Senior Management and Certification Regime


Senior Management and Certification Regime

Why should you be interested in the Senior Management and Certification Regime?

If you run an investment advice business, mortgage, wealth management firm, or just about any other type of FCA authorised firm, the Senior Management & Certification regime (SM&CR) will apply to you. It is now expected to be introduced on the 9th December 2019.

Some estimates suggest that SM&CR may result in a 20-fold increase in managers with personal regulatory responsibility, from 3,000 in 2016 to 72,000 in 2019.

In this blog, I will look at the key changes and what you can do to prepare now for it’s introduction.

What is the SM&CR?

To answer this, i have to go back in time a little. In March 2016, the FCA rolled out a similar regime to the large banks and insurers. This was inspired by the Credit Crisis and the attitude of regulators in the USA who have taken the lead in making senior managers responsible for their actions. In this country, too often senior managers have been able to hide behind corporate ‘collective responsibility’ with the result that rarely have individual’s been hauled over the coals for their actions – however badly these have impacted on consumers. Take RBS and it’s take over of ABN Amro, for example.  Insurers will come into the SM&CR regime in December 2108 and all the remaining 46,000 or so authorised firms will be subject to it by Q4 2019 (subject to Treasury approval).

SM&CR has (despite its name) three elements:
1. The Senior management regime – which broadly applies to those that currently hold a control functions because they are in a governance role within the authorised firm, e.g. CF1, CF3, CF10; and

2.The Certification regime – these are managers who are lower down the corporate ladder but who still, through their actions, could have a significant adverse impact on consumers. So the head of HR, Operations and the IT chief could be covered by this; and

3. Conduct rules. These are a beefed up version of the ‘Statements of Principle and Code of Practice for Approved Persons’ – but these new conduct rules will apply to just about every person in an authorised firm and not just the current relatively limited number of approved persons.

In other words, SM&CR will cover a much wider and larger population than the current approved persons regime (APER) but the numbers of people who are directly approved by the FCA is likely to reduce.

What’s the point of SM&CR?

SM&CR has two main aims:
1. Make senior managers and other staff more responsible for their actions and improve behaviours; and
2. To clarify and reinforce governance structures in all authorised firms.

What will change?

For full details, you will need to read the FCA’s consultation paper CP17/25 (or at least the executive summary). Click here for the link. If reading 392 pages is akin to a near death experience, here’s a synopsis of the important bits that will apply to ‘core firms’.

Here are the 7 things you need to know:
Senior management regime

1. The approved persons regime (as we know it) will be replaced. Only those individuals performing senior manager functions (SMFs) will be approved by the FCA in the new world, e.g. chair, chief executive, compliance oversight, and prescribed functions (see point 4).

2. Every SMF will have a statement of responsibility. This sets out their role and what they are personally responsible for if they fail to take ‘reasonable steps’.

3. Every SMF must be signed-off as being suitable to carry out their role by the firm at least annually.

4. Prescribed responsibilities. The FCA has identified six new roles that must be allocated to individual senior managers. These include oversight of the SM&CR, and the firms policy and procedures for fighting financial crime.

Certification regime

5. Most other managers are likely to be covered by the certification regime if they perform a ‘significant harm function’. This means that someone in their role could cause harm to the firm, customers or both. This is likely to cover any significant management function not covered by the senior management regime. For the first time, anyone that supervisors a ‘material risk taker’ such as any type of adviser, will also have personal responsibility under the Certification Regime. This part of the regime will also include existing CF30 roles. Under SM&CR, these will be ‘certified’ by the firm in the future instead of being authorised by the FCA.

6. Everyone covered by the Certification Regime, like senior managers, will need to be certified by the firm once a year that they are competent in the role. It is the firm that undertakes this. This includes conducting fit and proper checks at outset and annually.

Conduct rules

7. All staff in an authorised firm will be subject to new individual conduct rules except ancilliary staff, e.g. cleaners, receptionists. So para-planners, compliance and administration staff would be covered by conduct rules for the first time. The rules include wide ranging obligations, e.g. the need to ‘act with integrity’ and ‘pay due regard to the interests of customers and treat them fairly’. This will replace the current ‘Statements of Principle and Code of Practice for Approved Persons’ that currently only apply to just controlled functions. It will also dramatically broaden the number of staff covered by any sort of conduct requirements for the first time.

The very largest firms will be regarded by the FCA as ‘enhanced firms’. In addition to all of the above, they must also have responsibility maps (that show how responsibilities are allocated) and they will also be subject to handover requirements. Under these, a senior manager will need to sign to accept the role responsibilities. A successor with then sign to acknowledge that they are responsible from a given date. This is NOT a requirement for smaller firms, reflecting the FCA’s proportional approach to the wider roll-out of SM&CR.

We anticipate that existing approved persons will be grandfathered into the new SM&CR.

What should I be doing now?

Please remember that this a consultation document and things may be refined. Having said that, don’t pin too many hopes on anything significant changing as these proposals are, by and large, already in place for the banks. Any change is likely to be minimal given the political appetite for change.

Here are 7 steps to take now:
1. Determine which regime your people will be subject to.

2. Statements of responsibility. Start consulting and drafting these now as these should be clear and explicit. All senior management functions (SMF) will require one as will the FCA approval of any new SMR position.

3.Build value statements or conduct statements that are appropriate for your business and your clients. Measuring ‘conduct’ is a whole lot harder than assessing knowledge and will take time and thought to produce.

4. Train supervisors of mortgage, protection and general insurance advisers. Chances are they won’t have previously been trained to the same levels as those that supervise investment advisers.

5. Decide what training will be required – particularly for SMRs performing the prescribed roles and those who will be covered by the certification requirements. There is also a FCA obligation to train them so they understand how the rules apply to them.

6. Look at existing systems and procedures (such as the appraisal system and T&C) to see how they can be amended to support the  Certification requirements, e.g. the annual certification requirements and the subsequent notification of anyone who does not meet these requirements.

7. Determine which SMF(s) should pick-up the six new prescribed roles.

With best wishes

Ian Patterson

For details of how we might be able to help, click here

Related articles:
T&C Culture.  Click here 

Senior manager competence: getting it on the agenda. Click here

Marie Patterson
Ian Patterson