Accountability, risk and reward: the new regulatory framework for senior managers and certification staff


Introduction
In July 2014, the FCA and the PRA issued a joint consultation paper “Accountability – Strengthening accountability in banking: a new regulatory framework for individuals (PRA CP14/14, FCA CP 14/13)”. This has been followed by further consultation papers:
Strengthening accountability in banking: forms, consequential and transitional aspects (PRA CP28/14, FCA CP14/31)
Approach to non-executive directors in banking and Solvency II firms & Application of the presumption of responsibility to Senior Managers in banking firms (PRA CP7/15, FCA CP15/5)
The proposed new regime addresses senior management responsibility and accountability demonstrating the political and regulatory desire for financial services firms to operate responsibly. It is the regulators’ desire that senior personnel lead by example to implement cultural change. Subject to final confirmation, the proposed arrangements will come into force on 7th March 2016. There is less than a year to go!
The proposals are far-reaching, with four strands:
A new Senior Managers Regime
A new Certification Regime
A new set of Conduct Rules and
New fitness and propriety requirements
The CPs have proposed significant changes to the way in which individuals working for UK banks, building societies, credit unions and PRA-designated investment firms are assessed and held to account.
However, a much wider set of firms needs to be aware of these proposals. Will all investment firms shortly be expected to follow a similar path? Certainly insurance firms will be subject to a parallel set of requirements for Senior Insurance Managers and approved persons in Solvency II firms (PRA CP14/26 and FCA CP14/25)
In this article we investigate some of the main alterations to the senior managers regime although the joint CP is a significant paper and firms would be wise to work through it to ensure they understand its consequences relative to their own specific situation.
These arrangements will apply to UK banks, building societies, credit unions, PRA-designated investment firms and UK branches of foreign banks.
The Senior Managers Regime
The FCA and PRA propose that a framework is implemented to ensure individuals take greater responsibility for their actions and can be held to account by their firms and / or the regulators themselves.
Main features
The Senior Managers Regime (SMR)
will apply to those in
Senior Management Functions (SMF), which will be specified by the relevant regulator. SMFs will replace the current Significant Influence Functions (SIF).
Individuals performing a SMF will require pre-approval by the relevant regulator.
The regulators have specifiedthe functions affected by the new regime. These include the
Chairman, Chief Executive function (CEO), Chief Risk function (CRO), Chief Finance function (CFO), Head of Internal Audit, Head of key business areas, other Group Entity Senior Managers Additionally, certain non-executive directors including the Chairs of the Risk, Audit and Remuneration committees and the Senior Independent Director.
The senior managers are required to undertake a wide range of prescribed responsibilities.
In addition relevant key functions drawn from the table below are to be allocated to an appropriate SMF holder:
Financial crime Mortgage advice Origination, syndication and underwriting
Settlement Retail and wholesale lending decisions Quality assurance of sales
Investment management Financial or investment advice Customer complaints handling
Investment research Corporate investment Business continuity
Retail and wholesale sales Information technology Payment services
Customer service Human resources Collections and recoveries
Client assets Design and manufacture of products for retail and wholesale customers Incentive schemes for the firm’s staff.
Trading for clients
Each SMF holder will be required to have a Statement of Responsibilities which sets out in detail their specific responsibilities and key functions. This forms part of the information required for approval and any subsequent significant amendments will need to be submitted to the regulator.
In addition, each firm will be required to produce a firm-wide“responsibilities map” providing clarity for individuals in terms of their role, their proposed SMF and confirmation that there are no gaps in responsibility.
Annually, each firm’s board will need to verify that there are no gaps in the allocation of responsibilities within the firm.
The proposals include hard hitting personal liabilities including a presumption of responsibility that the SMF in question will be guilty of misconduct unless he or she has taken reasonable steps to avoid the contravention. In addition, there will be potentail criminal liability for making reckless decisions that cause a firm to fail (7 years prison/unlimited fine).
The SMR may apply to individuals in the UK or based overseas, where they are in a SMF for a UK-supervised firm.
The SMR covers a much smaller population than the current Approved Persons regime (APER). The number of individuals subject to prior approval will be significantly fewer compared with the current Significant Influence Functions (SIF)
There will be grandfathering provisions, with relevant current SIFs transferring to a specified destination SMF. Whether an individual needs a fresh approval or a notification will depend on a case-by-case assessment. The grandfathering requirements will need careful consideration.
