Employment in Financial Services

To keep the “fit and proper” authorisation, the concerned persons must ensure that they follow the relevant training.

Regarding the prevention of money laundering, financial institutions must ensure that personnel whose function requires it is aware of the legislation, knows the internal policies, is aware of the internal reporting procedure and receives special continuing education programmes (article 11, §1, Act of 18 September 2017).

At a sectoral level, JC Nos. 310 and 341 provide for an individual right to five days of training per year per full-time equivalent employee.

No uniform training is required by law, except for activities that require certification.

In general, "the employer shall ensure that employees are adapted to their workstation" and "shall ensure that their ability to hold a job is maintained, particularly with regard to changes in jobs, technologies and organizations". This general obligation is imposed on the employer if there is a change in the job description.

In addition, the FMA General Regulation requires all persons mentioned in article 325-24 of the Monetary and Financial Code, including investment service providers, salespersons, managers, and persons responsible for clearing financial instruments, to undergo annual training appropriate to their activity and experience.

Law 2016-1691 of 9 December 2016 on transparency, the fight against corruption and the modernisation of economic life also provides that in companies employing at least 500 people, or belonging to a group of companies whose parent company has its registered office in France and whose workforce includes at least 500 people, and whose revenue or consolidated revenue is more than €100 million, a training system must be set up for managers and staff most exposed to the risks of corruption and influence peddling.

Decree no. 2022-894 of 15 June 2022 on the conditions governing the exercise of the profession of intermediary in banking operations and payment services introduces a new obligation in terms of continuing training. From now on, all intermediaries in banking operations and payment services carrying out intermediary activities in real estate credit and their staff must update their professional knowledge and skills, as part of their continuing education, “through professional training of sufficient duration adapted to their activities, taking particular account of changes in the applicable legislation or regulations” (article L. 519-11-3 of of the Monetary and Financial Code). Finally, as we have seen, some positions in the financial services industry may require specific training and certification.

Qualification requirements exist for specific roles (eg, traders), and employers must ensure they comply with them by only contracting employees with the required skills, certifications and experience. The expertise of employees providing investment advice, sales representation, and compliance advice must also be continuously maintained and regularly updated.

SFC

Persons engaging in regulated activities are required to continuously update their knowledge and skills through continuous professional training (CPT). The “Guidelines on Continuous Professional Training” published by the SFC provides for the following CPT requirements:

• a minimum of 10 CPT hours a year for licensed representatives and relevant individuals; and
• a minimum of 12 CPT hours a year for responsible officers and executive officers (including 2 CPT hours on topics relating to regulatory compliance).

In addition, an individual should attend at least five CPT hours a year (out of the 10 hours for licensed representatives and relevant individuals and 12 hours for responsible officers and executive officers) on topics directly relevant to the regulated activities for which he or she is licensed at the time the CPT hours are undertaken.

HKMA

The HKMA has implemented the “Enhanced Competency Framework”(ECF) for banking practitioners. While the ECF is not a mandatory regime, banks are strongly encouraged to adopt it as the benchmark for enhancing the level of core competence and ongoing professional development of banking practitioners.

IA

Under the “Guideline on Continuing Professional Development for Licensed Insurance Intermediaries”, licensed insurance intermediaries who are individuals are required to receive training through CPD to preserve their professional competence and standards in providing service to policyholders and potential policyholders.

The minimum number of CPD hours for individual licensees is 15 CPD hours for each assessment period, including a minimum of three compulsory CPD hours on “Ethics or Regulations” courses.

Financial services employees are also required to receive training on anti-money laundering and counter-financing of terrorism. New staff should be required to attend initial training as soon as possible after being hired or appointed. Apart from the initial training, refresher training should be provided regularly to ensure that staff are reminded of their responsibilities and are kept informed of new developments.

Financial services employees may undergo necessary training once they are selected and onboarded.

