Employment in Financial Services

Under Swiss civil law, there is no requirement to apply pre-screening measures. However, while not a statutory requirement under Swiss financial market laws per se, companies subject to these laws apply pre-screening measures to ensure that a prospective financial services employee meets the requirements set forth by these laws. In particular, regulated companies such as banks, securities firms, insurance companies, fund management companies, managers of collective investment schemes and asset managers are required to obtain authorisation from the Swiss Financial Market Supervisory Authority (FINMA) relating to strategic and executive management and each change thereto.

As a general rule, the higher the responsibility or position of a person, the more requirements financial services employees may need to fulfil. Persons holding executive or overall management functions (eg, a member of the board or members of the senior management) are required to fulfil certain requirements set forth by the applicable Swiss financial market regulations. Such requirements may include providing current CVs showing relevant work experience and education as well as excerpts from the debt and criminal register. It may also include providing various declarations (eg, concerning pending and concluded proceedings, qualified participations and other mandates). Furthermore, financial services employees holding certain control functions (eg, compliance officer, risk officer and their deputies) may also be required to prove that they are suitable for the position by providing, for example, a current CV showing relevant work experience and education.

For employees subject to the SMR, anyone performing an SMF must be pre-approved by the relevant regulator before they can start their role. Generally, firms that wish to employ a senior manager must first carry out sufficient due diligence to satisfy themselves that the candidate is a fit and proper person to perform their proposed functions. In this regard, firms must consider the individual’s qualifications, training, competency and personal characteristics. The firm must also carry out a criminal records check. They may then apply to the relevant regulator for that candidate’s pre-approval. In the firm’s application, all matters relating to the candidate’s fitness and propriety must be disclosed. The firm must also enclose a statement of that individual’s proposed responsibilities and (depending on the firm) the latest version of the firm’s management responsibilities map.

For employees subject to the CR, before the appointment and annually thereafter, these employees must be certified by the employing SM&CR firm as being fit and proper. Certification does not involve pre-approval by the FCA or PRA.

Additionally, firms must comply with the regulatory reference rules for all candidates subject to either the SMR or CR before their employment. These rules require employing firms to request a regulatory reference from all previous employers covering the past six years of employment. Information must be shared between regulated firms using a particular template, which includes information relevant to assessing whether a candidate is fit and proper. Firms are also expected to retain records of disciplinary and fit and proper findings going back six years for their employees (or longer for findings of gross misconduct), and they must update regulatory references that they have previously given where new significant information comes to light that would impact the content of a previously given regulatory reference.

In addition to the standard hiring measures that must be taken when engaging an employee, several additional steps must be taken when engaging financial services employees in the United States. Generally, financial services employees must pass certain screening and disclosure steps, including:

• background checks;
• criminal background disclosures; and
• fingerprinting.

Broker-dealers and investment advisors must register with FINRA (see below).

Background checks

FINRA-regulated entities must investigate each person they plan to register with FINRA to ensure that they meet FINRA Form U4 requirements regarding that person’s history of formal charges and indictments.

If the applicant has previously registered with FINRA, broker-dealers must also review an applicant’s most recent Form U5 or be able to demonstrate to FINRA that it has made reasonable efforts to review Form U5 but has been unable to do so. If the applicant has previously registered with a CFTC-registered firm, the broker-dealer must review CFTC Form 8-T.

Bank employees must undergo a background check. Certain criminal conduct may statutorily disqualify an applicant from employment. For example, federal law prohibits any person convicted of a criminal offence involving dishonesty or breach of trust (or who has entered into a pre-trial diversion or similar programme regarding such an offence) from serving as a director, officer, or employee of an FDIC-insured bank without the FDIC's consent. Banks must conduct reasonable inquiries into an applicant’s background to avoid hiring persons barred from employment by this law. Banks may be protected from claims of disparate impact (under state “ban-the-box” laws) when terminating or withdrawing offers from disqualified employees under this law. Both California and New York explicitly provide such carve-outs. However, these are position-specific rather than employer-specific, and employees with positions not subject to FINRA or other statutorily required background checks or disqualifiers based on criminal history may still be subject to state or local “fair chance” or ban-the-box laws. Therefore, as a best practice, non-bank financial services employers should avoid relying on these exceptions for all of their employees. Relatedly, the FDIC does not consider “de minimus” criminal violations disqualifying, including minor offences by young adults, bad cheques for less than $1,000 and simple theft of less than $500.

Fingerprinting

Entities covered by the SEC are also subject to fingerprinting requirements. Every member of a national securities exchange, broker, dealer, registered transfer agent, registered clearing agency, registered securities information processor, national securities exchange, and national securities association must ensure that each of its partners, directors, officers, and employees are fingerprinted and must submit such fingerprints, or cause the same to be submitted, to the Attorney General of the United States for identification and appropriate processing. Employees who will not be selling, keeping, or handling securities or supervising those who do are exempt from this requirement.

