PRIMER: the Senior Managers Certification Regime
Nearly two years on from its implementation, has the regime achieved its aim of curbing bad bank behaviour?
After the financial crisis, regulators looked to cut off the tentacles of bad actors and ensure the most egregious practices, said to be systemic in the sector, were stopped. The Senior Managers Certification Regime (referred to as SMR) aimed to raise standards of governance, increase individual accountability and help restore confidence in the banking sector. One of the UK Financial Conduct Authority’s (FCA) aims was to restore integrity and trust in the sector – something which had fallen to an all-time-low. The regime has placed a lot of responsibility on individuals themselves to ensure that they can demonstrate that they are taking reasonable steps to act responsibly. But has this led to improved conduct?
What changes did SMR make?
The new regime replaced the Approved Persons Regime, largely extending it but putting a far greater emphasis on individual accountability. Regulators were unable to get to people at the very top of financial institutions because they were delegating responsibilities elsewhere.
The new regime puts a clear onus on senior managers to account for their own personal responsibilities and requires them to get FCA approval before starting their roles. This aims to stop the so-called rolling bad apple - employees who agree a severance package and a reference before they are dismissed for bad conduct so they can move on to another firm in the industry. Senior managers have a statement of responsibilities that says what they are responsible and accountable for and are responsible for the firm’s business functions and activities, called overall responsibilities.
Regulators can take action if a senior manager breaches the conduct rules, contravenes a regulatory requirement knowingly, and/or breaches their duty of responsibility.
Financial institutions must provide documentation to show the FCA the responsibilities of senior managers and their arrangements. These are called responsibilities maps. Firms must get certification from the FCA that all senior managers are suitable to do their jobs.
Last year, the FCA bolstered the framework, adding a certification regime for those that are not senior managers but ‘whose role means it’s possible for them to cause significant harm to the firm or customers’. These employees do not need to be approved by the FCA but firms have the responsibility to check on an annual basis that they are fit and proper to perform their role. This captures a very large number of people.
The FCA also added a new prescribed responsibility for conduct rules, obliging banks to ensure staff are trained and make their employees aware that the conduct rules apply to them.
When considering whether to bring an enforcement action, the regulator will consider the statement of responsibilities and the firm’s management responsibilities map. The FCA and the Prudential Regulation Authority can take action against senior managers if they are responsible for the management of any activities that contravenes a regulatory requirement and they do not take steps a person in their position could reasonably be expected to take.
What impact has it had on behaviour?
The FCA has not taken any enforcement as of yet. Whether this shows firms are taking these issues more seriously or the enforcement is not strong enough is down to personal interpretation, but some enforcement action is expected by next year. Celyn Armstrong, Dentons financial disputes partner, said that if there was no enforcement action by next year people may begin to think the regime does not sufficiently hold senior managers to account.
But the previous rules allowed banks to have vague and unwritten governance arrangements and the new regime is said to have corrected this.
“Clients from banks have said the changes to governance under SMR have been positive,” Armstrong said.
Every single time a senior management responsibility changes it has to be documented and the regulator needs to be informed. Because the regulator considers the firm’s statement of responsibilities and its management’s responsibilities map before bringing an enforcement action, it is crucial that a financial institution’s documentation is up to date, precise and comprehensive.
But Armstrong said that this is the most challenging aspect of the SMR and banks need more help to know precisely what to document.
“Documentation as part of SMR is good practice but some people have felt they are at so much risk they have to document every decision they have to make,” he said. “More guidance for this is required.”
Yet the general belief is that conduct has improved since the financial crisis. Senior executives complicit in behaviour involving credit default swaps and asset-backed mortgage securities were not prosecuted or investigated, in contrast to Iceland, which investigated about 200 people and found a number guilty of criminal offences. The public’s perception was that bankers were responsible for profits but passed on their responsibility to taxpayers when banks suffered losses.
Changes are not expected to happen overnight so the main test for the regime itself is if it stands up in a recession.
Armstrong said it remains to be seen whether it has improved behaviour but there is a risk that complacency may set in overtime.
What impact has it had on senior managers?
Joanna Chatterton, partner at Fox Williams, said the quality of record keeping has risen and banks are making a conscious effort to record things carefully.
However, as the general view is that the General Data Protection Regulation (GDPR) is making data management more challenging, there will no doubt be concerns that an increase in record keeping could make it more likely that they will be held liable for a data breach.
“Under GDPR, it’s acceptable if someone is keeping records to meet a regulatory requirement but you need to consciously record why you are using that data,” Chatterton said. “This means that there is likely to be an even greater data burden on banks.”
The focus on individual accountability means that senior managers have more responsibility than ever before to self-regulate and ensure best practices are followed.
“The feedback from financial services firms are that they welcome the opportunity and see it as a good chance to troubleshoot, but they feel uncomfortable about stepping into the shoes of a regulator,” said Chatterton.
This has led to some senior managers deciding to do other things or even accelerate their retirement plans.
“They feel they cannot have oversight over everything on their patch and have decided it is not possible for them,” Chatterton explained.
This is something that the FCA would not have wanted to happen, and a balance between ensuring good practice and not deterring senior managers from working in financial services needs to be reached. This could be something that needs to be revisited by the regulators.
There are also concerns about clarity and a lack of direction from regulators resulting in employers becoming overly cautious about employing people. This could exacerbate the talent issue discussed above.
“HR must consider whether an employee has breached conduct rules but this does not necessarily mean they cannot work,” said Chatterton. “It may depend on their specific role, but banks have taken a zero-tolerance stance because they do not want to be in breach.”
Smaller banks suffer the most from tough documentation requirements which stretch their limited resources. “Smaller banks have done all of the training and implementation, but haven’t thought about it on a day-to-day basis,” Chatterton said.