Financial services sectors categorise employees as specialists and generalists. On one hand, those in charge of specialist roles are deployed in treasury, derivatives trading, IT, forex, risk management, service delivery groups, product roles, legal, etc., while on the other, the generalists are deployed in branches, administrative functions, finance, some areas of treasury, taxation, general management, operations, relationship or sales managing, etc. They should possess differentiated requisite academic qualifications with skill certifications (if any) or obtain competitive scores in recruitment tests.

As such, there are no legal requirements for prior training of employees in the financial services sector. There are various certificate courses, workshops and diplomas by financial institutions and agencies, which are recommended to be attended regularly to stay abreast of industry knowledge and to secure an edge in intra-organisational promotions.

Yes. A CF employee, subject to the Minimum Competency regime, will be required to complete CPD training. Evidence of meeting that CPD requirement is also a factor in determining a person's F&P. RFSPs must maintain records of CPD training provided to CFs to demonstrate compliance with the minimum competency regime.

The 2023 Act also introduces new training obligations for those subject to the Common and Additional Conduct Standards, with firms being required to train those persons on how these obligations apply to them and their new duties of responsibility. Attendance at, or completion of, training in respect of the Conduct Standards should be mandatory and such attendance should be carefully documented with refresher training rolled out periodically.

Employers within the scope of the Criminal Justice (Money Laundering and Terrorist Financing) Acts 2010 - 2021 (including RFSPs) are required to provide annual training to relevant staff and directors on its requirements and the RFSP must have procedures in place to comply with that legislation and associated guidance.

Depending on the RFSP's business, additional mandatory training may be needed annually, for example, on topics such as market abuse.

The designated person for responding to protected disclosures should be trained and competent in the identification and handling of protected disclosures.

The IoM FSA’s “Training and Competence Framework” sets the minimum standards that must be achieved by individuals working in the financial services industry. The framework sets out the IoM FSA’s expectations regarding competency, not only for employees who carry out a Controlled Function (and who are subject to fitness and propriety criteria) but for all staff.

The framework is split into two segments: general training and competence requirements for all staff; and training and competence expectations for Controlled Functions and Other Functions – essentially additional expectations for individuals undertaking or aspiring to undertake certain Controlled Functions or other designated functions.

The IoM FSA also sets requirements concerning continuing professional development (CPD) for different types of regulated entities and staff at different levels. For example, Rule 8.5 of the Rule Book specifies that directors and key persons within a licence holder must undertake a minimum of 25 hours of relevant CPD per year or meet the level prescribed by their professional body (where higher). There are further CPD requirements on individuals who provide investment advice to retail investors.

Even absent a prescribed minimum level of CPD, the IoM FSA believes that ongoing training and CPD for all financial services staff and officers is good practice. Such training and CPD should be relevant to the role of the individual and take account of new developments (ie, changes to tax legislation, new regulatory requirements and new products).

In terms of articles 132, 153-A to 153-X of the FLL, employers must provide employees with training so they can render their services and comply with the duties of their positions, and employees should receive such training under the plans and programmes formulated by mutual agreement of the employer and employees. Nevertheless, as indicated in previous questions, for employees to occupy certain positions, they must meet the requirements, and for brokerage houses proxies must be authorised to exercise their duties under their position within the brokerage houses.  

According to article 117 bis 9 of the general provisions applicable to brokerage houses, general managers are responsible for implementing, maintaining and distributing the continuity plan of the business within the brokerage house. Therefore, the general manager must establish a training programme outlining the actions to be carried out if an operation contingency arises.

On the other hand, the AMIB provides courses and training for interested individuals to obtain the necessary skills and capacity to perform the activities of proxies in brokerage houses, and thereafter, to obtain authorisation from the AMIB and CNBV to act and perform the corresponding duties of the position.  

A Finance Educational Committee has been created by several financial institutions, authorities, and the Bank of Mexico and is presided over by the SHCP. This committee is in charge of, among other things, defining a finance educational policy; preparing a national strategy for financial education and guidelines; and identifying new work areas and proposing new actions and programmes in financial education.

