April 2014
1.
Safeguarding of clients financial instruments and funds (section 3 of 6)
Article
18(1)(c)
Requirement
Indicative audit procedures
The CIF must conduct, on (V) (a) Check whether the Company has performed daily reconciliations
a regular basis,
of clients' money and clients' financial instruments throughout the
reconciliations between
year under review. Also, verify that reconciliations are performed
its internal accounts and
as soon as reasonably possible after the date to which the
records and those of any
reconciliation refers, and that any reconciliation differences are
third parties by whom
promptly identified, properly explained and cleared as soon as
those assets are held.
possible (where clearance entails any shortfall to be topped up
and any excess to be withdrawn).
The reconciliation of clients' financial instruments should consist
of the comparison/matching of the trading platform(s) with
external sub-custodian statements and should take into
consideration not only the client instruments held by third party
custodians, but also the ones held in physical form at the
Company's premises (in which case the reconciliation will consist
of a physical count and comparison with internal records) or in
dematerialised form by the Company.
As for the clients' money reconciliation, to be considered
complete it should be performed at the following levels, or any
combination of these:
-
Bank & other Third Party statements Vs. Client Assets (as
per TB)
-
Bank & other Third Party statements Vs. Client Liabilities
(as per TB)
-
Client Liabilities (as per TB) Vs. Clients' Equity (as per
Trading Platform(s))
Our tests should consider whether the necessary controls exist to
ensure that all client accounts and third party statements are
reconciled properly at regular intervals. For this purpose, obtain a
list of all accounts opened in third parties, indicating the client
accounts and whether they are used for holding funds or financial
instruments.
(b) Consider whether there is adequate segregation of duties between
the person performing the reconciliations and the person(s) who
maintain the records to be reconciled and are involved in the
recording and moving of client assets, always with a view to the
proportionality principle. Also consider whether there are
appropriate procedures for review.
(VI) For the year end, agree the total value of client funds to third party
records, at the three levels indicated above. Where third party records
are maintained by the third party on a client by client basis, agree on a
sample basis the total value of funds per client to the third party
records. Consider sending on a sample basis confirmation letters to
third parties where funds are kept. Investigate any difference upon
receiving of confirmation replies. Perform alternative procedures for
non-replies (e.g. review post year end movement).
5
Technical Circular No. 58, 17 April 2014
1.
Safeguarding of clients financial instruments and funds (section 4 of 6)
Article
18(1)(d)
Requirement
The CIF must take the
(VII)
necessary steps to ensure
that any client financial
instruments deposited
with a third party, in
accordance with
paragraph 19, are
identifiable separately
from the financial
instruments belonging to
the CIF and from
financial instruments
belonging to that third
party, by means of
differently titled accounts
on the books of the third
party or other equivalent
measures that achieve the
same level of protection.
Indicative audit procedures
(a) Obtain the statements of client instruments from third party
custodians and check whether the title of client accounts
indicates the client ownership (i.e. it contains the term
“client(s)” or “client(s) account” or something similar).
(b) In cases where Company own instruments are held by the
same third party custodian as client instruments, check and
make sure that they are deposited in a different account than
the account used to hold client instruments, and that the title
of this account does not contain the term “client(s)”). Test
this by checking the Company's reconciliations of its own
portfolio, as well as the clients' portfolio reconciliations, for
any evidence of lack of segregation (look for cases of
reconciling items relating to client instruments kept in own
accounts with the custodian, or vice versa). Where own and
client instruments in third party custodian accounts are not
separated due to legal reasons, the conditions of paragraph
19(3) of the Directive1 are applicable, and the audit
procedures indicated in (XII) below must be performed.
(c) In cases where third party custodian records present client
instruments on a pooled/aggregated basis without indicating
the customer name, ensure that proper records are kept by the
Company to enable it to distinguish the instruments that
belong to each client separately. To test this, obtain from the
trading platform a list of all clients' instruments by client and
indicating the third party custodian where each instrument is
kept. If this information is not available, this can also be
checked through the client securities reconciliations (i.e. test
completeness of client instruments and third party custodian
accounts and investigate any difference between internal and
external records).
(d) For bearer documents of title, check that the owner can be
identified at all times and that it is readily apparent which
investments relate to the Company (if applicable) and which
to the client.
1
Cyprus Securities and Exchange Commission Directive DI144-2007-01 of 2012 for the Authorization and
Operating Conditions of CIFs.
6
Technical Circular No. 58, 17 April 2014
1.
