Prem Griffith, Bovill will briefly outline the key elements of the Senior Managers Regime and the changes that it is driving, in terms of how affected firms go about recruiting senior staff. Prem will also reflect on how Bovill’s clients have implemented some of the more administrative changes to the recruitment process and finally will look ahead to how the regime will be rolled out to the wider financial services industry in 2018.
Mastering Vendor Selection and Partnership Management
Senior managers & the Certification Regime - Prem Griffith, Bovill
1. A recruiters’ introduction to:
Senior Managers & Certification
Regime
Wednesday 30 November 2016
Prem Griffith
Managing Consultant, Bovill
pgriffith@bovill.com
0207 620 8454
2. 2
Agenda
Background to SM & CR
Key elements of SM & CR
What this means for recruitment
Challenges and thorny issues
3. 3
Parliamentary Commission on Banking Standards
Too many bankers have operated with…
insufficient or meaningless personal responsibility
illusion of regulatory controls
claiming ignorance or hiding behind collective decision-making
little realistic prospect of financial penalties or sanctions
individual incentives not consistent with high standards.
Extracts from PCBS Report – changing banking for good
4. 4
PCBS Recommendations (June 2013)
Recommendation Key points
New regime for individuals
• Senior Persons Regime
• Individual Statements of Responsibilities
• Responsibilities Map
• Code of practice (conduct rules)
Incentives for better
behaviour
• Incentives / disincentives to reflect long-
term risk and reward
New enforcement approach
• Reverse burden of proof
• Potential for criminal prosecution
5. 5
Senior Managers and Certification Regime
Senior
Management
Functions
Certification Regime
Individuals
All other staff
FIRM PERSONNELFIT
PRA/FCA
Assessment
Firm
Assessment
ConductRules
6. 6
Senior Management Functions
Function description SMF FCA/PRA
Chief Executive Officer SMF 1 PRA
Chief Finance Officer SMF 2 PRA
Executive Director SMF 3 FCA
Chief Risk Officer SMF 4 PRA
Head of Internal Audit SMF 5 PRA
Head of Key Business Area SMF 6 PRA
Group Entity Senior Manager SMF 7 PRA
Chairman SMF 9 PRA
Chair of the Risk Committee SMF 10 PRA
Chair of the Audit Committee SMF 11 PRA
Chair of the Remuneration SMF 12 PRA
Chair of the Nominations Committee SMF 13 PRA
Senior Independent Director SMF 14 PRA
Compliance Oversight SMF 16 FCA
Money Laundering Reporting SMF 17 FCA
Other overall responsibility function SMF 18 FCA
7. 7
Tier One – Senior Managers Regime
Governance framework
Personal accountability
Set of Senior Management Functions (SMFs)
List of Prescribed Responsibilities
Responsibility for all areas of activity
Individual Statements of Responsibilities
Overarching Responsibilities Map
Presumption of culpability
Potential criminal offence (in extremis)
8. 8
Tier Two – Certification Regime
Firms required to have framework in place to (re)assess fitness
of propriety on an annual basis.
Individuals caught by the Certification Regime include:
- Material Risk Takers (PRA)
- Those who pose ‘Significant Harm’ (FCA), such as:
Prop traders
Benchmark submission
Functions requiring qualifications / dealing with clients
Developing trading algorithms
Supervises or manages a certified person
9. 9
Conduct Rules – “Same, same but different”
# Description Reg
Applies to SMF/Certified Individuals from 7 March 2016, and all staff from 7 March 2017
1 You must act with integrity Both
2 You must act with due skill, care and diligence Both
3 You must be open, and co-operative with the FCA, the PRA and other regulators Both
4 You must pay due regards to the interests of customers and treat them fairly FCA
5 You must observe proper standards of market conduct FCA
Only apply to Senior Manage Functions (from 7 March 2016)
SM1 You must take reasonable steps to ensure that the business of the firm for which
you are responsible is controlled effectively
Both
SM2 You must take reasonable steps to ensure that the business of the firm for which
you are responsible complies with relevant requirements and standards of the
regulatory regime
Both
SM3 You must take reasonable steps to ensure that any delegation of your
responsibilities is to an appropriate person and that you oversee the discharge of
the delegated responsibility effectively
Both
SM4 You must disclose appropriately any information of which the FCA or PRA would
reasonably expect notice
Both
10. 10
Screening and Background Checks
Firms are required to assess the fitness and propriety of key
staff, both during recruitment and on an ongoing basis
thereafter.
