Article 16
Organisational requirements
1.
The home Member State shall require that investment firms comply with the organisational requirements laid down in paragraphs 2 to 10 of this Article and in Article 17.
2.
An investment firm shall establish adequate policies and procedures sufficient to ensure compliance of the firm including its managers, employees and tied agents with its obligations under this Directive as well as appropriate rules governing personal transactions by such persons.
3.
An investment firm shall maintain and operate effective organisational and administrative arrangements with a view to taking all reasonable steps designed to prevent conflicts of interest as defined in Article 23 from adversely affecting the interests of its clients.
An investment firm which manufactures financial instruments for sale to clients shall maintain, operate and review a process for the approval of each financial instrument and significant adaptations of existing financial instruments before it is marketed or distributed to clients.
The product approval process shall specify an identified target market of end clients within the relevant category of clients for each financial instrument and shall ensure that all relevant risks to such identified target market are assessed and that the intended distribution strategy is consistent with the identified target market.
An investment firm shall also regularly review financial instruments it offers or markets, taking into account any event that could materially affect the potential risk to the identified target market, to assess at least whether the financial instrument remains consistent with the needs of the identified target market and whether the intended distribution strategy remains appropriate.
An investment firm which manufactures financial instruments shall make available to any distributor all appropriate information on the financial instrument and the product approval process, including the identified target market of the financial instrument.
Where an investment firm offers or recommends financial instruments which it does not manufacture, it shall have in place adequate arrangements to obtain the information referred to in the fifth subparagraph and to understand the characteristics and identified target market of each financial instrument.
The policies, processes and arrangements referred to in this paragraph shall be without prejudice to all other requirements under this Directive and Regulation (EU) No 600/2014, including those relating to disclosure, suitability or appropriateness, identification and management of conflicts of interests, and inducements.
4.
An investment firm shall take reasonable steps to ensure continuity and regularity in the performance of investment services and activities. To that end the investment firm shall employ appropriate and proportionate systems, resources and procedures.
5.
An investment firm shall ensure, when relying on a third party for the performance of operational functions which are critical for the provision of continuous and satisfactory service to clients and the performance of investment activities on a continuous and satisfactory basis, that it takes reasonable steps to avoid undue additional operational risk. Outsourcing of important operational functions may not be undertaken in such a way as to impair materially the quality of its internal control and the ability of the supervisor to monitor the firm’s compliance with all obligations.
An investment firm shall have sound administrative and accounting procedures, internal control mechanisms, effective procedures for risk assessment, and effective control and safeguard arrangements for information processing systems.
Without prejudice to the ability of competent authorities to require access to communications in accordance with this Directive and Regulation (EU) No 600/2014, an investment firm shall have sound security mechanisms in place to guarantee the security and authentication of the means of transfer of information, minimise the risk of data corruption and unauthorised access and to prevent information leakage maintaining the confidentiality of the data at all times.
6.
An investment firm shall arrange for records to be kept of all services, activities and transactions undertaken by it which shall be sufficient to enable the competent authority to fulfil its supervisory tasks and to perform the enforcement actions under this Directive, Regulation (EU) No 600/2014, Directive 2014/57/EU and Regulation (EU) No 596/2014, and in particular to ascertain that the investment firm has complied with all obligations including those with respect to clients or potential clients and to the integrity of the market.
7.
Records shall include the recording of telephone conversations or electronic communications relating to, at least, transactions concluded when dealing on own account and the provision of client order services that relate to the reception, transmission and execution of client orders.
Such telephone conversations and electronic communications shall also include those that are intended to result in transactions concluded when dealing on own account or in the provision of client order services that relate to the reception, transmission and execution of client orders, even if those conversations or communications do not result in the conclusion of such transactions or in the provision of client order services.
For those purposes, an investment firm shall take all reasonable steps to record relevant telephone conversations and electronic communications, made with, sent from or received by equipment provided by the investment firm to an employee or contractor or the use of which by an employee or contractor has been accepted or permitted by the investment firm.
An investment firm shall notify new and existing clients that telephone communications or conversations between the investment firm and its clients that result or may result in transactions will be recorded.
Such a notification may be made once, before the provision of investment services to new and existing clients.
An investment firm shall not provide, by telephone, investment services and activities to clients who have not been notified in advance about the recording of their telephone communications or conversations, where such investment services and activities relate to the reception, transmission and execution of client orders.
Orders may be placed by clients through other channels, however such communications must be made in a durable medium such as mails, faxes, emails or documentation of client orders made at meetings. In particular, the content of relevant face-to-face conversations with a client may be recorded by using written minutes or notes. Such orders shall be considered equivalent to orders received by telephone.
An investment firm shall take all reasonable steps to prevent an employee or contractor from making, sending or receiving relevant telephone conversations and electronic communications on privately-owned equipment which the investment firm is unable to record or copy.
The records kept in accordance with this paragraph shall be provided to the client involved upon request and shall be kept for a period of five years and, where requested by the competent authority, for a period of up to seven years.
8.
An investment firm shall, when holding financial instruments belonging to clients, make adequate arrangements so as to safeguard the ownership rights of clients, especially in the event of the investment firm’s insolvency, and to prevent the use of a client’s financial instruments on own account except with the client’s express consent.
9.
An investment firm shall, when holding funds belonging to clients, make adequate arrangements to safeguard the rights of clients and, except in the case of credit institutions, prevent the use of client funds for its own account.
10.
An investment firm shall not conclude title transfer financial collateral arrangements with retail clients for the purpose of securing or covering present or future, actual or contingent or prospective obligations of clients.
11.
In the case of branches of investment firms, the competent authority of the Member State in which the branch is located shall, without prejudice to the possibility of the competent authority of the home Member State of the investment firm to have direct access to those records, enforce the obligation laid down in paragraphs 6 and 7 with regard to transactions undertaken by the branch.
Member States may, in exceptional circumstances, impose requirements on investment firms concerning the safeguarding of client assets additional to the provisions set out in paragraphs 8, 9 and 10 and the respective delegated acts as referred to in paragraph 12. Such requirements must be objectively justified and proportionate so as to address, where investment firms safeguard client assets and client funds, specific risks to investor protection or to market integrity which are of particular importance in the circumstances of the market structure of that Member State.
Member States shall notify, without undue delay, the Commission of any requirement which they intend to impose in accordance with this paragraph and at least two months before the date appointed for that requirement to come into force. The notification shall include a justification for that requirement. Any such additional requirements shall not restrict or otherwise affect the rights of investment firms under Articles 34 and 35.
The Commission shall within two months of the notification referred to in the third subparagraph provide its opinion on the proportionality of and justification for the additional requirements.
Member States may retain additional requirements provided that they were notified to the Commission in accordance with Article 4 of Directive 2006/73/EC before 2 July 2014 and that the conditions laid down in that Article are met.
The Commission shall communicate to Member States and make public on its website the additional requirements imposed in accordance with this paragraph.
12.
The Commission shall be empowered to adopt delegated acts in accordance with Article 89 to specify the concrete organisational requirements laid down in paragraphs 2 to 10 of this Article to be imposed on investment firms and on branches of third-country firms authorised in accordance with Article 41 performing different investment services and/or activities and ancillary services or combinations thereof.