Employment in Financial Services

The Employment Act 2006 and the Equality Act 2017 prescribe general employment rights and obligations for both employers and employees, including those in the financial services industry.

The Isle of Man Financial Services Authority (IoM FSA) is responsible for the regulation and supervision of financial services providers in the Isle of Man. Among other things, regulated financial institutions must comply with the rules set down by the IoM FSA in its Financial Services Rule Book 2016 (as amended) (the Rule Book). The IoM FSA applies “fitness and propriety” criteria to holders of certain key roles within a licence holder. This entails the IoM FSA assessing an individual’s integrity, financial standing, competency and capacity to undertake the role.

The requirement for an individual to be “fit and proper” depends on the nature of the role rather than their job title, but generally applies to key person or senior managerial roles (also known as Controlled Functions), where the individual has significant influence or control over the regulatory matters of the financial institution or to roles that have a bearing on the regulatory objectives of the IoM FSA and its ability to meet them.

Employment law in Switzerland is based mainly on the following sources, set out in order of priority:

• the Federal Constitution;
• Cantonal Constitutions;
• public law, particularly the Federal Act on Work in Industry, Crafts and Commerce (the Labour Act) and five ordinances issued under this Act regulating work, and health and safety conditions;
• civil law, particularly the Swiss Code of Obligations (CO);
• collective bargaining agreements, if applicable;
• individual employment agreements; and
• usage, custom, doctrine, and case law.

Depending on the regulatory status of the employer and the specific activities of financial services employees, respectively, Swiss financial market laws may also apply. They are, in particular, the Federal banking, financial institutions and insurance supervision regulations.

In the UK, there are two main regulators responsible for the supervision of financial institutions. These are:

• The Prudential Regulation Authority (the PRA) – The PRA supervises over 1,500 financial institutions, including banks, building societies, credit unions, insurance companies and major investment firms. It creates policies for these institutions to follow and watches over aspects of their business.
• The Financial Conduct Authority (the FCA) – The FCA regulates the conduct of approximately 50,000 firms, prudentially supervises 48,000 firms, and sets specific standards for around 18,000 firms.

Some financial institutions are regulated by both the PRA and FCA (dual-regulated). Those financial institutions must comply with rules set down by the PRA in its rulebook (the PRA Rulebook) and by the FCA in its handbook (the FCA Handbook). Other firms are regulated solely by the FCA (solo-regulated) and must comply with the FCA handbook alone. Different rules can apply depending on the nature and size of the firm. The PRA and FCA work closely on certain issues and firms, but the FCA focuses specifically on ensuring fair outcomes for consumers.

The Senior Managers and Certification Regime (SM&CR) sets out how the UK regulators oversee people in businesses supervised and regulated by them, and how those people must act. As the FCA has summarised, “The SM&CR aims to reduce harm to consumers and strengthen market integrity by making individuals more accountable for their conduct and competence” (https://www.fca.org.uk/firms/senior-managers-certification-regime).

SM&CR consists of three elements:

• The Senior Managers Regime (SMR) – This applies to the most senior people in a firm (senior managers) who perform one or more senior management functions (SMFs). These functions are specified in the PRA Rulebook and the FCA Handbook. Senior managers must be pre-approved by the PRA or FCA before starting their roles. Each senior manager must also have a “Statement of Responsibilities” (that sets out what they are responsible and accountable for), which may include (depending on the firm) certain responsibilities prescribed by the regulator known as “Prescribed Responsibilities”. Every year, senior managers must be certified as fit and proper to carry out their role by their firm.
• The Certification Regime (CR) – This applies to employees who, because of their role, could pose a risk of significant harm to the firm or its customers, such as employees who offer investment advice (certified staff). For solo-regulated firms, these roles are generally called certification functions. Firms must certify that these employees are fit and proper for their roles both at the outset of their employment and continuously.
• The Conduct Rules – The Conduct Rules set minimum standards of individual behaviour in financial services in the UK. They apply to almost all employees of a firm. They also include particular rules applicable only to senior managers.

Certain parts of SM&CR apply to particular firms only. This is outside the scope of this note, which sets out the general position under SM&CR.

There is a general obligation on employers in the Isle of Man to undertake legal working checks to ensure that the prospective employee has the right to work lawfully in the Isle of Man.

In addition, financial institutions must take reasonable steps to ensure that individuals who perform any regulated activity in the course of their employment, or under any contract with the financial institution, are fit and proper for the tasks they perform, by providing adequate training and supervision and (where necessary) undertaking additional checks. Where the financial institution wishes to employ an individual in a Controlled Function, the financial institution must carry out sufficient due diligence to satisfy itself that the candidate is fit and proper to perform the proposed functions.

There are two types of Controlled Functions, those that require notification to, and acceptance by, the IoM FSA and those that require notification only. In either case, the financial institution is required to notify the IoM FSA of the appointment or intended appointment of certain key roles at least 20 business days before the appointment takes effect. Where the Controlled Function also requires acceptance, the financial institution will require the IoM FSA’s consent to the appointment of a prospective candidate to a particular role. It is recommended that job offers in such circumstances are made subject to the written acceptance of the IoM FSA.

While the IoM FSA does not specify any particular pre-screening measures, it provides guidance on the nature of the expected due diligence that it would expect a financial institution to carry out, particularly where the individual will be undertaking a key role. Such due diligence includes carrying out a professional body check (ie, any memberships held and if disciplinary action has been taken), capacity check[1], criminal record check, credit check and website checks. The financial institution should also consider the individual’s qualifications, training and competency.

The IoM FSA may ask for evidence of the due diligence carried out by the financial institution at any time, either remotely or during a supervisory visit.

The IoM FSA recommends financial institutions request a reference from the prospective candidate’s current employer and previous employers covering, as a minimum, the past ten years of employment.

Under Swiss civil law, there is no requirement to apply pre-screening measures. However, while not a statutory requirement under Swiss financial market laws per se, companies subject to these laws apply pre-screening measures to ensure that a prospective financial services employee meets the requirements set forth by these laws. In particular, regulated companies such as banks, securities firms, insurance companies, fund management companies, managers of collective investment schemes and asset managers are required to obtain authorisation from the Swiss Financial Market Supervisory Authority (FINMA) relating to strategic and executive management and each change thereto.

