by Karolos Seeger, Andrew Lee, and Simon Witney
On 26 July 2017, the UK Financial Conduct Authority (“FCA”) issued its first consultation paper on extending the Senior Managers and Certification Regime (“SMCR”) to almost all of the approximately 50,000 firms regulated by the FCA.[1] The SMCR represents an important pillar of the FCA’s continuing efforts to promote individual responsibility and improve senior management accountability across the entire UK financial services industry. It will replace the current Approved Persons Regime.
The FCA has requested responses to the consultation paper by 3 November 2017, and there will be further consultation papers on particular aspects of the SMCR. It is anticipated that final rules will be published in the summer of 2018, and firms should expect to have to implement these by the end of next year. The SMCR has three main components: the Senior Managers Regime, the Certification Regime and the Conduct Rules. The key features of each are summarized below.
Who is affected?
Banks, building societies and credit unions have been subject to the SMCR since March 2016. The FCA will now extend the SMCR to almost all FCA-regulated entities and most of their employees. These include asset managers, private equity firms, hedge funds, mortgage brokers and consumer credit firms. The new regime will apply to both UK-based firms and UK branches of US and other overseas firms.
Given the wide range of firms covered by the SMCR, the features relevant to each firm will depend on its size, the nature of its business and how it is organized. ‘Limited scope firms’, such as those which only conduct non-mainstream regulated activities and internally-managed Alternative Investment Funds, will be subject to a relatively small part of the regime. Most firms, including most private fund managers, will be part of the ‘core regime.’ About 350 of the largest and most complex UK-based firms will have to implement the ‘enhanced regime’.
Senior Managers Regime
Under the core Senior Managers Regime for UK-based firms:
- The FCA has designated six ‘Senior Management Functions’ (“SMFs”): Chair, Chief Executive, Executive Director, Partner, Compliance Oversight, and Money Laundering Reporting Officer (“MLRO”). Firms do not necessarily need to have individuals to fulfil all of these roles (except the last two), and an individual can hold more than one SMF.
- Senior Managers must be pre-approved by the FCA, and firms must assess whether they are fit and proper for their roles before applying to the FCA for approval and annually thereafter.
- Seven ‘Prescribed Responsibilities’ must be allocated between the Senior Managers (including responsibility for implementing the SMCR, financial crime policies and procedures, and overall compliance with client assets rules).
- Firms must submit to the FCA a ‘Statement of Responsibilities’ for each Senior Manager which sets out their role and responsibilities. This must be kept up to date and resubmitted whenever there is a significant change.
- Senior Managers are subject to a ‘Duty of Responsibility’ – if the firm breaches an FCA requirement in an area for which they are responsible, they may be held personally accountable by the FCA where they failed to take reasonable steps to prevent that breach.
In addition, for firms that fall under the enhanced Senior Managers Regime:
- There are 11 further SMFs (including Chief Finance, Chief Risk, Chief Operations, Head of Internal Audit and Senior Independent Director).
- There are seven additional Prescribed Responsibilities (including oversight of the internal audit, compliance and risk functions).
- Firms will have to prepare a ‘Responsibilities Map’ that sets out their management and governance arrangements in a single document.
- Firms will have to comply with a requirement of ‘Overall Responsibility’, ensuring that a Senior Manager is responsible for every activity, business area and management function at the firm.
There is no territorial limitation to the Senior Managers Regime; it will apply to anyone who performs a SMF, whether they are based in the UK or elsewhere. However, UK branches of foreign firms will have a smaller number of SMFs. Branches of firms based in the European Economic Area (“EEA”) will have two SMFs (EEA Branch Senior Manager and MLRO). Branches of firms based outside the EEA will have five SMFs (Head of Third Country Branch, Executive Director, Partner, Compliance Oversight and MLRO).
Certification Regime
Employees who are not senior managers but whose role means that they may cause ‘significant harm’ to the firm or its customers will be subject to the Certification Regime:
- The FCA has designated eight ‘Certification Functions’ that will encompass anyone currently holding the CF 30 customer dealing function, as well as a broader range of roles: significant management (responsible for a significant business unit of the firm), those dealing with clients or their assets (including fund investors and their investments), material risk takers (as defined in the FCA’s remuneration rules), proprietary traders, algorithmic traders, operational compliance with client assets rules, roles subject to qualification requirements, and any supervisors of the above staff who will not be Senior Managers.
