FMA licensing guidance for conduct regime

06 December 2022

The Financial Markets Authority (FMA) has released a number of resources to assist banks, licensed insurers and non-bank deposit takers to prepare for the conduct regime under the Financial Markets (Conduct of Institutions) Amendment Act 2022 (CoFI), which is due to commence in early 2025, with licence applications opening on 25 July 2023.

Information Sheet

This provides:

  • an overview of the requirement for financial institutions to establish and maintain a fair conduct programme, including effective policies, processes, systems and controls to ensure compliance with the CoFI fair conduct principle,
  • guidance (with examples) on how to prepare and implement an FCP,
  • an explanation of some of the minimum requirements for FCPs (which are also set out in the Licence Application Guide), and
  • guidance on matters such as relevance and context, resourcing, outsourcing, training, assurance and governance in relation to the FCP.

Establishing an FCP

FCPs should be tailored to the individual business. Factors to consider include the nature and size of the business, the services offered, the methods by which those services are offered, and the consumers the business deals with.

FCPs do not need to break new ground. Their purpose is to ensure compliance with the fair conduct principle.  Existing policies and systems directed toward this aim should be incorporated into the FCP – and, in some cases, may fully achieve the FCP, without any further provisions being required.

The FMA expects resources to be allocated to those areas where there is a higher risk of unfair conduct. 

The financial institution’s governing body should assess and approve the FCP and should review it regularly. Where the FCP covers two or more entities within a group, each entity’s governing body should consider whether any unique factors relevant to that entity should be included.

The preparation and implementation of an FCP may be outsourced but the financial institution must ensure that it fully understands any documentation and all content related to the FCP and that it has the personnel in place to manage the ongoing operation of the FCP.

Implementing and maintaining the FCP

This sets out the FMA’s expectations regarding compliance with the requirements to:

  • provide regular staff training on relevant services and products, and the processes and procedures set out in the FCP
  • have methods for identifying deficiencies in the effectiveness of the FCP, and
  • maintain an effective FCP (including by having appropriate assurance processes).

Licence Application Guide

The Licence Application Guide is consistent with the format of existing market service licence applications, but focusses on the FCP with other aspects covering familiar territory.

Fair conduct programmes

Applicants will need to provide information on:

  • whether the FCP has been approved by the governing body
  • methods to review and maintain the FCP, including frequency of review
  • if the FCP is embedded within existing processes, how these will be reviewed
  • where ultimate accountability will reside, and who will have day-to-day responsibility for the FCP
  • relevancy of the FCP to the financial institution
  • associated products provided to consumers in New Zealand, and the number of consumers at the time the licence application is made, and
  • whether the financial institution will act as an intermediary.

They will also need to make publicly available a summary of FCP key matters.

Consumer care and handling conflicts

Applicants will need to provide information on:

  • processes to identify, record and review conflicts
  • how incentives will be designed and managed
  • methods to identify and handle conflicts of interest, and
  • training, management and supervision of employees.

Compliance with standard conditions

Applicants will need to provide information on the financial institution’s business continuity plan, operational resilience arrangements, record keeping process and outsourcing arrangements.

Authorised bodies and fit and proper questions

A duplicate application is provided within the Guide for any authorised bodies on a financial institution licence, and a full set of fit and proper questions for directors is included for each entity.

Final standard conditions

The six standard conditions relate to:

  1. Ongoing satisfaction of statutory requirements
  2. Notification of material changes
  3. Provision of regulatory returns
  4. Outsourcing
  5. Business continuity and technology systems
  6. Record keeping

These are largely unchanged from what was proposed pre-consultation, with some minor clarifications to standard conditions 5 and 6.

Duplication of regulatory regimes

The overlap of the standard conditions with the requirements of other regulatory regimes and the prudential obligations imposed by the Reserve Bank was a common theme of submissions and a point we made in our commentary on the consultation.

The FMA has stood its ground on many of these concerns, noting:

  • the importance of the CoFI emphasis on the fair treatment of consumers
  • the difference between the RBNZ’s focus on ensuring financial stability and the FMA’s focus on the behaviour and integrity of financial institutions, and the fact that the licensing regime was designed to incorporate this distinction through a “twin-peaks” regulatory model, and
  • the reality that the FMA has its own remit and cannot rely on the conditions stipulated in licences issued by other regulators.

The FMA has, however, recognised the regulatory burden and compliance cost associated with having two regulators and will seek to minimise the acknowledged duplication by continuing to work with RBNZ when licencing and monitoring financial institutions.

Standard condition 4 - Outsourcing

A number of submissions on this standard condition requested that engagement with intermediaries be explicitly excluded. The FMA has not amended the condition in this way, noting that it is the responsibility of financial institutions to make this determination. However the FMA does reiterate comments made in the consultation document that it would not expect typical distribution arrangements to be “the outsourcing of a system or process necessary to the provision of their financial institution service”.  

Standard condition 5 - business continuity and technology systems

The requirement to notify material impacts within 72 hours remains.

The FMA considers that this timeframe is appropriate, given the criticality of financial institutions’ technology systems to the maintenance of a sound and efficient financial system and insurance sector.  Although this rationale seems more focussed on prudential rather than conduct-related supervision, the explanatory note has been amended to make the purpose of the condition clear (which is to ensure consumers are treated fairly during a business disruption).

The FMA has also has clarified that, if some details of a critical event are not available at the time, this information can be provided separately, as soon as possible.

Standard condition 6 - record-keeping

The FMA has amended the terminology from “adequate” to “relevant” in response to submissions asking for clarification on the type of records to be retained and has provided a non-exhaustive list of what these might be in the explanatory note.

It has also:

  • replaced the requirement that records be readily available for inspection at all reasonable times with a requirement that financial institutions have arrangements in place to ensure that the FMA can inspect necessary documentation without unnecessary delay
  • replaced the requirement for records to be readily available within 10 working days with a requirement that financial institutions have in place arrangements to ensure that, where reasonably practicable, consumers consent to the FMA viewing or obtaining records, and
  • removed the requirement to retain records for seven years.

Chapman Tripp comment

The release of these documents is timely, given that many financial institutions are commencing, or have already commenced, their CoFI transition projects.

We have some sympathy for the duplication of requirements between the "twin peaks" regulators. Duplication is undesirable, but that is primarily a consequence of the overlapping structure of the dual regulation model imposed by law. If a single licensing system cannot be achieved, then the next best outcome is that the requirements match as much as the different objectives allow, so financial institutions do not have different, or worse, inconsistent obligations to achieve broadly the same purpose. 

If you want help in preparing your FCP or licence application, please get in touch.

Quick links to other Brief Counsels relevant to this topic

Related insights

See all insights