The Prudential Regulation Authority [PRA] news update on 7 March 2016 appeared rather stark and just a simple matter of fact, nothing important………move on. But the simple sentence “The Senior Managers Regime and Senior Insurance Managers Regime have now been implemented” hides the panic in certain circles. Fear seems to be the order of the day amongst senior managers and maybe those who aspire to be senior managers. As the Financial Times reported, “New rules to make bankers more accountable already seem to be giving some of them nightmares.” As evidence of this a number of newspapers quote John Pain (head of conduct and regulatory affairs at Royal Bank of Scotland who was also Managing Director of Supervision at the Financial Services Authority (FSA) during the financial crisis (2008 – 2011)) as saying, “This is [already]a difficult industry to recruit non-executive directors into . . . If you terrify them with that level of evidence; you make their job almost impossible.”
It could be that the pace of progress and the fact that the rules are being driven by a different regulator has ‘spooked’ some parties.
So why the panic? True, senior managers are to be accountable following the implementation of the new rules. True, the Treasury has recently announced the senior managers regime will be extended to all regulated firms at some stage during 2018 (including Claims Management Companies following the recent budget). True, the new rules are being driven by the Treasury/PRA and to some extent are side-stepping normal consultation processes. It could be that the pace of progress and the fact that the rules are being driven by a different regulator has ‘spooked’ some parties. However, is it not the case that new rules are often intended to simple formalise the processes and ‘checks and balances’ that responsible senior managers are adopting anyway? If so, what have competent senior managers really got to worry about; after all the most controversial provision (the “reverse burden of proof” provision) has been removed. I think it would be hard to find any lay person who would not find it strange that senior managers were unnerved by rules which scrutinised whether they were acting competently and that does not just apply to bankers: it applies to any senior manager in any part of our industry whether that be a bank, building society, insurance company, financial adviser, consumer credit business, debt management company or claims management company.
So what needs to be done to ensure compliance? Firstly firms need to develop a ‘responsibility map’ which sets out what each manager is responsible for. This might sound daunting, but frankly it is what every competent business should have in place anyway. However, I accept, of course, that the importance of these documents may need a compliance view and probably a ‘third party oversight view’ as they may be a scrutinised in any future regulatory action. Secondly firms need to consider the ‘step change’ shift in emphasis from the ‘approved persons regime’ to the ‘seniors managers regime’. Firms can no longer hide behind the fact the staff were ‘approved’ by the regulator; it’s the firms responsibility to certify that any member of staff that poses a risk to the firm or consumer is ‘a fit and proper person’ who is competent to deal with such risks. Furthermore, this will not be a once and only requirement, it needs to be considered annually.
So any internal rules and procedures have to be robust and ‘fit for purpose’ Two clichés spring to mind; one from the financial services world and one from the criminal litigation world. The first, if you can’t prove you did what you say you did you didn’t do it! And secondly any you write, say or do may be used in evidence (and it could be against you). So the message is clear (or it should be) firms need robust, fit for purpose procedures supported by good quality oversight. In respect of firms who are to come into the regime at some time in the near future the message is even clearer, the more work that is done now……… the less a last minute panic will be needed in the future.