Safeguarding of clients financial instruments and funds (section 5 of 6)
Article
18(1)(e)
Requirement
The CIF must take the
(VIII)
necessary steps to ensure
that client funds
deposited, in accordance
with paragraph 20, in a
central bank, a credit
institution or a bank
authorised in a third
country or a qualifying
money market fund are
held in an account or
accounts identified
separately from any
accounts used to hold
funds belonging to the
CIF.
Indicative audit procedures
(a) Obtain the statements of client accounts with banks and other
third parties as per the Directive2 and check whether their
title contains the term “client(s)” or “client(s) account” or
something similar. Examine whether the client accounts at
third parties have a “trust status” (this can be checked by
obtaining a written confirmation from the third party, stating
that: “All money standing to the credit of the account is held
by the Company as trustee (or if relevant, as agent) and that
(i) the bank/third party is not entitled to combine the account
with any other account or to exercise any right of set-off or
counterclaim against money in that account in respect of any
sum owed to it on any other account of the Company; and
(ii) the title of the account sufficiently distinguishes that
account from any account containing money that belongs to
the Company, and is in the form requested by the Company”.
(b) An exception to the “trust status” mentioned in (a) above is
where in the country the cash is deposited for brokerage
purposes, the country's legislation does not provide for the
concept of nominee (trustee) account holder. In these cases
the auditor should ensure that the CIF correctly
communicates this issue to the client (e.g. via the client
agreements) and advises him that the client cash is not
segregated under MiFID3 (since it does not follow MiFID) so
his cash is not protected the same manner as in a MiFID
jurisdiction.
(c) Where own funds are deposited with the same bank as client
funds, test and verify that they are kept in a different bank
account than the one used to hold client funds, and that this
account is under the Company's name. If own funds are kept
in the same third party account as client funds, ensure that
there is a valid reason for doing so and that the Company is
able to quantify the amount of its own money kept in client
accounts at any point in time. A valid rationale would be that
the own funds are equal to the credits granted to clients for
facilitating their trading activity.
(d) In the case where client funds are kept with third parties on
an aggregated basis in pooled client accounts, ensure that
proper records are kept by the Company to enable it to
distinguish the portion of funds which relates to each client
separately. To test this, check the client money
reconciliations for completeness of client accounts and third
party statements, and investigate reconciliation differences
between internal and external records upon receiving
confirmation replies. Perform alternative procedures for nonreplies (e.g. review post year end movement).
2
Cyprus Securities and Exchange Commission Directive DI144-2007-01 of 2012 for the Authorization and
Operating Conditions of CIFs.
3
Markets in Financial Instruments Directive (MiFID) 2004/39/EC of the European Union.
7
Technical Circular No. 58, 17 April 2014
1.
Safeguarding of clients financial instruments and funds (section 6 of 6)
Article
18(1)(f)
Requirement
Indicative audit procedures
The CIF must introduce (IX) Test and ensure the adequacy of the procedures that the Company has
adequate organisational
put in place with respect to:
arrangements to minimise
(a) the prompt and proper recording of client transactions in internal
the risk of the loss or
systems, such as trading platform, back office and accounting and
diminution of client
the proper review of transactions recording by control functions
assets, or of rights in
and/or senior management.
connection with those
assets, as a result of
(b) the carrying out of client money and instruments reconciliations
misuse of the assets,
on a regular basis (i.e. daily) and as soon as practically possible
fraud, poor
after the date to which the reconciliation refers (i.e. not later than
administration,
5 business days after the reconciliation reference date).
inadequate recordkeeping
(c) the allocation of responsibility for the client funds and
or negligence.
instruments reconciliations and the escalating of reconciling
items.
(c) the record-keeping of client information, considering both
physical and IT security issues (back up servers, hard files, etc.).
(d) the safekeeping of clients' documents of title and any other client
assets held in physical form (this can be achieved through safe
boxes, fire-proof rooms and safes, restricted access via password
controlled doors or limited access to keys).
(e) the carrying out of proper and continuing risk assessments of all
third parties holding client money and client instruments.
(f) the consideration for diversification of client funds when amounts
are of sufficient size. The Large Exposures Directive may be
considered on a case by case basis and depending on the
particular circumstances of each CIF.
8
Technical Circular No. 58, 17 April 2014
2.
