The highly anticipated FCA Consultation Paper (CP17/25) on the extension of the Senior Managers and Certification Regime (SMCR) to all financial services firms was released yesterday, 26 July 2017. The SMCR is already place for banks, building societies, credit unions and PRA designated investment firms.The proposals are designed to develop an accountability system that focuses on senior manager and individual responsibility, and it forms a key part of the FCA’s ‘Culture & Governance Priority’ with an overarching aim to reduce harm to consumers.
Deloitte has worked closely with a range of banks and insurers since the proposed SMR rules were first announced in July 2014. Currently we are assisting our asset management clients and other financial services firms to prepare for the extension. Our extensive experience to date suggests early engagement from firms is vital to prepare for implementation of the proposed changes. Below we outline the key components of the extension and steps which firms should be taking in order to prepare for implementation in 2018.
Categorisation of firms in scope of SMCR extension
The extended SMCR will impact a diverse and extensive range of firms, with varying business models and governance structures. Accordingly, the FCA has proposed to take a proportionate and flexible approach; splitting SMCR requirements into ‘limited’, ‘core’ and ‘enhanced’ categories*.
- Limited Scope Firms – will have fewer requirements than Core Firms and covers firms which currently have a limited application of APER;
- Core Firms – will have a baseline of SMCR requirements, most firms will fall within this category; and
- Enhanced Firms – approximately 1% of firms who will be subject to additional requirements.
*Which category a firm falls into will depend upon its size, complexity and potential impact on consumers.
The below flowchart as outlined on page 14 of CP17/25 can assist firms to determine if the Limited, Core or Enhanced regime applies.
The SMCR extension echoes existing requirements already in place for banks
The proposed extension requirements reflects the three existing components of SMCR:
Senior Managers Regime - Senior Management Functions (“SMFs”) will replace existing Significant Influence Functions outlined in APER. SMFs are likely to be those individuals in a firm who are decision makers and who have the greatest potential to cause harm or impact upon market integrity and include roles such as the Chair, Chief Executive, Executive Directors, Partners, Compliance Oversight, and Money Laundering Reporting Officer. SMF allocation will be dependent on whether the firm is categorised as a Limited, Core or Enhanced firm.
Certification Regime - requires firms to annually certify the fitness and propriety of certain key employees in ‘significant harm-functions’ that could “have a big impact on customers, the firm and/or market integrity”. This replaces FCA regulatory approval for individuals who are not Senior Managers and include roles such as persons holding a significant management function, traders, CASS oversight, client dealing roles, material risk takers, and anyone who supervises or manages persons performing a role that is required to be certified.
Conduct rules – seek to replace existing Approved Persons principles with a “new set of enforceable rules that set basic standards of good personal conduct, against which the regulator can hold individuals to account”.
The SMCR for insurers
Insurers already apply a revised version of the Approved Persons Regime (APER) and the Senior Insurance Managers Regime (SIMR). The PRA and FCA are separately consulting on extending the SMCR to insurers and PRA CP14/17 and FCA CP17/26 respectively were also published on 26 July.
Some of the key proposed changes for insurers include:
- The application of the Certification Regime which will apply to employees who are not SMFs but who hold a role which could cause significant harm to the firm or its customers;
- The application of the Conduct Rules which propose new, high-level standards of behaviour that will apply to almost all employees who undertake activities within a firm;
- The application of the Duty of Responsibility, which will enable the regulators to hold Senior Managers in insurance firms accountable if a breach of a regulatory requirement occurs in their area of responsibility; and
- Amendments to the Prescribed Responsibilities that firms will need to allocate amongst SMFs.
Additional changes for banks
The FCA has also proposed some changes to the existing SMCR for banks:
- An additional Prescribed Responsibility has been proposed which requires the SMF to make sure that the firm trains its staff in Conduct Rules and complies with the FCA notification requirements.
- Applying the Partner Senior Management Function (SMF 27) to banking firms.
What steps should firms be taking now?
The consultation will close on 3 November 2017. A Policy Statement containing final rules is expected in summer 2018. Our extensive experience of implementation of the SMCR within the banking sector suggests early engagement from firms will be vital to prepare for the changes proposed within CP17/25. The key areas in which firms can make progress now are:
- Identify a dedicated and senior project sponsor early to allow for adequate planning and assignment of responsibility for the implementation of SMCR;
- Determine whether the ‘limited’, ‘core’ or the ‘enhanced’ regime will apply and the scope of the changes required;
- Socialise the SMCR requirements to senior management to ensure early engagement and assist with the transition process;
- Reflect on whether current governance arrangements are clear, transparent and aligned to legal entity structure;
- Determine the impact to your firm’s functions and processes, start mapping changes that are needed to meet SMCR requirements particularly employee processes; and
- Consider any key issues that the SMCR brings to your firm and feed this back within the consultation process.