Commission Delegated Regulation (EU) 2017/392Show full title

Commission Delegated Regulation (EU) 2017/392 of 11 November 2016 supplementing Regulation (EU) No 909/2014 of the European Parliament and of the Council with regard to regulatory technical standards on authorisation, supervisory and operational requirements for central securities depositories (Text with EEA relevance)

Article 12Compliance, internal control and internal audit functions

1.An application for authorisation shall include a description of the procedures for the applicant CSD's internal reporting of infringements referred to in Article 26(5) of Regulation (EU) No 909/2014.

2.An application for authorisation shall include information regarding an applicant CSD's internal audit policies and procedures referred to in Article 51, including:

(a)a description of the monitoring and evaluation tools for the adequacy and effectiveness of the applicant CSD's internal audit systems;

(b)a description of the control and safeguard tools for the applicant CSD's information processing systems;

(c)a description of the development and application of the applicant CSD's internal audit methodology;

(d)a work plan of the internal audit function for three years following the date of application;

(e)a description of the roles and qualifications of each individual who is responsible for internal audit referred to in Article 47(3)(d) under the oversight of the audit committee referred to in Article 48(1)(b).

3.An application for authorisation shall include the following information concerning the compliance and internal control function of the applicant CSD's referred to in Article 47(3)(c):

(a)a description of the roles and qualifications of individuals who are responsible for the compliance and internal control function and of any other staff involved in the assessments of compliance, including a description of the means to ensure the independence of the compliance and internal control function from the rest of the business units;

(b)the policies and procedures of the compliance and internal control function, including a description of the compliance role of the management body and senior management;

(c)where available, the most recent internal report prepared by the persons responsible for the compliance and internal control function or by any other staff involved in the assessments of compliance within the applicant CSD.