In March 2016, the Financial Conduct Authority (FCA) and Prudential Regulation Authority (PRA) introduced the Senior Manager and Certification Regime (“SM & CR”) for banks and other deposit takers (and a similar SM regime for insurers).
This new regulatory framework aims (in the regulator’s words) to clarify and enhance the accountability and responsibility of individual senior managers and directors; and ensure a clear and effective governance structure of relevant firms. The FCA said that the purpose of the new regime is to: “Enhance and embed a culture of accountability” and put “Increased focus on smaller numbers of senior functions supported by responsibility maps”.
The Certification Regime currently applies to individuals who pose a significant harm to a relevant firm or to any of its customers. Both Senior Managers and Certification Regime staff must meet standards of fitness and propriety.
By Q1 2018 the FCA and PRA plan to extend the SM & CR to all persons authorised under the Financial Services and Markets Act, which will include those in asset management, private equity and investment firms: up to 60,000 firms could be affected. However, the FCA has said, “It’s about ‘proportionality’, we’re not going to roll out the same thing for banks to asset managers”. The FCA and PRA will consult with the relevant sectors and the new rules are expected to be published in 2017.
Being subject to regulatory scrutiny is nothing new for a tranche of the financial services sector already regulated by the Approved Persons Regime (APER) but the current version of SM & CR has some key differences (which may be implemented when the regime is applied to asset managers), such as:
- New criminal offence ‘relating to a decision causing a financial institution to fail’
- SM & CR is much wider than APER: the Certification Regime covers more employees than APER
- Duty of responsibility: a responsible Senior Manager will have to satisfy the regulators that they took "reasonable steps" to prevent, stop, or remedy a breach, with the possibility of facing individual sanctions if they cannot do so
- Fitness and propriety: monitoring this is the firm’s responsibility rather than the FCA’s, so that fewer appointments are subject to prior regulatory approval. Only the top level of decision makers (the Senior Managers) will need regulatory pre-approval
- Most current approved persons below senior management level will become Certified Persons
Bear in mind that the FCA and PRA have also implemented conduct rules setting out a basic standard of behaviour for all staff covered by the new SM & CR regime. It seems likely that when the FCA extends SM & CR regulation, asset finance firms will also be required to comply with conduct rules as well.
Currently, conduct rules are split between:
- Individual Conduct Rules: including a requirement to act with integrity, due skill, care and diligence and a duty to be open and cooperative with regulators
- Senior Manager Conduct Rules: which include a requirement that the individual takes reasonable steps to ensure that the business of the firm for which you are responsible, is controlled effectively
Sanctions for breach of these rules can include disciplinary action by the regulator, statutory notices, financial penalties and public censure.
What steps do you need to take to prepare?
Although the exact format of the application of SM & CR to asset finance firms has not been specified, it is clear that accountability and responsibility will be key. Your firm is likely to be well placed to comply with the new regulatory requirements if you:
- Map out your organisation’s governance and management structure and get ‘buy-in’ from the Senior Management Team
- Consider how the key executive functions are allocated
- Identify where responsibilities are and whether they match up with the key executive functions and update job roles accordingly
- Clarify reporting lines
- Consider how you will vet and monitor staff for fitness and propriety and build this into annual objectives and appraisals
- Update contracts and policies to take regulatory requirements into consideration
- Plan training for all of your staff