Responsibilities of regulated firms

Approved persons

Authorised firms are responsible for the conduct of all their employees, agents and ARs. The firm must ensure that those for whom it is responsible (a product provider is not responsible for the acts or omissions of an intermediary) comply with all requirements of the FSMA and the rules made under it. A regulated firm must not use the services of an individual prohibited by the PRA/FCA.

Authorised firms must have systems in place to manage the risks they are subject to. These vary according to the type of business but include the Capital Adequacy rules. Firms have to keep abreast of all relevant changes to the business environment and do their best to reduce and/or control the risks these present. For insurance companies, this includes maintaining an adequate solvency margin and reassurance arrangements. It should be understood, however, that some things are beyond any firm’s control (e.g. tax law changes) and it is not possible for a business to guarantee it will always survive no matter what occurs.

An authorised firm must ensure that all of its individuals carrying out controlled functions are approved. However, in order to cover for illness and holidays, an individual can perform significant influence functions on a temporary basis for up to twelve weeks in a year without approval.

An authorised firm is responsible for any advice given by its representatives. If such advice is in breach of the FSMA or FCA rules, the authorised firm is liable to compensate the client for any loss sustained as a result of the advice. However, the mere fact that an investment has lost value does not give rise to any duty to compensate as this may be due to factors unconnected with the quality of the advice (for example, a stock market crash).

If a firm gives improper advice that will usually be a breach of FCA rules. If the client complains, the firm will have to make appropriate restitution or pay compensation. If they do not, the client could complain to the Financial Ombudsman Service which can force the firm to make restitution or pay compensation. The complaint could also lead to disciplinary action from the FCA, particularly if it was part of a pattern of similar cases rather than an isolated error.

All authorised investment firms will have a nominated Compliance Officer, usually assisted by a Compliance Department, in order to ensure that all the myriad rules are complied with. Larger home finance and general insurance intermediaries are likely to have similar, although neither has a formal compliance officer controlled function yet.

Approved persons and controlled functions

The approved person’s regime is a very important aspect of the regulatory scheme introduced by the FSMA. It is important to remember the following distinction:

  • The authorised person: the business that carries on regulated activities such as providing investment advice. The authorised person could be a company, partnership or sole trader.
  • The approved person: the individual who has been approved to carry out one or more of the controlled functions within the business, either as a senior person or as someone who advises customers on investments.

Individuals undertaking a `controlled function’ within an authorised firm must be individually approved and registered. Controlled functions are those which involve:

  • a significant influence on the conduct of an authorised person’s affairs;
  • dealing with customers in connection with regulated activities; and/or
  • dealing with the property of customers in connection with regulated activities.

You need to be an approved person to perform a significant influence function. The significant influence functions are divided into the following types by the FCA:

  • governing functions;
  • required functions;
  • systems and controls functions;
  • significant management functions;
  • customer dealing function.

The main FCA controlled functions used are:

TypeNo. Function
Governing functions 1Director
 2Non-executive director
 3Chief executive
 5Director of unincorporated association
 6Small friendly society
Required functions 8Apportionment and oversight
 10Compliance oversight
 10ACASS operational oversight
 11Money laundering reporting
 40Benchmark submission
 50Benchmark administration
Systems and controls functions 28Systems and Controls
Significant management functions 29Significant management
Customer dealing function 30Customer


The PRA has three controlled function types for its authorised firms:


Type No. Function
Governing functions 1Director
 2Non-executive director
 3Chief executive
 5Director of unincorporated association
 6Small friendly society
Required functions 12Actuarial function
 12AWith-profits actuary
 12BLloyd’s actuary
Systems and controls functions 28Systems and Controls

Therefore, individual registration may be necessary, depending upon the type of firm involved, for:

  • directors and chief executives
  • actuaries of insurance companies
  • money laundering reporting officers
  • heads of compliance
  • heads of internal audit
  • senior managers
  • customer investment advisers and traders
  • discretionary investment managers