Senior Managers and Certification Regime – Extension Update
The long awaited FCA consultation on the extension of the SM&CR to non-banking authorised firms is finally here; so how does it look? Well, a lot of thought has been given to the issue of how to apply the principles of the existing SMR Banking Regime in a proportionate manner, but overall the reaction from affected firms must be two cheers rather than three.
On the face of it, the full majesty of the existing regime is being reserved for a small number of the largest and/or highest risk firms (estimated by the FCA as amounting to no more than 350 firms in all). These firms will be subject to an "Enhanced" regime, but the vast majority of firms will either fall within the "Core" regime or the "Limited Scope" regime. Broadly, the Limited Scope regime will apply to those such as sole traders and limited permission firms who are already subject to the limited application of the Approved Persons Regime ("APER"). The Core regime sets out the basic elements of the extended SMR, with some additional requirements for Enhanced firms, and some derogations for Limited Scope firms.
Looking at the Core regime, the same three elements apply to a firm's staff as for the SMR Banking Regime: Senior Management Functions, Certification Functions, and the general Conduct Rules.
Senior Management Functions
Understandably the number of Senior Management Functions applying in the Core regime is reduced from the SMR Banking regime, and is limited to:
- Governing Functions, covering executive directors/partners and any senior NED's;
- Required Functions, being Compliance oversight and MLRO
The FCA are at pains to stress that these functions are only intended to apply to a firm's existing governance structure; as with APER, there is no need to create a new role if a given governing function has no application to that particular business. In addition, there is no longer any need for all NED's to be approved.
Each Senior Manager will need to have a statement setting out their allocated responsibilities in accordance with the firm's governance structure. As for the SMR Banking regime, there are also a number of Prescribed Responsibilities which must be allocated to the appropriate senior manager; collectively, these PR's are intended to ensure that a firm is aware of, and complies with, its legal and regulatory responsibilities, under both under the SM&CR and generally.
Each senior manager is subject to a duty of responsibility, making them accountable for a breach by the firm of FCA requirements if it can be shown that they were responsible for the relevant area, but did not take reasonable steps to prevent the breach.
Enhanced firms are subject to additional senior manager functions and PR's, which are intended to reflect the greater risk that they represent. Conversely, in much the same way as presently applies under APER, a Limited Scope firm would be subject to fewer senior management functions; in some cases, only a Limited Scope Function which mirrors the APER Apportionment and Oversight Function.
Again, this section of the new regime adopts the SMR Banking regime in a more limited form. There are a small number of specific functions; of these, the most widely applicable are likely to be the Significant Management Function (similar to the existing Significant Influence Function under APER) and the Material Risk Taker function. The former function is intended to cover anyone with significant responsibility for a significant business unit – what that means in practice will vary according to circumstances, but the FCA gives as an example the head of a substantial collections or underwriting unit. The latter function is intended to cover all types of risk, including prudential, operational, conduct and even reputational.
Any employee who performs a Certification Function (other than where they do so as part of a senior manager role) will need to be certified on an annual basis as fit and proper to carry out their role.
These are divided into two tiers: Senior Manager Conduct Rules which apply only to senior managers and Individual Conduct Rules which apply to NED's and to all employees save those who fall within one of the specific classes of Ancillary Staff (such as cleaners, secretaries and security guards).
Senior Manager Conduct Rules essentially require senior managers to ensure that they comply with their designated responsibilities, and that the firms business is conducted in an effective and compliant manner. Individual Conduct Rules essentially require all relevant staff to act with integrity, due skill and care, and to pay regard to TCF.
The Conduct Rules are narrower than under the SMR Banking Regime, in that they only apply in respect of a firm's financial service activities. On the other hand, they do apply to all such services, whether regulated or unregulated.
All affected employees must be appropriately trained in how Conduct Rules apply, and the FCA must be notified of any disciplinary action resulting from a breach of the rules.
Fit and Proper
This assessment lies at the heart of the new regime. However, the new SM&CR does little to change the current basis for such an assessment as it currently applies under APER. Rather, the focus is on widening the circumstances in which such an assessment is required, and in ensuring that when required it is adequately performed by firms.
The existing guidance in FIT will now apply to certified staff and NED's as well as senior managers. In addition, firms will be required to carry out criminal records checks against senior managers, and to obtain regulatory references going back 6 years for not only senior managers, but also certified staff and NED's. This latter requirement has particular implications for the retention and disclosure of relevant information.
The FCA have clearly tried hard to ensure that the extended Senior Manager and Certification Regime has the flexibility to be applied to the wider body of authorised firms in a proportionate manner. That said, firms would be unwise to assume that the effect of the extended regime will be minimal. Firstly, it all depends on how well a firm has to date applied the general requirements in the Handbook regarding corporate governance and compliance. The FCA's intention is that in future the new regime will make it easier to hold the managers of a firm personally responsible for any failing on this front. This in itself makes it all the more important for those managers to ensure that the firm is properly run and fully compliant.
Secondly, whilst some of the requirements of the SMR Banking Regime have been applied in a less prescriptive manner to most firms, the end result may not be that different in practice. For example, the FCA are at pains to stress that only Enhanced firms will be specifically required to ensure that a senior manager has overall responsibility for every area of the firms' activities/management, and to submit to the FCA a Responsibilities Map in order to demonstrate this. However, the combined effect of the amended Handbook Rules (particularly SYSC) and the new Prescribed Responsibilities will effectively require every firm to ensure that all of its relevant responsibilities have been identified and allocated to a senior manager. Put another way, how could a firm's corporate governance possibly be judged fit for purpose if this process has not been undertaken?
In practice, therefore, all firms will need to engage in much the same process of identifying and allocating all relevant responsibilities. The difference is that Core and Limited Scope firms will not be required to show that they have done so unless/until something goes wrong; only Enhanced Firms will need to comply with the additional prescribed measures which are intended to confirm to the FCA in advance that these firms have engaged in the process. As with the Limited Permission scheme, the new regime is not intended to reduce compliance with the Rules/Principles, save as may be proportionate to the activities of a given firm; it is really only the extent of direct FCA supervision which is affected.
Lastly, but far from least, the application of the new regime will have major HR implications for all firms, involving extensive amendment to job descriptions, training, competence assessment, appraisal, employment terms and possibly even pay structures.
The FCA consultation runs to 3 November 2017, with an indication that final guidance will be forthcoming next year. Further consultations are promised (for example, on transitional arrangements) and it is to be hoped that these will run concurrently. However, the Treasury deadline for implementation is still 2018, and there is no indication that this may change. In practice, therefore, and assuming the FCA adopt the latest possible 2018 deadline, firms now have less than 17 months to get the new regime implemented and bedded down.
With hindsight, the extension of the Senior Manager Banking Regime will probably be seen as a positive step for the financial services industry as a whole. However, getting it in place in such a short timescale will be a major exercise for many. Given that the overall structure of the proposed extension was well trawled by the FCA, Blake Morgan has been involved in preparation work with a view to providing clients with a road map structure which will allow for a sensible assessment of where things stand, and what needs to be done before the final deadline.
If you would like to know more about this, or have any other queries regarding the application of the extended Senior Managers Regime, please contact: