Who will the new Senior Managers Regime apply to and what will their responsibilities be?
The new regime is intended to make it easier for regulators to hold individuals to account, and applies to individuals responsible for managing regulated activities, or actions that might generate risk or serious consequence for the relevant firm.
The Prudential Regulation Authority’s definition of ‘senior management’ includes chief executives, chief finance officers, chief risk officers, heads of internal audit, heads of other key business areas and group entity senior managers. The regime also applies to certain non-executives, including chairmen, risk, audit, remuneration and nominations committee chairs and independent directors.
Under the new rules, firms need to certify that individuals responsible for ‘significant harm functions’ are fit and proper to perform their role. Individuals must also submit applications for approval to perform a significant management function, including a ‘Statement of Responsibility’, setting out the aspects that they will be responsible for managing.
The regulator has introduced two tiers of new conduct rules, which apply to all significant managers and certified individuals. The first tier sets out the expected conduct for all individuals caught by the regime, including (but not limited to) a duty to be open and co-operative with the regulator and to observe proper standards of market conduct. The second tier cites that senior managers have a duty to control effectively the area that they are responsible for, and a duty to comply with the relevant requirements of the regulatory system.
Senior managers will be required to evidence that they have taken such steps as a person in his or her position could reasonably be expected to take to avoid wrongdoing – meaning the onus is now on the individual, rather than the regulator. If a senior manager is aware of a risk that the implementation of a decision could cause their institution to fail, and has taken no steps to rectify it, they will have committed a criminal offence.
Will the application of the new rules differ for UK branches of foreign banks?
The application of the regime to incoming European Economic Area (EEA) branches is problematic, because the home/host state dichotomy ties the UK regulator’s hands. However, branches of third country firms (banks that are authorised outside the EEA) will be caught by the regime – although the criminal offence won’t apply to them.
How can financial services firms and CISI members prepare for the rule changes?
Elements are still undergoing consultation, but the regime is expected to come into force fully by March 2016. The first thing firms need to do is to appoint a senior manager with personal responsibility for implementing the regime. They then need to consider how they will deal with the new and enhanced approval process for people performing senior management functions.
Once everyone affected has been notified and grandfathered over to the new regime, firms need to set up a structure that prepares new joiners and employees moving into new roles.
- Further information: New CPD raining course: Senior management responsibilities: Strengthening accountability, next dates 15 July 2015 (Manchester) and 24 September 2015 (London) – cisi.org/courses
- New CISI Professional Refresher: Senior managers and certification regime – cisi.org/refresher