Senior Managers Regime extended to entire regulated financial services industry; reversal of burden of proof abandoned
The Treasury has announced that it will be extending the Senior Managers and Certification Regime (SMCR) beyond banks and insurers to the entire regulated financial services industry, as a replacement for what it terms the “discredited” Approved Persons Regime (APR). The change will mean that 60,000 businesses will come into the scope of SMCR by 2018 and that senior managers will face the same “duty of responsibility”, whatever type of firm they work for.
In addition, following reported active lobbying from the banking industry, the Presumption of Responsibility is to be replaced with a Duty of Responsibility when the new regime comes into effect for banks and insurers in March 2016.
What impact will the extension of the regime have?
The extension will mean that:
- All financial services firms; from banks and insurers to asset managers, investment companies, financial advisers, consumer-credit businesses and mortgage brokers will be covered;
- All affected firms will be required to submit robust documentation on the scope of senior managers’ responsibilities;
- There will be a statutory requirement for senior managers to take reasonable steps to prevent regulatory breaches in their areas of responsibility;
- All firms must certify as fit and proper any individual who performs a function that could cause significant harm to the firm or its customers, both on recruitment and annually thereafter;
- The regulators will have the power to apply enforceable Rules of Conduct to senior managers and certified persons and other employees (essentially any member of staff excluding support staff such as cleaners or receptionists). It is worth noting that there will also be the power to extend the Rules of Conduct to Non-Executive Directors (NEDs).
In essence, this extension to all financial services firms will ensure common standards are applied throughout the regulated sector, greatly increasing the personal responsibility of senior managers in these businesses as well as giving more robust enforcement powers to the regulators.
What does this mean in practice?
- Senior Managers who are already approved under the APR will need to be "grandfathered" into relevant roles under the new SMCR;
- Where new senior managers are appointed or there is any material change in role for currently approved persons, firms will need to prepare and apply to the Financial Conduct Authority (FCA) for approval;
- Firms will need to prepare individual responsibility statements and responsibility maps detailing who carries responsibility for which functions, which again will need to be approved by the FCA;
- There will be an Individual Certification regime for those who are not senior managers but do perform functions which could cause significant harm to the firm or its customers. The FCA will specify what these functions are but will not require that any appointments are subject to prior approval;
- Firms will have to review and revise their compliance and monitoring policies and ensure that all employees and NEDs (excluding support staff) receive training on the new rules.
What about the change to burden of proof?
The original intention was that there would be a Presumption of Responsibility in relation to the senior manager so that, where a breach of a regulatory requirement for which the senior manager was responsible occurred, that senior manager would eb presumed to have been responsible for that breach, unless the regulator was satisfied that the senior manager had taken reasonable steps to avoid the breach.
The announced change to the Duty of Responsibility means that, in the event of a regulatory breach, the burden of proof would be on the regulator to prove that the senior manager had failed to take such reasonable steps (as is normally the case in UK law).
What does this mean in practice?
Senior managers will still have the same duties in relation to carrying out their documented responsibilities and, if a breach occurs, will still need to record the reasons why and be able to show that reasonable steps to avoid the breach occurring had been taken.
As the Bank’s Governor, Mark Carney put it: “The responsibility lies with the senior managers and those responsibilities are going to be clearly articulated – and we will hold them to this. That brings the individuals accountability not only for their own actions but for the institution.”
What are the next steps?
The Treasury and the FCA will now consult on the extension of the regime with a view to its implementation in 2018. Financial Services firms should begin planning and factoring in the implementation and required changes into their corporate governance programme.
How can we help?
For help or guidance on how to implement the new regime, contact David Widdowson or Sophie White on +44(0)203 051 5711. Our blend of legal, HR and communication skills means we can help on each aspect of the implementation of this significant change.
Content is for general information purposes only. The information provided is not intended to be comprehensive and it does not constitute or contain legal or other advice. If you require assistance in relation to any issue please seek specific advice relevant to your particular circumstances. In particular, no responsibility shall be accepted by the authors or by Abbiss Cadres LLP for any losses occasioned by reliance on any content appearing on or accessible from this article. For further legal information click here.
Circular 230 disclosure
To ensure compliance with requirements imposed by the IRS and other taxing authorities, we inform you that any tax advice contained in this article (including any attachments) is not intended or written to be used, and cannot be used, for the purpose of (i) avoiding penalties that may be imposed on any taxpayer or (ii) promoting, marketing or recommending to another party any transaction or matter addressed herein.