CASS compliance already has a reputation for being an onerous regime, to the point where the obligations have seen several notable firms exit their client money businesses since PS 14/9.
Could this be the moment where the regulator recognises the complications posed by the virus crisis and cuts CASS firms some temporary slack?
Wholesale working-from-home has been quite straightforward for some areas of the sector, where platforms, systems and IT have been part of the landscape for decades. But the physical world still exerts limitations.
When a client money cheque arrives at an empty office and cannot be banked as usual, a firm must still observe the CASS rules and pay in their own funds – becoming client funds – to the client’s account. No change there.
For custody firms, there may also be bricks-and-mortar issues if a reconciliation cannot be performed at the venue where the physical assets are stored. A failure to perform reconciliation remains a reportable breach under CASS 6, crisis or no crisis, and the regulator expects firms to mitigate logistical difficulties such as social-distancing accordingly.
Client money balances
One might hope that client money firms caught under CASS 7 have a slightly easier job under lockdown with fewer physical matters to manage. However, a reduction in asset purchases can result in an extraordinary uptick in client money balances which need managing.
In some cases, this can require actions to maintain compliance with the prudent segregation rules and even change a firm’s classification from small to medium, or medium to large, with the related shift in compliance obligations.
CASS medium firms that have chosen to ‘act up’ under SMCR by taking on the obligations of the enhanced regime, may take some comfort from their foresight if their shift in classification comes earlier than planned.
Notwithstanding, the regulator has stated that these CASS compliance requirements remain unchanged whether the changes to the firm’s situation is COVID-19 caused or not.
Audit costs & remediation
Some firms have pointed to an increase in the number of CASS breaches causing a likely increase in audit cost as the auditor has more material to discuss with the firm. The regulator has been clear in pushing back on this claim, noting that no such audit cost increases have come to its attention.
If COVID-related delays are causing delays to previously agreed improvements then the regulator is non-committal, noting that firms should continue to keep them informed of progress, as we would expect.
Last month’s advice on the impact of the crisis on the reporting of statements of responsibility and the ‘12-week rule’ for temporary appointments may provide the best acknowledgement by the regulator that some leeway will be helpful to firms under current conditions.
Remote compliance
In summary, the regulator requires CASS firms to continue to observe the regime with the same, if not greater, levels of diligence as normal to protect consumers from harm. Whilst COVID-related disruption is acknowledged it is not sanctioned as an excuse for non-compliance.
Firms who have had the foresight to centralise and automate their CASS operations with a platform like Ruleguard are fortunate that mass remote-working, centralised breach management and the production of MI are largely taken care of.
Providing CASS firms with the best method of riding out a global pandemic was not quite what our software designers had in mind during development, but the Ruleguard platform can help support effective CASS operations as the world of work becomes increasingly remote post-COVID… even as CASS firms cannot expect much slack from the regulator.