HM Treasury confirmed today that the Financial Services Bill has received Royal Assent. This means that the PRA and FCA will become responsible for regulating the UK financial services industry from 1 April 2013. In the lead up to "legal cutover", many aspects of the new regime need to be finalised and firms must be ready to react to developments as they happen over the next few months.

Proposals published by the FSA (CP12/26) for tailoring the Approved Persons Regime to the new regulatory structure endeavour to provide a single path for approval applications involving both regulators. However, proposed regulations to govern approved persons are so complex that they seem likely to create a significant risk of non-compliance from the outset, as dual-regulated firms struggle to map the regulations to their existing arrangements.

Key issues for dual-regulated firms

  • Proposals to split the current Approved Persons Regime between the FCA and the PRA seem likely to create considerable confusion for firms and undermine the integrity of the Register as a public record of individuals performing controlled functions.
  • Imposing regulatory obligations on approved persons to meet APER standards for conduct falling outside of their controlled function is a significant extension of the Approved Persons Regime, which has yet to be properly justified.
  • Exposing an approved person in a dual-regulated firm to action from either or both of the PRA and the FCA for the same breach of APER is not consistent with principles of good regulation

We summarised proposed changes to the Approved Persons Regime to reflect the abolition of the FSA in our October briefing. This briefing looks more closely at some of the implications of those changes for dual-regulated firms.

1. Approach to amendment of Approved Persons Regime

The general approach applied in CP12/26 to amendment of the Approved Persons Regime is consistent with that taken to the FSA Handbook as a whole. So, when the PRA and FCA acquire their new powers at legal cutover, provisions within the FSA Handbook will be adopted by the PRA, the FCA or by both regulators to form new PRA and FCA Handbooks. Changes made now should be limited to those that are necessary to support the creation of the new regulatory structure (although aspects of the FSA's proposals, including in the context of the Approved Persons Regime, rather stretch the meaning of "necessary").

In due course, both the PRA and the FCA are expected to make further amendments to their rulebooks to align them more closely to their individual objectives and functions. This means that dual approved persons will be measured against two APERs which will inevitably begin to diverge.

Applying this approach, the Approved Persons Regime for individuals at FCA-authorised firms will not feel very different after legal cutover (subject to the extension of scope discussed below). The position is considerably more complicated, however, for dual-regulated firms, including banks and insurers. So complicated, in fact, that we question whether firms will be able to apply the proposals in practice.

2. PRA/FCA split in controlled functions

Under the FSA's proposals, the existing list of controlled functions will be split between the PRA and the FCA (see table). This approach is intended to satisfy the "minimum duplication" requirement contained in the Financial Services Act 2012 (Act).

Going forward, the PRA and the FCA will both be able to specify significant-influence functions (SIFs) as controlled functions. The Act requires the FCA to exercise this power in a way that minimises the chance that duplicate SIF approvals will be required, which is welcome.

PRA and FCA controlled functions

Click here to view table.

In most cases, the split of controlled functions between the PRA and the FCA means that responsibility for a particular function will be taken by either the PRA or the FCA, but not both. By way of exception, two new non-executive director functions - CF2(PRA) and CF2(FCA) - will replace (and together have the same scope as) the existing CF2 function:

  • The CF2(PRA) function covers anyone who falls within the current definition of CF2 and who performs one or more of a number of specified sub-roles, such as Chairman or Chair of the audit committee.
  • The CF2(FCA) function covers the remaining aspects of the current CF2 function. Presumably, this means that it covers all non-executive directors who either perform a different sub-role or who have no additional duties to those that always come with being a non-executive director.

Although there is significant overlap between the two new functions (in the sense that one individual may be caught by both at the same time), they will operate as separate functions from legal cutover and will interact accordingly. In practice, this means that anyone moving between CF2(PRA) and CF2(FCA) will be performing a new controlled function and must make a separate application for approval.

For example, if a non-executive director who has been approved to perform the CF2(PRA) function because he is Chair of the audit committee steps down from that role but remains a non-executive director, he will require separate CF2(FCA) approval, even though he would have been assessed for the FCA role as part of his original PRA approval. Similarly, a non-executive director who has no additional functions (and therefore only requires CF2(FCA) approval on his appointment) but is subsequently made Chairman will require separate CF2(PRA) approval in respect of his new role.

This approach seems unnecessarily complex and we question whether the split of controlled function CF2 in the way proposed is really required. (See further discussion below)

3. Interaction between PRA CFs and FCA CFs

The operation of the Approved Persons Regime can be relatively simple where an individual performs controlled functions that have been assigned to only one of the PRA and the FCA. Where a person is to carry on both PRA and FCA SIFs, the position is, however, more complicated as both regulators will wish to play a part in the assessment of that individual's suitability for the role.

Seeking to minimise the situations in which dual applications must be made, the regulators have decided that a single application need only be made to the PRA, and not to the FCA, in specified circumstances.

Click here to view table.

For example, a single application to the PRA is needed if a non-executive director will be performing functions caught by both CF2(PRA) and CF2(FCA). The FSA states that, in such cases, PRA approval "will effectively expand to cover the FCA controlled function as well". On its face, this approach is helpful, but points to note are:

  • A single application only works where the roles are being applied for at or around the same time.
  • The FCA will always be involved in assessing a person's suitability for the roles which he will have. Both the PRA and the FCA will be able to refuse the application.
  • Separate applications must be made if a person takes on additional roles or changes his role after initial approval has been given. For example, if an individual approved for both CF2(PRA) and CF2(FCA) functions ceases to carry on his PRA role, he will need to make an application to the FCA.
  • Separate applications will also be needed where overlap occurs in a situation not identified by the FSA.