As a general rule, the higher the responsibility or position of a person, the more requirements financial services employees may need to fulfil. Persons holding executive or overall management functions (eg, a member of the board or members of the senior management) are required to fulfil certain requirements set forth by the applicable Swiss financial market regulations. Such requirements may include providing current CVs showing relevant work experience and education as well as excerpts from the debt and criminal register. It may also include providing various declarations (eg, concerning pending and concluded proceedings, qualified participations and other mandates). Furthermore, financial services employees holding certain control functions (eg, compliance officer, risk officer and their deputies) may also be required to prove that they are suitable for the position by providing, for example, a current CV showing relevant work experience and education.

For employees subject to the SMR, anyone performing an SMF must be pre-approved by the relevant regulator before they can start their role. Generally, firms that wish to employ a senior manager must first carry out sufficient due diligence to satisfy themselves that the candidate is a fit and proper person to perform their proposed functions. In this regard, firms must consider the individual’s qualifications, training, competency and personal characteristics. The firm must also carry out a criminal records check. They may then apply to the relevant regulator for that candidate’s pre-approval. In the firm’s application, all matters relating to the candidate’s fitness and propriety must be disclosed. The firm must also enclose a statement of that individual’s proposed responsibilities and (depending on the firm) the latest version of the firm’s management responsibilities map.

For employees subject to the CR, before the appointment and annually thereafter, these employees must be certified by the employing SM&CR firm as being fit and proper. Certification does not involve pre-approval by the FCA or PRA.

Additionally, firms must comply with the regulatory reference rules for all candidates subject to either the SMR or CR before their employment. These rules require employing firms to request a regulatory reference from all previous employers covering the past six years of employment. Information must be shared between regulated firms using a particular template, which includes information relevant to assessing whether a candidate is fit and proper. Firms are also expected to retain records of disciplinary and fit and proper findings going back six years for their employees (or longer for findings of gross misconduct), and they must update regulatory references that they have previously given where new significant information comes to light that would impact the content of a previously given regulatory reference.

As a matter of general Isle of Man employment law, employers must give employees written particulars of their terms and conditions of employment within four weeks of them starting work, pursuant to section 8 of the Employment Act 2006. This mandatory information includes (but is not limited to) the names of the employer and employee; the date of commencement of employment and the date when continuous service began for statutory employment rights purposes; scale or rate of remuneration; hours of work; and holiday entitlement. Typically, a written employment contract will contain the relevant information and satisfy these requirements.  

Financial institutions should also ensure that contracts of employment reinforce the requirements of meeting and maintaining the employee’s “fit and proper” status.

No special contractual documents are required when engaging employees within the financial services industry.

However, it is generally recommended to conclude a written employment contract with each employee. FINMA, for instance, requires a copy of employment contracts concluded with senior management of regulated entities.
In particular, the employment contract should reference the employer’s (regulatory) set of directions and the employee’s obligation to comply with said instructions. In addition, because regulated companies such as banks, securities firms, fund management companies, managers of collective assets or asset managers are required to obtain authorisation from FINMA before the engagement of key personnel, it may be sensible to include a condition precedent relating to FINMA’s acceptance of the relevant employee in the employment contract.

The mandatory, partially mandatory, and optional elements of an individual employment contract are outlined in article 319 et seq of the CO (in particular regarding remuneration, working time, vacation, and incapacity for work). Further regulations may apply based on collective bargaining agreements.

As a matter of general UK employment law, employers must give employees written particulars of certain terms and conditions of employment. This is known as a “section 1 statement” after section 1 of the Employment Rights Act 1996, which sets out the mandatory information that employers must give to employees no later than the first day of their employment. This includes fundamental information such as the names of the employer and employee; the date of commencement of employment; the rates and timing of pay; and working hours. Other prescribed particulars (such as information regarding pensions, collective agreements and training) can be provided to employees in instalments within two months of commencement of employment. Typically, a written employment contract will contain the relevant information to satisfy these requirements.

Financial services employers should ensure that, in addition, their employment contracts reinforce the requirements of SM&CR. This will help the employer manage the employment relationship in a manner compliant with SM&CR and demonstrate to the relevant regulators the employer’s commitment to compliance with SM&CR. The employment contract will usually include, therefore, additional provisions regarding the completion of SM&CR-compliant background checks; confirmation of the employee’s regulated function (eg, their SMF or certification function); required regulatory standards of conduct; cooperation with fitness and propriety assessments; and tailored termination events.

In addition, all senior managers must have a statement of responsibility setting out their role and responsibilities. Certain firms must also allocate certain regulator-prescribed responsibilities (prescribed responsibilities) among senior managers. It is common to set out a senior manager’s regulatory responsibilities in their employment contract.

Dual-regulated firms must also ensure that individuals approved to carry out a PRA-designated SMF are subject to any specific contractual requirements required by the PRA. For example, depending on the type of firm, a firm may be required to ensure that the relevant individual is contractually required to comply with certain standards of conduct, such as to act with integrity and with due care and skill (among other requirements).

Yes, please see question 2.

Any individual performing a prescribed key role must be pre-approved by the IoM FSA and be certified as “fit and proper”. The IoM FSA has issued detailed guidance for financial institutions that set out the criteria that they normally apply in considering the fitness and propriety of individuals who wish to undertake Controlled Functions. Appendix 2 of the guidance contains a table setting out which Controlled Functions require consent and which functions are notification only.

Guidance can be found here: https://www.iomfsa.im/media/2464/regulatoryguidancefitnessandpropriety.pdf

Depending on the status of the employing entity and the position of the financial services employee, a special certification or, more generally, proof of relevant work experience and sufficient education is required.

As a general rule, persons holding executive, overall management, oversight or control functions (eg, a member of the board, CEO, compliance officer, risk officer or their deputies) in regulated companies such as banks, insurance companies, securities firms, fund management companies, managers of collective assets or asset managers are required to demonstrate to FINMA that they have sufficient relevant work experience and education. As proof, FINMA requests current CVs, diplomas, certifications and contact details of references. The scope and nature of the future business activity and the size and complexity of the company in question also need to be considered.

