SM&CR – What should you be doing now to ensure compliance?
As you will have seen from the previous articles in our series, the Senior Managers & Certification Regime (SM&CR) comes into force in December for solo-regulated firms, meaning that almost every regulated financial services firm will be under the regime. The implementation date appears quite a long time away but, as ever, there are steps you should be taking right now!
This article aims to explore those steps, but first allow me to provide a very brief reminder of what the new regime is all about. SM&CR, created due to the difficulty the FCA faced in identifying the responsible person for failings in regulated firms during the financial crash, also aims to extend the accountability regime to more individuals within firms, rather than the small number of senior managers that the current Approved Persons regime applies to. SM&CR is designed to create accountability throughout the organisation, rather than only at the top, achieving this through its three constituent parts:
The Senior Managers Regime which is the direct replacement for the Approved Persons Regime
The Certification Regime which applies to certain staff members who are not senior managers but who still could adversely impact the customer, firm or market
The Conduct Rules which apply to nearly all individuals within the firm
Firms are required to have a statement of responsibilities for each senior manager. Whether they are required to be submitted to the FCA depends on whether the senior manager is new to the firm after day one of SM&CR, or whether they are a current Approved Person who has “transitioned” to the new regime. Firms must also ensure that the prescribed responsibilities that are applicable to their firm are allocated to the most appropriate senior manager. There are ongoing obligations to keep the FCA updated whenever a senior manager changes their responsibilities, and the FCA must be notified if there is a breach of the Conduct Rules; within 7 days for senior managers. Firms need to set up fitness assessments for new senior managers, as well as for those falling under the certification regime.
In respect of the Conduct Rules, firms must train those under the senior managers and certification regimes prior to implementation, and almost everyone else within one year of the start of the regime.
Firms will also need to establish a method of recording disciplinary action due to a breach of the conduct rules, so that they are able to complete regulatory references and comply with FCA reporting requirements. RB Compliance can provide further details upon request. For now, however, we’ll look at what steps should be taken right now.
While the actual transition of Senior Managers for Limited Scope and Core Firms (for guidance on the meaning of Limited Scope and Core firms visit read our post on Preparing for the Senior Managers & Certification Regime) is very simple (in most cases these firms don’t need to do anything other than check the FCA register after implementation day, train the senior managers on the conduct rules before implementation day and have statements of responsibilities ready before implementation) there are some additional steps you should take fairly soon, these include:
As ever the first step will be creating a gap-analysis so identify where you are against “what good looks like” under the new regime;
The second step is likely to be the creation of an action plan, such actions are likely to include the below;
Deciding who the senior managers will be, amending their controlled functions or, where possible, hiring a new senior manager well in advance of transition day - those that transition from the approved persons regime get a much easier ride than those who are new at, or around, December and thus need to apply under the new regime, the main difference being that there is no need to submit the Statement of Responsibility, to the FCA;
Identify those falling under the certification regime
Review recruitment processes to ensure that the fitness requirements for new senior managers and certification staff are met
Decide how you will conduct the annual fitness re-assessments, where you decide this will be completed through staff appraisals you should review your appraisal mechanism to ensure that the team is appraised against each element suggested in FIT
Start to think about how senior managers will evidence their compliance with the Duty of Responsibility and, perhaps, additional steps which could tighten your quality assurance and governance frameworks, this is probably the largest piece of work so should be started as soon as possible. Do not underestimate its importance, this could be the piece which prevents serious sanctions against individuals in the event of a failure.
Firms should look to move on the steps above for now but start to plan a time to complete the below:
Processes will need to be built to identify when disciplinary action is being taken against a member of staff and if that action is a breach of the conduct rules with the information recorded so that FCA reporting requirements may be met. Similarly, processes should be created to report conduct rules breaches. In line with this, firms should review the Privacy Notices they provide to members of their team.
Review your use of NDAs as those which prevent compliance with the regulatory reporting requirements are banned
Purchase tier one conduct rules training ready for your staff to complete within one year of the new regime, see https://www.rbcompliance.co.uk/compliance-resources
Purchase tier two conduct rules training ready for senior managers to complete prior to December 2019
Enhanced firms need to take additional steps at an early stage, these include the formation of a Responsibilities Map, logically this would be prior to, and part of, establishing which senior managers fall under the SMR and for which function. Once established the firm would, ideally, ensure that senior managers are approved for their corresponding controlled function prior to transition to the new regime.
#accountability #ApprovedPersonsRegime #CertificationRegime #SeniorManagersandCertificationRegime #ConductRules #limitedscope #core #enhanced #StatementofResponsibility #SoR #FITHandbook #DutyofResponsibility #processes #ResponsibilitiesMap