A senior manager responsible for a specified function where the contravention has occurred, could be held accountable for non-compliance if the regulators are not satisfied that the senior manager has taken reasonable steps to prevent or stop a contravention of regulatory requirements in their area of responsibility (a Presumption of Responsibility). The Presumption of Responsibility places an evidential burden (i.e., the burden of proof) on the SMF. This is not strict liability but is a requirement for the individual to prove they took “reasonable steps” to act on the non-compliance.
In certain extreme situations, senior managers may face criminal liability for the offence of “reckless decision making that causes a bank, building society or PRA-designated investment firm to fail” (although this provision does not apply to senior managers at credit unions).
The Certification Regime
The Certification Regime (CR) will apply to those individuals affected whose actions could cause a material harm to the firm or its customers. In practice, this will mean the following people:
Material Risk Takers – Individuals whose actions could have a material effect on the firm.
Customer facing staff – Individuals in roles that are subject to a qualification requirement, eg mortgage advisers and investment advisers.
Supervisors – Individuals who supervise or manage those included in the CR (unless they are already SMFs).
Approved Persons – Any individuals who are currently covered by the Approved Persons Regime but are not SMFs (e.g. CASS oversight function, MLRO),.
The key implications of the Certification regime are:
Those people covered by the CR will not be registered individually with the FCA or PRA or subject to prior approval by the regulators. Instead firms will need to certify that individuals performing these functions are fit and proper to do so.
Individuals who hold more than one certification role will need to assessed as fit and proper for each of these roles, though all the roles may be covered by a single certificate.
Whilst the regulators wont approve individuals within a firm’s CR, they will require a senior manager in the firm to be responsible for the internal assessment and certification process.
Certification will need to be renewed annually. Firms are expected to have a period of up to 12 months in which to issue their certificates, to enable the process to be harmonised with the firm’s existing appraisal cycles.
New Conduct Rules
The new arrangements also include Rules of Conduct. These will apply to all staff falling within the scope of SMR and CR. In addition, the FCA proposes that that the Rules of Conduct will apply to all other employees engaged in regulated activity. This will mean that only a very few ancillary staff will be exempted (e.g. building security and catering staff).
Key implications of the new Conduct Rules are:
The new Rules of Conduct will replace the existing statement of Principle and Code of Practice for Approved Persons
As previously, some of the Rules will apply to all staff and some will apply only to SMFs.
Firms will be expected to ensure that all staff understand the Rules of Conduct in principle and are trained in how they apply to their specific roles.
Firms will be required to notify the regulator if an individual has breached the Conduct Rules. The notification period varies between 7 days and 3 months depending on the regulator and the role of the staff involved.
Individuals who will be in a firm’s SMR and CR will have to be trained before the start of the new regimes with all other employees trained within 12 months after the start of the new rules.
Fitness and Propriety (F&P)
Individuals in the SMR and CR will have to be assessed as being fit and proper to undertake their functions. This assessment will have to take prior to appointment (and as part of the prior approval process for SMFs) and annually thereafter.
Key implications of F&P requirements are:
The existing regulations in respect of fit and proper assessments will be kept in the new regime in the main.. However, the regulators have stated that some changes will need to be made to the assessment process, particularly around supporting evidence required including CRB checks.
Firms will need to notify the relevant regulator of any individuals holding SMFs that fail the annual
Any individuals covered by the CR who are found to be failing to meet the regulatory standards may have their Certification status withdrawn.
Any individual applying for a SMF or Certification function will need to evidence employment references for the last 5 years. This means that any firm receiving a reference request will have to disclose any breaches of a conduct rule and description of the disciplinary process and outcome.
What should affected firms do?
Identify who will be deemed to be in a SMF under the new arrangements and start allocating and mapping the prescribed responsibilities and key functions without delay.
Establish internal procedures and record keeping arrangements for determining the fitness and propriety of Certification Staff
Establish transparent fit and proper criteria for all SMFs and Certification roles
Plan how the new arrangements will integrate with existing performance monitoring, appraisal and Training and Competence arrangements
Start planning generic and role specific training provision for all staff on the Rules of Conduct
Plan how staff are to be made aware of the new requirements and the impact it will have on them and their lines of authority.