FCA’s latest letter on its portfolio supervision strategy relates to custody and fund services. It sees 4 areas of potential harm:
- disruption to consumers and market participants, or the loss, compromise, or lack of availability of data, because of insufficient operational resilience or weak cyber controls. It expects firms to prevent, respond to, recover and learn from operational disruptions and reminds them that its final rules on operational resilience come into force at the end of March for firms within scope;
- sub-standard oversight and control of client money and assets which lead to investor loss or an inability to recover assets efficiently: it thinks CASS problems often have their roots in poor governance and under-investment, and in failure properly to consider CASS consequences when managing change;
- inadequate depositary oversight of fund managers – particularly in the authorised CIS sector; FCA is particularly concerned about failures to oversee liquidity and investment and borrowing limits; and
- inadequate oversight of business linked to high-risk, illiquid or speculative investment products sold to retail investors. Firms have sometimes displayed a disregard for consumer outcomes and have not carried out adequate due diligence on parties with whom they have contracted.