The FCA has published its findings from a review of the Senior Managers and Certification Regime (SM&CR) in the banking sector. The SM&CR for dual regulated investment firms was introduced in March 2016 and the introduction of the regime to solo regulated firms will be implemented in December 2019.
The FCA conducted the review to understand how the regime has been embedded in the banking sector ever since its introduction and aims to understand any issues that warrant more focus from both themselves, as well as firms. The review was conducted based on interviews, which were not validated by the FCA through reviews of any documentation.
Some of the findings are listed below:
Senior Manager Accountability
The FCA has found that senior managers are concerned with understanding the meaning of ‘reasonable steps’ in the context of their business. The regulator comments that ‘reasonable steps’ is a concept that is part of the Duty of Responsibility and guidance can be found in the Decision Procedure and Penalties manual, which sets out some factors that senior managers would be expected to have in considering whether reasonable steps had been taken to avoid a contravention from occurring or continuing.
However, the FCA recognises that it is not possible to provide an exhaustive list to cover every situation and underlined their expectation of senior managers doing what they reasonably can to prevent misconduct. Appropriate controls and processes form an important part of this, but the regulator also looks to senior managers to think more broadly and to create an environment where the risk of misconduct is minimised.
The FCA found that firms have broadened their approach to staff assessment beyond looking at technical skills and that firms use managers to better assess the behaviours of their certified staff. However, findings also showed that most firms could not demonstrate the effectiveness of their approach, use of subjective judgement or how they ensure consistency.
The results indicated that firms believed that its staff generally understood the conduct rules, but evidence suggests that firms have not always sufficiently tailored their training to the particular roles of staff. Consequently, many firms were unable to explain what a conduct breach looked like in the context of their business. The FCA comments that the conduct rules are a critical foundation for a firm’s culture and the conduct of individuals and therefore it is essential for staff to understand the rules and how they apply to them.
The FCA will look to increase its supervisory focus on the conduct rules. It expects all SM&CR firms to ensure they are integrating the conduct rules in their businesses to meet regulatory obligations.
Dedicated SM&CR Website
CCL is one of the few firms with a full suite of support and experience in helping firms implement the SM&CR. Visit our dedicated SM&CR website for support and resources, including our one-minute explainer video and our SM&CR case study series. Click here to be taken to the website.
The FCA has agreed a plan that will allow the payments and e-commerce industry extra time to implement the Strong Customer Authentication (SCA).
On 14 September 2019 the new rule - SCA - will apply and affect the way in which payment service providers verify their customers’ identity and validate payment instructions. This is intended to enhance security of payments and limit fraud during the authentication process.
The plan that has been agreed by the FCA reflects the recent opinion of the European Banking Authority (EBA) which sets out that a time period of 18 months should be allowed for the industry to implement the SCA due to the complexity of the requirements and the potential impact on consumers.
The FCA has said it will not take enforcement action against firms who do not meet the relevant requirements under SCA in areas covered by the plan on the implementation date of 14 September 2019, as long as there is evidence that all necessary steps have been taken to comply with the plan. However, at the end of the 18-month period, the FCA expects all firms to have made the necessary changes.
The European Banking Authority (EBA) has published its input into the implementation of Basel III in the EU and includes a quantitative analysis of the estimated impact on data from banks, alongside a set of recommendations to follow.
The EBA supports the full implementation of the Basel III standards which looks to increase the credibility of the EU banking section.
The Investment Association (IA) has published a guide on product governance under the Markets in Financial Instruments Directive II (MiFID II) regarding qualitative information requirements for the regular product review.
The document sets out options to obtain the necessary and relevant information for firms to discharge the ongoing product review expectations in a proportionate manner. The guidance considers from first principles:
- What good product governance means
- How this relates to the regular product review
- A range of measures which may be deployed by product manufacturers to meet these expectations in a proportionate manner
If you would like to discuss your product governance framework, or would like advice and support in developing product governance in your firm, please contact us.
The Financial Action Task Force (FATF) through its regional bodies has conducted peer reviews to identify on an ongoing basis the effectiveness of its members’ anti-money laundering and countering finance of terrorism measures and how well it has been implemented to FATF’s recommendations.
The organisation has provided a table mapping out ratings for the assessed countries. The document should be read alongside its detailed mutual evaluation reports.