Furthermore, client advisers of so-called financial service providers (eg, investment advisers) must have sufficient expertise on the code of conduct and the necessary expertise required to perform their work. Client advisors often prove that these requirements have been met by successfully attending special courses. In addition, insurance intermediaries registered with FINMA’s insurance intermediary register have to prove that they have undergone sufficient education and have sufficient qualifications. For this purpose, FINMA has published a list of different Swiss and foreign educational qualifications deemed to be sufficient on its website.

See question 2.

All individuals performing an SMF, as classified by the FCA or PRA, will be subject to the SMR. SMFs are described in the Financial Services and Markets Act 2000 (FSMA) as functions that require the person performing them to be responsible for managing one or more aspects of a firm’s affairs authorised by the FSMA, and those aspects involve, or might involve, a risk of serious consequences for the firm or business or other interests in the UK. As noted, any individual performing an SMF will need to be pre-approved by the relevant regulator before they can start their role, and thereafter they must be certified as fit and proper by their firm annually. Applications to the regulator for pre-approval must disclose all matters relating to a candidate’s fitness and propriety and be accompanied by a statement of responsibilities. Firms must carry out a criminal records check as part of the application for approval.

Additionally, employees of firms who are not senior managers but who, because of their role, could still pose a risk of significant harm to the firm or any of its customers, may be subject to the CR. The certification functions that place an employee within the ambit of the CR are different under the rules of the FCA and the PRA but include persons such as those dealing with clients or those subject to qualification requirements. These employees must be certified by their firm as fit and proper for their roles both at the outset of their employment and on an annual basis thereafter (certified staff). Firms are not required to carry out criminal records checks for certified staff, but firms can choose to do so to the extent it is lawful.

The regulators have set out detailed guidance for firms to consider when assessing an individual’s fitness and propriety. This includes assessing an individual’s honesty, integrity and reputation; competence and capability; and financial soundness.

Employees who carry out a Controlled Function will have a duty of responsibility to ensure compliance with the financial institution’s ongoing regulatory requirements. 

Specifically, employees holding executive, overall management, oversight or control functions in regulated companies are responsible for ensuring that the companies’ organization ensures the continued compliance with applicable financial market laws. Swiss financial market laws do not have enhanced responsibilities for different employee categories. Instead, a person’s fitness and propriety are assessed within the context of the specific requirements and functions of a given company, the scope of activities at that company, and the complexity of that company.

Every senior manager under the SMR has a “duty of responsibility” concerning the areas for which they are responsible. If a firm breaches a regulatory requirement, the senior manager responsible for the area relevant to the breach could be held accountable for the breach if they failed to take reasonable steps to prevent or stop the breach.

In addition, for most firms, the FCA requires that certain responsibilities – “prescribed responsibilities” – are allocated to appropriate senior managers. These responsibilities cover key conduct and prudential risks. They include, among others, responsibility for a firm’s performance of its obligations under the SMR; responsibility for a firm’s performance of its obligations under the CR; and responsibility for a firm’s obligations around conduct rules training and reporting. Firms must give careful thought to the best person to allocate each prescribed responsibility.

The IoM FSA maintains a public register of entities that are regulated by them. The register lists the classes of regulated activity that the licence holder is authorised to carry out. However, there is no prescribed list or public register for financial services employees that individuals need to be included in to undertake regulated activities.

There is no universal register of all financial services employees. Rather, different Swiss financial market laws provide for a registration requirement that may apply to individual financial service employees. Whether a particular financial market law, and, consequently, a registration requirement, applies to a financial services employee depends specifically on the regulatory status of the employing entity and the particular activity of that employee.

• Also, client advisers of Swiss or foreign financial service providers (eg, investment advisers) may be required to register with the adviser register, unless an exemption applies. Client advisers are the natural persons who perform financial services on behalf of a financial service provider or in their own capacity as financial service providers. Client advisers are entered in the register of advisers if they prove that i) they have sufficient knowledge of the code of conduct set out in the financial services regulations and the necessary expertise required to perform their activities, ii) their employee has taken out professional indemnity insurance or that equivalent collateral exists, and iii) their employee is affiliated with a recognized Swiss ombudsman in their capacity as a financial service provider (if such affiliation duty exists).

Furthermore, “non-tied” insurance intermediaries (ie, persons who offer or conclude insurance contracts on behalf of insurance companies) are required to register with FINMA’s register of insurance companies. To register, persons must inter alia prove that they have sufficient qualifications and hold professional indemnity insurance or provide an equivalent financial surety. “Tied” intermediaries will no longer be able to register voluntarily in the FINMA register (unless this is required by the respective country of operation for activities abroad).

The FCA maintains a public list of authorised firms and the activities for which each firm has permission. This list is known as the Financial Services Register. The register also includes a directory of certified and assessed persons working in financial services – this includes for each firm (as applicable) senior managers; certified staff; directors (executive and non-executive) who are not performing SMFs; and other individuals who are sole traders or appointed representatives.

Firms are responsible for keeping the directory up to date. Firms must report certain information to the FCA about persons included in the register and directory, including information on an individual's role, their workplace location, and the types of business they are qualified to undertake. The FCA provides guidance and Q&As to assist firms with navigating the register and directory.

There are no prescribed rules relating to compensation payable to financial services employees and any remuneration, bonuses or clawback will be a matter of contract between the financial services employee and the financial institution. Inevitably, this will reflect what is typical in the market for experienced, qualified, financial services personnel performing the role for which they are applying or are currently carrying out.

Swiss civil law provides for special rules that govern the compensation of current and former members of inter alia the board and executive committee (Ordinance against Excessive Compensation) of Swiss companies limited by shares that are listed on a Swiss or foreign stock exchange. In addition, there are disclosure provisions listed companies need to follow concerning remuneration under stock exchange regulations.