Please see question 4.

Examinations (see question 4) and continuing education requirements apply to certain employees in the capital markets services, financial advice and insurance sectors.

In general, regulated companies (eg, banks, insurance companies or asset managers) are required to set up and maintain an organisation that ensures compliance with applicable financial market laws. Given the organisational measures and depending on the regulatory status of the employing entity and the position and activities of the financial services employee, there are training requirements.

While Swiss financial market regulations do not have an exhaustive list of exact training requirements, FINMA requires, among others, that the highest bodies of supervised companies (eg, executives of board members of banks, securities firms, insurance and reinsurance companies, fund management companies, managers of collective assets or asset managers) can fulfil the requirements of the so-called fit and proper test. These requirements extend to all character-related and professional elements that enable an officeholder to manage a supervised company in compliance with applicable laws. Part of the professional elements are relevant work experience and education. In addition, persons holding key positions (eg, compliance and risk officers and their deputies) are required to demonstrate sufficient know-how because of their work experience and education.

That said, the Swiss financial services and insurance supervisory regulations provide for more concrete training requirements. In particular, client advisers of Swiss and foreign financial service providers (eg, investment advisers) may need to demonstrate that they have sufficient knowledge of the code of conduct rules of the Swiss financial services regulation and the necessary expertise required to perform their activities. In addition, insurance intermediaries registered with FINMA’s insurance intermediary register have to prove that they have undergone sufficient education and have sufficient qualifications. On its website, FINMA has published a list of different educational Swiss and foreign qualifications that it deems to be sufficient.

The DFSA General Rulebook requires authorised entities to ensure that the Senior Executive Officer, Compliance Officers, and Money Laundering Reporting Officer, must complete a minimum of 15 hours of continuing professional development in each calendar year.  This continuing professional development must be relevant to the employee’s role and professional skill and knowledge, and consist of structured activities, such as courses, seminars, lectures, conferences, workshops, web-based seminars or e-learning, which require a commitment of 30 minutes or more.  The employee must also ensure that they maintain adequate records to be able to demonstrate that these requirements have been met.

The FSRA General Rulebook requires an authorised entity to ensure that its directors and senior managers are fit and proper and its guidance suggests that whether any training has been untaken or is required should be considered.  In addition, an authorised entity should satisfy itself that an employee continues to be competent and capable of performing the role, has kept abreast of market, product, technology, legislative and regulatory developments that are relevant to the role, through training or other means, and is able to apply this knowledge.

The PRA and FCA training and competence regimes set the minimum standards that must be achieved by individuals working in the financial services industry. These regimes aim to ensure that authorised firms have arrangements in place to satisfy themselves that their employees are competent.

All FSMA-authorised firms are required to have adequately trained and competent senior management and employees. The training and competence requirements include:

• Threshold conditions on suitability – All firms must show that persons connected with the firm are fit and proper, taking into account all the circumstances. When assessing the suitability threshold of an employee, the FCA and the PRA will consider:
  • the nature of the regulated activity the firm carries on or is seeking to carry on;
  • the need to ensure that the firm's affairs are conducted soundly and prudently;
  • the need to ensure that the firm's affairs are conducted appropriately, considering especially the interests of consumers and the integrity of the UK financial system; and
  • whether those who manage the firm's affairs have adequate skills and experience and act with probity.

• FCA Principles for Businesses or PRA Fundamental Rules – These rules lay out the parameters of the “fit and proper” standard set for firms in the threshold condition on suitability, and require firms to undertake the following:
  • recruit staff in sufficient numbers;
  • provide employees with appropriate training, with competence assessed continuously;
  • make proper arrangements for employees involved with carrying on regulated activities to achieve, maintain and enhance competence; and
  • train employees to pay due regard to the interests of a firm’s customers and treat them fairly.

