The proposed new regime addressing senior management responsibility and accountability underline political and regulatory requirements for financial services firms to run themselves responsibly, placing positive outcomes for consumers at the heart of decision-making at all times. The UK regulators want senior personnel to lead by example to hammer home cultural change.
The proposals set out in the joint consultation paper "Accountability - Strengthening accountability in banking: a new regulatory framework for individuals (PRA CP14/14, FCA CP 14/13)" make sweeping changes to the current regime and have significant ramifications for individuals and for the firms in which they work.
The proposals are far-reaching, with three strands:
- A new Senior Managers Regime
- A Certification Regime
- A set of Conduct Rules
This consultation closes on 31 October 2014.The finalised policy statements, guidance and supervisory statements and implementation timetable are expected in late 2014 into early 2015. Grandfathering arrangements will be particularly important.
This joint CP proposes changes to the way in which individuals working for UK banks, building societies, credit unions and PRA-designated investment firms are assessed and held to account. But a wider set of firms needs to be alive to the proposals, given the explicit inclusion of similar expectations in the MiFID II Directive (relevant to all investment firms) and recent statements by Mark Carney that indicate insurance firms will see the introduction of similar rules.
We explore some of the key changes to the senior managers regime below - but given the breadth of the joint papers, this is by no means an exhaustive, one-size-fits-all summary.
The Senior Managers Regime: greater personal accountability
The Parliamentary Commission on Banking Standards Changing Banking for Good report (from June 2013) and the Financial Services (Banking Reform) Act 2013 triggered the proposed changes. The regulators want a framework in place to ensure individuals are made to take greater responsibility for their actions and can be held to account by their firms and/or the regulators.
- The Senior Managers Regime (SMR) is relevant to UK banks, building societies, credit unions and PRA-designated investment firms.
- Senior Management Functions (SMF) will be specified by the relevant regulator.
- Individuals performing an SMF will require pre-approval by the relevant regulator.
- Hard hitting personal liabilities: (i) presumed culpability (ii) guilty until proven innocent (reverse burden of proof) (iii) criminal liability for making a decision that causes a firm to fail (7 years prison/unlimited fine).
- Firms are required to allocate specific responsibilities to senior managers.
- Firms are required to ensure newly appointed SMF individuals have handover information.
- Firms must regularly check the fitness and propriety of senior managers.
- The SMR may apply to individuals in the UK or based overseas, where they are in a SMF for a UK-supervised firm.
- The PRA is not expected to specify SMFs for an UK branch of a firm exercising an incoming CRD or MiFID passport. The FCA will consult at a later date about their position where functions are not reserved to the home state supervisor.
Who is in scope?
This joint CP will apply to individuals working for UK banks, building societies, credit unions and PRA-designated investment firms. At the present time, the proposals generally do not apply to UK branches of firms with an overseas HQ. However, this position is being reviewed and this is expected to change in the near term.
The new SMR will generally be relevant to persons involved in managing an aspect of the firm's business germane to regulated activities that may involve serious risk to the firm, business, consumers or other interests in the UK. The Financial Services and Markets Act 2000 will be amended so that "managing" in this context includes decision taking or participating in decision taking about how a firm's affairs are run.
This brings these groups of individuals within scope (with some exceptions for small credit unions):
- the firm's board (in both non-executive and executive capacity);
- individuals operating at a level just below the board (e.g. executive committee members);
- key business area leaders (NEW SMF);
- individuals with considerable influence on the firm's decision-making (e.g. the board of a parent or sibling company) (NEW SMF); and
- individuals with responsibility for important business, control or conduct-focused functions (NEW SMF).
There will be 18 SMFs across the PRA (12) and FCA (6). While the SMF map approximately to the existing controlled functions (with a few exceptions), the SMR has a narrower focus than the current regime. The number of individuals subject to accountability is trimmed back compared with the Significant Influence Functions (SIF) set out in the Approved Persons Regime (APER), as customer only functions are taken out of scope (however, the Certification Regime covers these).
There are useful grandfathering provisions (see chapter 8). All current SIF are expected to transfer to a specified destination SMF. Whether an individual needs a fresh approval or a notification will depend on a case by case assessment. The grandfathering requirements will need careful consideration.
The SMR is designed to be more rigorous than firms and individuals have experienced to date. There are consequences for non-compliance with this and other regulatory requirements:
- Civil sanctions:
- Financial penalties;
- Individual public censure;
- Withdrawal or variations of approvals; and
- Individual prohibitions.
The senior manager responsible for the area where the contravention has occurred could be held accountable for non-compliance if the regulators are not satisfied that the senior manager has taken reasonable steps to prevent or stop a contravention of regulatory requirements in their area of responsibility (a Presumption of Responsibility). The Presumption of Responsibility places an evidential burden (i.e., the burden of proof) on the SMF. This is not strict liability but is a requirement for the individual to prove they took "reasonable steps" to act on the non-compliance.
