New Accountability Standard for Leadership Roles in The Financial Industry
What is the Senior Managers and Certification Regime?
The Senior Managers and Certification Regime (SM&CR) is a set of rules that regulates the financial services industry in the United Kingdom and is issued and enforced by the Financial Conduct Authority (FCA). The SM&CR, which replaced the Approved Persons Regime, comprises several FCA documents and Policy Statements (PS), such as PS18/14, PS19/9, and PS19/20, and applies to FCA-regulated firms, such as banks, credit unions, and insurers. The FCA enacted the SM&CR to increase individual accountability. The FCA previously regulated individuals, but recently the SM&CR’s reach expanded to additional firms.
Most notable in the SM&CR are the requirements for senior managers, but the SM&CR also provides guidance for improving conduct, promoting personal responsibility, and monitoring throughout the firm. Several key aspects of how the SM&CR applies are as follows:
- Certification Function – Any employee-performed function that could create a risk of significant harm to the firm or customers.
- Certification Regime – Stakeholders who may not hold a senior manager role, but are in the position to influence or cause potential harm to customers, the firm, or market integrity must be internally evaluated on an annual cadence to certify that they meet the “Fit and Proper Requirements” to execute their roles.
- Individual Conduct Rules – Essential behavioral standards applicable to all people in a firm engaged in financial services that aim to hold people accountable and reduce overall harm. Firms must train individuals and promote awareness, as well as notify the FCA of any breaches of the Rules resulting in disciplinary action.
- Senior Managers – The most senior staff within firm who need FCA approval to perform Senior Management Functions and must have a Statement of Responsibilities. They also must comply with SM&Cr in addition to Individual Conduct Rules.
The SM&CR lays out three levels of mandates or obligations, and each level builds on the requirements of the previous level:(1) Limited Scope; (2) Core; and (3) Enhanced.
How is this different than other regulations?
The SM&CR is different from other regulations in that, rather than issuing fines or different business sanctions on operations of the organization, the new regime holds named individuals legally accountable for the actions of the business. By enforcing personal liabilities on senior managers and leadership, the SM&CR aims to resolve cultural practices that have manifested and led to a number of instances of misconduct.
What does this mean for my business?
If your organization operates within the financial sector under the FCA’s regulatory authority of the FCA, you must first identify what category of business you operate in with respect to this regulation (Limited Scope Firm, Core Firm, or Enhanced Firm). See visual classification, published in The Senior Managers and Certification Regime: Guide for FCA solo-regulated firms. Each level requires a different type of documentation. While there is most likely no need to re-organize your organization’s structure, you will want to make sure the varying levels of responsibilities are assigned to the proper individuals and that the conduct guidelines align with your corporate and internal compliance policy.
Download our Finance Solutions Datasheet to learn more about how OneTrust GRC supports financial institutions and services.