• Competent employees rule in chapters 3 and 5 of the Senior Management Arrangement Systems and Controls Sourcebook – This is the main employee competence requirement in the training and competence regime under the FSMA and applies to individuals engaged in a regulated activity in UK-regulated firms. The application of this rule can be complex and dependent upon the firm and the activities it undertakes, but in general, it provides that firms must employ personnel with the skills, knowledge and expertise necessary for the discharge of the responsibilities allocated to them.

• Detailed training and competence requirements in the FCA’s training and competence handbook (TC) – The TC rules are designed to supplement the competent employees rule, especially concerning retail activities carried on by firms. Among others, these rules include the following:
  • rules on assessing and maintaining competence;
  • supervision of employees who have not yet been assessed as competent;
  • appropriate qualifications; and
  • recordkeeping and reporting for firms within its scope, including how a firm assessed its employees as competent, and how it has ensured that its employees remain competent.

All employees in some states, including California and New York, are required to receive periodic sexual harassment training. Additionally, employees may be required to pass certain skills tests before registering with regulators or engage in continuing education programmes (most notably FINRA, see question 4).

The NBB has issued a Fit & Proper Handbook, which was last updated on 22 December 2022.

Besides, Febelfin has adopted codes of conduct and regulations for relations between financial institutions and their customers, which can be considered standard practice in the sector.

Each financial institution may also provide more concrete or more precise quality standards for its clientele.

There is no general code defined by law or regulation.

Each company can adopt its standard of behaviour as a rule.

Certain activities require specific protocols for the Prevention of Money Laundering and Combating the Financing of Terrorism:

• the capture, intermediation, and investment of financial resources from third parties in national or foreign currency;

• the purchase and sale of foreign currency or gold as a financial asset or exchange instrument; and

• the custody, issuance, distribution, settlement, negotiation, intermediation, or securities administration.

Within the scope of the Brazilian System for Preventing and Combating Money Laundering and the Financing of Terrorism, it is up to institutions and their employees to adequately comply with Central Bank regulations. Also, institutions must promote the effectiveness of the apparatus to combat and prevent money laundering, carry out risk management with the implementation of effective policies, procedures, and controls, and help the Brazilian state locate suspicious financial operations so that they can be investigated.

First of all, various obligations discussed so far have the effect of forcing, if they were not already there, employees in the financial services sector to behave in an honourable manner and respect prudential rules.

In addition, Law 2016-1691 of 9 December 2016 on transparency, the fight against corruption and the modernisation of economic life states in article 17 that in certain large companies, managers must take all measures to prevent and detect the commission, in France or abroad, of acts of corruption or influence peddling.

This means setting up a code of conduct that will be integrated into the internal regulations, in compliance with the procedure for consulting employee representatives provided for in article L. 1321-4 of the French Labour Code.

This code of conduct involves the implementation of measures and procedures that will be monitored by the French Anti-Corruption Agency. In particular, the code of conduct must define and provide examples of the various types of behaviour to be prohibited as likely to constitute corruption or influence peddling. It must also establish an evaluation and control system, as well as a disciplinary system, enabling the company's employees to be sanctioned if there is a violation of the company's code of conduct.

In addition to this code of conduct, which is part of the internal regulations, almost all players in the financial services sector have put in place charters and policies to protect confidential information and regulate risky activities.

Employees must conduct themselves in line with their respective roles and responsibilities, which in client-facing roles indirectly leads to them being subject to specific behavioural obligations (such as having to adhere to certain procedures and documentation obligations before selling a service or product to a client). In addition, company policies required by the regulator (eg, on sustainability or equal treatment) often include behavioural standards.

In addition, there are voluntary standards adopted by various professional associations, such as the Code of Conduct of the Federal Association of Financial Services, which apply to their respective members.