- Criminal sanctions
Senior managers may face criminal liability for the offence of reckless decision making that causes a bank, building society or PRA-designated investment firm to fail (although this provision does not apply to senior managers at credit unions).
What do firms need to do?
We believe it is important to spend time considering your firm's policy and planning an approach to implementing change. The new SMR brings additional compliance burdens for firms and underlines the need for firms to have well defined, demonstrable compliance standards.
- All relevant firms will be required to have chief executive, chief finance and chairman SMFs (save for small credit unions).
- Understand how your current arrangements can be grandfathered into the new SMR. How will individuals' current roles map to the new SMFs? Will approval or a notification be needed for each case?
- Prepare and draft new documentation – this will be required for SMF approvals and general compliance:
- Firms will need to have a Statement of Responsibilities document for each senior manager, to be provided to the regulators when applying for approval.
- The Statements will form part of a Responsibilities Map document, which draws together the firm's overall governance framework.
- Amend letters of appointment and employment documentation.
- Prepare template handover documents.
- The regulators intend the approval process itself to be similar (wherever possible) to the current process.
- The scope of these changes is restricted to relevant firms. For a group of companies, it will be important to assess the manner in which it applies to the various companies and individuals within the group. Individuals may have mixed roles and responsibilities across different group companies and groups may need to run various senior manager and approved persons regimes simultaneously.
- Review your senior management and controlled functions structure:
- Which jobs, roles and responsibilities have been specified as an SMF by the PRA and/or the FCA? Are you clear how you will identify these roles (e.g. the PRA's quantitative criteria to identify the Head of Key Business Area Function)?
- Who is performing these functions in your organisation; do you want to engage those who might be impacted in the near future as part of succession planning?
- Decide which specific responsibilities should be allocated to which senior managers. Do you know which responsibilities are PRA/FCA "prescribed responsibilities"? Do you want to clarify your position on non-prescribed responsibilities?
- Identify the content required in the Statement of Responsibility for each Senior Manager according to their allocated responsibilities.
- Identify how you will assess fitness and propriety, and at what intervals. Prepare or amend policies and procedures to reflect this approach.
- Identify the scope and content of your firm's Responsibilities Map.
- Identify what supporting documentation and processes are required for the Responsibilities Map (and the underlying governance framework).
- Allocate responsibility for and relevant stakeholder involvement in creating and updating the Statements of Responsibility and the Responsibilities Map and who has responsibility for submitting them to the regulators (and resubmitting when changed significantly).
- Anticipate that, on a practical level, the proposals are likely to have a material impact on senior management engagement and the talent pool, with implications for recruitment and succession planning. Will recruitment take longer? Should this be more hard hitting, with a quasi-SMF approval element hardwired into the search and selection process?
- Consider the additional investment needed for personnel issues (e.g. training, performance management).
- The personal implications could well trigger defensive record-keeping by individuals. To counter the potential for negative sentiment to flow from this through the overall workforce, firms should support those in SMF with this element.
- Individuals should evaluate and challenge the management information they are provided: is it sufficient for their needs, to ensure they can deliver oversight with personal protection? Firms must be prepared to support their senior management to work through this and challenge their own processes.
It is advisable to spend time taking on board the specifics of the proposals as much of the relevance to your firm and employees will involve analysis of the detail against the nuances of your firm's structure and business as well as the individuals' roles and personal circumstances. You should also encourage and allow for individuals taking their own advice because of the personal implications from these changes.
From a Human Resources perspective, the rules allow for the idea that a SMF may be split between two individuals, perhaps to recognise job-sharing arrangements.
The role of non-executive director (NED) may well become less attractive as NED roles will be within scope of these proposals, which may counter initiatives on diversity or improving the way in which NEDs carry out their roles.
Regulatory references and approvals will need to contain prescribed information. This is not intended to require disclosure of protected characteristics as the proposals are aimed at disclosure of conduct rule breaches and firms will continue to be covered by existing obligations to ensure references are true, fair and accurate. Data protection considerations need to be an integral part of your strategy.
Firms must capture the various strands and requirements of layers of legislation and regulation and differences between the UK requirements and other jurisdictions, particularly where an overseas individual is classified as a SMF in the UK.
Firms are likely to be affected by a range of forthcoming legislation, such as MiFID II, with subtly different or additional governance, management and remuneration requirements. The MiFID II proposals are less structured but the process developing on this front may form the blueprint for firms within scope of MiFID II and the concept is in its infancy for insurance firms.
So, while measures are inevitable, all firms ought to take the chance to influence the way ahead on this front. To this end, we recommend you consider the 30 questions posed in the consultation paper.
When considering the Accountability Consultation (PRA CP14/14, FCA CP 14/13), it is important to have regard to the accompanying consultation and policy statement: