MIR-4.16 MIR-4.16 Outsourcing
MIR-4.16.1
A
member shall not outsource any function related to anyregulated activities without prior approval of the CBB, and/orSRO .Adopted January 2010MIR-4.16.2
The CBB would normally not grant its approval related to the outsourcing application, when such outsourcing application is related to controlled functions, or core business of such licensed
member .Amended: April 2013
Adopted January 2010MIR-4.16.3
The
member seeking to outsource functions related to any undertaking ofregulated activities should have the following in place:(a) Comprehensive policy to guide the assessment of whether and how these functions or services can be appropriately outsourced;(b) The management shall have the responsibility for the outsourcing policy and related overall responsibility for outsourced functions or services undertaken under that policy;(c) Themember retains the ultimate res'ponsibility for the functions or services that are outsourced;(d) Themember must obtain the approval of the respectiveSRO and notify the CBB before committing to an outsourcing arrangement;(e) Themember must maintain and regularly review contingency plans to enable him to set-up alternative arrangements should the outsourcing provider fail;(f) Themember must nominate an officer of senior management with day-to-day responsibility for handling the relationship with the outsourcing provider and ensuring that relevant risks are addressed;(g) All the outsourcing contract must be legally enforceable;(h) A notice period of at least three months shall be required from the outsourcing party to terminate the contract;(i) On termination all data pertaining to themember and itsclients shall be returned by the outsource provider to themember ; and(j) For the entire duration of the outsourcing contact, this shall be subject to the confidentiality requirements in general, and information related to theclients or users in particular.Adopted January 2010
