JERSEY Law and Practice Contributed by: Christopher Griffin, Sophie Hancock, Tshogofatso Dhlamini, Rachael Barber, David Patterson and Mike Kushner, Carey Olsen
conditions on a case-by-case basis, which is enormously helpful. 2.6 Jurisdiction of Regulators The JFSC is the principal relevant regulator in Jersey. For data protection, the Office of the Information Commissioner in Jersey has juris - diction. 2.7 No-Action Letters Regulations do not use no-action letters in Jer - sey. 2.8 Outsourcing of Regulated Functions Any Jersey business that is either regulated under the Financial Services Law or is registered with the JFSC under the Jersey POC SB Law needs to confirm whether the JFSC’s Outsourc - ing Policy will apply to any outsourced function. In summary, where a service provider performs outsourced activity as part of a business’ regu - lated activity or non-regulated activity and where the service provider’s inadequate performance of the outsourced activity would materially pre - vent, disrupt or impact upon the continuing compliance of that business’ regulated activ - ity, such outsourcing activity is caught by the JFSC’s Outsourcing Policy. The JFSC’s Outsourcing Policy sets out certain core principles as well as detailed guidance thereunder. The core principles are as follows. • A business is responsible for and accountable to the JFSC for any outsourced activity. • A business must ensure that any service provider performing outsourced activity is fit and proper. • A business must put in place an outsourcing agreement with the service provider before the start of the outsourced activity.
• A business must maintain adequate capac - ity and resources to implement all necessary policies and procedures to ensure that a ser - vice provider continues to be fit and proper. • A business must maintain suitable contingen - cy plans in case a service provider’s perfor - mance suffers a material disruption or ends unexpectedly for any reason. • Except for where the policy provides other - wise, a business must complete and submit an outsourcing notification to the JFSC before appointing a service provider. • A business must ensure there is nothing in the service provider’s performance of the out - sourced activity that would prevent or restrict the JFSC regulatory powers in respect of the business or the activity. If the JFSC’s Outsourcing Policy does apply, the vendor needs to file an outsourcing notification with the JFSC. 2.9 Gatekeeper Liability There are no express regulations relating to fin - tech “providers” although: • if a fintech provider is subject to the Jersey AML Regime, that provider is required to ensure that activities on the platform comply with that regime (this includes carrying out KYC checks on customers); and • if a fintech provider is carrying on any class of financial services business under the Finan - cial Services Law, the provider is subject to the requirements of the applicable Code of Practice published by the JFSC. 2.10 Significant Enforcement Actions There have been no significant enforcement actions by the JFSC in the fintech space.
437 CHAMBERS.COM
Powered by FlippingBook