In addition to the above, FINMA has formulated ten principles regarding remuneration that banks, securities firms, financial groups and conglomerates, insurance companies, insurance groups and conglomerates are required to implement. The principles serve as minimum standards for the design, implementation and disclosure of remuneration schemes.

These schemes should not incentivise to take inappropriate risks and thereby potentially damage the stability of financial institutions.

One of the focal points of the principles is variable remuneration that depends on business performance and risk. In particular, all variable remuneration must have been earned by the company over the long term. Consequently, remuneration is dependent on performance, taking into account the sustainability of such performance as well as the risks. That said, FINMA’s principles do not limit the amount of variable remuneration. However, FINMA aims to prevent the granting of high remuneration based on large risks and the generation of short-term, unsustainable earnings. Furthermore, persons who have significant responsibility relating to the risk or receive a high total remuneration, must receive a significant part of the variable remuneration on a deferred basis and consequently, in a way that is linked to the current risk. Under the FINMA principles, "clawback" and "malus" arrangements are permitted.

The remuneration of financial services employees working at certain firms (such as banks, building societies, asset managers and investment firms) is heavily regulated. The relevant rules can be found in various FCA “Remuneration Codes” (each Code tailored to different firms) and also (for dual-regulated firms) in specific remuneration parts of the PRA Rulebook and directly applicable retained EU law.

The remuneration rules are complex and their application is dependent on each firm. The key principle of the rules, however, is that firms subject to them must ensure that their remuneration policies and practices are consistent with and promote sound and effective risk management.

Some elements of the rules apply to all staff, whereas others apply only to material risk-takers within a particular firm.

By way of a snapshot, the rules generally cover such matters as:

• the appropriate ratio between fixed pay and variable pay, to ensure that fixed pay is a sufficiently high proportion of total remuneration to allow for the possibility of paying no variable pay;
• the amount of any discretionary bonus pool, which should be based on profit, adjusted for current and future risks, and take into account the cost and quantity of the capital and liquidity required;
• performance-related bonuses, which should be assessed based on a variety of factors, including the performance of the individual, the relevant business unit and the overall results of the firm;
• restrictions on guaranteed variable pay and payments on termination of employment; and
• malus and clawback requirements.

The IoM FSA’s “Training and Competence Framework” sets the minimum standards that must be achieved by individuals working in the financial services industry. The framework sets out the IoM FSA’s expectations regarding competency, not only for employees who carry out a Controlled Function (and who are subject to fitness and propriety criteria) but for all staff.

The framework is split into two segments: general training and competence requirements for all staff; and training and competence expectations for Controlled Functions and Other Functions – essentially additional expectations for individuals undertaking or aspiring to undertake certain Controlled Functions or other designated functions.

The IoM FSA also sets requirements concerning continuing professional development (CPD) for different types of regulated entities and staff at different levels. For example, Rule 8.5 of the Rule Book specifies that directors and key persons within a licence holder must undertake a minimum of 25 hours of relevant CPD per year or meet the level prescribed by their professional body (where higher). There are further CPD requirements on individuals who provide investment advice to retail investors.

Even absent a prescribed minimum level of CPD, the IoM FSA believes that ongoing training and CPD for all financial services staff and officers is good practice. Such training and CPD should be relevant to the role of the individual and take account of new developments (ie, changes to tax legislation, new regulatory requirements and new products).

In general, regulated companies (eg, banks, insurance companies or asset managers) are required to set up and maintain an organisation that ensures compliance with applicable financial market laws. Given the organisational measures and depending on the regulatory status of the employing entity and the position and activities of the financial services employee, there are training requirements.

While Swiss financial market regulations do not have an exhaustive list of exact training requirements, FINMA requires, among others, that the highest bodies of supervised companies (eg, executives of board members of banks, securities firms, insurance and reinsurance companies, fund management companies, managers of collective assets or asset managers) can fulfil the requirements of the so-called fit and proper test. These requirements extend to all character-related and professional elements that enable an officeholder to manage a supervised company in compliance with applicable laws. Part of the professional elements are relevant work experience and education. In addition, persons holding key positions (eg, compliance and risk officers and their deputies) are required to demonstrate sufficient know-how because of their work experience and education.

That said, the Swiss financial services and insurance supervisory regulations provide for more concrete training requirements. In particular, client advisers of Swiss and foreign financial service providers (eg, investment advisers) may need to demonstrate that they have sufficient knowledge of the code of conduct rules of the Swiss financial services regulation and the necessary expertise required to perform their activities. In addition, insurance intermediaries registered with FINMA’s insurance intermediary register have to prove that they have undergone sufficient education and have sufficient qualifications. On its website, FINMA has published a list of different educational Swiss and foreign qualifications that it deems to be sufficient.

The PRA and FCA training and competence regimes set the minimum standards that must be achieved by individuals working in the financial services industry. These regimes aim to ensure that authorised firms have arrangements in place to satisfy themselves that their employees are competent.

All FSMA-authorised firms are required to have adequately trained and competent senior management and employees. The training and competence requirements include:

• Threshold conditions on suitability – All firms must show that persons connected with the firm are fit and proper, taking into account all the circumstances. When assessing the suitability threshold of an employee, the FCA and the PRA will consider:
  • the nature of the regulated activity the firm carries on or is seeking to carry on;
  • the need to ensure that the firm's affairs are conducted soundly and prudently;
  • the need to ensure that the firm's affairs are conducted appropriately, considering especially the interests of consumers and the integrity of the UK financial system; and
  • whether those who manage the firm's affairs have adequate skills and experience and act with probity.

• FCA Principles for Businesses or PRA Fundamental Rules – These rules lay out the parameters of the “fit and proper” standard set for firms in the threshold condition on suitability, and require firms to undertake the following:
  • recruit staff in sufficient numbers;
  • provide employees with appropriate training, with competence assessed continuously;
  • make proper arrangements for employees involved with carrying on regulated activities to achieve, maintain and enhance competence; and
  • train employees to pay due regard to the interests of a firm’s customers and treat them fairly.

