Activities of shared services centres for financial institutions - regulatory aspects

Many shared services centres in Poland operate within capital groups, which include various types of financial institutions subject to strict regulations and supervision. What specific regulatory issues should be then taken into account when establishing and managing such centres?

LEGAL FORM OF ACTIVITY

This question should be asked already at the stage of choosing the legal form in which a shared service centre (SSC) will operate. In practice, there is often a temptation to set up a SSC as a branch of one of the existing financial institutions* operating within a group and based in an EU country, using the passporting mechanism provided for in EU law. It allows many types of financial institutions operating in the EU to expand their activities into another EU country by establishing a branch there, with relatively little formality and cost, and no need to create a new entity, as the branch does not have a separate legal personality and is only a separated part of the parent institution’s activities.

In most cases, however, a branch is not the most appropriate form of operation for a SSC. It must be borne in mind mainly that a foreign entrepreneur may only carry out business activities in a branch within the scope that it carries them out abroad. Thus, if a foreign entrepreneur is, for example, a bank or an insurance company, it may open a branch in Poland only to conduct banking or, respectively, insurance activity, and only to the extent to which it conducts such an activity in its home country. In principle, the typical activities of a SSC (i.e. IT, accounting, HR, etc.) do not fall within the scope of business activities that a bank, insurance company, investment firm or other similar regulated entity may provide to third parties (even from the same capital group), because the permissible scope of activities of such entities is usually, both in Poland and in other countries, strictly limited to certain types of financial and related services. When notifying supervisory authorities of the intention to commence operations in Poland through a branch, the foreign institution must indicate which of these services it intends to provide in Poland – and only to that extent will the branch be permitted to operate. The provision of, for example, IT services to other entities in the capital group should generally not be included in this scope of services.

In conclusion, the most appropriate form for a SSC operating in Poland and serving a group of financial institutions seems to be a subsidiary established in Poland. Opening a Polish branch for this purpose will usually not be a good idea.

COMBINING FINANCIAL ACTIVITIES AND A SSC IN ONE ENTITY

However, not every company operating in Poland is suitable for running a SSC. If a given financial group already has a subsidiary in Poland conducting regulated activities, the idea sometimes arises that the activities of a SSC could be carried out by this company. In the case of certain types of entities (e.g. banks or insurance companies), this is generally impossible because the scope of legally permissible activities of these entities is strictly defined and does not include typical activities performed by shared services centres. However, some other types of regulated financial institutions (e.g. lending institutions) do not suffer from such restrictions and are not formally prevented from operating as a SSC for their group in addition to their financial services activities.

However, even such a solution may prove to be highly problematic in practice. It must be remembered namely that lending institutions have the status of the so-called “obliged entities” in the meaning of AML/CFT regulations. This means, in particular, that they are subject to a number of obligations relating to KYC (Know Your Customer), i.e. identification and verification of the identity of the customer and its beneficial owner. It is debatable whether these obligations apply to the activities of obliged entities other than regulated activities (so, for example, to the activities of a shared services centre carried out by a lending institution), but unfortunately there is currently no clear basis for treating the non-regulated activities of obliged entities separately in terms of AML obligations and therefore these requirements should be deemed to apply to all relationships of obliged entities with customers. This situation may put an additional and unnecessary burden on the shared service centre activities of the obliged entity.

Consequently, in most cases, the most appropriate solution will be to place the activities of the shared service centre in a separate company dedicated exclusively to these activities.

OUTSOURCING OF ACTIVITIES BY FINANCIAL INSTITUTIONS

Another issue of fundamental importance for the proper structuring and lawful operation of a SSC providing services to a group of financial institutions are the regulations on outsourcing which, in the case of financial institutions, can be quite rigorous. Significantly, when a SSC provides services to financial institutions that do not operate in Poland, the regulations in force in their home countries, and not the Polish ones, will be most important in this respect. This is an element that may undoubtedly complicate the activity of a Polish SSC, because when providing services simultaneously for regulated financial institutions from different countries, the Polish SSC will have to take into account in its activities the regulations on outsourcing in force in each of those countries.

Obviously, the greatest burden of compliance with these regulations will be borne by the financial institutions using the services of a Polish company, but these regulations will also very often have an impact on the activities of the SSC itself, e.g. in the form of the need to: (i) ensure an appropriate level of education, experience and qualifications of the persons managing the SSC; (ii) have in place action plans ensuring continuous and uninterrupted operation of the business within the scope covered by the agreement between the SSC and a given financial institution; or (iii) ensure that it is possible to carry out audits at the SSC on the correctness of the performance of the agreement, both by the financial institution itself, for which the SSC provides services, and potentially by the supervisory authorities of its home country. Where a SSC provides services to regulated entities from different countries, this may lead to significant complexity in the regulatory aspects of its activities. Polish regulations on outsourcing of activities by financial institutions may also apply when the services of a SSC are provided to institutions based in Poland and, to a certain extent, when they are provided to foreign institutions operating in Poland in the form of a branch.

It is also worth bearing in mind that legal restrictions on outsourcing do not apply only to financial institutions such as banks, insurance companies or investment firms, but also to certain entities providing regulated financial intermediation services. For example, the outsourcing of certain activities by insurance brokers in Poland is subject to significant restrictions – they may outsource only those activities that require specialist knowledge, but other than specialist knowledge in the field of insurance and insurance intermediation.

In summary, the activity of a SSC within a financial group is subject to various restrictions related to the regulated nature of the activity of entities in such a group. Therefore, the creation and management of such centres must take into account numerous regulations, often originating in different legal systems.

* The term will be used in this article in a colloquial, broad sense.

Author: Konrad Werner, Attorney-at-law, Expert in Banking & Financial Regulations, Noerr