UK regulators have upped the ante on misconduct by senior managers in the wake of a number of scandals that have left those at the top of affected financial institutions unscathed. Despite the first guilty conviction in August of an individual in connection with the Libor scandal, many senior managers will avoid criminal charges for failing to have proper controls in place to prevent misconduct. In an attempt to hold senior managers personally accountable for wrongdoing in their organisations, the new accountability regimes will introduce criminal liability for those at the top of financial services institutions.
The Prudential Regulation Authority (PRA) and Financial Conduct Authority’s (FCA) new Senior Managers Regime comes into effect on 7 March 2016. Together, the Senior Managers Regime, Certification Regime and Conduct Rules will impact the majority of staff in UK banks in an attempt to improve individual accountability for management and conduct in financial services. According to the PRA’s Deputy Governor, Andrew Bailey, the “new accountability regime will hold all senior managers, including non-executive directors, to a clear standard of behaviour and we will take action where they fail to meet this.”
The regimes will require changes across wider areas of banks than just the senior managers. Alongside specified responsibilities prescribed to senior managers, new fit and proper requirements apply to both senior managers and those in-scope for the Certification Regime, and changes will need to be made to processes and controls across HR and compliance to ensure firms continue to meet the regulatory requirements. The Conduct Rules will also apply to most individuals in financial services organisations.
For senior managers, the requirement to accept personal accountability raises the stakes for those in the upper levels of management. The Treasury’s recent move to replace the ‘presumption of responsibility’ with a statutory ‘duty of responsibility’ has removed the controversial reverse burden of proof, but still allows the regulator to take enforcement action if they can prove that a senior manager did not take reasonable steps to prevent a breach from occurring.
By ensuring the following three elements are in place, senior managers have a basis for showing they have the reasonable steps they need in place to ensure they are meeting their responsibilities in holding a senior management function:
All senior managers will need to delegate aspects of their responsibilities. In the first instance, managers should ensure that any delegation of responsibilities is clearly documented to named individuals in job descriptions, objectives or mandates.
Acknowledgement should also be evidenced – whether it is confirmation of a job mandate or objectives, or less formal, such as acknowledgement by email.
When delegating tasks, the conduct rules for senior managers specifically set out that the senior manager should ensure that any delegation is to an appropriate person – this means ensuring that the person is capable and qualified to take responsibility for that delegated task.
The senior manager can not absolve themselves of their prescribed responsibility through the documentation of delegation alone. The senior manager also needs to oversee the discharge of their responsibilities, including governance and controls over the day-to-day management of the obligation.
Once delegated, the senior manager should ensure they have processes and a control in place to ensure the employee continues to undertake the delegated responsibility. These could include, but are not limited to:
While culture is less easy to define, this is where many organisations will fail to ensure the changes brought about by the new regime are properly embedded. Culture needs to be carefully considered, as the inclusion of prescribed responsibilities relating to culture mean that it is now the responsibility of specific senior managers. Where responsibilities are just considered as compliance exercises to meet the regulatory requirements, they are often de-prioritised or overlooked. Senior managers should actively discourage the attitude of compliance just because it is required, and ensure that the responsibility to comply with regulation is taken seriously and actively supported across the organisation. Some steps senior managers may wish to consider to drive a culture of compliance include:
The FCA’s outgoing CEO Martin Wheatley said in a speech earlier this year that “the industry has nothing to fear from higher standards” – and while the new regime puts senior managers in the spotlight and holds them accountable, by taking steps to ensure a proper framework is in place to document delegation, evidence governance and controls, and which fosters a culture of compliance, there really will not be anything to fear from the new standards of accountability in financial services.
PA provides expert delivery and assurance support across each of the areas affected by the SMR, Certification Regime and Conduct Rules, underpinned by a strong track record of delivery with both national regulators and banks.
Find out more about the author of this article David Biggin.