• Competent employees rule in chapters 3 and 5 of the Senior Management Arrangement Systems and Controls Sourcebook – This is the main employee competence requirement in the training and competence regime under the FSMA and applies to individuals engaged in a regulated activity in UK-regulated firms. The application of this rule can be complex and dependent upon the firm and the activities it undertakes, but in general, it provides that firms must employ personnel with the skills, knowledge and expertise necessary for the discharge of the responsibilities allocated to them.

• Detailed training and competence requirements in the FCA’s training and competence handbook (TC) – The TC rules are designed to supplement the competent employees rule, especially concerning retail activities carried on by firms. Among others, these rules include the following:
  • rules on assessing and maintaining competence;
  • supervision of employees who have not yet been assessed as competent;
  • appropriate qualifications; and
  • recordkeeping and reporting for firms within its scope, including how a firm assessed its employees as competent, and how it has ensured that its employees remain competent.

Yes, financial institutions are required to comply with the rules and standards of conduct as set out in the Rule Book (as a minimum).

Financial institutions must notify the IoM FSA of any departure or intended departure of an employee who undertakes a Controlled Function within ten business days. Furthermore, where a financial institution discovers an event which may lead to a final warning being given to, or other serious disciplinary action being taken against, any of its employees, the financial institution must inform the IoM FSA within ten business days. The notice must specify the event, and the name of the employee where the employee holds a Controlled Function or is a “key person”. Where the employee is not a “key person” and does not hold a Controlled Function role, the financial institution is not required to inform the IoM FSA of the name of the employee unless – following an investigation – the employee is given a final warning or other serious disciplinary action is taken (in which case, the financial institution will have to inform the IoM FSA of the employee’s name at that point).

Depending on the regulatory status of the employing entity and, as the case may be, on the exact activities of a financial service employee, a financial service employee needs to adhere to certain code of conduct rules (eg, regarding transparency and care, documentation and accountability).

Supervised companies in Switzerland are, in principle, required to set up an organisation that ensures the compliance with Swiss financial market laws and its statutory code of conduct rules. For this purpose, among others, companies are required to issue regulations that their employees must follow.

Under Swiss financial market laws, code of conduct rules are generally based on abstract statutory rules and concretized by recognised privately organised associations.

In particular, several professional organisations (eg, the Swiss Bankers Association or the Asset Management Association) and self-regulated organisations issue their own set of code of conduct rules that members are required to follow.

Yes. Both the FCA and PRA have established their own high-level required standards of conduct known as the Conduct Rules. The FCA’s conduct rules are set out in the FCA’s Code of Conduct sourcebook. The PRA’s conduct rules are set out in the PRA Rulebook (and different versions apply to different types of PRA-regulated firms).

The FCA’s conduct rules apply to most individuals working at an SM&CR firm. The PRA’s conduct rules apply to more limited individuals working at dual-regulated SM&CR firms: senior managers (approved by the PRA or FCA); individuals within the PRA’s certification regime; key function holders; and non-executive directors.

The Conduct Rules apply to conduct relating to the carrying out of an individual’s role. They do not extend to conduct within an individual’s private life, provided that the conduct is unrelated to the activities they carry out for their firm. Nevertheless, an individual’s behaviour outside of work can still be relevant to the separate consideration of their fitness and propriety.

There are two tiers of Conduct Rules: a first tier of rules applicable to all individuals subject to the Conduct Rules; and a second tier applicable to senior managers only.

The rules of the first tier are:

• Rule 1 – You must act with integrity.
• Rule 2 – You must act with due skill, care and diligence.
• Rule 3 – You must be open and cooperative with the FCA, PRA and other regulators.
• Rule 4 – You must pay due regard to the interests of the customer and treat them fairly.
• Rule 5 – You must observe proper standards of market conduct.

The rules of the second tier (applicable to senior managers) are:

• SC1 – You must take reasonable steps to ensure that the business of the firm for which you are responsible is controlled effectively.
• SC2 – You must take reasonable steps to ensure that the business of the firm for which you are responsible complies with the relevant requirements and standards of the regulatory system.
• SC3 – You must take reasonable steps to ensure that any delegation of your responsibilities is to an appropriate person and that you oversee the discharge of the delegated responsibility effectively.
• SC4 – You must disclose appropriately any information for which the FCA or PRA would reasonably expect notice.
• SC5 (certain dual-regulated firms only) – When exercising your responsibilities, you must pay due regard to the interests of current and potential future policyholders in ensuring the provision by the firm of an appropriate degree of protection for their insured benefits.

Firms must notify the FCA if they take disciplinary action against an individual for a breach of the Conduct Rules.

Yes, please see question 9.

Financial institutions in the Isle of Man are required to comply with various statutory requirements. Breaches of those statutory requirements impose an obligation on the relevant entity to self-report to the IoM FSA. While ordinarily, businesses will endeavour not to supply information about individuals within the business to the regulator as part of this reporting, from time to time this may be necessary to comply with their regulatory obligations. Where this is the case, usually the regulator will be asked to use their powers of compulsion to seek the information rather than such information being given voluntarily. This is particularly the case where the regulator may have formed concerns about an individual’s fitness and propriety and wishes to investigate this further.

Regulators from other jurisdictions may use certain reciprocal agreements and reciprocal enforcement legislation to seek information from the IoM FSA or more directly from a financial services business. Where such requests are made, this may include information about individual employees (ordinarily those exercising Controlled Functions). However, any mechanism for reciprocal enforcement or exchange of information is subject to scrutiny and such information would normally only be offered by an employer under compulsion.

As a general principle, supervised companies are required to ensure that persons holding, in particular, executive, overall management, oversight or control functions fulfil the requirements of the “fit and proper” test. Consequently, such persons must be of good repute and can guarantee compliance with applicable laws and regulations.

If a person cannot guarantee that the regulatory requirements are fulfilled at all times (eg, because of a material breach of its duties) the employing entity and its audit companies may be required to immediately report to FINMA, respectively, any incident that is of significance.

