SMCR rollout: are you ready? 5 key points to check
On 9 December 2019, the senior managers and certification regime (SMCR) will be extended across the financial services sector. Deposit takers and certain PRA-regulated investment banks have already been subject to the regime since 2016 and insurers became subject to the full SMCR last year. This means that from 9 December 2019 the Approved Persons Regime will no longer apply to firms authorised under the Financial Services and Markets Act 2000, save for Appointed Representatives.
Firms will by now have established what category of SMCR firm they are (enhanced, core or limited scope) and which staff are likely to be senior managers or certification staff, to whom strict rules will apply.
The important thing for firms to remember is that rolling out SMCR is not a one-off, tick-box exercise. Obligations under the SMCR are ongoing and the FCA will expect compliance in spirit as well as in observance of the letter of the regulations.
We set out below five key points to remember once your firm comes under the SMCR umbrella.
How to approach fitness and propriety assessments
Given the increased requirement for robust procedures and due diligence, on-boarding of new staff is likely to take a lot longer, particularly for senior managers and this potential delay should be built into the recruitment programme.
Firms should bear in mind that the FCA expects rigorous application of the fitness and propriety criteria when assessing a person’s suitability for a senior manager or certified person role. To this end, the Banking Standards Board has produced helpful guidance on fitness and propriety assessments and on these criteria, which can be used by all firms subject to the SMCR. In particular, when assessing an individual’s suitability, you should be alert to all sources whereby relevant information can be gleaned.
You should also consider who is responsible for carrying out the assessment and ensure they understand the requirements of this role; you may need to train the individuals carrying out assessments. Ultimately, responsibility will lie with senior managers who will need to ensure the assessment process is robust and appropriately reviewed. Line managers should be trained to recognise certification risks and support and guidance should be provided to those people carrying out the assessments. Decision making rationale should be appropriately documented and supported by clear, objective evidence. This documenting of information and decision making should be maintained throughout the SMCR process, including the identification of senior manager functions and certification roles.
Underlying all fitness and propriety assessments is the question of conduct.
The FCA has emphasised how seriously they view non-financial misconduct. Megan Butler, executive director of the FCA, made clear to the Women and Equalities select committee that whilst the fitness and propriety assessment does not expressly address sexual harassment, aspects of an individual’s behaviour are relevant for this assessment.1 In December 2018, Christopher Woolard, executive director of strategy and competition at the FCA, took this a step further.
He said:‘We consider [diversity and inclusion] issues may have an impact on the fitness and propriety of senior managers. The senior managers and certification regime is key in this. It ensures that senior executives are directly accountable for functions which fall under their responsibility and are ‘fit and proper’.’
Further, ‘In our judgement, the way in which a senior manager approaches issues around diversity may be relevant to our assessment of their competence and character.’
How a firm handles non-financial misconduct is also potentially relevant to the FCA’s assessment of the firm itself. The FCA has confirmed that the following include examples of non-financial misconduct: bullying, sexual misconduct, discrimination, favouritism, intimidation and exclusion.
Carrying out a fitness and propriety assessment will therefore need to engage an inquiry into an individual’s behaviour both inside and outside of the workplace insofar as these may impact upon their ‘fitness’ to do their job.
Providing regulatory references
Obtaining and providing regulatory references is a cornerstone of the assessment process. Regulatory references have, however, thrown up a number of challenges. Many firms have found that re-visiting historic cases involving complex issues has been resource-intensive. The process becomes even more problematic when individuals central to the investigation have moved on. One way to deal with this is to draft a regulatory reference whenever an individual leaves or following any complex investigation and ‘mothballing’ the reference until later use.
Clearly, it is vital that clear, adequate and objective records are maintained to enable a regulatory reference to be provided. Firms should ensure that processes are in place to maintain up-to-date records and that information disclosed is frank and honest but also factually correct and based on documented fact.
In practice, we have found that section G of the mandatory template (‘any other questions’) has thrown up the most issues as it is a question of judgement as to what other information may be relevant to this assessment. Firms should remember that this section can be used to record mitigating circumstances as well as details of any breach.
Only enhanced firms are subject to the rules on handovers but smaller firms are advised to consider whether applying a similar regime would be useful to ensure a smooth handover between departing and joining senior managers and wherever possible an orderly transition. We have seen that the handover process has become a valuable tool in succession planning for senior managers. The concept could also be extended to certification roles.
The handover document should be practical and helpful and not just a record; it should include judgment and opinion, not just facts and figures.
A common problem is how to ensure that a departing senior manager will abide by their handover obligations. One way is to require senior managers to keep up-to-date a ‘living’ handover document which is regularly maintained and can be used to evidence ‘reasonable steps’. Many firms also include in service agreements a contractual obligation to provide a handover document.
There are many training requirements under the SMCR, not least in relation to the individual and senior manager conduct rules. Senior managers and certification staff must have been trained and must abide by the conduct rules by commencement of the extension of the SMCR. However, this is not a one-off process. Training should be regular and updated. Crucially, it should be targeted at the specific audience. In the FCA’s recent Banking Stocktake Report, the FCA notes that firms have not always sufficiently tailored their conduct rules training to staff’s job roles. There was also insufficient evidence to be confident that firms had clearly mapped the conduct rules to the firm’s own values. Many firms were unable to explain what a conduct breach looked like in the context of their business.
The important point to take away is that the SMCR process is fluid and ongoing; simply setting up procedures at the outset to roll out assessment processes will be insufficient. Firms will need to regularly review and refresh how their processes and training are working and ensure that these are always aligned to the firm’s own values. Simultaneously, record maintenance will become ever more critical and firms will need to be assiduous in this regard whilst ensuring they maintain security of personal data and observe data protection principles. Above all, senior managers themselves should remember that ultimate responsibility for governance and oversight of the functions within their remit lies at their door.
We are the authors of Eversheds Sutherland: The Employment Practitioners Guide to Financial Institutions, a practical guide to the senior managers and certification regime and other employment issues affecting financial institutions.
Firms have a further 12 months to put in place processes to comply with the training requirements for other staff on the conduct rules.
For more information contact:
MD of FS Regulatory Compliance
+44 20 7919 0725
+44 20 7919 4655
+44 20 7919 0717