While New York generally prohibits fingerprinting, there is an exception where, as here, fingerprinting is statutorily required.

California Financing Law requires fingerprinting for certain individuals seeking to license in California.

Please note, during the COVID-19 epidemic, the SEC temporarily paused the fingerprinting requirements. This pause was lifted in September 2022.

Depending on the regulatory status of the employing entity and, as the case may be, on the exact activities of a financial service employee, a financial service employee needs to adhere to certain code of conduct rules (eg, regarding transparency and care, documentation and accountability).

Supervised companies in Switzerland are, in principle, required to set up an organisation that ensures the compliance with Swiss financial market laws and its statutory code of conduct rules. For this purpose, among others, companies are required to issue regulations that their employees must follow.

Under Swiss financial market laws, code of conduct rules are generally based on abstract statutory rules and concretized by recognised privately organised associations.

In particular, several professional organisations (eg, the Swiss Bankers Association or the Asset Management Association) and self-regulated organisations issue their own set of code of conduct rules that members are required to follow.

Yes. Both the FCA and PRA have established their own high-level required standards of conduct known as the Conduct Rules. The FCA’s conduct rules are set out in the FCA’s Code of Conduct sourcebook. The PRA’s conduct rules are set out in the PRA Rulebook (and different versions apply to different types of PRA-regulated firms).

The FCA’s conduct rules apply to most individuals working at an SM&CR firm. The PRA’s conduct rules apply to more limited individuals working at dual-regulated SM&CR firms: senior managers (approved by the PRA or FCA); individuals within the PRA’s certification regime; key function holders; and non-executive directors.

The Conduct Rules apply to conduct relating to the carrying out of an individual’s role. They do not extend to conduct within an individual’s private life, provided that the conduct is unrelated to the activities they carry out for their firm. Nevertheless, an individual’s behaviour outside of work can still be relevant to the separate consideration of their fitness and propriety.

There are two tiers of Conduct Rules: a first tier of rules applicable to all individuals subject to the Conduct Rules; and a second tier applicable to senior managers only.

The rules of the first tier are:

• Rule 1 – You must act with integrity.
• Rule 2 – You must act with due skill, care and diligence.
• Rule 3 – You must be open and cooperative with the FCA, PRA and other regulators.
• Rule 4 – You must pay due regard to the interests of the customer and treat them fairly.
• Rule 5 – You must observe proper standards of market conduct.

The rules of the second tier (applicable to senior managers) are:

• SC1 – You must take reasonable steps to ensure that the business of the firm for which you are responsible is controlled effectively.
• SC2 – You must take reasonable steps to ensure that the business of the firm for which you are responsible complies with the relevant requirements and standards of the regulatory system.
• SC3 – You must take reasonable steps to ensure that any delegation of your responsibilities is to an appropriate person and that you oversee the discharge of the delegated responsibility effectively.
• SC4 – You must disclose appropriately any information for which the FCA or PRA would reasonably expect notice.
• SC5 (certain dual-regulated firms only) – When exercising your responsibilities, you must pay due regard to the interests of current and potential future policyholders in ensuring the provision by the firm of an appropriate degree of protection for their insured benefits.

Firms must notify the FCA if they take disciplinary action against an individual for a breach of the Conduct Rules.

Employees in some states, including California and New York, are required to receive periodic sexual harassment training.

Employers are also required to implement anti-discrimination and anti-harassment policies that:

• contain information about where and how employees can report improper conduct;
• prohibit retaliation for reporting or opposing improper conduct, or participating in an investigation regarding misconduct; and
• comply with state and local provisions that require employer policies to contain certain provisions (eg, New York, Los Angeles and San Francisco).

New York law prohibits employers from mandating confidentiality or non-disclosure provisions when settling sexual harassment claims (though it allows such provisions where it is the employee’s preference to include them).

California law prohibits employers from mandating confidentiality or non-disclosure provisions in employment agreements, settlement agreements, and separation agreements that are designed to restrict an employee's ability to disclose information about unlawful acts in the workplace, including information pertaining to harassment or discrimination or any other conduct the employee has reason to believe is unlawful.

FINRA and the SEC both have requirements and recommendations for social media use.

FINRA requires that broker-dealers retain records of social media communications related to the broker-dealer’s business made using social media sites and adopt policies and procedures designed to ensure that their employees who use social media sites for business purposes are appropriately supervised and trained, and do not present an undue risk to investors.

The SEC similarly requires that social media use complies with all federal security laws, including antifraud, compliance, and recordkeeping provisions.

Banking regulators provide guidance stating that each financial institution is expected to carry out an appropriate risk assessment that takes social media activities into consideration.