ZYC-AR-001 – Appointed Representative (AR) Oversight Policy

This policy sets out how Zeyro supervises any Appointed Representatives (ARs) we appoint under our Principal permissions. It covers onboarding, monitoring, file reviews, desk-based oversight, notifications, and termination.

Zeyro’s objective is to ensure ARs act compliantly, deliver fair outcomes, and operate within the scope of their appointment.

1. Purpose

To demonstrate that Zeyro, acting as a Principal firm, maintains effective and proportionate oversight of its Appointed Representatives in line with the FCA’s enhanced AR regime and UK MiFID rules as implemented in the UK.

This policy ensures:

  • ARs act within their permitted activities.

  • ARs remain fit, proper, and financially stable.

  • Risks associated with AR activities are identified and managed.

  • Zeyro can evidence effective supervision at all times.

2. Scope

Applies to:

  • All Appointed Representatives appointed by Zeyro under a written AR agreement.

  • All activities carried out by ARs within the scope of permission delegated by Zeyro.

  • All Zeyro staff involved in onboarding, monitoring, or supervising ARs.

Does not apply to Introducer Appointed Representatives (IARs). Zeyro will not appoint IARs unless this policy is updated.

3. Governance

  • SMF16/SMF17 (MLRO & Compliance Oversight) is responsible for AR oversight.

  • The Board receives quarterly AR oversight reporting and approves any new AR appointments.

  • Operational Oversight Lead (delegated by SMF16) conducts day-to-day monitoring activity.

Zeyro remains fully responsible to the FCA for all regulatory obligations conducted by its ARs.

4. AR Onboarding Requirements

4.1 Due diligence

Before appointment, Zeyro must complete proportionate but robust due-diligence including:

  • Identification & background checks on the AR and key individuals.

  • Financial stability assessment, including accounts and credit checks.

  • Business model & activity analysis, confirming activities are within scope.

  • Fitness & propriety assessments for relevant AR personnel.

  • Compliance culture assessment, including governance, training, and control environment.

  • Conflicts of interest assessment.

All due diligence is recorded in SharePoint and summarised in the AR Due Diligence Register (Jira).

4.2 FCA notifications

Zeyro completes:

  • Section 39A AR notification to the FCA.

  • “Reason we have adequate controls” declaration.

  • Submission of required RegData information.

ARs may not commence activities until the FCA confirms approval.

4.3 Contracts

Zeyro enters into a written AR Agreement covering:

  • Scope of permissions

  • Systems & controls requirements

  • Reporting & disclosure expectations

  • Record-keeping

  • Termination triggers

  • Rights of audit and access

  • Requirement for AR to cooperate fully with Zeyro and FCA

5. Ongoing Oversight & Monitoring

Zeyro applies proportionate and risk-based monitoring aligned to the AR’s business type.

5.1 Desk-Based Reviews

Conducted quarterly and recorded in Jira.

Includes:

  • Review of AR MI

  • Review of client onboarding & AML process

  • Review of complaints log

  • Review of financial promotions

  • Review of conflicts, gifts and breaches

  • Review of training & competence logs

  • Review of any outsourcing arrangements

  • Review of insurance cover (if relevant)

  • Assessment of financial health (revenue, solvency signals)

Findings are logged as “Desk-Based Review – AR Name” in the Registers project.

5.2 File Audits

Performed semi-annually (or more frequently for higher-risk ARs).

Typical file sample:

  • 5–10% of relevant transactions, or

  • at least 3 files per review period.

Checks include:

  • Advice or arranging documentation (where relevant)

  • AML/KYC documentation

  • Appropriateness assessments

  • Conflict disclosures

  • Evidence of fair, clear, not misleading communications

  • Records of client classification (if relevant)

Results are documented in SharePoint and summarised in Jira.

5.3 Promotion Oversight

If the AR issues financial promotions:

  • All promotions are submitted to Zeyro for approval prior to publication.

  • Zeyro monitors promotions weekly on public channels.

  • MirrorWeb website scans catch unapproved promotional changes.

  • Non-compliant promotions result in immediate escalation and potential withdrawal of AR approval.

5.4 Business Model Monitoring

Zeyro monitors changes that may alter the AR’s risk profile:

  • New products or services

  • New jurisdictions

  • Significant client changes

  • Changes to ownership or senior management

  • Outsourcing changes

  • Material complaints or incidents

ARs must notify Zeyro in advance of material changes.

5.5 Annual AR Review

Once per year SMF16 produces a written assessment including:

  • Performance against contractual obligations

  • Training & competence adequacy

  • Financial stability assessment

  • Conduct risk indicators

  • Complaints & breach trends

  • Whether permissions remain appropriate

  • Whether Zeyro should continue the appointment

The report is presented to the Board and stored in SharePoint.

6. Record-Keeping

Zeyro records all AR activity, including:

  • Due diligence

  • AR contracts

  • Monitoring reports

  • File audit findings

  • Training records

  • Breaches and complaints

  • Financial promotions logs

  • Board oversight

All documents are stored in SharePoint – AR Oversight.

7. Escalation Processes

7.1 Routine issues

Handled via:

  • Corrective action plan

  • Additional monitoring

  • Targeted training

  • Increased frequency of file reviews

7.2 Serious issues

SMF16 escalates to the Board if:

  • Evidence of regulatory breach

  • Unapproved financial promotions

  • AML/CTF concerns

  • Failure to provide requested information

  • Financial instability

  • Lack of cooperation with oversight

Record maintained in the Breach / Incident Register.

7.3 FCA notification

Zeyro notifies the FCA if:

  • A significant issue arises with an AR

  • AR breaches regulatory requirements

  • Zeyro terminates the AR relationship due to risk

8. Termination of Appointment

Zeyro may terminate an AR relationship where:

  • There is a material breach of obligations

  • The AR becomes financially unstable

  • The AR engages in misconduct

  • Oversight becomes impractical or disproportionately resource-intensive

  • Zeyro no longer has confidence in the AR’s systems or governance

On termination:

  • FCA is notified immediately.

  • AR must cease regulated activity at once.

  • All records must be transferred to Zeyro.

9. Review Cycle

This policy is reviewed:

  • Annually by SMF16, or

  • Immediately upon any change to FCA AR requirements

Document Control
Field
Details

Policy Code

ZYC-AR-001

Policy Title

Appointed Representative Oversight Policy

Linked Procedures

AR Onboarding Procedure, AR Monitoring Procedure

Owner

Gareth Malna – SMF 16 & 17

Reviewer

Zeyro Board

Version

1.0

Date Approved

October 2025

Next Review

October 2026

PreviousZYC-COMPL-001 Complaints Handling PolicyNextOperations and Information

Last updated