The UK’s Senior Managers and Certification Regime (SMCR) came into force for banks, other deposit-takers and PRA-regulated investment firms in March 2016. The regime is expected to be brought into effect for the rest of the UK financial services industry in 2018.
Watch recordings of the webinar here; https://mco.mycomplianceoffice.com/mco-webinar/ready-your-firm-senior-managers-and-certification-regime-fundamentals
Vip Call US 📞 7738631006 ✅Call Girls In Sakinaka ( Mumbai )
Ready your Organisation: Senior Managers and Certification Regime
1. June 2017
- Gregory Brandman, Partner
-Simon Collins, Managing Director of FS Regulatory
cCompliance
An introduction to the Senior
Managers and Certification
Regime
2. 2
What we will cover
• Background to the new regime - What is it and what has changed?
- Overview of the new rules
- Senior managers
- Certification regime
- Conduct rules
• Implementing the regime
- Delegation
- Regulatory References
- Key Supervisory areas
• What does it all mean - practical matters?
• Enforcement Risk
• Next Steps
3. 3
The current regime for regulated firms (APER)
• 7 Statements of Principles and the Code of Practice for Approved Persons set out in the
APER section of the FCA Handbook
• These rules only apply to approved persons
- individuals for whom prior regulatory approval has been obtained to hold controlled
functions
• These rules will continue to apply until 2018 for firms not caught by the new senior
managers regime (i.e. firms that are not banks, building societies, PRA-regulated investment
firms and some insurance firms)
• From 2018, a new regime will apply to all UK regulated firms
3
4. 4
FCA Business Plan 2015/16:
To drive a cultural change in the
industry that puts consumers and
market integrity at the heart of the
way firms do business, we must
ensure that senior individuals in
positions of responsibility are held
personally accountable for how
their firm operates, and for the
consequences of misconduct.
Why a new regime?
• Post-financial crisis – re-building trust and
changing culture in banking
• Increasing personal accountability
• Improving standards across the industry
4
5. 5
Individual Accountability and Collective Responsibility
• Focus in the UK on increased individual accountability – does
this detract from collective responsibility?
• The UK regulators’ view is that the principles of both should
complement each other
• For example… maintaining an appropriate culture is the
collective responsibility of the Board but requires the Chairman
to lead the development of the firm’s culture and standards of
the board as a whole.
5
6. 6
Timeline
.
6
7 March 2017 –
certified
population
assessed,
Conduct Rules
applicable to all
JOURNEY
7 March 2016 –
SMR started
7 March 2016 –
Certification Regime
started
Regulatory
Publications
•Various CPs and
PSs published
•July 2015 near
final rules
•HMT paper
October 2015
Work to date
•SMFs identified
•Individuals subject
to the Certification
Regime identified
•Preparation of
SoRs and RM
•Updating of
policies and
procedures
Sept 2016 – Reg
references position
clarified
September 2016 –
whistleblowing rules
became active
Q3 2017 – Legal
function clarity –
Extension
proposals –
summer 2017
2018 onwards extended
regime across the rest of
the financial services
industry
7. 7
What has changed?
• Overhaul of the current regime for the banking and insurance sectors (Relevant Firms)
• A new Senior Managers Regime - pre-approval by the regulators
• A new Certification Regime
• New Conduct Rules (FCA and PRA)
• New rules to be rolled out to the rest of the industry by 2018
7
8. 8
Senior Managers Regime
• Senior Management Functions (SMFs) to replace Significant Influence Functions
• Applies to individuals who have responsibility for significant business units and other individuals
who hold key roles
• 17 SMFs for UK firms (proposed new SMF 23 - Operations Head)
• Senior managers subject to four specific conduct rules and a statutory duty of responsibility
• Senior managers allocated specific prescribed responsibilities and business activities linked to
role covered by a “Statement of Responsibility”
• Pre-approval by the regulator for Senior Managers
- Each senior manager must have a statement of responsibilities submitted to the regulator with
their application for approval. This must be resubmitted in the event of significant changes.
• No ‘territorial limitation’ and SMFs are bound by the conduct rules regardless of whether or not
they are located within the UK
• All regulated entities within Groups subject to the regime with appropriate SMFs
8
9. 9
Certification Regime
• Applies to functions that can cause ‘significant harm’ to a firm or its customers
• Certification is role specific and, if multiple functions are performed by an individual, the employer must
assess against each function
• Firms must assess and certify that individuals within the regime are fit and proper at least annually
• Prospective employers will be required to seek a “regulatory reference” before hiring a senior manager or
certified employee
• Regulators cannot intervene in individual certification decisions but may challenge the overall
effectiveness of a firm’s process
• A Senior Manager must be designated to oversee the Certification Regime
A firm must take “reasonable care” that no individual is certified without being demonstrably fit and
proper
9
10. 10
The New Rules of Conduct - Overview
• These will replace the existing APER principles and guidance
• Contained in a new code of conduct sourcebook: COCON
• PRA and FCA will apply their own rules separately
• They will apply to:
- Senior Managers
- persons within the certification regime
- “all individuals within relevant firms who are in a position to have an impact on the
PRA/FCA’s statutory objectives”
10
11. 11
The Conduct Rules
Conduct Rules – all colleagues (bar those
explicitly excluded)
Apply to individuals based in the UK
1. You must act with integrity
2. You must act with due skill, care and diligence
3. You must be open and cooperative with the FCA,
PRA and other regulators
4. You must pay due regard to the interests of
customers and treat them fairly
5. You must observe proper standards of market
conduct
Senior Manager Conduct Rules – SMFs only
Apply wherever the SMFs is based
1. You must take reasonable steps to ensure that the
business of the firm for which you are responsible is
controlled effectively.
2. You must take reasonable steps to ensure that the
business of the firm for which you are responsible
complies with the relevant requirements and
standards of the regulatory system.
3. You must take reasonable steps to ensure that any
delegation of your responsibilities is to an appropriate
person and that you oversee the discharge of the
delegated responsibility effectively.
4. You must disclose appropriately any information of
which the FCA or PRA would reasonably expect
notice.
* FCA Only
12. 12
What could constitute a breach of the Senior Manager Conduct Rules?
Senior Manager Conduct Rules – SMFs only What could constitute a breach?
1. You must take reasonable steps to ensure that
the business of the firm for which you are
responsible is controlled effectively.
• Inadequate resourcing / unclear apportioning of
responsibilities and lack of reporting lines
• inappropriate / out of date policies and procedures
2. You must take reasonable steps to ensure that
the business of the firm for which you are
responsible complies with the relevant requirements
and standards of the regulatory system.
• Failing to implement adequate and appropriate
systems and controls
• Failing to identify and resolved breaches
3. You must take reasonable steps to ensure that
any delegation of your responsibilities is to an
appropriate person and that you oversee the
discharge of the delegated responsibility effectively.
• Failing to take reasonable steps to monitor the
delegate’s progress and ability to undertake the
task
• Failing to supervise the delegate
4. You must disclose appropriately any information
of which the FCA or PRA would reasonably expect
notice.
• Failing to act promptly when notifying the regulator
13. 13
Conduct Rules (all staff): What could constitute a breach?
Rule 1 : Failing to act with integrity
• Misleading a client, firm or regulator
• Misuse of confidential information
• Falsifying documents
Rule 2: Failing to act with due skill, care and
diligence
• Failing to inform a customer of material information
• Recommending an unsuitable product
Rule 3: Failing to be open and cooperative with the
regulators
• No duty to report directly to the regulator unless you are one of the
persons responsible however if you take steps to influence the
decision not to inform the regulator
• Failing to attend or answer questions from the regulators or failing to
supply on request appropriate documentation to the regulator
Rule 4: Failing to pay due regard to the interest of
customers and treat them fairly
• Failing to inform a customer of material information or explain the
risks of an investment
• Failing to disclose charges or surrender penalties
• Recommending unsuitable investments or strategies
Rule 5: Failing to observe proper standards of
market conduct
• Failing to comply with the Code of Market Conduct
• Manipulating or attempting to manipulate a market
15. 15
Delegation
• Senior Conduct Rule 3 states: “You must take reasonable steps to ensure that any delegation
of your responsibilities is to an appropriate person and that you oversee the discharge of the
delegated responsibility effectively”.
- you are able to delegate the investigation, resolution or management of an issue
- if you do delegate you should have reasonable grounds for believing it is to an appropriate
person i.e. someone with the requisite knowledge, skills and competence
- you remain accountable for your responsibilities. You should supervise/ monitor adequately
any delegate and receive progress reports, updates and an explanation if an issue is not
resolved.
• Code of Conduct (new handbook, COCON) includes guidance for SMFs to comply with this
rule (4.2.17 onwards) and what would constitute a breach of the rule.
15
16. 16
Outline of Regulatory Reference Requirements
• Obtain references before regulatory approval
• Take reasonable care to collect regulatory references for regulated roles for the past six
years
• Regulated firms must provide reference within six weeks
• Duty to update for six years/record keeping obligations
• Mandatory template
• No arrangement/agreement must limit ability to disclose relevant information
17. 17
Regulatory References
• Focus on regulatory matters only
• Include details of function/role
• Concluded breaches of individual conduct rules
• Details of disciplinary action taken
➢ formal written warning
➢ suspension or dismissal and/or
➢ reduction or recovery of remuneration (section 64C FSMA)
where imposed due to a breach of an individual conduct requirement
• Any other ‘relevant information’ (SYSC 22.5.2G)
What must be disclosed?