Depositing client financial instruments (section 1 of 3)
Article
19(1)
Requirement
Indicative audit procedures
A CIF may deposit
(X) (a) Obtain listing of third parties which hold financial instruments on
financial instruments held
behalf of clients
on behalf of its clients
(b) Inquire about and obtain listing of all third parties with which
into an account or
client financial instruments are deposited
accounts opened with a
third party provided that
(c) Obtain the CIF procedures applied in the process of selecting and
the CIF exercises all due
approving these third parties
skill, care and diligence in
(d) Review the CIF procedures to determine that due skill care and
the selection, appointment
diligence is exercised in the selection of these third parties. This
and periodic review of the
can be evidenced through the following (list is not exhaustive):
third party and of the
arrangements for the
(i) The third party is regulated in a reputable jurisdiction and is
holding and safekeeping
licensed to accept client financial instruments.
of those financial
(ii) A detailed description of the relevant procedures followed by
instruments.
the third party has been obtained and reviewed by the CIF.
In particular, the CIF is
(iii) The third party carries out independent review of its relevant
required to take into
procedures and makes the report available to the CIF (e.g.
account the expertise and
ISAE 34024 report).
market reputation of the
third party as well as any
(iv) Client rights in the event of bankruptcy or other financial
legal requirements or
difficulty of the third party have been assessed by the CIF
market practices related to
and found to be acceptable and at a minimum in line with the
the holding of those
CySEC relevant requirements.
financial instruments that
(v) The expertise of the third party has been adequately assessed
could adversely affect
by the CIF.
clients’ rights.
(vi) The rating of the third party (if applicable) is obtained and
assessed.
(e) Review the CIF procedures for monitoring the third party to
ensure that this is an on-going process with at least annual
updating of the eligibility of each third party used.
(f) Select a sample of third parties and perform walk through testing
to test whether the above procedures/policies are applied in
practise.
International Standard on Assurance Engagements (ISAE) 3402 “Assurance Reports on Controls at a Service
Organization”.
4
9
Technical Circular No. 58, 17 April 2014
2.
Depositing client financial instruments (section 2 of 3)
Article
19(2)
Requirement
Indicative audit procedures
If the safekeeping of
(XI) (a) From the listing of third parties obtained for audit procedure (X)
financial instruments for
above, identify third parties operating in a foreign jurisdiction.
the account of another
(b) For each jurisdiction confirm whether the third parties are
person is subject to
regulated. This can be evidenced for example by searching the
specific regulation and
local regulators' web site. If this is not feasible obtain evidence
supervision in a
from the CIF to confirm that third party is appropriately
jurisdiction where the CIF
regulated.
proposes to deposit client
financial instruments with
a third party, the CIF does
not deposit those financial
instruments in that
jurisdiction with a third
party which is not subject
to such regulation and
supervision.
10
Technical Circular No. 58, 17 April 2014
2.
Depositing client financial instruments (section 3 of 3)
Article
19(3)
Requirement
A CIF does not deposit
(XII)
financial instruments held
on behalf of clients with a
third party in a third
country that does not
regulate the holding and
safekeeping of financial
instruments for the
account of another person
unless one of the
following conditions is
met:
(a) the nature of the
financial instruments
or of the investment
services connected
with those
instruments requires
them to be deposited
with a third party in
that third country;
(b) where the financial
instruments are held
on behalf of a
professional client,
that client requests
the CIF in writing to
deposit them with a
third party in that
third country.
Indicative audit procedures
(a) Obtain a listing from the CIF of all client financial
instruments deposited with a third party in a third country
that does not regulate the holding and safekeeping of
financial instruments for the account of another person.
(b) Test this listing for completeness by selecting a sample from
the listing of third parties obtained for audit procedure (X)
above to ensure that they are correctly excluded from the list
obtained for audit procedure (XII) (a) above. This can be
evidenced either by searching the local regulators' web site or
by obtaining appropriate evidence from the CIF to support
the conclusion that the third party is regulated.
(c) For jurisdictions not regulating third parties for the holding
and safekeeping of financial instruments for the account of
another person, obtain evidence from the CIF to support that
one of the following conditions is met:
(i) the nature of the financial instruments or of the
investment services connected with those instruments
requires them to be deposited with a third party in that
third country;
(ii) where the financial instruments are held on behalf of a
professional client, that client requests the CIF in writing
to deposit them with a third party in that third country.
11
Technical Circular No. 58, 17 April 2014
3.
Depositing client funds (section 1 of 3)
Article
20(1)
Requirement
A CIF is required, on
receiving any client
funds, promptly to place
those funds into one or
more accounts, denoted
as “ clients” accounts
opened with any of the
following:
(a) central bank;
(b) credit institution;
(c) bank authorised in a
third country;
(d) qualifying money
market fund.
