In this section:









null

The purpose of this document is to provide a framework for ensuring that full and accurate records of the business activities of the Financial Services Authority (FSA) are managed and retained for as long as necessary to support legislative and operational requirements.

This applies to both internal and external information and records created or received as part of the FSA's activities.

Context

As part of the FSA's statutory commitment to deliver better regulation, the effective management of information and records is essential. To ensure the effective management of information and records within the FSA the Records Management team will promote good records management practices and provide support to staff.

The FSA is subject to the Freedom of Information Act 2000 (FOIA) and the Data Protection Act 1998 (DPA) which set out specific requirements on the creation and management of records. The FSA will comply with these specific requirements through its commitment to best practice records management.

Scope

The Records Management Principles apply to all FSA employees, (whether permanent or temporary, including contractors) who handle business information and records on behalf of the FSA. This includes all written correspondence, whether paper or electronic, and all oral transactions, including meetings and telephone calls. Equally, it covers all records of these activities, regardless of the media in which they are captured.

Records Management Principles

The FSA expects that:

  • All staff will create and maintain full and accurate records of all business activities and file and maintain incoming and outgoing records. Records include, but are not limited to letters, emails, telephone recordings and meeting minutes that relate to FSA business activities.
  • All records will be captured into the central records management systems according to the FSA's Records Management Procedures. These procedures are issued separately. Staff may not keep records in separate, individual filing systems or on their hard-drive, except for exceptionally sensitive material where an individual filing system may be appropriate as a short term solution.
  • All records will be named in accordance with the corporate naming conventions and classification.
  • All records will be accessible to all FSA staff, unless there is an explicit business reason for access to be limited.
  • Physical files will be kept in the designated areas, unless required for specific purposes. The location of physical files will be kept up-to-date at all times in the relevant records management systems.
  • All staff will dispose of non-records in a timely manner. Non-records include, but are not limited to, personal emails and meeting invites and copies of documents held elsewhere in the FSA.
  • No staff member will dispose of records unless authorised to do so.
  • A Retention and Disposal Schedule has been issued which will be routinely assessed and applied in accordance with the FSA’s Records Management Procedures.
  • A migration strategy will be instituted to ensure accessibility of electronic records throughout their life cycle. This strategy will identify records of ongoing value and ensure that they continue to be accessible over time, by migrating them through successive software systems. This will be identified in the IT policy and be reflected in ongoing management procedures.
  • Vital records have been identified and particular attention will be paid to their protection; these include:

    • Information that we have a statutory requirement to retain under FSMA;
    • Board decisions;
    • Permissions to firms, VOPs, Waivers;
    • FSA Register;
    • Memoranda of Understanding.

Guidelines

Records Management Procedures, guidelines to good practice, and information on the roles and responsibilities of managers, staff and the Records Management team, are accessible on the intranet.

Regulatory Framework

Relevant legislation with which the RM Principles comply includes:

  • Freedom of Information Act 2000;
  • Data Protection Act 1998;
  • Financial Services and Markets Act 2000, in particular s.394 and Schedule 1 paragraph 9;
  • Environmental Information Regulations 1992 & Environmental Information (Amendment) Regulations 1998;
  • Limitations Act 1980;
  • Re-Use of Public Sector Information Regulations 2005.

The RM Principles also comply with the following Standards and Codes:

  • International Standard on Records Management, ISO 15489;
  • Lord Chancellor's Code of Practice on the Management of Records under the Freedom of Information Act 2000.

Monitoring and Review

These principles will be regularly monitored and reviewed to ensure that it remains relevant to the organisation’s business aims and requirements. Staff compliance with the principles and associated procedures will be monitored on an ongoing basis through staff assessment by MSUs, managers and the Records Management team.

Authorisation

These principles were approved by David Kenmir MD RSBU, following consultation between Sandy Keilloh, Head of Knowledge Management, and the MSU HoDs.