Mon, Sep 10, 2018

We Know SM&CR Is Coming - but What Does It Really Mean?

Mark Turner, Managing Director in Duff & Phelps’ Compliance & Regulatory Consulting Practice, discusses the upcoming SM&CR requirements.

Since LIBOR-rigging was first uncovered in 2012, the UK’s Serious Fraud Office (SFO) has brought:

  • A total of 13 charges against people thought to be involved
  • Of those, 8 have been acquitted
  • Just 4 have been found guilty
  • Only 1 pleaded guilty

What’s perhaps even more revealing than those statistics is that, even 6 years on, not a single conviction has been leveled against a member of senior management – instead the swinging hammer of justice fell solely on the LIBOR traders themselves. In the words of one of the four convicted:

“Low-level traders have been served up as fall guys to protect the more powerful senior bankers”

There have been high-profile resignations, but genuine accountability at the top of banks and other financial firms has, as of yet, not really been tested. This reality is more pertinent in the context of arguably some of the biggest financial scandals of our lifetimes, where during and after the Financial Crisis of 2007/8, senior execs again went largely unscathed despite huge taxpayer-funded bailouts.

Based on these events, it‘s hardly surprising that those in senior positions might seek to distance themselves from day-to-day events, so as to avoid being held accountable should something go wrong. In my view, whilst this has worked in the past, this is beginning to look like a risky approach. From Hong Kong’s "Managers-in-Charge" regime to FINRA’s Rule 3110, genuine individual accountability is increasingly moving up the financial services’ global agenda.

In the UK, this shift is perhaps best marked by the arrival of the FCA’s flagship Senior Managers and Certification Regime (SM&CR) in 2016 – regulatory legislation that fundamentally has individual accountability at its very heart. It’s a simple proposition but sends a powerful message to the industry: that individuals, and particularly those in the most senior positions, are not only responsible for their own decisions but, more importantly, the actions of those who work for them.

What’s more, SM&CR is growing. Just last month, the FCA issued a statement in which it confirmed that:

  • The SM&CR regime will apply from December 9th, 2019 for all FCA regulated firms
  • The conduct rules will apply to all Senior Managers and Certified Staff from this date, meaning all Senior Managers and Certified Staff will need to have been identified by that same date
  • Firms will have just 12 months from commencement to complete fitness and propriety checks as well as certification processes – with all certification records handled by the firms themselves

What we are beginning to see is the spotlight shifting towards the actions of senior executives – assessing what they know, what reasonable steps they have taken to prevent misconduct, and how they have proven to have managed risk throughout their organizations.

"Not knowing" is becoming a risky defense. Why? Because tasks can be delegated, but responsibility can’t be - and if the regulator catches on, their route leads directly to the top, to the senior executive.

The risk is very real, and serious. To be on the wrong side of the regime risks:

  • Monetary penalties
  • Reputational damage
  • Career-wrecking fallout
  • A brand associated with toxic corporate culture

Taken at face value, that may sound threatening, yet there is positive empowerment here. Senior managers are empowered to demand the support they need to manage risk, precisely because it is a shared risk. This certainly hasn’t always been the case, especially where complex matrix reporting lines exist, as they often do in large multinational firms.
To be clear, the SM&CR is not without its own downsides. It will be a considerable administrative burden on financial firms, many of whom are already facing a full regulatory agenda. However, in the grand scheme of things, in my view, the extra workload is a small price to pay for the increase in transparency and fairness that the legislation strives for. Further, it a strong message that the UK is leading the agenda in good governance.

Ultimately, firms are quickly realizing that if the support framework is absent for their own people, then in the ultracompetitive world of finance, they will struggle to attract and retain the best employees, weakening governance and diluting their brand.

What actions can firms take:

  • Brief the Board and senior management, and set out a supportive tone from the top
  • Mobilize a working group for implementation, with representation from across the business
  • Identify and rectify ambiguities, gaps or duplication of roles and accountabilities
  • Review existing HR and Compliance processes, identifying those that can support SM&CR requirements

This article first appeared in Enforcd on August 21, 2018.

Enforcd, the global regulatory intelligence platform that helps firms horizon scan and keep up to date with regulatory thinking

Financial Services Compliance and Regulation

End-to-end governance, advisory and monitorship solutions to detect, mitigate, drive efficiencies and remediate operational, legal, compliance and regulatory risk.

Regulatory Advisory and Assurance Services

Within our Regulatory Advisory and Assurance Services, we assist financial services firms in a range of engagements across our suite of subject matter expertise.

Anti-Money Laundering

Kroll’s anti-money laundering (AML) solutions are designed to help minimize the risks associated with money laundering and other illicit activities and to ensure compliance through the development and management of ongoing compliance programs and processes.