Indicative audit procedures
(XIII)
(a) Receive the Company's bank accounts statements and review
whether the clients' funds are clearly distinguished from the
company's own funds. Verify that the clients' funds are
deposited in bank accounts clearly denoted as "Clients'
accounts" whereas Company's own funds are kept in
different bank accounts under the Company's name. Examine
whether the client accounts at third parties have a "trust
status" (this can be checked by obtaining a written
confirmation from the third party, stating that: "All money
standing to the credit of the account is held by the Company
as trustee (or if relevant, as agent) and that the bank/third
party is not entitled to combine the account with any other
account or to exercise any right of set-off or counterclaim
against money in that account in respect of any sum owed to
it on any other account of the Company; and (b) the title of
the account sufficiently distinguishes that account from any
account containing money that belongs to the Company, and
is in the form requested by the Company".
(b) An exception to the "trust status" mentioned in (a) above is
where in the country the cash is deposited for brokerage
purposes, the country's legislation does not provide for the
concept of nominee (trustee) account holder. In these cases
the auditor should ensure that the CIF correctly
communicates this issue to the client (e.g. via the client
agreements) and advises him that the client cash is not
segregated under MiFID5 (since it does not follow MiFID) so
his cash is not protected the same manner as in a MiFID
jurisdiction.
5
Markets in Financial Instruments Directive (MiFID) 2004/39/EC of the European Union.
12
Technical Circular No. 58, 17 April 2014
3.
Depositing client funds (section 2 of 3)
Article
20(2)
Requirement
A CIF that does not
(XIV)
deposit client funds with a
central bank, it is required
to exercise all due skill,
care and diligence in the
selection, appointment
and periodic review of the
credit institution, bank or
money market fund where
the funds are placed and
the arrangements for the
holding of those funds.
A CIF takes into account
the expertise and market
reputation of such
institutions or money
market funds with a view
to ensuring the protection
of clients’ rights, as well
as any legal or regulatory
requirements or market
practices related to the
holding of client funds
that could adversely affect
clients’ rights.
Indicative audit procedures
(a) Verify that clients' funds are deposited in a central bank, a
credit institution, a bank authorised in a third country or a
qualifying market fund. Ensure that institutions used by the
Company for depositing clients' funds, are properly
authorised by obtaining the relevant license/authorisation and
review the due diligence procedures followed by the
Company.
(b) Obtain listing of third parties which hold funds on behalf of
clients.
(c) Inquire about and obtain listing of all third parties with
which client funds are deposited.
(d) Obtain the CIF procedures applied in the process of selecting
and approving these third parties.
(e) Review the CIF procedures to determine that due skill care
and diligence is exercised in the selection of these third
parties. This can be evidenced through the following (list is
not exhaustive):
(i) Third party is regulated in a reputable jurisdiction and is
licensed to accept client financial instruments.
(ii) A detailed description of the relevant procedures
followed by the third party has been obtained and
reviewed by the CIF.
(iii) The third party carries out independent review of its
relevant procedures and makes the report available to the
CIF (e.g. ISAE 3402 report).
(iv) Client rights in the event of bankruptcy or other financial
difficulty of the third party have been assessed by the
CIF and found to be acceptable and at a minimum in line
with the CySEC relevant requirements.
(v) The expertise of the third party has been adequately
assessed by the CIF.
(vi) The rating of the third party (if applicable) is obtained
and assessed.
(f) Review the CIF procedures for monitoring the third party to
ensure that this is an on-going process with at least annual
updating of the eligibility of each third party used.
(g) Select a sample of third parties and perform walk through
testing to test whether the above procedures/policies are
applied in practise.
13
Technical Circular No. 58, 17 April 2014
3.
Depositing client funds (section 3 of 3)
Article
20(3)
20(4)
Requirement
Where a CIF deposits
(XV)
funds it holds on behalf of
a client with a qualifying
money market fund, the
units in that money
market fund should be
held in accordance with
the requirements for
holding financial
instruments belonging to
clients.
The clients of the CIF
have the right to oppose
the placement of their
funds in a qualifying
money market fund.
Indicative audit procedures
(a) Review the procedures followed for depositing clients' funds
with a qualifying money market fund, if these are in line with
the requirements of Article 19 of the Directive 6 for holding
financial instruments belonging to clients.
(b) From the listing of third parties obtained in procedure X
above, identify third parties operating in a foreign
jurisdiction.
(c) For each jurisdiction confirm whether the third parties are
regulated. This can be evidenced for example by searching
the local regulators' web site. If this is not feasible obtain
evidence from the CIF to confirm that third party is
appropriately regulated.
(d) Obtain a listing from the CIF of all client funds deposited
with a third party in a third country that does not regulate the
holding and safekeeping of financial instruments for the
account of another person.
