Regulation is only going one way, equaling an ever growing need to evidence competency. With 52,000 more firms due to come under the Senior Managers Regime by 2018, Simon Mercer, Unicorn ComplianceServe Product Manager, asks ‘What’s your training strategy for compliance?’
As the summer stretched into September, the FCA fed back on the first tranche of its accountability regulation for all UK banks, building societies, credit unions and PRA-designated investment firms, which took effect in March last year.
There was some good news – most firms had engaged with the challenges of the Senior Manager and Certification Regimes, identifying their Senior Managers (SMs) and allocating Senior Management Functions (SMFs) and responsibilities.
But there was also concern that some had not fully understood the guidance or implemented the regime correctly.
In some of these cases it wasn’t clear if a person had sufficient seniority to hold the SMFs and discharge the responsibilities they had been designated. In others, it wasn’t clear as to who exactly was responsible for what in their Statement of Responsibilities (SoRs) and maps. Meanwhile, some SoRs were missing required information and some maps weren’t detailed enough on governance protocols.
And that was just the first part of SMR. With the March deadline for ‘part two’ Certification looming, these firms have also been grappling with benchmarking for job roles that now come under the SMR, identifying and listing core competencies and KPIs, and the practicalities of issuing certificates to newly Certified Persons.
None of this has been quick, and none of it is easy.
It has to be championed by a Senior Manager and driven from the top down.
With the second tranche of the SMR, for Financial Services and Markets Act-authorised firms, coming in 2018, and those firms in the first tranche having ongoing compliance to contend with, the SMR and Certification is staying firmly on agenda.
To avoid the FCA’s regulatory bite, firms must be able to show well-documented roles and responsibilities, clear lines of reporting and produce the required evidence of competency within the wider context of Accountability compliance.
So what does that actually mean for firms, wherever they are on their SMR journey?
In October we hosted a well-attended client day in London, and one of the most popular seminars on the day was co-presented with Julia Kirkland, from our partners, financial services training and consultancy experts, FSTP.
The session asked delegates ‘What’s your training strategy for compliance?’ and Julia had one key message – do not put it under the jurisdiction of Compliance or HR. It has to be championed by a Senior Manager and driven from the top down.
Why? Because under the new regime SMs must be the people who can articulate what a firm’s culture and governance looks like, so the business resembles a stick of rock with the same principles and practices running through it.
Julia described how the FCA is being extremely tough in interviews with new SMs, challenging them on exactly what value they add, how they lead the culture, what they do to make sure governance is working – everything.
This means that for compliance to be achieved and maintained, it has to be placed in the context of cultural transformation, set, communicated and steered by those within the business who are now accountable in the eyes of the regulators.
Having effective workflow systems to log outcomes, evidence competencies and provide a platform for ongoing monitoring and reporting against a robust T&C scheme is key, and a no-brainer for SMs with their necks firmly on the line.
Complex compliance tapestry
Over the next 12-18 months FSTP have identified what they believe are the biggest areas of interest for FCA regulated firms – CPD, SMR, certification, qualifications, governance, culture, conduct rules, risk, MiFID II, transaction reporting, CASS, business strategy and stress testing.
But even though some of these will be more relevant to certain firms than others, most are interdependent and cannot be taken in isolation.
For example, qualifications are part of a bigger T&C issue in terms of measuring baseline competencies, which are also interwoven with certification and the new CPD requirements now impacting on people who have never before had to concern themselves with doing or recording the FCA-recommended 35 hours CPD each year.
You might have an employee who is resistant to meeting their new CPD obligations who could, by default, find themselves in breach of the conduct rules of acting with integrity and treating customers fairly?
And what about these conduct rules? Everything an employee does and says once they cross the threshold into work is ‘conduct’, and that can all create risk. The FCA says conduct rules should cover everyone except reception and catering staff. But, especially in small organisation or branches, valuable people who are often the first touchpoint with your business work in these areas, so should they be included too?
What does ‘risk’ even mean to each person in a business? If you were to ask all your SMs what they thought were the top five risks in your business, would they correspond across compliance and each business area? You get the picture.
This all contributes to a firm’s overall business strategy and goes back to the very purpose of the SMR; that SMs are wholly responsible and accountable for each employee recognising and understanding the part they play in moving the firm towards its goals. That manager’s head is on the block.
There is no doubt we are seeing more of a crossover between the traditional roles of risk and compliance and those in training and competence, as having robust T&C practices is interlinked with the behavioral and cultural change SMR compliance is intended to bring about. This is also being reflected in firms approaching the SMR by embracing the same modernization of learning within the wider L&D community.
Through our work with FSTP we are helping firms smooth the transition so they have a more targeted and streamlined approach in both areas.
Every firm’s T&C scheme will look different, depending on size, number of employees and existing policies and procedures, but all should provide the foundation from which to review and monitor competencies through performance reviews, one-to-ones, file-checking, observations etc.
For bigger businesses with established T&C schemes, we have been building and integrating custom T&C systems and functions for a long time, helping bring some of their policies and procedures online, to better manage and report around their T&C schemes. But for smaller firms, especially ones in which SMs wear many different hats, establishing a scheme can be daunting.
To support such firms, a generic T&C system has recently been added to our compliance training solution, ComplianceServe. This includes comprehensive T&C guidance, pre-defined online forms and workflows (for monthly one-to-ones, quarterly action plans, competence sign off, etc), plus offline forms for observations and file checking, which can be scanned and attached as evidence, together with a number of standard reports.
This new T&C functionality sits alongside a comprehensive and effective library of governance, risk and compliance eLearning, which focuses on developing a compliant culture, with CPD recording and tracking available at the desktop, or on the move using a mobile app. This helps firms meet the wider end-to-end training challenge through a single, online platform and to adopt a holistic approach, rather than tackle the challenge in departmental silos.
With SMR and certification deadlines looming and pressure high, firms want the ability to quickly identify individual knowledge gaps and automatically deliver tailored learning to fill those gaps – rather than ‘sheep dip’ everyone – because it saves significant time and maximizes learner engagement.
The famous Ebbinghaus ‘forgetting curve’ demonstrates how people are likely to forget 50% of what they learn within an hour if they do not apply it. As a result, the learning landscape is evolving, with growing demand for shorter, more accessible learning modules available at the point of need, from any device.
The challenge for L&D is to provide better online tools and learning resources, as the majority of learning takes place in the workplace rather than the classroom. The balance needs to continue shifting from ‘push’ to ‘pull’ if firms are to see better returns on the significant investments they make in learning and development.
The SMR has brought a heightened focus on firms to ensure each employee is ‘fit and proper’ to do their job and to be able to evidence it when required.
By identifying these challenges early, and seizing the opportunities for business and staff development that can come through implementing robust T&C practices in the wider context of SMR compliance and cultural change, firms should have no reason to fear the traditionally dreaded ‘knock on the door’ from the regulator.