SFC

Under the SFO, licensed representatives and ROs are required to be “a fit and proper person” to carry on the regulated activities and must adhere to the standards of behaviour set out in the “Code of Conduct for Persons Licensed by or Registered with the Securities and Futures Commission”. Other relevant guidelines regarding standards of behaviour include:

• “Fit and Proper Guidelines”, which set out the general expectations of the SFC of what is necessary to satisfy the licensing or registration requirements that a person is fit and proper.
• “Guidelines on Competence”, which set out the competence requirements and its objective to ensure a person is equipped with the necessary technical skills and professional expertise to be “fit”, and is aware of the relevant ethical standards and regulatory knowledge to be “proper” in carrying on any regulated activities.

HKMA

Under the BO, employees of an authorised institution that carry on regulated activities under the SFO are required to be fit and proper. In addition, the HKMA needs to be satisfied that the chief executive, directors, controllers and executive officers of the authorised institutions are fit and proper. Other relevant guidelines regarding standards of behaviour include:

• “Code of Banking Practice”, which is to be observed by authorised institutions in dealing with and providing services to their customers.
• Supervisory Policy Manual CG – 2 “Systems of Control for Appointment of Managers”, which sets out the system of control that authorised institutions should have for ensuring the fitness and propriety of individuals appointed as managers.

IA

The conduct requirements for licensed insurance agents and brokers are set out in Division 4 of the IO. Other relevant codes and guidelines include:

• “Code of Conduct for Licensed Insurance Agents”, which sets out the fundamental principles of professional conduct that buyers of insurance are entitled to expect in their dealings with licensed insurance agents.
• “Code of Conduct for Licensed Insurance Brokers”, which sets out the fundamental principles of professional conduct that buyers of insurance are entitled to expect in their dealings with licensed insurance brokers.
• “Guideline on ‘Fit and Proper’ Criteria under the Insurance Ordinance”

Financial services regulators like the RBI, SEBI and Insurance Regulatory and Development Authority of India (IRDAI) regulate employees through prescribed frameworks and their organisation-specific rules.

The obligations for the conduct of employees in financial services are determined depending upon the type of organisation: public sector banks (majorly owned by the state) or private banks; sectors (banking, non-banking, insurance, capital market); regions (different local laws); and level of seniority (liability of officers or manager is different from regular employees or clerical staff).  Though there are no statutory standards, judicial pronouncements have set a higher threshold of duty of care for employees in the financial services sectors. The Andhra Pradesh High Court in Harinarayan Seet v Andhra Bank[1] held dismissal of service as a proportionate punishment for dereliction of duty by banking employees, which would have otherwise attracted a lesser penalty for employees in less-critical sectors.

In terms of general labour legislation also applicable to financial services employees, financial services organisations fall under the definition of “commercial establishments”, whose definition has been laid down by the Shops & Commercial Establishments Act (state level). They provide certain conduct-specific obligations, for example, a prohibition against discrimination, suspension or dismissal for misconduct.

The other major piece of labour legislation that lays down standards of conduct is the Industrial Employment (Standing Orders) Act, 1946 (IESOA). However, its applicability to commercial establishments or to a specific industry is dependent upon state-wide laws. For example, the states of Haryana and Karnataka have notified the application of the IESOA to commercial establishments with a minimum of 50 employees. This implies that financial services institutions in these states, meeting the above criteria, are bound to comply with the IESOA. Upon the application of the IESOA, the establishments are required to submit to the certifying officer draft standing orders proposed for their establishment, which should cover acceptable standards for employees.

In the banking sector, employees of public-sector banks, private-sector banks and foreign banks are bound by the obligations laid down by the RBI and their organisation rules. The provisions of these rules, which are different from other industries, are stricter: observance of secrecy; prohibition against using influence to secure employment for family members; bypassing regular compliance checks for availing of banking facilities; prohibition against media contributions, participating in politics or standing for election; demonstrations prejudicial to the public interest; and acceptance of gifts in an official capacity.