(e) Test this listing for completeness by selecting a sample from
the listing of third parties obtained in procedure X above to
ensure that they are correctly excluded from the list obtained
in procedure XII (a) above. This can be evidenced either by
searching the local regulators' web site or by obtaining
appropriate evidence from the CIF to support the conclusion
that the third party is regulated.
(f) For jurisdictions not regulating third parties for the holding
and safekeeping of client funds for the account of another
person, obtain evidence from the CIF to support that one of
the following conditions is met:
(i) the nature of the client funds or of the investment
services connected with those funds requires them to be
deposited with a third party in that third country;
(ii) where the client funds are held on behalf of a
professional client, that client requests the CIF in writing
to deposit them with a third party in that third country.
6
Cyprus Securities and Exchange Commission Directive DI144-2007-01 of 2012 for the Authorization and
Operating Conditions of CIFs.
14
Technical Circular No. 58, 17 April 2014
4.
Use of client financial instruments (section 1 of 3)
Article
21(1)
Requirement
A CIF is not allowed to
(XVI)
enter into arrangements
for securities financing
transactions in respect of
financial instruments held
by it on behalf of a client,
or otherwise use such
financial instruments for
its own account or the
account of another client
of the CIF, unless the
following conditions are
met:
(a) the client must have
given his prior
express consent to
the use of the
instruments on
specified terms, as
evidenced, in the
case of a retail client,
by his signature or
equivalent alternative
mechanism;
Indicative audit procedures
(a) Obtain from the CIF the list of contracts whereby clients
have given their consent to the CIF to use their financial
instruments for own account.
Obtain also the list of transactions relating to the above
mentioned contacts.
(b) On a sample basis:
(i) Review whether the contracts are signed by both parties
(CIF and client).
(ii) Review the specific terms of the contract according to
which client’s consent has been granted.
(iii) Test whether the CIF has complied with the contractual
terms by:
-
Reviewing a sample of transactions from the above
mentioned list.
-
Verifying whether the selected transactions are
consistent with the terms of the corresponding
contract(s).
-
Confirm that the client receives notice of such
transactions performed, for example through
separate statements of account sent electronically or
other means of notification.
(b) the use of that client's
financial instruments
must be restricted to
the specified terms to
which the client
consents.
15
Technical Circular No. 58, 17 April 2014
4.
Use of client financial instruments (section 2 of 3)
Article
21(2)
Requirement
Indicative audit procedures
A CIF is not allowed to
(XVII) (a) Obtain from the CIF the list of contracts whereby clients
enter into arrangements
have given their consent to the CIF to use their financial
for securities financing
instruments for own account as in 21(1) above.
transactions in respect of
(b) On a sample basis check whether:
financial instruments
which are held on behalf
(1) Client agreements adequately reflect the provision of the
of a client in an omnibus
law as per article 18(1)(i) of Law 144(I)/2007 as
account maintained by a
amended by Laws 106(I)/2009, 141(I)/2012 and
third party, or otherwise
154(I)/2012.
use financial instruments
(2) Clients asset custody accounts for those clients that have
held in such an account
given their consent for the CIF to use their assets are
for its own account or for
kept separately from those that have not.
the account of another
client unless, in addition
(3) CIF has a policy on how to compensate clients for use of
to the conditions set out
their assets (even if nil).
in subparagraph (1), at
(4) CIF reflects the amount of securities used on the client
least one of the following
statement (or note on the statement that some of the
conditions is met:
clients’ securities may being used, in cases where it is
(a) each client whose
not possible to identify the amount of securities used per
financial instruments
client).
are held together in
an omnibus account
must have given prior
express consent in
accordance with
subparagraph (1)(a);
(b) the CIF must have in
place systems and
controls which
ensure that only
financial instruments
belonging to clients
who have given prior
express consent in
accordance with
subparagraph (1)(a)
are so used.
16
Technical Circular No. 58, 17 April 2014
4.
Use of client financial instruments (section 3 of 3)
Article
21(3)
Requirement
Indicative audit procedures
The records of the CIF
(XVIII) For a selected sample of transactions (see subparagraph 21(1)
must include details of
above) verify whether the records of the CIF include appropriate
the client on whose
documentation such as:
instructions the use of the
(a) reference to the contract under which consent is granted,
financial instruments has
been affected, as well as
(b) working in relation to the allocation of profits/losses in
the number of financial
compliance with the contractual terms,
instruments used
(c) notification to the client regarding the allocated profits or
belonging to each client
losses,
who has given his consent
in accordance with
(d) evidence of client's acceptance of the allocation, or
subparagraph (1), so as to
(e) reconciliation between client's position and CIF's position
enable the correct
regarding the allocation and explanations for reconciling
allocation of any loss.
items.
17