Senior Managers Certification Regime

Are you ready to be held personally accountable?

Interview with Priya Mehta and Kimberly Bradshaw, Buzzacott
Originally published in the July | August 2018 issue

Public confidence in the financial services sector fell dramatically following the financial crisis and several highly public failings in behaviour and decision-making.

With a lack of accountability potentially the cause, in March 2016 the Financial Conduct Authority (FCA) introduced the Senior Managers Certification Regime (SMCR) to replace the Approved Persons Regime (APR) for the banking sector. SMCR involves assigning a named senior manager personally responsible for each of a firm’s business functions and activities. The FCA has extended the regime to all firms authorised under the Financial Services and Markets Act. This includes asset managers, investment firms, insurers and consumer credit firms.

We talked about the issues and the priorities facing these firms with Priya Mehta of Buzzacott’s Financial Services team and Kimberly Bradshaw of its Human Resources Consultancy.

Why wasn’t the APR working and how will SMCR address these issues?

Priya Mehta: APR wasn’t adequately holding people accountable if anything went wrong – responsibilities fell to the board and collective management. But SMCR requires you to allocate a named individual to each role and responsibility, so if something goes wrong, that person is held liable and accountable.

Kimberly Bradshaw: In effect, it means the FCA is now tackling company culture to build public trust in the UK’s financial services. It’s all about people’s behaviour, individually and collectively, to adhere to a common set of beliefs and values, so each firm is well-controlled and knows what everybody is doing.

How do you see Buzzacott helping firms that need to comply?

PM: While all the information to do with SMCR is quite easily available, there is a lot of it. We are offering our clients help on the practical points of what they need to do. It’s about overseeing, ensuring and certifying people’s awareness of their roles and responsibilities.

KB: There are several human resources aspects that fall out of that, because these businesses are very people-orientated, and the people present the biggest risk to their business. Our Human Resources Consultancy team are working closely with our Financial Services team to make sure people have the right skills, knowledge and behaviour to fulfil their roles. Not just technical skills, but personal skills, such as leadership.

There’s a long list of roles and functions exempted – cleaners, drivers and such like. But anyone outside of this could be covered by the certification regime. We’ll be helping clients understand exactly who is covered.

How are all those people going to be certified?

PM: All the roles covered need an annual assessment to ensure they comply. Then, within the normal reporting hierarchy of a firm, the most senior manager is the one accountable to SMCR and would be responsible for any error a junior made. The senior management must have the need and desire to ensure everyone is doing the right thing.

KB: Because of that, our clients need to ensure they have appropriate performance management and appraisal processes, including job descriptions and a clearly defined organisational structure, which is where the human resources element comes in. The goal of the FCA is “performance management with no surprises”.

Penalties are issued quite regularly. One bank was fined more than £3m for a breach and could take no deposits from new customers for 168 days.

How has the banking sector taken to SMCR?

PM: Quite well. Bankers have acknowledged it was necessary and it’s become a standard part of risk management. We’ve seen many examples of them having drawn “responsibility maps”, so every cost or revenue centre has an appropriate individual as a head and a clearly defined team. There have been changes in people’s contracts.

KB: It can be complicated, though. FCA regulated firms often struggle to transform culture. It’s something that evolves over time and it’s different for every firm. It’s not a box-ticking exercise.

PM: It can be a more difficult process wherever internal structures are complex. If decision makers are in overseas offices, firms will have to bring those people within the scope of the regime. It requires everyone working together.

What happens if people don’t get things right?

PM: Penalties are issued quite regularly. One bank was fined more than £3m for a breach and could take no deposits from new customers for 168 days. Penalties can include fines for individuals, who may also be banned from taking certain compliance roles, as happened in this case.

KB: Some firms don’t like it. They see it as something they don’t need, but people could go to jail or be banned from their careers or fined, quite aside from the reputational and financial damage to their firm. So, it’s in our clients’ interests to get it sorted out as it’s not going away. Those that do sort it out are going to be the ones that win new business.

So how is planning going for the new firms that will now be covered?

KB: Although no firm wants to deal with regulations retrospectively, it isn’t always top of their priority list to get ahead of it and some firms may bury their heads in the sand.

PM: From conversations I’ve had with clients, it’s on most of their radars, but I sometimes have to encourage them to prioritise it. Firms really need to act in the next six months or so. The FCA has set 9 December 2019 as the date by which firms need to be compliant.

KB: We’re trying to give our existing and prospective clients as much warning as we can, because a lot of the work, especially on the human resources side, isn’t quick-fix implementation. It involves people, so it can be emotional. But because of the close relationships we maintain with our clients, we can offer tailored guidance and work together to meet the deadline.

In short, we’re prepared, so our clients can be.

Priya Mehta 

Kimberly Bradshaw