In terms of financial propriety, employees must not indulge in speculation in stocks and shares, but must avoid personal insolvency and even disclose their moveable and immoveable assets. During employment, they are also forbidden from engaging in any outside employment (stipendiary or honorary) without the prior approval of the organisation. Higher managerial employees are subject to additional scrutiny. Those belonging to public sector enterprises are brought within the jurisdiction of the Central Vigilance Commission, the apex vigilance institution. It is due to the gravity of corruption cases that the senior management of private sector banks is also included within the ambit of “public servant”, which usually includes employees of only public sector organisations. This was upheld by the Supreme Court of India in the case of Central Bureau of Investigation v Ramesh Gelli[2].  The organisations in the insurance and capital markets sectors also have similar institution-wide conduct and disciplinary rules.

Directors of organisations in the financial services sector may also be subject to duties stated in Schedule IV of the Companies Act 2013 and the SEBI (Listing Obligations and Disclosure Requirements) Regulations 2015.

When it comes to outsourcing activities, financial institutions formulate a board-approved “Code of Conduct” as part of the “Outsourcing Agreement”, which is to be complied with by the outsourced service providers and their employees.[3]

Though financial services employees are held to a higher set of moral standards, their right to participate in trade union actions for voicing their concerns has been upheld time and again. Recently, the Madras High Court in the case of D Thomas Franco Rajendra Dev v The Disciplinary Authority and Circle Development Officer and State Bank of India[4] observed bank officers’ right to unionise.  However, the right of bank employees to go on a strike gets limited since banks and other financial institutions are declared as ‘Public Utility Services’ (“PUS”). Accordingly, while they are not barred from going on strike, they must adhere to certain pre-requisites namely service of notice of at least 6 weeks before going on a strike, prohibition of any strike within 14 days from date of service of above notice, prohibition of going on a strike before the expiry of the date of that strike and non-authorization of any strike during the pendency of any conciliation proceedings or 7 days after the conclusion of such a proceeding. Upon being declared a PUS, the concerned industry must adhere to these conditions failing which the strikes would be declared as illegal.

Yes there are. They are:

• the F&P Standards;
• the minimum competency regime; and
• the IAF and SEAR (see question 1).

There are also sector-specific conduct of business requirements in legislation and codes, including the Consumer Protection Code 2012, the MiFID II regime, and other regulatory requirements applicable to RFSPs based on their industry sector that apply and deal with matters such as:

• error handling,
• disclosures to customers,
• acting in the best interests of customers; and
• complaints handling.

Yes, financial institutions are required to comply with the rules and standards of conduct as set out in the Rule Book (as a minimum).

Financial institutions must notify the IoM FSA of any departure or intended departure of an employee who undertakes a Controlled Function within ten business days. Furthermore, where a financial institution discovers an event which may lead to a final warning being given to, or other serious disciplinary action being taken against, any of its employees, the financial institution must inform the IoM FSA within ten business days. The notice must specify the event, and the name of the employee where the employee holds a Controlled Function or is a “key person”. Where the employee is not a “key person” and does not hold a Controlled Function role, the financial institution is not required to inform the IoM FSA of the name of the employee unless – following an investigation – the employee is given a final warning or other serious disciplinary action is taken (in which case, the financial institution will have to inform the IoM FSA of the employee’s name at that point).

Financial entities must establish, implement and apply, among other things:

• confidentiality policies;
• policies for internal control to confirm the acts, operations and services of individuals are carried out in an ethical, professional and legal manner;
• policies regarding the prevention of acts and operations with illegal resources;
• policies to prevent psychological risk factors;
• policies that allow the identification, follow-up and control of risks inherent to operations; and
• conflict of interest resolution policies.

Under the general provisions applicable to operations with securities carried out by members of the board of directors, officers and employees of financial entities and other obligated parties, the principles that must be complied with are the following:

• transparency in operations;
• equal opportunity before all other market participants in sureties operations;
• compliance with fair stock market customs and practices;
• absence of a conflict of interest; and
• prevention of improper behaviour that may have as its origin the use of privileged or confidential information.

