The Core Elements of the New Regime

The Core Elements of the New Regime

 

 You can download a full copy of the slides from this webinar. 

 

 Download

 

Full transcript available below:

Welcome and thank you for joining today's webinar hosted by me, Bethany Sirven of MyComplianceOffice, and Gregory Brandman and Simon Collins of Eversheds Sutherland.

Thank you, Simon. I'm going to give you an overview across the landscape before Simon will take you into the way this regime is going to be rolled out across the rest of the UK industry in what the FCA has described as a proportionate and flexible way. He's going to give you a bit more granularity on that shortly. Let's go through the core constituent elements of the new regime [inaudible 00:09:32] apply going forward, if the consultation paper is indeed turned into a policy statement. What's going to change? Currently you have a regime for holders of controlled functions, which comprises statements of principle and a code of practice under the APER section of the FCA handbook.

What will happen going forward when this new regime is extended is that you will have a new regime for senior managers, that's the most senior members of the firm, typically those who report directly into the board of directors in respect of the areas for which they are responsible. Sitting under that senior managers' regime will be a certification regime, which will incorporate the next tiers down of the corporate management structure, and we'll go on to explain in a little while what types of role will fall within that regime, but essentially it is intended to comprise those individuals who by virtue of their roles and responsibilities are in a position to cause significant harm either to the firm or to its customers or to market integrity, and we'll have a look at what types of role will fall within that regime.

In addition to those two regimes, there will be a suite of conduct rules, five baseline conduct rules that will apply to all non-ancillary staff in financial services firms going forward. By non-ancillary I mean people who are involved in a financial services activity, whether regulated or unregulated, and who typically interact with customers or carry out the financial services business of the firm. It won't apply to people whose roles would be the same whether they worked for a financial services company or a pharmaceutical company or some other industrial. It won't apply to people like caterers, cleaners, security guards, receptionists, that sort of thing, but anyone who carries out regulated or unregulated financial services activity or activity ancillary to that will be subject to the conduct rules, which means a vast extension to the FCA's disciplinary jurisdiction.

Historically as you'll be aware the only people within the FCA's disciplinary jurisdiction for conduct purposes are those who've accepted approval, holders of approved ponies, functions, controlled functions under the FCA handbook. Now, whether or not you have been approved to hold such a function going forward, and it will only be senior managers who are approved by the regulators to hold certain functions going forward, whether or not you've been approved and unless you're in a non-ancillary role you will be subject to the conduct rules, and technically at least within the disciplinary jurisdiction of the FCA, which means if you breach a conduct rule they can take enforcement action against you personally and including imposing disciplinary sanctions on you, unlimited fines, et cetera, et cetera.

There's a vast extension to the FCA's disciplinary jurisdiction, and of course enormously increased training, compliance, monitoring and reporting burdens on firms that go alongside that, because as we'll see firms will be responsible for training all staff as to what the conduct rules are and what they mean in practice for their day-to-day activities and there will be reporting and notification obligations imposed on firms as well, because they will be required to bring to the attention of the regulators situations where they've taken disciplinary action for breaches of conduct rules as we'll see.

As you know the SMCR has applied to banks and PRA-regulated investment firms for some time now. About 18 months ago that was brought into effect. The FCA is conscious that the community of firms to which it now intends to extend this regime are of a much more diverse nature in terms of business models, customers bases, and their size and resources. It's one thing to apply this regime to a major global banking organization. It's another thing to apply it to a very small firm with limited resources.

They have said they will take a proportionate and flexible approach to implementation. Essentially what that means is that different aspects of the regime will apply depending on the size of the organization. Simon will walk you through with a bit more granularity how that works, but essentially the different types of firms to which this regime were extended have been broken down into limited-scope firms, which are typically quite small institutions representing a very limited risk to customers and financial services, a core regime of firms, which would be the vast majority of the 47 odd thousand firms to which this regime is being extended, and then enhanced firms, which is, relatively speaking, a handful of about 300 to 350 large institutions, which will have this regime rolled out to them in broadly similar terms to which it currently applies to the largest banking institutions, and we'll break that down a little bit for you as we go on.

Could I have the next slide please. Just a little bit more high-level detail about what the senior managers regime is going to comprise. You currently have significant influence, function, holders. That's essentially all approved persons who don't hold the CF30, the customer function, are rated as holders of significant influence functions. Those roles will fall away and they will be replaced by a number of senior management functions. How many functions will apply will depend on whether you are a core firm or an enhanced firm for this regime. We'll break that down a little bit for you shortly. Essentially SMFs will replace SIFs, and as I've said the regime will apply to individuals with responsible for significant business units and other individuals who hold key roles, typically the top level of management that reports directly into the board.

I've mentioned the five baseline conduct rules that will apply to everybody. There will be an additional four conduct rules that will apply exclusively to senior managers and we'll come on to explain shortly what those rules are. In addition to those additional four conduct rules that will apply only to senior managers, there will be a statutory duty of responsibility. Essentially will provide a further ground of action by the FCA against senior managers where the FCA can demonstrated that they failed to take reasonable steps to prevent a breach or a breach of a regulatory requirement occurring or continuing in an area of the business for which they are responsible as a senior manager. Again, we'll look at that in a little bit more detail shortly.

Senior managers will be allocated by their firms specific prescribed responsibilities. There is a limited number of these for core firms, and a larger quantity for firms subject to the enhanced regime. These are essentially core responsibilities which senior managers are required to be allocated, and which will need to be detailed in the statement of responsibility which will need to be filed in respect of each senior manager when they seek approval by the regulators, detailing the scope of their responsibility of senior manager, which, if you like, will be the point of departure for regulators in terms of determining whether senior managers are complying effectively with their responsibilities. That statement of responsibility, that 300 word document detailing each senior manager's sphere of responsibility is a very, very important document indeed, because it's the roadmap not just for the firm but for the regulator to determine what that senior manager is responsible for and what he or she will be held accountable for in due course.

All senior managers require to be pre-approved by the regulators for their roles, so there will be some grandfathering arrangements for those already holding similar relevant roles under the APER regime, but the only individuals that will need to apply for approval going forward by the regulators will be senior managers. Certification staff falling within the certification regime will also need to be assessed as fit and proper to carry out those functions, but it will be their employer, the firm that is responsible for assessing fitness and propriety of those individuals going forward and we'll come on to explain how that will work in due course.

An important point to note is that there is no territorial limitation to the senior managers regime, so just because you're based abroad, if you are effectively carrying out a senior management function in respect of a UK firm, albeit based from a site overseas, you will be required to hold a senior management function, you will have to be pre-approved by the regulators to perform that function, and you will be within the disciplinary jurisdiction of the FCA even though you are situated abroad, so that's an important point to bear in mind. Can we have the next slide please?

I mentioned prescribed responsibilities earlier. There are seven on this slide, but essentially there are a core six of these that must be allocated by firms within the core element of the new regime to their senior managers. I've set them out there. They relate to things like responsibility for compliance with the SMR and the certification regime, responsibility for CASS compliance and financial crime compliance. All of these will need to be allocated to individual senior managers within core regimes, or within core firms. There are a number of additional prescribed responsibilities that will apply to the 350-odd firms within the enhanced regime, and Simon will tell you a little bit more about those in due course. There will be no prescribed responsibilities applying to limited-scope firms within the limited scope of the regime, you'll be pleased to hear.

Next slide please. I talked to you a little bit about the senior managers regime. The regime that sits under it is this certification regime. This will apply to staff who aren't senior managers but whose functions are capable of causing significant harm to either the firm or its customers or to market integrity. We'll look at what roles will fall within this regime, but the key point to bear in mind here is that it is the firm not the regulator that will be responsible in future for assessing and certifying the fitness and the propriety of its employees that fall within this section of the regime. That obligation applies on an ongoing basis and must be carried out at least annually. A certificate will need to be issued by the firm on an annual basis certifying that these individuals are fit and proper to perform those functions.

