In May 2014, Mark Carney, Governor of the Bank of England, wrote an article about the regulation of insurance in which he referred to the Bank’s intention to create a regime for senior insurance managers similar to the senior managers regime which will be imposed on banks sometime next year. This was followed up by a reference in the PRA’s recently published Annual Accounts to the implementation of a senior managers’ regime for insurers.
The senior managers regime
The approved persons regime – the mechanism by which senior individuals within UK financial institutions are held accountable to the FCA/PRA – has been modified by the Financial Services (Banking Reform) Act 2013 (the “Act”). In particular, the concept of a “significant influence function” has been replaced by one of a “senior management function” (“SMF”). The Act applies – at present – only to “relevant authorised persons”. That is, UK institutions that are:
(a) authorised to accept deposits; or
(b) investment firms which have permission to deal in investments as principal (when so dealing is a PRA-regulated activity).
While insurers are currently expressly excluded from the definition of “relevant authorised persons”, recent publications from the Bank of England and the PRA indicate that the senior managers regime will be extended to insurance companies (at some point, although there is no word yet on when). This is the logical next step in the regulators drive to improve individual accountability across senior management in the financial services sector.
The PRA and FCA published on 30 July 2014 a joint consultation paper on implementing the senior managers regime (CP14/14: Strengthening accountability in banking: a new regulatory framework for individuals). Although currently the regime will only apply to those mentioned above, insurers should take note of the following key provisions.
Statements of responsibilities
The flagship reform in the senior managers regime is the introduction of a “statement of responsibilities”. Such a statement – to be included in the application of a person seeking to perform a SMF – will set out the aspects of the relevant firm’s affairs which the applicant will be responsible for managing. The intent is to make it easier to hold to account particular individuals should something go wrong.
Fit and proper persons
The general vetting process remains largely unchanged and involves an assessment of whether the candidate has the necessary qualifications, training and competence required by the rules made by the regulator. However, there is now a fourth limb requiring an assessment of whether the individual has the necessary “personal characteristics” required by the rules. In addition, firms themselves will now need to apply the FCA’s/PRA’s fit and proper person test to candidates prior to the candidate seeking approval.
Certification of other employees
The FCA/PRA will also have the power to specify additional functions for which certification will be required before they can be carried out by an employee (who need not be one of those employees exercising a SMF). So long as the function is a “significant-harm function” (and is not a controlled function), the FCA/PRA can specify that the relevant authorised person will – before issuing a certificate – be required to satisfy itself that the individual is a fit and proper person to perform the function. A “significant-harm function” is a function the performance of which poses a risk of significant harm to the firm or its customers.
Other, more general, changes brought about by the Act’s SMF provisions are:
the introduction of more extensive powers for the on-going monitoring of those exercising SMFs; and the introduction of the ability of the FCA and PRA to set rules regarding the conduct of approved persons in relation to “qualifying functions” (which need not relate to regulated activities).
The Act has redefined the scope of what constitutes “misconduct” for FCA/PRA purposes and introduced the criminal offence of causing a financial institution to fail.
Of the three ways a person can be found guilty of misconduct, the definition that applies specifically to senior managers bites if the firm has breached a (FSMA or EU) “relevant requirement” and the senior manager was responsible for the area in which the breach arose. The senior manager will have a complete defence if he/she can show that he/she took such steps as a person in his/her position “could reasonably be expected to take to avoid the contravention occurring (or continuing)”.
A senior manager will commit the criminal offence of causing a “financial institution” (which has an identical definition to “relevant authorised person”) or a “group institution” to fail if:
he/she takes, agrees to the taking of, or fails to prevent the taking of a decision which causes the “financial institution” (or a group institution) to fail; he/she was aware, at the time of the decision, that the decision could cause the failure of the group institution; and his/her conduct fell, in all the circumstances, “far below what could reasonably be expected of a person” in his/her position.
The maximum sentence is imprisonment for 7 years and/or a fine.
Extension of the senior managers regime to insurance companies
As touched upon above, the Act contains specific provisions excluding insurance companies from the scope of the senior managers regime. The PRA will, therefore, need to have the Act amended in order to extend the regime to insurers. It is likely that such amendment would come in the form of a statutory instrument, taking advantage of a so-called “Henry VIII” clause in the Act (a draft of this secondary legislation would, however, need to be laid before and approved by resolution of both Houses of Parliament).
We will continue to monitor and report on any developments.