Policies, manuals and codes must also include guidelines for the resolution of potential conflicts of interest, as well as the mechanisms to avoid the existence of such conflicts.

Financial entities must inform the CNBV annually, within 15 days, a report on the conduct, operations, and services of individuals. If any act or operation with illegal resources is detected, financial entities must inform the authorities immediately, including the CNBV and the SHCP.

The board of directors of operating companies of investment funds, distribution entities, and stock appraisers of investment funds must approve a code of conduct, which must consider:

• activities in compliance with the applicable laws;
• internal control rules for the compliance of provisions and policies contained in the code, including investment provisions issued by the CNBV;
• security mechanisms to ensure confidential information is used solely for authorised purposes and security measures to protect clients’ files from fraud, robbery or misuse;
• an obligation on the general manager, officers and employees to conduct themselves in a fair, honest and professional manner in the performance of their activities; and
• a prohibition on officers, employees and proxies executing any type of operation with the public that contravenes market practices.

Members of the board of directors, the general manager, officers, regulatory comptrollers, proxies, and other employees must immediately report the existence of illegal or unethical conduct or activity to the regulatory comptroller.

Under Dutch law, financial services companies must maintain integrity and ensure safety, stability and integrity within their company. This also means that financial services companies must prevent their employees from committing criminal offences, other violations of the law or socially inappropriate behaviour that undermines confidence in the financial services sector or financial markets. For these reasons, it is common to implement company-specific codes of conduct.

There are many statutory general regulations and standards of behaviour that financial services employees are expected to adhere to. Moreover, all industries have their own specific industry-wide guidelines and codes of conduct.

An important statutory obligation for directors, (other) policymakers and employees with customer contact is to take an oath or promise before entering into employment. The oath or promise contains a declaration that – among other things – the employee will perform his or her duties with care and integrity, will put customer interests first and will make every effort to maintain and promote confidence in the financial services sector.

In addition to the oath or promise as mentioned above, there is also the “banker's oath”. This oath goes further than the oath or promise mentioned above and is mandatory for all employees who work for banks.

Breaching guidelines, codes of conduct or the statutory oath could lead to disciplinary sanctions being taken by the company itself (such as termination of the employment contract) or by disciplinary supervisors (such as a reprimand or a fine).

Generally, MAS’ Guidelines on Individual Accountability and Conduct emphasises the importance of reinforcing standards of proper conduct among all employees, while employees conducting regulated activities must remain fit and proper for their roles under MAS’ Guidelines on Fit and Proper Criteria.

Guidelines, codes, directions, notices and legislation in relation to corporate governance and risk management (including those mentioned in questions 5 and 6) should also be considered.

Depending on the regulatory status of the employing entity and, as the case may be, on the exact activities of a financial service employee, a financial service employee needs to adhere to certain code of conduct rules (eg, regarding transparency and care, documentation and accountability).

Supervised companies in Switzerland are, in principle, required to set up an organisation that ensures the compliance with Swiss financial market laws and its statutory code of conduct rules. For this purpose, among others, companies are required to issue regulations that their employees must follow.

Under Swiss financial market laws, code of conduct rules are generally based on abstract statutory rules and concretized by recognised privately organised associations.

In particular, several professional organisations (eg, the Swiss Bankers Association or the Asset Management Association) and self-regulated organisations issue their own set of code of conduct rules that members are required to follow.

In the DIFC, the DFSA General Rulebook provides that authorised individuals must adhere to six principles, as follows:

• Principle 1 – Integrity
• Principle 2 – Due skill, care and diligence
• Principle 3 – Market conduct
• Principle 4 – Relations with the DFSA
• Principle 5 – Management, systems and control
• Principle 6 – Compliance
   

In the ADGM, the FSRA General Rulebook provides that authorized individuals must adhere to eleven principles, as follows:

• Principle 1 – Integrity
• Principle 2 – Due skill, care and diligence
• Principle 3 – Management, systems and control
• Principle 4 – Resources
• Principle 5 – Market conduct
• Principle 6 – Information and interests
• Principle 7 – Conflicts of Interest
• Principle 8 – Suitability
• Principle 9 – Customer assets and money
• Principle 10 – Relations with regulators
• Principle 11 – Compliance with high standards of corporate governance

Yes. Both the FCA and PRA have established their own high-level required standards of conduct known as the Conduct Rules. The FCA’s conduct rules are set out in the FCA’s Code of Conduct sourcebook. The PRA’s conduct rules are set out in the PRA Rulebook (and different versions apply to different types of PRA-regulated firms).

The FCA’s conduct rules apply to most individuals working at an SM&CR firm. The PRA’s conduct rules apply to more limited individuals working at dual-regulated SM&CR firms: senior managers (approved by the PRA or FCA); individuals within the PRA’s certification regime; key function holders; and non-executive directors.

The Conduct Rules apply to conduct relating to the carrying out of an individual’s role. They do not extend to conduct within an individual’s private life, provided that the conduct is unrelated to the activities they carry out for their firm. Nevertheless, an individual’s behaviour outside of work can still be relevant to the separate consideration of their fitness and propriety.

There are two tiers of Conduct Rules: a first tier of rules applicable to all individuals subject to the Conduct Rules; and a second tier applicable to senior managers only.

The rules of the first tier are:

• Rule 1 – You must act with integrity.
• Rule 2 – You must act with due skill, care and diligence.
• Rule 3 – You must be open and cooperative with the FCA, PRA and other regulators.
• Rule 4 – You must pay due regard to the interests of the customer and treat them fairly.
• Rule 5 – You must observe proper standards of market conduct.

The rules of the second tier (applicable to senior managers) are:

• SC1 – You must take reasonable steps to ensure that the business of the firm for which you are responsible is controlled effectively.
• SC2 – You must take reasonable steps to ensure that the business of the firm for which you are responsible complies with the relevant requirements and standards of the regulatory system.
• SC3 – You must take reasonable steps to ensure that any delegation of your responsibilities is to an appropriate person and that you oversee the discharge of the delegated responsibility effectively.
• SC4 – You must disclose appropriately any information for which the FCA or PRA would reasonably expect notice.
• SC5 (certain dual-regulated firms only) – When exercising your responsibilities, you must pay due regard to the interests of current and potential future policyholders in ensuring the provision by the firm of an appropriate degree of protection for their insured benefits.

Firms must notify the FCA if they take disciplinary action against an individual for a breach of the Conduct Rules.

Employees in some states, including California and New York, are required to receive periodic sexual harassment training.

Employers are also required to implement anti-discrimination and anti-harassment policies that:

• contain information about where and how employees can report improper conduct;
• prohibit retaliation for reporting or opposing improper conduct, or participating in an investigation regarding misconduct; and
• comply with state and local provisions that require employer policies to contain certain provisions (eg, New York, Los Angeles and San Francisco).

New York law prohibits employers from mandating confidentiality or non-disclosure provisions when settling sexual harassment claims (though it allows such provisions where it is the employee’s preference to include them).

California law prohibits employers from mandating confidentiality or non-disclosure provisions in employment agreements, settlement agreements, and separation agreements that are designed to restrict an employee's ability to disclose information about unlawful acts in the workplace, including information pertaining to harassment or discrimination or any other conduct the employee has reason to believe is unlawful.

FINRA and the SEC both have requirements and recommendations for social media use.

FINRA requires that broker-dealers retain records of social media communications related to the broker-dealer’s business made using social media sites and adopt policies and procedures designed to ensure that their employees who use social media sites for business purposes are appropriately supervised and trained, and do not present an undue risk to investors.

The SEC similarly requires that social media use complies with all federal security laws, including antifraud, compliance, and recordkeeping provisions.

Banking regulators provide guidance stating that each financial institution is expected to carry out an appropriate risk assessment that takes social media activities into consideration.