Key considerations will be the person’s:
honesty, integrity and reputation
competence and capability, and
financial soundness.
PRA / FCA will also assess fitness and propriety of SMFs before
granting individual approval to take up role.
11. 11
Requesting Regulatory References
From 7 March 2017, relevant firms must request regulatory
references to cover last 6 years, including details of:
roles(s) held
any mis-conduct issues where disciplinary action taken.
Firms need to consider an updated regulatory reference received
after individual been in role.
12. 12
Providing Regulatory References
PRA / FCA regulated firms must promptly provide references in
set format / template proving prescribed info
Other regulated firms can provide references in any format, but
must include any information relevant to assessment of FIT
Possible legal / employment ramifications can arise as firms are
required to formerly update references provided to employers
13. 13
Handovers
SMFs face increased personal liability
SMF taking up new role may inherit weaknesses from previous
incumbent
What if predecessor left suddenly or “under a cloud”?
Firms / SMFs need to ensure there is an appropriate handover
Where proper handover not possible, SMF may wish to carry out
detailed review of controls framework
See Pottage case
14. 14
Conclusion
Hard to argue with the ethos and objectives of the SM & CR
Administrative details of SM & CR are challenging
Recruiters have an important role to play, in terms of managing
candidates’ expectations re process and timing
SM & CR will be rolled out to all financial services firms in
2018/19 – opportunity?
In the immediate aftermath of the financial crisis, I was part of a small team tasked with designing and implementing a process to test competence of senior bankers at point of approval – became known as the SIF interview process.
Towards the end of my time in the SIF team, I recall the establishment of the PCBS to look more widely at the causes of the banking crisis.
Pretty damning indictment of the banking industry
QUESTION – How many bankers had regulatory action taken on them for the quasi-failure of the banking system?
One – Peter Cummings (HBOS director)
PCBS Recommendations:
New regime for senior individuals with greater personal accountability / liability
Remuneration aligned with long-term success
Mechanism to make enforcement action easier.
N.b. reverse burden of proof was abandoned – although this has been challenged at the House of Lords – have we seen the last of the RBOP?
Staff broadly split into three tiers: SMR, CR and All other staff:
SMFs subject to regulatory scrutiny and pre-approval from PRA/FCA – analogous to APER
Firms required to robustly assess fitness and propriety of CR at point of hire and ongoing basis thereafter – no direct regulatory of individuals (will this allow bad apples in)?
Conduct rules to apply to all staff (minus ancillary staff – security, catering, etc.)
SMR defines a relatively granular set of “buckets” into which SMFs will fall. APER lacked granularity (e.g. the old CF2 included Chairman, Chairs of Key Commitees, SID and NEDs).
Note that notified NEDs not caught by the regime – may be surprising, but regulator recognised that increased personal liability would have effect of NEDs rolling up their sleeves and hence removing their ‘arms length’ challenge role.
SMR requires:
Firm to identify population of SMFs – individuals ultimately responsible for key parts of the business. Should be relatively small number of individuals – mainly the board directors and top tier of management. Would not usually expect an SMF reporting to an SMF (other than the CEO).
There is a long list of defined ‘prescribed responsibilities’, which must be allocated to an SMFs – generally shouldn’t be shared
Firm defines other areas of responsibility to cover the areas of activity which must also be allocated to an SMF
Individuals must have Individual Statement of Responsibilities
Firms must prepare overarching Responsibilities Map, which brings the ISORs together and provides an articulation of how the firm is governed.