- Certified Persons will not be approved by the FCA. Instead, firms will need to assess whether they are fit and proper to perform their role at the point of recruitment and certify this annually thereafter.
In relation to UK-based firms, the Certification Regime is limited to those performing Certification Functions who are based in the UK or who are based overseas but have contact with UK clients (although there is no such territorial restriction for material risk takers). The Certification Regime only applies to employees of UK branches of overseas firms if those employees are based in the UK.
Conduct Rules
Senior Managers are obliged to comply with four Senior Manager Conduct Rules which are based on the existing rules in the Approved Persons Regime. All other employees of FCA-regulated firms must comply with five Individual Conduct Rules that require them to act: with integrity; with due skill, care and diligence; in an open and cooperative way with regulators; paying due regard to the interests of customers and treating them fairly; and observing proper standards of market conduct. Only ancillary personnel who do not perform a role specific to financial services are excluded (such as secretarial, catering and cleaning staff).
The SMCR requires firms to:
- Train all staff regarding how the Conduct Rules apply to their roles; and
- Notify the FCA when firms take formal disciplinary action for a breach of the Conduct Rules (within seven business days for Senior Managers and annually for all other individuals).
Analysis
The FCA’s ambitious proposal to impose a unified SMCR on the enormous variety of firms which comprise the UK’s financial services industry is likely to create some difficulties for firms in applying the rules to their businesses and place a significant burden on firms in implementing them. Firms must first determine whether the core regime, the enhanced regime or the limited scope regime applies to them, before evaluating how their existing management structure aligns with the SMCR’s provisions.
Implementing the SMCR will involve close coordination between a firm’s management, front office and Legal, Human Resources and Compliance departments. The challenges experienced by banks in implementing the SMCR over the past few years make it vital that firms start planning as soon as possible. Firms will need to invest considerable time and resources to comply with the SMCR. In particular, identifying all Senior Managers and Certified Persons, preparing the extensive documentation required by the FCA, and putting relevant procedures in place (for example, annual certification and Conduct Rules training) will involve substantial work.
Senior Managers and employees who were not previously subject to the FCA’s jurisdiction (such as those in control and support functions) will be most affected by the changes, while Certified Persons will probably be least impacted. Nevertheless, firms may welcome the SMCR as an opportunity to review how their businesses are managed and promote good conduct at all levels. If a regulatory breach occurs, it should be more straightforward for the FCA to identify the individual ultimately responsible and hold them accountable, so senior managers now have an even stronger incentive to ensure that their business areas are organized and controlled effectively. Investors might also take comfort from the additional protection this may give them, especially considering the FCA’s determination to ensure an appropriate culture in regulated firms.
The full paper is available for download (PDF: 225).
Footnote
[1] ‘Individual Accountability: Extending the Senior Managers & Certification Regime to all FCA firms’, Consultation Paper CP 17/25 (July 2017). The FCA has also issued a separate SMCR consultation paper applying to insurance firms, which contains similar principles and complements the Prudential Regulation Authority’s existing Senior Insurance Managers Regime (‘Individual Accountability: Extending the Senior Managers & Certification Regime to insurers’, Consultation Paper CP 17/26 (July 2017)).
The above post is adapted from a client memo issued by Debevoise & Plimpton LLP, authored by Karolos Seeger, Andrew Lee and Simon Witney.
Karolos Seeger is a partner at Debevoise & Plimpton LLP. Andrew Lee is a litigation associate at Debevoise & Plimpton LLP, and Simon Witney is a Special Counsel at Debevoise & Plimpton LLP.
Disclaimer
The views, opinions and positions expressed within all posts are those of the author alone and do not represent those of the Program on Corporate Compliance and Enforcement or of New York University School of Law. The accuracy, completeness and validity of any statements made within this article are not guaranteed. We accept no liability for any errors, omissions or representations. The copyright of this content belongs to the author and any liability with regards to infringement of intellectual property rights remains with them.