BackRich TextPrint

You need the Flash plugin.

Download Macromedia Flash Player



  • RM-7.3 Intra-group Outsourcing

    • RM-7.3.1

      As with outsourcing to non-group companies, the Board and management of licensees are held ultimately responsible by the CBB for the adequacy of systems and controls in activities outsourced to group companies.

      Adopted: July 2007

    • RM-7.3.2

      However, the degree of formality required — in terms of contractual agreements and control mechanisms — for outsourcing within a licensee's group is likely to be less, because of common management and enhanced knowledge of other group companies.

      Adopted: July 2007

    • RM-7.3.3

      Investment firm licensees must obtain CBB prior written approval before committing to a material intra-group outsourcing. The request for approval must be made in writing to the licensee's normal supervisory contact at least 6 weeks prior to committing to the outsourcing, and must set out a summary of the proposed outsourcing, its rationale, and an analysis of its associated risks and proposed mitigating controls.

      Amended: October 2017
      Amended: April 2008
      Adopted: July 2007

    • RM-7.3.4

      The CBB will respond to the request for approval in Paragraph RM-7.3.3 in the same manner and timescale as set out in Paragraph RM-7.1.9 and will also consider the issue of considerable outsourcing as outlined in Paragraph RM-7.1.9A.

      Amended: October 2017
      Amended: July 2013
      Amended: April 2008
      Adopted: July 2007

    • RM-7.3.5

      The CBB expects, as a minimum, an agreed statement of the standard of service to be provided by the group provider, including a clear statement of responsibilities allocated between the group provider and licensee.

      Adopted: July 2007

    • RM-7.3.6

      The CBB also expects a licensee's management to have addressed the issues of customer confidentiality, access to information and business continuity.

      Adopted: July 2007

    • RM-7.3.7

      Investment firm licensees may not outsource their core business activities, including the internal audit function, to their group. The outsourcing of certain functions is subject to the provisions of Modules RM (Risk Management), HC (High-Level Controls) and FC (Financial Crime).

      Adopted: October 2009

Back to top