Ordinance
on Financial Institutions
(Financial Institutions Ordinance, FinIO)

(Art. 9 Fin­IA)

¹Man­agers of col­lect­ive as­sets must have an ap­pro­pri­ately defined risk man­age­ment sys­tem in place as well as an ef­fect­ive in­tern­al con­trol struc­ture to en­sure in par­tic­u­lar com­pli­ance with leg­al and in­tern­al pro­vi­sions.

²They shall set out guidelines for the ba­sic prin­ciples of risk man­age­ment and define their risk tol­er­ance.

³They will keep the func­tions of risk man­age­ment and com­pli­ance func­tion­ally and hier­arch­ic­ally sep­ar­ate from the op­er­a­tion­al busi­ness units, in par­tic­u­lar from the func­tion of in­vest­ment de­cisions (port­fo­lio man­age­ment).

⁴The body re­spons­ible for the gov­ernance, su­per­vi­sion and con­trol of the man­ager of col­lect­ive as­sets is charged with es­tab­lish­ing, se­cur­ing and mon­it­or­ing the in­tern­al con­trol sys­tem (ICS). This body also defines risk tol­er­ance.

⁵The body re­spons­ible for man­age­ment im­ple­ments the cor­res­pond­ing re­quire­ments stip­u­lated by the body for gov­ernance, su­per­vi­sion and con­trol, it de­vel­ops suit­able guidelines, pro­ced­ures and pro­cesses, and re­ports peri­od­ic­ally to the body re­spons­ible for gov­ernance, su­per­vi­sion and con­trol.

⁶Para­graphs 4 and 5 do not ap­ply to man­agers of col­lect­ive as­sets which are gran­ted an ex­emp­tion in ac­cord­ance with Art­icle 37 para­graph 5.

⁷If a body re­spons­ible for gov­ernance, su­per­vi­sion and con­trol has been ap­poin­ted in ac­cord­ance with Art­icle 37 para­graph 4, FINMA may also re­quire that in­tern­al aud­it­ors who are in­de­pend­ent of man­age­ment be ap­poin­ted where the nature and scope of activ­ity so dic­tate.

⁸Where there are le­git­im­ate grounds for so do­ing, FINMA may de­part from these re­quire­ments.

⁹FINMA shall reg­u­late the de­tails.