Senior Managers and Certification Regime in Financial Services
After the financial crisis in the last decade, successive governments have been keen to encourage greater accountability in the financial sector (banks, insurers and FICC market participants in particular). Following the Parliamentary Commission on Banking Standards’ report in 2013, the response to this was the establishment of the Senior Managers and Certification Regime (SMCR).
The regime, which is now in force, aims to allocate clear responsibilities to named individuals, and has a far wider scope than the previous rules. The rules allow enforcement action to be taken against individuals working in banks and financial institutions. It is therefore essential for senior managers to understand the extent of the regime, the responsibilities they have been allocated, the penalties they may face and the new referencing requirements. Ultimately by truly understanding your obligations under the regime, you can then ensure that you remain within the boundaries of the rules.
Who is affected?
Senior managers, including those one level below board level (in large institutions only). This includes the Chairman, a senior independent director, executive directors, and certain non-executive directors if they have a specific delegated responsibility, such as being chair of a committee. For example, of the risk committee, audit committee or nomination committee.
It may also include General Counsel or the Head of Legal.
A separate regime has been introduced for insurance managers – the Senior Insurance Managers Regime, or SIMR.
What responsibilities will I have under the regime?
Some responsibilities are inherent to certain roles, other ‘prescribed responsibilities’ will be allocated by the firm to Senior Managers through a Statement of Responsibility (SOR). The SOR has to be agreed with the Senior Manager; this is likely to be fertile ground for negotiation, either at the start of an appointment or once significant changes are made to an existing role
The content of the SOR is critical because it is a written record of the extent to which you are personally liable. Therefore, any Senior Manager who is asked to agree to an SOR should seek independent legal advice before doing so, to protect their best interests and ensure they understand the obligations being committed to. There is a lot to think about, not simply regarding the allocation of responsibilities but also in terms of resources, indemnities and insurance cover
Individuals with senior management functions must be pre-approved by the firm, which must conduct its own fitness and propriety check and then seek approval from the regulator.
What are the Conduct Rules?
What used to be the Statement of Principles for Approved Persons will be replaced by the new Conduct Rules. Firms will essentially become mini-regulators; it will be their responsibility to monitor adherence to the Conduct Rules and, if it suspects they have been breached, to notify the FCA/PRA within seven days. It is also now the firms’ duty to certify Senior Managers’ fitness and propriety each year.
Any role which is considered to pose a risk of ‘significant harm’ to the firm or any of its customers (in relation to a regulated activity) is covered by the Conduct Rules. The ‘Certified Persons’ category is much wider than its predecessor of ‘Approved Persons’. As opposed to naming roles to which the rules apply, the FCA has simply said it applies to everyone except some specific categories of workers. These will be the most junior staff, such as receptionists and post room workers.
The Conduct Rules require that:
• you must take customers’ interests into account and treat them fairly
• if you delegate any duty for which you are responsible, you must take reasonable steps to ensure that the person to whom you have delegated is appropriate (and you still need to oversee their work)
• if you work in insurance, you need to pay due regard to policyholders’ interests (including any potential future policyholders) and make sure that their insured benefits are properly protected
What is the duty of responsibility?
The SMCR places a duty of responsibility on all Senior Managers to take reasonable steps to prevent regulatory breaches in the areas of the firm for which they are responsible.
This means that if there is a failure by a firm in an area for which a Senior Manager is responsible within their Statement of Responsibility, the Senior Manager will have to explain to the regulator that they took reasonable steps to prevent, stop or remedy the regulatory breach. What the FCA or PRA will consider to be a reasonable step will depend on the relevant circumstances but could include: (i) pre-emptive action to avoid a breach; (ii) investigating or reviewing responsibilities; or (iii) implementing, policing and reviewing appropriate policies. Further guidance will be required as to what constitutes ‘reasonable steps’.
The individual may face tough questions from a regulator to assess whether they have taken reasonable steps.
This means that Senior Managers will have a greater likelihood of being: sanctioned; named and shamed publicly by the regulator; and are at risk of financial penalties and legal costs. They may also face having their approval withdrawn or, in the case of more serious breaches, being banned or restricted from holding a regulated position in future.
Senior Managers in UK banks could also face charges of a new criminal offence of reckless mismanagement. This criminalises Senior Managers’ behaviour in circumstances where: (i) they are aware of a risk that a decision will cause a bank to fail; (ii) their conduct falls short of what is reasonably expected; and (iii) the bank does indeed fail.
When will these changes come into force?
The Conduct Rules came into force for Certified Persons and Senior Managers on 7th March 2016.
The certification of Senior Managers then became a requirement on 7th March 2017. This was the date when Conduct Rules became applicable to other employees.
Whistleblowing champions were required to be appointed from 7th March 2016 and firms have had to comply with new whistleblowing rules since 7th September 2016.
The FCA published its final rules on regulatory referencing in 2017. Firms are now required to seek regulatory references going back five years prior to appointment.