More information for businesses in response to Covid-19
On 30 March 2020, we relaxed a number of our deadlines to support regulated businesses to manage their operations in response to the Covid-19 outbreak.
We are continuing to review additional regulatory requirements and we will keep updating you on a regular basis.
We hope that you will find the following helpful when you are prioritising your business processes, while making sure you are still meeting your regulatory obligations.
In the current situation, it may be more difficult for your business to apply your usual customer identification processes.
It is more than likely that you will not be able to meet your customers face-to-face to obtain their original identity documents. Equally, customers may not be able to provide you with certified copies of their documents.
We want to remind you that there are other ways you can obtain evidence of a customer’s identity, without meeting them in person. For example, you can do this by smart phone, tablet or similar technology. You should consider these alternatives, as they are outlined in the Jersey AML/CFT regime.
Board resilience and span of control
We recognise that, over the coming period, some members of your senior management may be temporarily unable to undertake their duties.
There are minimum requirements for the number of senior individuals who need to be involved in the governance and management of your business, as outlined in Principle 3 of our Codes of Practice.
While the Codes allow for temporary absences, they do not cover circumstances where your arrangements may be compromised more severely, for example, by several individuals being absent at the same time.
We expect your business to do the following, particularly if you operate at the minimum levels:
- identify other individuals who could temporarily fulfil governance and management roles (both span of control and Board members), as well as other critical functions, such as the Money Laundering Reporting Officer, Money Laundering Compliance Officer and Compliance Officer. As a precaution, these individuals may need to submit their personal questionnaires to us for approval before their temporary roles become business critical
- ensure your arrangements allow for responsibilities to be appropriately shared and critical functions to be separated
- ensure your governance arrangements continue to allow ongoing monitoring and control of your business, including your compliance function
- document any changes to your policies and procedures and include these in your business continuity plans
- actively engage with your supervisor, particularly if you need regulatory approval.
Compliance Monitoring Programme
Now more than ever, it is essential that you are appropriately monitoring your business’ operational performance and managing your regulatory and compliance risk. You should be continually maintaining and executing your compliance monitoring programme.
Moving to remote working will almost certainly have meant that you have had to make changes to your working practices. As a result, you may need to re-assess the risks your business is now exposed to as well as change, add to and re-prioritise some of your compliance control testing.
Professional indemnity insurance
You need to make sure your business has adequate insurance cover at all times. You can find detailed requirements in each Code of Practice.
In the current circumstances, you will need to keep assessing whether your business is adequately insured, particularly if you have changed your business model.
We view remote working as a potential change to most business models, so you will need to consider whether to notify your insurers.
In addition to the Codes of Practice, our PII Guidance Note gives you further additional information about:
- policy limitations
- appropriate responsibility for professional indemnity insurance at a senior level
- transitional circumstances.
Communicating with us
We now expect and encourage you to communicate with us via email and / or our portals.
If you are submitting documents to us that need a signature, you will need to maintain records which:
- identify the person signing the document
- record that person’s approval
- are reliable and appropriate.
If your financial statements contain signatures, we expect these signatures to be your auditor(s) and / or director(s). You need to be satisfied that the signature identifies the person signing the document, that they have given approval and that they are reliable.
Rather than physically signing, you can insert an electronic signature into the document. You will need to evidence that you have the authority to include the signature, for example email confirmation from the person. You don’t need to give us this at the time of submission.
Following our usual process, you will need to upload your financial statements to the myJFSC portal or email them to our Regulatory Maintenance Team
Personal Questionnaire (PQ) declarations
Usually we ask you to sign your PQ declaration and consent page and then email them to us in PDF format.
If you can’t currently do this because you don’t have access to a printer / scanner, then you can sign it electronically. Or, we will accept an email confirmation from the person submitting the PQ.
Please send PQ declarations / emails to: RegulatoryMaintenance@jerseyfsc.org
If we need to, we may call you to confirm the declaration. For new PQs, we may do a PQ interview along with the usual checks we carry out to verify identity, qualifications and experience.
If you are in doubt about any aspect of your regulatory compliance, contact your supervisor.