Skip to main content
Entire section Custom print Text Only Rich Text Print

9.3 Outsourcing Policy

N 35/2018 STA
  1. 9.3.1The Licensed Person must have an outsourcing policy approved by the Board of Directors (or by the Owner/Partners where there is no Board of Directors); and
  2. 9.3.2The outsourcing policy must cover the following aspects, at a minimum:
    1. a)Enhanced Due Diligence (EDD) process to be applied on the Service Provider;
    2. b)Responsibilities of the Licensed Person and the Board of Directors (or with the Owner/Partners where there is no Board of Directors) in relation to all outsourced functions;
    3. c)Annual risk assessment of outsourced functions;
    4. d)Control mechanisms to mitigate various outsourcing risks; and
    5. e)Requirement of a Service Level Agreement between the Licensed Person and the Service Provider.