18. Statements
and duty of
Responsibility
Responsibility
Map
Fit and
Properness
Senior
Managers
RegimeDelegation Whistleblowing
References Handovers
Senior Managers and Certification Regime – key supervisory areas
• Increased individual accountability
• Focus on responsibility
(prescribed responsibilities
assigned to senior managers)
18
19. 19
What have we been seeing over recent months ?
• The role of HR, Legal and Compliance - getting the project team structure right
• Consistency of approach across the firm - dealing with staff matters
• HR up skilling of regulatory knowledge
• Skilled Person reviews for firms who haven’t got it right
• Regulators keen to see overseas/group individuals within the regime where there is significant
influence over UK entity
• Consolidation of committees
• Updating of Responsibility Maps and Statements of Responsibility
• Opportunity to leverage work on other regulatory changes programmes e.g. MiFID II
• Firms keeping a steady state of preparedness
19
20. 20
Fit and Proper Assessments – what have we been seeing?
• Onus is on the firm to get it right
• What are individuals being assessed against? Is there consistency of approach?
• Linking F&P, T&C requirements and performance management
• Who makes the final decision?
• What happens if the assessment fails?
- Escalation and communication process
- “People” or F&P Committee to consider the evidence
- Conditional sign off with a development plan
- Reporting of breaches
- Reference impacts
20
A firm must take “reasonable care” that no individual is certified
without being demonstrably fit and proper
21. 21
Typical Queries
• Population identification
• Role sharing - consistency of approach
• Meeting regulatory and business objectives – on boarding and references
• Escalation of issues – keeping the regulator onside
• What constitutes a conduct rule breach
• Whistleblowing/grievances
• Adopting a “handover” process
• Performance management - personal characteristics – what is the expectation?
21
22. 22
Practical issues
• How will you identify the certified population? Consider ‘scenario testing’ to establish
risk an employee might pose
• Ensure employment documentation is adequate from recruitment to exit: e.g.
employment offer conditional on ‘fit and proper’ assessment/ handover policies/ job
specs consistent with statement of responsibility/ disciplinary policies/record
retention/ references/settlement agreements
• Increased risk of requests for legal representation at hearings. How will you
respond?
• Set up an adequate framework to deal with the overlap between a firm’s HR
processes (disciplinary/ grievance/ performance management, etc)
• When should you be notifying in house legal/ Compliance in connection with a
disciplinary?
• Recording of decisions/ overlap of disciplinary sanctions and certification status
• Timing of annual appraisal process and annual certification process.
22
23. 23
Enforcing the New Conduct Rules
• The scope of enforcement powers available to the regulators is different
• The FCA will enforce:
- all the Conduct Rules against all Senior Managers
- Tier 1 Rules 1-5 against those within its Certification Regime and all other
employees of the relevant firm, save those specifically excluded in C-CON
• The PRA will enforce:
- all the Conduct Rules, except Tier 1 Rules 4 & 5, against all Senior Managers; and
- Tier 1 Rules 1-3 against those within its Certification Regime
Regulatory powers of enforcement
Who will enforce what?
23
24. 24
Enforcing the Conduct Rules: Personal Culpability
• A person will only be in breach of any of the new Conduct Rules where they are “personally
culpable”. This means where:
-the person’s conduct was deliberate; or
-the person’s standard of conduct was below that which would be reasonable in all the
circumstances
• This will continue to be the test going forward for conduct rules staff
• There will be an additional statutory “duty of responsibility” for senior managers
Personal Culpability
24
25. 25
Enforcing the new Senior Managers and Certification Regime
• Removal of the Presumption of Responsibility has reduced risk somewhat
• BUT
- FCA is now taking more action against individuals than firms
- New rules will need to be enforced and the FCA will want “to get runs on the board”
- Both regulators have explicitly stated that holding individuals accountable is the most effective
way of changing culture in banking
o this is a key element of the FCA’s ongoing credible deterrence strategy
o no longer sufficient simply to fine the corporate entity
o all firms subject to regulatory fines must report to the regulator on the direct/indirect
responsibility of senior management for the failings and apply malus adjustments /
clawback where appropriate
• FCA’s Business Plan 2016/17
- Firms’ culture and governance is one of 7 “key priorities”
- “A culture of accountability”
Implications for Senior Managers
So, do senior managers need to be worried?
25
26. 26
Next steps - Getting Prepared and Lessons Learnt
• Firms to start as early as practicable
• Keep things as simple as possible
• Ensure that all relevant areas of the
business participate in planning,
preparation and implementation
• Don’t forget HR aspects - this isn’t just
about compliance
• Staff attrition, salary demands, contract
changes
26
28. 28
Highlights
• Manage by alerts not reports
• Dashboards deliver greater oversight
• Custom questionnaire builder
• Continuous updates to the software
• Enhanced control
• 100% data capture
• 24/7/365 support
• Scalable into the future