The new Senior Manager’s Regime will have a significant impact across the whole of the Financial Services industry, in one way or another. In this brief article, I try to describe the potential breadth of the coming changes to other sectors, wider than Banking, and identify some possible things we can prepare to help us be ready for the change.
The current Approved Persons Regime has existed in many guises for many years.
To be approved to perform a controlled function, the firm / individual had to satisfy the regulator that the individual was ‘Fit and Proper’.
Prior to 2009, the regulators mainly focused on a candidate’s honesty, integrity and reputation. There was no real focus on technical ability or competence.
There is currently a much greater emphasis on technical capability and competence but the new regime will go much further.
Under the new Senior Managers Regime (SMR) a specific individual on the Board will be held personally accountable for the competence of most of the important employees within the Firm, including all of their peers in Senior Management!
The changes are significant and material and will affect everyone.
Three tiers of control are being introduced.
- Senior Managers Regime (SMR) – essentially replaces SIFs although slightly narrower
- Certification Regime (CERT) – essentially replaces CFs although applies to many more people
- Conduct Rules (COND) – essentially applies to all employees (including SMR and CERT) with a few exceptions
CERT is intended to cover the next ‘tier’ of people in a relevant firm who perform functions which represent a ‘significant risk or harm’ to either the firm or its customers or staff who can be defined as ‘material risk takers’ – a much wider range of people than the current APER.
Key objectives of the new holistic regime include “ensuring that people who are responsible for failure should be personally accountable for that failure” and “changing the behaviour of people in relevant firms from the very ‘Top’ to the ‘Bottom’ for the better”.
The SMR regime was due to only apply to the banking sector but on 23 October the Treasury Committee published its Project Verde report, in which it was highly critical of the current Approved Person’s Regime.
In the report they asserted that “While the Approved Persons Regime will be abolished for the banking industry, it will be retained for many in the remainder of the financial services industry, including insurance and asset management. Given its manifest failings, this appears hard to justify. The Government and the regulators should at the earliest opportunity make proposals to extend the coverage of the Senior Managers and Certification Regimes to, and remove the application of the Approved Persons Regime from, other parts of the financial services industry.”
Subsequently, Consultation Papers, PRA CP26/14 and FCA CP14/25 have been published setting out the new Senior Managers Regimes for Insurance (Solvency II) Firms.
It is clear that Individual Accountability is going to be introduced across the whole industry in one form or another and much more quickly than usual for such sweeping changes
These papers set out a similarly exciting timetable to the proposals for the Banking sector. The consultation closes 2nd February 2015, with changes coming into force by 2016. While the proposed changes are not specifically the same, there is no Certification Regime and the Management Responsibilities Map has unhelpfully morphed into a ‘Governance Map’ there are many ‘reads across’ and a lot that is very similar.
The first of the ‘technical’ Consultation Papers CP14/31 has also now been published, setting out more detail for the Banking Sector changes. This consultation covers some of the transitional arrangements, forms and consequential aspects for Individual Accountability, with responses due by 27th February 2015. In this paper it specifically discusses further consultations covering the roles of NEDs and Appointed Representatives.
It is clear that Individual Accountability is going to be introduced across the whole industry in one form or another and much more quickly than usual for such sweeping changes.
So, what does all this mean for the rest of us – those perhaps who are not Senior Managers under the new rules but work for them?
The Government’s objective, as originally proposed by the Parliamentary Commission on Banking Standards, is to assign and allocate more clearly personal responsibility and accountability for key risks to senior individuals within banks.
On 10 September this year, Martin Wheatley, Chief Executive of the FCA, in his evidence to the Treasury Select Committee said that it had been “hard to nail an individual against responsibility because matrix organisation structures, committee decision-making means that individuals can always defuse responsibility”.
Below I have tried to set out some key things that we can do to help to prepare for these changes and to make the transition to the new world as efficient as possible.
The potential key steps to successful compliance with the SMR are:
- Design / Clarify / Agree
Step 1 – Design / Clarify / Agree
Begin by considering who are the Senior Management Function holders for your firm? Almost certainly your governance structure has developed organically over time and grown into what it is now. Does everyone agree? Do all of the key people on the Board and other governance committees have the same view of how it works and who does what? Probably not.
Probably, if you are responsible for documenting the details for the new regime, you need a means of creating multiple versions of the truth for debate and discussion. You need to ensure that you have a means of evidencing this process and version controlling changes so that the audit trail is clear as to how the Firm collectively agreed the results.
Step 2 – Implement
Once a version of your Responsibilities Map has been agreed there is a significant amount of detail required to complete it. For each Senior Manager, up-to-date documents need to be collected and stored in a secure repository which can be tightly linked to the current version of the Responsibilities Map. These documents need to include:
- Full CV
- Detailed Job Description
- Detailed Statement of Responsibilities, making reference to the PRA list of ‘Prescribed Responsibilities’ and the FCA list of ‘Key Functions’ (see below)
- A Learning and Development Plan
- Organisational Charts
When the detailed Statement of Responsibilities for each Senior Manager has been drafted it will need to go through a sign off process. Individual attestations need to be collected for all SMF holders.
Any subsequent changes will need to be version controlled and documented and stored in an auditable way to ensure that an appropriate evidence trail is created.
The draft version of the Statement of Responsibilities in the new consultation, CP14/31, is very demanding. It expects a material amount of detail about each SMF holder, including significant ‘free text’ descriptions explaining how the governance arrangements work for your Firm. It is definitely worth a detailed look at these draft forms early on to ensure that you have an appropriate system for documenting these details.
Step 3 – Maintain
Assuming you have successfully crossed the threshold and implemented your version of the Management Responsibilities Map, all of your SMF holders have signed off, the Board has signed off, a copy has been submitted to the Regulators, who have not raised any objections, you now need to ensure that it remains current and accurate at all times. The Board will have to attest to its accuracy every year. This means that any joiners or leavers, organisation changes, significant changes to responsibilities, governance, structure etc. will have to be documented in new versions and all supporting documents refreshed as required. You will need a process to review and sign off any changes and appropriate record keeping to retain copies of which full version of the Map was inforce at any point in time.
Step 4 – Monitor
The Firm will have an obligation to attest annually that you have complied with the SMR obligations. How will you know?
The key point here is that the obligation covers more than the maintenance of the SMR. Under the regime, Senior Managers will have to confirm that all of the key functions they are responsible for have also remained compliant, including that any breaches of CERT or COND rules have been investigated, addressed and reported.
Achieving this will require a good hard look at the governance, risk and control systems in place across the business to satisfy the relevant SMF holders that they can personally attest and be happy to be accountable for their areas of operations.
In order to successfully monitor compliance with the new regime, existing systems may need to be enhanced to enable them to report along the clarified reporting lines of the SMR structure. It may be that new KPIs need to be introduced to ensure that management reports provide the information required to support the new regime.
While it is clear that our Senior Managers will be much more closely, directly and personally held to account under these changes, it also very true the new regime will impact all of us and what we do and how we do it.
It will be interesting to see who is most affected.