A financial services contact of mine shared with me how his firm had turned SMCR compliance into a veritable cottage industry with a plethora of manual paper and excel-based processes. Unfortunately, none of these systems ‘speak’ to each other and there is no single point of ownership. Certainly, he recognised that this lack of ‘in-firm’ ownership wouldn’t stand up to scrutiny in the eyes of the FCA. As the holder of the Compliance Oversight role (SMF16), he felt more than a little (understandably) exposed as he realised that regardless of internal ownership, he would be held personally accountable if things went wrong.
In addition, he isn’t alone as the reality is that many firms seem to be in denial and have ignored the purpose of the SMCR regime. It’s about bringing culture change to deliver robust risk management processes, not one-off tactics. Instead, they have treated it as a ‘tickbox’ exercise that can be managed by disparate manual activities or cobbled together systems. I wrote about this a few months ago in this LinkedIn article: What’s the real impact of the SMCR deadline? Sadly, it seems little has changed and there is still a sense of denial like the three wise monkeys.
As we draw nearer to the extended March 2021 deadline, many firms are finally recognising the fact that maintaining up to the minute, auditable records – to say nothing of managing certification and conduct reviews, is an ongoing process. The more manual it is, the greater the workload (and risk) as time goes on. All they need is for one person to leave or drop the ball and a manual process can fall apart. Perhaps without anyone realising until it is too late, leaving individuals exposed.
You would think that would be concerning enough, however, hybrid and remote working highlights further potential risks. With decreased visibility, how can managers and firms robustly confirm that individuals are meeting the Fit and Proper criteria? Carrying out e-learning once a year is not the same as sitting alongside someone, hearing how they interact with clients, or casting an eye over paperwork. Moreover, people management activities are often overlooked in financial services firms. Certainly, this poses an additional risk to SMCR compliance in a virtual working environment.
Why not download my free white paper on SMCR and culture change here?
Above all, if I held an SMF within an financial services firm under SMCR I would be actively asking what protection was in place for me as an individual. A long term spreadsheet approach wouldn’t help me sleep at night. I would be looking for a robust, integrated SMCR and performance management system that gives me real-time assurance, visibility and accountability across the firm, whatever the location.
If you feel the same way, you may want to take a look at Actus Comply. With purpose-built SMCR software features such as assigning and tracking responsibilities with a full audit trail; clear reporting and the ability to integrate with performance management. Actus Comply also offers CPD; Certification and Conduct management for the whole firm. If you are a financial services institution, looking to deliver confidence and assurance, why not get in touch?
This blog was written by Lucinda Carney, Chartered Psychologist, Author and CEO of Actus Performance Software. She also hosts the HR Uprising Podcast which is celebrating its 75th episode anniversary with a brand-new short series of 8 podcasts aimed at line managers, providing practical support and guidance on virtual management. These are out every Wednesday and you can subscribe here: Apple; Spotify; Stitcher; Google.