The Senior Managers and Certification Regime (SM&CR) was introduced for dual regulated firms (those regulated by both the FCA and PRA) in March 2016. The spur was a general feeling in the wake of the 2008 financial crisis that the approved persons regime was not working effectively. From December 2019, SM&CR will be extended to cover all regulated firms. So how will the changes it brings affect single regulated firms – and what do they need to do to get appropriate systems and controls in place in good time.
SM&CR aims to reduce harm to consumers and strengthen market integrity by making individuals more accountable for their conduct and competence.
Specifically SMCR aims to encourage a culture in which staff at all levels take personal responsibility for their actions, and to ensure firms and their staff clearly understand – and can demonstrate – where responsibility lies.
Critically, SM&CR aims to embed personal responsibility into the functions held by the Boards and Senior Managers of regulated firms.
Core, Enhanced or Limited Scope?
There will be three tiers of firm under the SM&CR:
Core: firms in this tier will have to comply with the baseline requirements of SM&CR.
Enhanced: this will apply to a small number of firms whose size, complexity and potential impact on consumers or markets warrant more attention. These firms will have extra requirements.
Limited scope: this will apply to firms that already have exemptions under the Approved Persons Regime. These firms will be exempt from some baseline requirements and will typically have fewer senior management functions.
Documents required under SM&CR
SM&CR defines prescribed responsibilities that each firm must review and allocate to a member of the Senior Management team. This document is known as the Management Responsibilities Map, a firm is required to maintain a responsibilities map that outlines the areas of responsibility that is kept up to date.
Each individual is required hold a Statement of Responsibility that builds on the responsibilities map and outlines the areas the individual is personally responsible for. This will be augmented by a Handover Document that must be kept up to date to account for a planned or unplanned succession.
For Senior Managers the core concepts that affect individual accountability are as follows:
Senior Management Functions
The PRA and FCA have established a combined list of Senior Management Functions (SMFs) requiring regulatory pre-approval and who are subject to the SMR. The list replaces the existing Controlled Functions (CFs) under the APER and focuses on a smaller number of more senior roles. Generally, these roles are limited to those in the top two tiers of management within the firm (e.g. board of directors and executive management).
Accordingly, the list excludes a number of the current APER Controlled Functions typically occupied by less senior staff, including: the CF30 Customer function; the CF10a CASS Oversight Operation function. These roles are now captured under the Certification Regime.
The Certification Regime
Certification covers specific functions that aren’t Senior Management Functions, but can have a significant impact on customers, the firm and/or market integrity. The FCA won’t approve these people, but a firm will need to check and confirm (certify) at least once a year that these people are suitable to do their job.
If a role meets the definition of a Certification Function, the firm needs to make sure that anyone doing that role has been certified. This means the firm must check and confirm that the person is fit and proper to do the job, and issue them with a certificate.
This certification must be done at least once a year, and the firm should take into account whether the individual:
has obtained a qualification during the year;
has undergone, or is undergoing, training; and
possesses the required level of competence.
state that the firm is satisfied that the person is a fit and proper person to perform the Certification Function; and
set out the aspects of the firm’s business in which the individual will be involved
Some of the staff in scope of the Certification Regime may have been previously approved persons. The FCA won’t approve these people any more, as one objective of the Certification Regime is to reinforce that firms, rather than the regulator, are responsible for making sure their staff are fit and proper.
Fitness and Propriety
SMCR requires firms to evidence how they have established that an individual is fit and proper to carry out the Senior Management or Certified function. There are three elements:
- Honesty, integrity and reputation
- Competence and capability
- Financial soundness
These are a new set of enforceable rules that set basic standards of good personal conduct, against which the regulator can hold people to account. The Conduct Rules apply to staff directly, they will help shape the culture, standards and policies of firms as a whole and promote positive behaviours that reduce harm. The Conduct Rules are intended to improve standards of individual behaviour in financial services from the top down and the bottom up. They represent a meaningful change in the standards of conduct expected from those working in the industry. By applying the Conduct Rules to a broad range of staff the aim is to improve individual accountability and awareness of conduct issues across firms.
Two tiers of Conduct Rules apply to staff at all firms and build on the FCA’s principles for business that apply to firms themselves.
The first is a general set of rules that applies to most employees and directors in a firm
(see below for more detail on who these rules apply to). The second tier consists of
rules that only apply to Senior Managers. There is also one Senior Manager rule, SC4,
that applies to NEDs who are not Senior Managers.
First Tier – Individual Conduct Rules
- You must act with integrity
- You must act with due care, skill and diligence
- You must be open and cooperative with the FCA, the PRA and other regulators
- You must pay due regard to the interests of customers and treat them fairly
- You must observe proper standards of market conduct
Second Tier – Senior Manager Conduct Rules
- You must take reasonable steps to ensure that the business of the firm for which you are responsible is controlled effectively
- You must take reasonable steps to ensure that the business of the firm for which you are responsible complies with the relevant requirements and standards of the regulatory system
- You must take reasonable steps to ensure that any delegation of your responsibilities is to an appropriate person and that you oversee the discharge of the delegated responsibility effectively
- You must disclose appropriately any information of which the FCA or PRA would reasonably expect notice
The conduct rules apply to all activities carried out by the firm, both regulated and unregulated and apply to:
- all Senior Managers (including the Board)
- all Certified Functions
- all Non-Executive Directors who are not Senior Managers
- all other employees, except ancillary staff (i.e. people who don’t perform a role specific
- to financial services)
Firms are required to train relevant staff on how our Conduct Rules apply to their role and a Senior Manager is required to be allocated the personal responsibility for this. Senior Managers and Certification Staff will need to have been trained and abide by the Conduct Rules from the start of the new regime. Firms will have 12 months to put in place processes to comply with the training and reporting requirements and train their other staff on the Conduct Rules.