Companies shall conduct an assessment on risks and possibility of major operational disruptions by assessing on an emergency incident, which causes a disruption and business impacts in either short, medium or
· Forms 2 Does the firm have policies and procedures for the retention of firm’s documentation for a period of time sufficient to permit those performing monitoring and review procedures to evaluate the
inspection to evaluate its compliance with its policies and procedures? – Monitoring Process If yes, please specify 1) Who perform such function e.g. in-house, outsource, network firm? 2) How often the firm
, how does the firm inform its personnel or what kind of process that the firm use to ensure that its staff evaluate clients risk? 5 Regarding integrity checks does the firm’s conduct, for example
regulatory sandbox ; (b) assessing and managing potential risks from the operation; (c) having operational procedures and an internal control system with details covering the operation specified in Clause 4
and adequately throughout the period of participating in the regulatory sandbox ; (b) assessing and managing potential risks from service provision; (c) having procedures for communicating and providing
service provision appropriately and adequately throughout the period of participating in the regulatory sandbox ; (b) assessing and managing potential risks from service provision; (c) having procedures for
); (5) review procedures and processes in the management of information security incidents, after the testing under (4) is carried out, at least once a year; (6) evaluate the results of the testing under
information for the following purposes prior to providing services: (1) knowing the client ; (2) categorizing type of the client ; (3) assessing suitability for investment in or entering into a transaction of
areas: (a) having capital, work systems and personnel that can support service provision appropriately and adequately throughout the period of participating in the regulatory sandbox ; (b) assessing and