MiFID II, PSD2, GDPR and now SMCR – the latest acronym you are going to be hearing a lot about in 2019. This next compliance change is a product of the 2008 financial crisis.

In the wake of the crisis, the Parliamentary Commission on Banking Standards recommended a series of measures to improve standards in financial services. The PRA and FCA took these recommendations forward, by replacing the Approved Persons Regime with a new Senior Managers and Certification Regime (SMCR), for deposit takers and the largest insurance firms. Designed to increase accountability across the industry and to strengthen market integrity, the SMCR is now being extended to almost all financial services firms. The new regime is scheduled for implementation on 9 December 2019 and will affect businesses ranging from one person IFAs to asset managers with billions under management.

As firms begin preparing for the first phase of this new regulatory landscape, we outline the key changes coming up over the next 10 months and how you should be planning for them.

Identifying which elements of the SMCR apply

The FCA recognises that there is a wide range of different business models and governance structures that apply to the broad variety of firms that will be affected by the new regime. There will be a standard set of requirements for all but the smallest “Limited Scope” FCA solo-regulated firms, known as the ‘core regime’. But to ensure that the new regime is flexible enough to meet these different structures, there will be extra requirements for a portion of firms whose size, complexity and potential impact on consumers warrant more attention, known as the ‘enhanced regime’.

Action list:

  • Review regulatory guidance to determine whether the core, enhanced or limited scope regime applies
  • Analyse which SMCR requirements will be relevant. The core regime consists of three main elements: the Senior Managers Regime, the Certification Regime and the Conduct Rules
  • Engage senior executives at an early stage in the SMCR implementation process

Initial governance mapping and statements of responsibility

The SMCR introduces specific ‘Senior Management Functions’ (SMFs); as with the current Approved Persons Regime, anyone who holds an SMF will require pre-approval from the regulator before performing this role. The FCA are proposing to develop a new directory of financial services workers.

The SMCR also introduces seven new ‘Prescribed Responsibilities’ that must be given to Senior Managers and an additional responsibility for Authorised Fund Managers. This is to ensure that a Senior Manager is accountable for the key conduct and potential risks.

Senior Managers will have a ‘Statement of Responsibilities’ for this purpose, which sets out the areas they are responsible and accountable for. Firms will need to keep Statements of Responsibility up to date and resubmit them to the FCA whenever there is a significant change to a Senior Manager’s responsibilities.

Action list:

  • Prepare an initial governance map of the organisation, identifying all staff within the firm who will hold a SMF
  • Allocate prescribed responsibilities and prepare draft statements of responsibilities for Senior Managers
  • Initial training for all designated Senior Managers and meet with individual SMF holders to discuss mapping and statements of responsibilities

Issuing certificates to certified staff

Under the new Regime, firms must issue certificates to employees who will be performing FCA significant harm functions, to certify that they are fit and proper to perform their role.

Firms will need to identify their certified employee population by December 2019 and conduct a detailed review of role-specific qualification, training and competence requirements. Employers should be comfortable that their certification staff meet any role-specific regulatory requirements, or they may find themselves in a difficult position when the SMCR implementation deadline arrives. The FCA is proposing a phased arrangement over one year to allow for the more effective implementation of the certification regime in solo regulated firms, which means that the requirement to certify won’t arise until 2020.

Action list:

  • Review all current roles and identify who will be certified and the qualification, training or competence requirements for each position
  • Finalise an annual Fitness and Propriety Assessment Policy
  • Assess fitness and propriety of all certified staff and record decisions

Application of conduct rules to staff who are not senior managers or certification staff

New Conduct Rules will apply across firms to all non-ancillary staff. There is an obligation on employers in advance of this date to inform their employees about the application of the rules, how they work in practice and the consequences of breaching them.

Action list:

  • Identify all non-ancillary staff working within the firm who will be subject to the Conduct Rules
  • Provide conduct rules training across the firm to all relevant employees and explain the potential consequences of a breach

This article first appeared in the AltFi special report, March 2019.