Overview about the Supervisory Compliance Manual Content

24 January 2018, Bachir El Nakib (CAMS) Senior Consultant Compliance Alert LLC 


·    To be effective, compliance frameworks and supporting documentation must be tailored to the business and appropriate to the nature, scale and complexity of the Authorised Firm. The contents of a compliance manual may differ depending upon a regulated activities, the authorised firms to conduct.

·      The list below sets out the generic content of a compliance manual. Firms may choose to provide some of the detail in other operational documents but we would expect to see at least a cross reference to where and how their obligations are met.      


·   A Firm's Board is ultimately responsible for oversight and periodic review of the Authorised Firm’s compliance framework and culture. Senior management is responsible for implementing a continuous compliance program which comprises manual, procedures, reporting and review regime.

·       Ultimately a compliance framework supported by a manual and procedures that are easily understood and implemented by staff will assist the Board in achieving its compliance objectives.


Compliance Manual Content


  • Purpose of the compliance manual
  • Definition and objectives of compliance
  • How the manual is updated, amended and approved
  • Overview of the Regulatory Agency requirements
  • The legislation applicable in the regulatory arean (Law, Regulations / Rulebook etc)
  • The Principles for Authorised Firms (from the Regulatory Supervision Principles-Rulebook)
  • Activities and scope of Authorisation of the Authorised Firm – what activities can/can’t the Authorised Firm conduct in / from the Regulatory body.
  • Key contacts at the Regulatory Authority
  • Reporting compliance breaches procedures
  • Procedures for dealing with staff who breach Compliance Procedures 

Compliance Governance Framework

  • Role of the Board/Responsibility
    • Board committee
    • Reporting and review framework
  • Senior Management/Responsibility
    • Senior Management committee
    • Reporting and review framework
  • Business Line Staff
    • Obligations for staff in relation to compliance and the manual:
      • confirm receipt / understanding / training
  • Compliance Function
    • Staffing and key responsibilities
    • Roles of the compliance oversight function, audit and risk
    • Compliance monitoring, testing, indicators
    • Breach monitoring, logging and reporting
    • Review framework
    • Independence

·         Access to information

    • Conduct of investigations
    • Duty to communicate
    • Right of access to Senior Management and Board
  • Group compliance organisation/reporting chart 

Key Obligations and How They are Met

Outline key obligations under the relevant Regulatory Authority Rulebooks, in particular: CONTROL AND CONDUCT OF BUSINESS Rulebooks.


  • Organisation charts/reporting lines/segregation of duties
  • Allocation of responsibilities 
  • Reference to the Authorised Firm’s Risk Manual
  • Reference to the Authorised Firm’s BCP
  • Record keeping requirements
  • Outsourcing (assessment/notification/reviews)
  • Reference to AML/CFT procedures
  • Approval of financial communications
  • Required disclosures on key documents and other communication 
  • Procedures for identifying / managing conflicts 
  • Complaints handling
  • Inducements, Gifts and Soft dollar arrangements
  • Personal Account Transactions
  • Data protection, in particular, the obligations imposed under the QFC Data Protection Regulations and the QFCA Data Protection Rulebook
  • Classification of Clients (how are the obligations to classify clients met, what documentation is collected and maintained to support classification)
  • Client take on procedures. 
  • Specific to Investment Business
    • Keeping records of advice / transactions
    • Suitability
    • Record Keeping
    • Documentation provide to clients
      • Terms of business
      • Confirmation notes
      • Periodic statements
      • Client money
      • Best execution
      • Timely execution
      • Aggregation of customer orders
      • Allocation of relevant investments
      • Customer order priority
      • Excessive dealing and switching 
  • Specific to Banking Business
    • Keeping records of advice / transactions
    • Suitability
    • Record Keeping
    • Documentation provided to clients
      • Terms of business
      • Periodic statements
    • Referral process for regulated sales  
  • Specific to Insurance Business
    • Monitor adherence to business plan/underwriting model;
    • Policyholder complaints;
    • Independent review/peer review;
    • Renewal
    • Intermediaries
    • Regulatory requirements; and
    • Record keeping 


  • Fitness and propriety of approved individuals
  • The Principles of Conduct for Approved Individuals
  •  Temporary staff or those who visit the local office regularly
  • Approved Individuals and the Controlled Functions
  • Staff training and competence (identify training requirements, scheduling and recording)
  • Testing 

Reporting to the Regulatory Supervision body

  • Prudential reporting (Monthly/Quarterly/Semi-Annual/Annual)
  • Financial reports and statements
  • Changes in controllers and annual Controllers report 
  • Close links reporting
  • Notifications
  • AML/CFT monthly and Annual reports
  • Breaches

Download File