These documents are signed (in blood) and submitted to the regulators. If anything goes wrong, the regulator will use these documents as a road map to determine whose toes to hold to the fire.
That said, removal of RBOP makes life a little less uncomfortable – but nevertheless, being an SMF is not to be undertaken lightly…
Potential criminal offence – but risk very slight – actions of individual must have fallen far below reasonable standard AND have caused the bank to fail.
Some SMFs very reluctant to take on this greater liability. Two SMFs at one of my clients resigned. They were near retirement, and as a branch of an SMF, they felt exposed / uncomfortable, given that most key decisions were taken at Head Office level…
Firms must identify and maintain register of Certified Individuals.
Must have robust process in place to assess fitness and propriety:
FIT=Honesty & Integrity, Competence and Financial Soundness.
Firms must reassess FIT on annual basis and issue certificates of FIT to Certified Individuals
Very similar to old APER.
Arguably statements of the ‘bleedingly obvious’, but action against individuals is invariably couched in terms of breach of one or more APER/COCON
Regulators haven’t prescribed how this should be done.
Ultimately, firms often firms with robust recruitment process likely to do all of this already – need to be well documented.
In SIF team, I was surprised how struggled to provide clear account of the DD process they had gone through.
From 7 March, Banks are required to request regulatory references when hiring new individuals covering past 6 years. If referee is:
A bank – set format with prescribed questions
A solo-regulated firm – No format, but must provide info relevant to fitness and propriety
Other firms / overseas firms – bank must make reasonable efforts to obtain regulatory reference.
For SMFs, banks must obtain reference before pre-approval can be granted (ideally before application to PRA/FCA submitted) – can be problematic if individual reluctant to resign until has guaranteed new role. Regulator will routinely request copies of references obtained.
Regulatory references primarily intended to capture details of any misconduct, where formal disciplinary action has been taken.
If updated reference received, what should a firm do – especially if individual been in role for some time, without any issues.
Regulated firms must provide regulatory references promptly.
Banks have a prescribed format, other firms can use any format – but goes beyond just confirming role and dates of employment.
ANECDOTE: Ironically one of my banking clients requested a regulatory reference for their new Compliance Director from the BoE. Reference simply confirmed dates of employment…
When providing references, banks also have an obligation to send updated reference, if information subsequently comes to light within six years, that would have changed the original reference.
In practice, updated references likely to be rare, but updating firm will need to tread with care, and consider legal / employment ramifications.
Does firm have incentive to open an investigation if individual long since departer?
Must act fairly towards individual.
Need to have robust and conclusive evidence to support action taken.
Incoming SMF is likely to be exposed to risk of poor governance and controls inherited from predecessor.
Ideally, needs a comprehensive handover from previous incumbent – but what happens if predecessor was fired?
Regulator will expect new SMF to carry out a risk assessment of their areas of responsibility and implement appropriate remedial action to fix any weaknesses promptly.
Individual needs to be given time (and possibly financial / external support) to carry out that risk assessment.
Clear evidence is crucial. Pottage case – CEO of UBS subsidiary. FSA fined and banned him for failings within the subsidiary, arguing that he had not acted promptly enough to fix issues inherited from predecessor. Successfully appealed at Upper Tribunal, evidencing that he had taken reasonably prompt action to address issues. EVIDENCE IS KEY.
Few will sympathise with banks / bankers in relation to SMCR. The objectives of the regime are straight forward, and bankers are generally highly paid and so should expect to be held accountable for failings on their watch.
Some of the administrative points / processes are challenging (regulatory references, updating FIT, persuading individuals to hold SMF functions).
Timing at recruitment likely to be drawn out. Candidates need to understand that regulatory references / regulatory approval process may take time. May need to take leap of faith and resign before regulatory pre-approval obtained. Then if on six months notice…
The FCA recognises that the subtle differences between SMCR and APER have created an unlevel playing field, as some individuals (NEDs and CF30s) are subject to regulatory scrutiny under one regime, but not the other.
SMCR will be rolled out to all firms in 2018/19 – but whether will be the same remains to be seen…