Like the senior manager regime, individuals within the certification regime will be required to be provided with a regulatory reference when they move employers, and we'll come on to look at what the scope of those regulatory reference obligations are going forward, but suffice to say for the time being that firms have a much greater obligation now to provide reference information in respect of senior managers and certification staff that gives rise to all sorts of regulatory and legal risk, as we'll come on to see. While regulators won't intervene in individual certification decisions, they will wish to be satisfied that there is a robust process in place at all relevant firms for assessing fitness and propriety of the certification staff and may challenge the overall effectiveness of a firm's process and a senior manager will be required to take responsibility for overseeing the effectiveness of the certification regime going forward.

Next slide please. This details the certification functions, those roles for which individuals will need to be certified as fit and proper at least annually by their employers. I'm not going to, mindful of time, spend a great deal of time dealing with these, but they're down there for you and it gives you a flavor of the types of role for which the firm will need to assess the fitness and propriety of their staff going forward. They will include typically people who have held the CF30 function, but also a broader community of individuals as well, algorithmic traders, material risk takers, functions subject to qualification [inaudible 00:22:37] such as mortgage advisors, investment advisors, et cetera. All people carrying out such roles will need to be certified as fit and proper going forward by their employers and they will fall within the scope of the regulatory reference regime.

Next slide please. I've alluded to regulatory references and fit and proper assessments. I've broken down a little bit here for you what this entails. The FIT section of the FCA handbook absolutely key of course to making these fit and proper assessments for senior managers and certification staff. As I've said, there's an obligation to ensure they're fit and proper on a continuing basis and to carry out these assessments on at least an annual basis, but of course you shouldn't wait for the annual performance appraisal process. You need to certify. You need to assess and certify on an ongoing basis and don't just wait to get round to it once a year. If concerns about fitness and propriety arise, they need to be dealt with at the time and not just on a random PDR date on an annual basis.

Evidence of FIT needs to be collected under the new regime. There will be a requirement to carry out criminal records checks for senior managers and non-executive directors, and regulatory references now need to be requested by past employers that are regulated firms, and there is a mandatory template which now needs to be completed. You can find that under the SYSC section of the FCA handbook and that sets out prescribed information that must be provided by a firm that is requested to provide a reference. Information needs to be collected going back potentially six years in time around disciplinary action that's taken for breach of conduct rules or other information which is reasonably material to an assessment of fitness and propriety.

Records will have [inaudible 00:24:30] certainly for at least six years going back, and there's no backstop time limit for serious misconduct. Any serious misconduct that's determined by reference to a disciplinary process you will need to keep on file and you will need to bring to the attention of the new prospective employer if you're going to be complying with your obligations under the regulatory references regime going forward. There's additionally an obligation to update a reference even after your employee has left when you discover new information subsequently, and new information comes to light which indicate that had you known about that information at the date that you wrote the reference it would have caused you to write that reference differently.

If you discover such new information, you will be obliged to update the reference and provide it to that individual, that former employee's current employer providing that further information. Quite burdensome requirements there in terms of compliance with that regulatory reference regime

 

Download our whitepaper "Senior Managers and Certification Regime. How to Prepare Your Organisation"

 

This webinar was co-hosted with Eversheds-Sutherland www.eversheds-sutherland.com

Find out how MCO can help

Request a demo today to learn how MyComplianceOffice puts you in command of your compliance program, synchronizing your business needs with regulation. 

Request a Demo

 

MCO_brochure-image.png

Download our four page Portfolio of Solutions to learn about;

  • Personal Trade Monitoring
  • Gifts & Entertainment
  • Political Contributions
  • Third Party vendor risk management
  • Trade surveillance
  • And more

Brochure Download