Statutory duty of responsibility
The Government proposes to introduce a statutory duty on senior managers to take reasonable steps to prevent regulatory breaches in their areas of responsibility. It will be applied consistently to all senior managers across the financial services industry.
This new statutory duty of responsibility now supersedes the controversial ‘reverse burden of proof’ concept (or ‘presumption of responsibility’) that was present in earlier iterations of the SM&CR.
Under the Approved Persons Regime (APR), enforcement action may be taken by the regulators:
- If an approved person contravened the statements of principle that apply directly to them, OR
- If the approved person is knowingly concerned in a breach of regulatory requirements by the firm.
The Financial Services (Banking Reform) Act 2013 (the 2013 Act) included a third ground for the regulators to take enforcement action against senior managers in banks/other banking sector firms under SM&CR. There were two limbs of this third ground:
- The firm has contravened regulatory requirements and the breach occurred in the part of the business for which the senior manager is responsible,
AND
- (Reverse burden of proof) the senior manager cannot show the regulator that he or she took steps that it was reasonable for a person in that position to take to prevent the breach occurring or continuing.
The Government has decided to amend the provisions and to abandon the controversial reverse burden of proof. The regulators will, however, be able to take action under this third ground if they can show a breach of the new statutory duty of responsibility i.e. they can show that the individual failed to take steps that it is reasonable for a person in that position to take to prevent a regulatory breach from occurring.
Extension of the SM&CR to all sectors of the financial services industry
Tracey McDermott, acting chief executive of the FCA, said:
‘Extending the Senior Managers’ and Certification Regime is an important step in embedding a culture of personal responsibility throughout the financial services industry’.
The SM&CR will replace the Approved Persons Regime (APR) for banking sector firms from March 2016. It has three components: Senior Managers’ Regime; Certification Regime; and Rules of Conduct.
Senior Managers’ Regime. This will replace APR in its application to persons performing the senior roles in a firm. Firms need to provide for individuals already approved to be grandfathered into relevant roles in the new regime. Firms planning a new senior manager appointment or a change in role for currentlyapproved individuals will need to prepare and submit an application to the regulators for approval.
The new regime was seen as substantially reducing the number of appointments subject to prior regulatory approval in the banking sector and thus focusing responsibility amongst a smaller number of senior managers. HMT provides estimates of the number of senior managers and certified persons for some of the different sectors to which the regime will apply -
- banks and PRA regulated investment firms (340 firms - 3,100 senior managers and 32,000 certified persons)
- building societies (45 firms - 500 senior managers and 290 certified persons)
- credit unions (550 firms - 6,450 senior managers and 12 certified persons)
- insurers (580 firms – 3,400 senior managers and 1,000 certified persons)
- consumer credit firms (42,000 firms - 45,000 senior managers and 3,000 certified persons)
- other firms (insurance/mortgage brokers and intermediaries; asset managers, financial advisers and investment firms) (17,200 firms – 43,900 senior managers and 62,000 certified persons – these figures may not include all firms).
Certification Regime. This applies to individuals who are not carrying out Senior Management Functions but whose roles have been deemed capable of causing significant harm to the firm/its customers. This will cover approved persons below senior management level. The fitness and propriety of these persons must be assessed at least annually by firms. These significant harm functions are not subject to prior regulatory approval.
Rules of Conduct. Regulators can make rules of conduct that will apply to senior managers and certified persons and also to other employees. For approved persons, these rules replace the statements of principle under the APR. For other employees the application of rules of conduct will be new.
For all firms (other than insurers) the SM&CR will replace the APR. The Senior Insurance Managers’ Regime (SIMR) introduced as part of the implementation of the Solvency II Directive already broadly encompasses the principles at the core of the SM&CR. The Government considers the introduction of the SIMR will pave the way for the application of the SM&CR to insurers.
The Government is mindful of the principle of proportionality as the SM&CR is extended to the wider range of firms operating in the financial services industry. There will be consultations on the proposals following the passage of legislation necessary to implement the regime.
Other reforms of note to the SM&CR
Application of Rules of Conduct to non-executive directors (NEDs)
The Regulators had decided that it would only be appropriate for certain NEDs with specific responsibilities to be senior managers, but the government is concerned about the ability to take enforcement action against all NEDs. This may be appropriate in various circumstances and there are provisions in certain EU directives that require Member States to be able to take action against members of an institution’s managing body (including NEDs). Introducing the ability to make Rules of Conduct will give the regulators a greater range of options.
Various other changes -
The Bill removes an inflexible provision to be introduced into FSMA by the 2013 Act that would require banking sector firms to report all known or suspected breaches of rules of conduct by any employees subject to those rules to the regulator. As the regulators can ensure that they are notified of any information about employee misconduct in a more proportionate way in their rules, this obligation will not now come into force when the SM&CR comes into operation for banking sector firms on 7 March 2016.
There will also be greater powers to make transitional arrangements, vary time limits on senior manager approvals and allow separate statements of responsibility to be sent to the PRA and FCA.
Timing and Implementation
The SM&CR will come into operation for banks, building societies, credit unions and PRA-regulated investments firms on 7 March 2016. (As noted above this will not include the presumption of responsibility and the above requirement relating to the notification of breaches of conduct rules).
Banking sector firms have been given until 7 March 2017 to complete the certification of existing staff.
The extension of the regime to all authorised financial services firms is to happen as soon as practicable. The Government intends that the newly extended regime should come into operation during 2018.
Comment
Commenting to the press earlier today, Simon Morris said - “The Treasury’s decision to abandon the reversed burden of proof for bank senior managers is the most astonishing regulatory U-turn in decades. It’s not just a change of mind, but represents the formal abandonment of flagship statutory provisions only months before they were due to come into force. In real terms, the reversal of proof was never likely to make a large difference, but the message it gave off was that the UK was a hostile environment for finance.
Bankers will of course be relieved, but the key point is that the Government is reassuring the market that UK Plc is open for business and that banker-bashing has now entered the close season.”
Social Media cookies collect information about you sharing information from our website via social media tools, or analytics to understand your browsing between social media tools or our Social Media campaigns and our own websites. We do this to optimise the mix of channels to provide you with our content. Details concerning the tools in use are in our privacy policy.