The need for a fresh application is understandable where a person's role expands into a controlled function that was not encompassed within his original application. It is less clear why an application might be needed if an individual merely reduces his role, without taking on any new responsibilities. If a person is assessed properly in the first instance for all aspects of his role, and with the involvement of the both the PRA and the FCA, there should be no need for a further application if he ceases to carry on part of that role.

The FSA's proposals in this context also have consequences for the public Register (a register kept jointly by the PRA and the FCA, which will replace the FSA Register):

  • Although PRA approval will cover both an individual's PRA controlled function and his FCA role, only the PRA controlled function will appear on the Register.
  • Where an individual moves between PRA and FCA controlled functions and is required to make a fresh application for approval, the Register will not record that change for a period of time, to allow the new approval to come through. The FSA acknowledges that this means that a person may temporarily hold a function that does not fully reflect the role he is performing – it is not clear whether he will have regulatory liability for the function he is no longer performing during that period - while the Register may show a firm as having, for example, two chief executives for a brief period.

Both of these consequences undermine the value of the Register as a complete and public record of individuals within regulated firms who hold specified responsibilities at any one time. It certainly cannot be right for the Register to state that a person performs a particular controlled function when it is known that he no longer does so. It is also questionable whether the Register should contain different amounts of information about different firms where there is no substantive reason for it doing so.

Such lack of transparency would not be necessary if a person's approval for both PRA and FCA controlled functions was carried out properly at the outset and reflected fully in the Register. Subsequent changes can then be carried over into the Register as soon as they become effective; there should be no need to wait for further approvals.

The FSA's proposals in relation to the interaction between PRA controlled functions and FCA controlled functions are, in our view, excessively complicated.

4. Statements of Principle and Code of Practice for Approved Persons (APER)

The PRA and the FCA will have their own APER. The not entirely straightforward way in which the FCA and PRA rulebooks will apply to dual-regulated firms is illustrated in the following table.

Coverage of PRA/FCA APER: Dual-regulated firms

Click here to view table.

This table highlights one of the more controversial proposals made in CP12/26, namely the extension of the application of APER beyond the performance by an individual of the controlled functions for which he has been approved. The FSA argues that this proposed change reflects an expectation that approved persons should apply the same standards of behaviour to their wider roles as they do to the performance of controlled functions. This statement falls short, however, of a proper justification for a change of such significance.

The FSA's proposal raises the following specific concerns.

Definition of "significant-influence function"

The Act defines a "significant-influence function" as:

"a function that is likely to enable the person responsible for its performance to exercise a significant influence on the conduct of the authorised person's affairs, in relation to the carrying on of a regulated activity by that authorised person".

The breadth of this definition, combined with its lack of connection to the specification of functions by the regulators, introduces a degree of uncertainty into the scope of the Approved Persons Regime that does not exist at the moment. However, if an approved person is going to be subject to APER standards of conduct in respect of a SIF for which he is "responsible" but which is not specified as a controlled function, it is important that allocation of responsibility for the business or relevant part of the business is specifically laid down – whether through regulation or guidance, in firm policies and procedures or by management directive.

"Influence"

Applying the definition of a SIF in the Act, the word "influence" is plainly intended to extend beyond direct decision-making and we assume that it would include a person's participation in joint decision-making. It is less clear, however, whether it would cover the making of recommendations or the giving of advice where those recommendations or that advice are usually followed by the firm.

We also question whether it would extend to expressions of opinion by someone whose position is viewed as authoritative or, even, by someone who is viewed as authoritative by virtue of his or her personal strength, leadership qualities, effectiveness or engagement. We would argue that regulatory scope and responsibility should not be determined by reference to an individual's personal characteristics, still less by the reactions of others to a particular individual.

The disconnect between the definition of a SIF in the Act and the specification of controlled functions leaves firms in a position of having to decide whether individuals are performing SIFs over and above the controlled functions for which they have approval. Absent such specification, we believe that the regulators should issue guidance to firms on how to determine whether a person has "significant influence".

In-house legal advice

As presently framed, the proposals could bring the nature and competence of legal advice provided to a firm by in-house lawyers who hold a PRA or FCA SIF function within the scope of regulation.

To open such legal advice up to the scrutiny of financial services regulators would represent a significant erosion of the firm's right to legal privilege, a fundamental human right recognised by the English common law, and which the European Court of Human Rights held in Campbell v United Kingdom [1992] 15 EHRR 137 to be part of the right to privacy guaranteed by Article 8 of the European Convention of Human Rights. Indeed, section 413 of FSMA recognises that persons cannot be required to produce or disclose protected items (including privileged communications).

Double jeopardy

Finally, the FSA's proposals mean that an approved person within a dual-regulated firm may be exposed to action by either or both of the PRA and FCA for breaches of both versions of APER.

We do not believe that this approach is justified. An individual should be able to know from the outset which regulator has jurisdiction over a particular matter and should not be exposed to action from the other regulator for the same breach.