Yes. There are multiple potential reporting obligations with various timing imperatives. We include below a snapshot of some of the key obligations:

• under FCA Principle 11, firms have a general duty to inform the FCA of matters about which it would reasonably expect notice;
• a firm must notify the FCA immediately it becomes aware, or has information which reasonably suggests, that a matter which could have a significant adverse impact on the firm’s reputation has occurred, may have occurred or may occur in the foreseeable future;
• a firm must notify the FCA immediately it becomes aware, or has information which reasonably suggests, that a significant breach of a rule (including a significant breach of a Conduct Rule) has occurred, may have occurred or may occur in the foreseeable future; and
• a firm must also notify the FCA if it takes disciplinary action against an individual for a breach of the Conduct Rules. Where the relevant individual is a senior manager, the notification must be made within seven business days. Where the relevant individual is certified staff, the notification must be made in the firm’s annual reporting.

Yes, from 1 January 2017 financial institutions must have an internal whistleblowing policy in place. Financial services employees are encouraged to first raise issues with their employer. However, employees may also raise serious concerns with the IoM FSA if they remain unsatisfied at the end of the employer’s process.

Under employment legislation, if an employee is dismissed because they have made a “protected disclosure” (ie, blown the whistle), that dismissal is automatically unfair. Compensatory damages for whistleblowing are uncapped in the Isle of Man Employment and Equality Tribunal.

While there is no sector-specific guidance on harassment in the workplace, all employers have a legal duty to ensure that employees are not harassed at work (this would extend to bullying and being subjected to discrimination). Failure to have and enforce appropriate policies on bullying and harassment is likely to impair any defence that the employer may raise to a legal claim because it will not be able to show that it took “all reasonable steps” to prevent such acts.

There are no specific whistleblowing laws in Switzerland, but employees have a right to report grievances and misconduct to their employer, provided that they do not commit a breach of a fiduciary duty or cause damage (eg, malicious false reports).

However, employees must also report material facts or incidents of misconduct and the misconduct of other employees discovered in the course of their work to their employer under the employee's duty of loyalty.

On the other hand, an employee’s duty of loyalty and, in particular, an employee’s statutory duty of confidentiality flowing from it may also give rise to a duty to not report.

Based on the current legal situation, there may be a conflict between an employee’s need to report grievances (internally or externally) and a possible duty to not report with regard to an external report. An attempt to resolve this conflict through legislation has failed, and a new attempt to introduce whistleblowing legislation in Switzerland is not expected anytime soon.

Concerning whistleblowing by employees to a public authority or even to the public, employees are regularly prevented from doing so by confidentiality obligations under criminal law. Any justification for such a disclosure will usually only be examined in the context of a criminal investigation against the employee.

However, larger companies have taken measures and set up certain processes to uncover and prevent wrongdoing without having to do so under mandatory laws. For instance, companies have implemented internal or external reporting offices.

When it comes to harassment, an employer is explicitly required to protect employees from sexual harassment (prevention) and to protect any victims from further disadvantages (active protection). According to the Gender Equality Act, victims of sexual harassment may be awarded compensation of up to six months' wages by the courts, in addition to damages and restitution, unless the employer can prove that they have "taken all measures that are necessary and appropriate according to experience to prevent sexual harassment and that they can reasonably be expected to take”. Employers are therefore advised to actively address the issue of sexual harassment (as well as general discrimination and bullying) in the workplace and include it in their regulations or directives.

Whistleblowing

In addition to the requirements of the SM&CR outlined above which relate to the prevention of wrongdoing (including the Conduct Rules, fitness and propriety assessments, Senior Managers’ Duty of Responsibility, the certification and approvals processes and associated training requirements), the PRA and the FCA maintain rules on whistleblowing. These are intended to encourage whistleblowers to come forward to report wrongdoing and protect them from retaliation when they do.

For certain types of SM&CR firms, the rules mandate measures that employers must implement, for others they provide guidance on measures to consider.

The key measures are as follows:

• Whistleblowers’ champion – a non-executive director and senior manager with responsibility for whistleblowing compliance within the firm, including oversight of internal policies and procedures and certain reporting requirements.

• Whistleblowing channel – a system which allows whistleblowers to report concerns confidentially and anonymously, and which allows such concerns to be assessed, addressed, and escalated where appropriate.

• Notification regarding external whistleblowing channels – that is, making staff aware of their right to report matters directly to the PRA and FCA and explaining how they can do so.

• Whistleblowing training – this must cover arrangements on whistleblowing within the firm and be provided (and tailored) to employees based in the UK, their managers, and employees responsible for operating the firm’s whistleblowing arrangements.

Prevention of harassment

Harassment and related unacceptable workplace behaviours (such as bullying and discrimination) are not specifically addressed in the SM&CR rules on individual accountability. However, it is clear from regulators’ public statements that the culture of firms (in its broadest sense) is central to their approach. Having a healthy firm culture is seen as critical to consumer protection and well-functioning markets, and firms with healthy cultures are considered to be less prone to misconduct.

Firms that are subject to the SM&CR need to be alive to the possibility that instances of harassment and other non-financial misconduct could amount to breaches of the individual accountability regime or trigger certain requirements under it, such as a requirement to investigate, reassess an individual’s fitness and propriety, or notify certain matters to the regulators. The same could apply to any failure by relevant staff to investigate and deal appropriately with allegations of this kind, such as a senior manager who turns a blind eye to reports of sexual harassment or workplace bullying. While there have been relatively few instances of non-financial misconduct resulting in an enforcement action to date, this is likely to become an emerging trend.

Terminating an employee’s employment must occur in accordance with the terms of their contract, otherwise the employer risks a claim for wrongful dismissal.

Additionally, financial institutions have certain notification obligations to the IoM FSA as outlined in question 10. Where a settlement agreement is entered into in respect of the exit of an employee and a factor in their departure is a disciplinary issue, the IoM FSA will usually wish to know the terms of, and circumstances leading to, the settlement agreement. In particular, the IoM FSA will want to understand whether the reason for the termination was a systemic failure on the part of the financial institution or an issue with the individual and their capability or conduct. The settlement agreement cannot prevent an employee from making a protected disclosure and must not require the employee to warrant that they have not made a protected disclosure.

There are no specific rules or protocols that apply when terminating the employment of an employee in the financial services sector. However, because changes in the strategic and executive management of, in particular, regulated companies such as banks, insurance companies, securities firms, fund management companies, managers of collective assets or asset managers are subject to a prior authorization by FINMA, the timing of termination and re-hiring of particular persons should be considered.

The general rules on the termination of an employment relationship apply under Swiss law: any employment contract concluded for an indefinite period may be unilaterally terminated by both employer and employee, subject to the contractual or (if no contractual notice period was agreed) statutory notice periods for any reason (ordinary termination).

The termination notice needs to be physically received before the notice period can start, meaning the notice needs to be received by the employee before the end of a month so that the notice period can start on the first day of the next month. If notice is not received before the end of the month, the notice period would start the month following the receipt of the notice. A termination notice might be either delivered by mail or personally.

Swiss law does not provide for payment in lieu of a notice period. The only option in this regard is to either send the employee on garden leave or to agree within the termination agreement to terminate the employment relationship per an earlier termination date than the one provided for in the termination notice.

As a general rule, an employment contract may be terminated by either party for any reason. However, Swiss statutory law provides for protection from termination by notice for both employers and employees, distinguishing between abusive and untimely notices of termination.

Based on social policy concerns, the employer must observe certain waiting periods, during which a notice cannot validly be served (so-called untimely notice). Such waiting periods apply (art. 336c CO), for example, during compulsory military or civil defence service, full- or part-time absence from work due to illness or an accident, or during an employee’s pregnancy and 16 weeks following the birth of the child. Any notice given by the employer during these waiting periods is void. Any notice given before the respective period is effective, but once the special situation has occurred and for the period it lasts, the running of the applicable notice period is suspended and only continues after the end of the period in question.

In addition, Swiss civil law defines certain grounds based on which terminations are considered abusive (article 336 CO). Termination by the employer might be considered abusive (eg, if it is based on a personal characteristic of the other party (eg, gender, race, age), or if the other party exercises a right guaranteed by the Swiss Federal Constitution (eg, religion or membership in a political party) unless the exercise of this right violates an obligation of the contract of employment or is seriously prejudicial to the work climate). If the employer abusively terminates the employment contract, the employer has to pay damages to the employee and a penalty of up to six months' remuneration (article 336a CO). Nevertheless, an abusive termination remains valid.

Regarding settlement agreements, Swiss employment law allows the conclusion of such agreements, but there are strict limits on the parties’ freedom of contract. Termination agreements may not be concluded that circumvent statutory provisions on employee protection. According to Swiss case law, termination agreements are usually valid and enforceable if both parties make real concessions, and if the agreement is also favourable for the employee. To conclude a termination agreement initiated by the employer, the employee must also be granted a sufficient reflection period. No further formalities need to be observed when concluding termination agreements, although it is generally advisable to have them in writing.

Settlement agreements

The whistleblowing measures outlined above are complemented by mandatory requirements for SM&CR firms concerning settlement agreements, namely that any such agreement must include a term stating that it doesn’t prevent the individual from making a protected disclosure, and must not require the individual to warrant that they have not made a protected disclosure or that they do not know of any information which could lead to them doing so (a “protected disclosure” is a type of disclosure recognised in English employment law that gives the person making it legal protection from retaliatory detrimental treatment).

SM&CR firms entering into settlement agreements must also ensure that they are not drafted in a way that is incompatible with other relevant regulatory requirements. For example, there is a specific prohibition in the FCA Handbook on firms entering into any arrangements or agreements with any person that limit their ability to disclose information required by the regulatory reference rules (see question 2). As such, terms relating to confidentiality and the provision of employment references should allow the firm sufficient flexibility to comply with regulatory reference requirements, which could include a requirement to update such a reference. In addition, any obligations of confidentiality should include a carve-out to permit relevant regulatory disclosures and reports.

Handover procedures

The SM&CR includes requirements designed to ensure that adequate handovers take place between outgoing and incoming senior managers. Firms must take all reasonable steps to ensure that senior managers (and anyone who has management or supervisory responsibilities for them) have all the information and material that they could reasonably expect to have to perform their responsibilities effectively and under the requirements of the regulatory system. This applies when someone becomes a senior manager and when an existing senior manager takes on a new job or new responsibilities (or when their responsibilities or job are being changed).

Firms must have a handover policy in place to ensure compliance with these requirements. They must also make and maintain adequate records of steps taken to comply with them.

The information and material handed over should be practical and helpful, with an assessment of what issues should be prioritised, and judgement and opinion as well as facts, figures and records. It should also include details about unresolved or possible regulatory breaches and any unresolved concerns expressed by the FCA, the PRA or any other regulatory body.

The format and arrangements of a handover should allow for an orderly transition, which should include the outgoing senior manager contributing to the handover everything that it would be reasonable to expect them to know and consider relevant, including their opinions. This could be achieved by requiring outgoing senior managers to prepare a handover certificate, but the FCA recognises that this will not always be practical.

To ensure that these requirements are satisfied, it is good practice to include in senior managers’ employment contracts (and settlement agreements) specific obligations relating to handovers.

Reallocating senior managers’ responsibilities

In addition to ensuring that adequate handovers take place between outgoing and incoming senior managers, firms should also ensure on the departure of a senior manager that their responsibilities are reallocated and that this is recorded in a way that is compliant with relevant regulatory requirements. This may include temporary reallocation to one or more existing senior managers where the replacement does not take over immediately on the departure of the departing senior manager, as well as updating the firm’s management responsibilities map and statements of responsibilities.

Reporting requirements

When an individual ceases to perform an SMF, the firm must generally notify the relevant regulatory within seven business days.

SM&CR firms must notify the relevant regulators if certain types of disciplinary action are taken, which can include dismissal – see question 10.

The IoM FSA does not regulate the use of post-termination restrictive covenants for employees in the financial services sector. Post-termination restrictive covenants will be a matter of contract and will typically include non-compete, non-solicitation and non-dealing restrictions. These are subject to the same common law rules on interpretation and enforceability as in any other sector. Restraint of trade provisions are, in principle, contrary to public policy as a result of which it is for the employer to justify the length and scope of the restrictive covenant and show that it goes no further than necessary to protect its legitimate business interests. If a restraint is considered to be excessive, the courts will not generally rewrite or modify it to make it enforceable and, therefore, the whole of a defective covenant could fall away or be of no effect.

There are no particular rules that apply concerning the use of post-termination restrictive covenants for employees in the financial services sector in Switzerland. Rather, general post-contractual non-compete regulations come into play: the parties of an employment contract may agree on a non-compete clause, which must be included in the employment contract in writing to be valid. For the non-compete clause to be relevant, it must be sufficiently limited in terms of time, place and subject matter. Normally, the duration of a post-termination non-compete clause is no more than one year; however, the statutorily permissible duration is three years.

As a prerequisite for a contractual non-compete clause to be binding, access to sensitive data is required. The employee must either have access to customer data or manufacturing or business secrets. However, access alone is not enough. There must also be the possibility of harming the employer using this knowledge.

If a relationship between the customer and the employee or employer is personal (which is, for example, the case for lawyers or doctors), a post-termination non-compete clause is not applicable according to the Federal Supreme Court.

If there is an excessive non-compete clause, this can be restricted by a judge. In practice, most of the time, no restriction of the post-termination non-compete clause is imposed if the employer offers consideration in return for the agreement. The prohibition of competition may become invalid for two reasons. Firstly, the clause can become irrelevant if the employer has no more interest in maintaining the non-compete clause. Secondly, the clause is not effective if the employer has terminated the employment relationship. However, this does not apply if the employee has given the employer a reason to terminate the employment relationship.

Swiss employment law does not provide for any compensation for a post-termination non-compete clause.

The SM&CR does not regulate the use of post-termination restrictive covenants for employees in the financial services sector. It is fairly typical for financial services firms in the UK to include non-dealing, non-solicitation, non-compete and similar restrictive covenants in their employment contracts. These are subject to the same common law rules on interpretation and enforceability as in any other sector. The only caveat to this is that firms should ensure that such terms do not include any provision that might conflict with the regulatory duties of either the firm or the employee. This will be a rare occurrence in practice for most types of restrictive covenant, but could arise in respect of post-termination contractual obligations that are closely associated with restrictive covenants, namely those relating to confidentiality. As such, firms should ensure that confidentiality clauses in employment contracts or other agreements such as NDAs include appropriate carve-outs.

Yes, non-disclosure agreements are potentially lawful in the Isle of Man. A contract of employment may also contain confidentiality provisions for financial services employees. However, a non-disclosure agreement or confidentiality clause would not (and could not) prevent a financial services employee (or any employee) from making a protected disclosure, (ie, a disclosure made by an employee where they reasonably believe there is serious wrongdoing within the workplace (whistleblowing)).

A financial services employee may, furthermore, be subject to a legal requirement to disclose information in certain circumstances that might override an NDA. For example, an individual can be compelled to provide information by the IoM FSA during an interview, and such compulsion will generally override an employee’s duties of confidentiality. Alternatively, an individual can be subject to a requirement to disclose information in the context of legal proceedings (eg, by court order).

Non-disclosure agreements (NDAs) are generally lawful in Switzerland. However, NDAs are not regulated by statutory law and therefore do not have to follow any particular statutory form or rule. Nevertheless, most NDAs often contain a similar basic structure.

The core clauses of an NDA concern:

• manufacturing and business secrets or the scope of further confidentiality;
• the purpose of use;
• the return and destruction of devices containing confidential information; and
• post-contractual confidentiality obligations.

As a general rule, it is recommended to use the written form.

To ensure possible enforcement of an NDA in the employment context, the requirements of a post-contractual non-compete obligation (see below) must be met.

NDAs (also known as confidentiality agreements) are potentially lawful and enforceable in the UK. It is common to include NDAs in employment contracts (to protect the confidential information of the employer during and after employment) and in settlement agreements (to reiterate existing confidentiality obligations and to keep the circumstances of the settlement confidential).

NDAs do not need to follow a particular form, but they must be reasonable in scope. Following #MeToo, there has been considerable government, parliamentary, and regulatory scrutiny of the use of NDAs and their reasonableness in different circumstances.

The following limitations on NDAs should be noted:

• By law, any NDA purporting to prevent an individual from making a “protected disclosure” as defined in the Employment Rights Act 1996 (ie, blowing the whistle about a matter) is void.

• The regulatory body for solicitors in England and Wales, the Solicitors Regulation Authority (SRA), has issued a detailed warning notice and guidance to practitioners setting out – in its view – inappropriate or improper uses of NDAs. Failure to comply with the SRA’s warning notice may lead to disciplinary action. The SRA lists the following as examples of improper use of NDAs:

• • using an NDA as a means of preventing, or seeking to impede or deter, a person from:
    • cooperating with a criminal investigation or prosecution;
    • reporting an offence to a law enforcement agency;
    • reporting misconduct, or a serious breach of the SRA’s regulatory requirements, to the SRA, or making an equivalent report to any other body responsible for supervising or regulating the matters in question; and
    • making a protected disclosure;
    • using an NDA to influence the substance of such a report, disclosure or cooperation;
    • using an NDA to prevent any disclosure required by law;
    • using an NDA to prevent proper disclosure about the agreement or circumstances surrounding the agreement to professional advisers, such as legal or tax advisors, or medical professionals and counsellors, who are bound by a duty of confidentiality;
    • including or proposing clauses known to be unenforceable; and
    • using warranties, indemnities and clawback clauses in a way that is designed to, or has the effect of, improperly preventing or inhibiting permitted reporting or disclosures being made (for example, asking a person to warrant that they are not aware of any reason why they would make a permitted disclosure, in circumstances where a breach of warranty would activate a clawback clause).
       
• The Law Society of England and Wales, a professional association representing solicitors in England and Wales, has issued similar guidance (including a practice note) on the use of NDAs in the context of the termination of employment relationships.
• Other non-regulatory guidance on the use of NDAs has also been issued, including by the Advisory, Conciliation and Arbitration Service and by the UK Equality and Human Rights Commission.

Care should be taken accordingly to ensure that the wording of any NDA complies with prevailing guidance, especially from the SRA.