What are the new SM&CR requirements?

July 2018 – The FCA have just published their much awaited, near final rules in policy PS18/14, having finished consultation on CP17/25 and CP17/40 outlining the new requirements that are coming into play for all Financial Services Firms over the next 18 months (Banks have had to comply for some time). The Senior Managers and Certification Regime (SM&CR) replaces the old Approved Persons Regime (APR) and is a regulatory framework designed to strengthen the accountability of senior individuals working in the banking sector. The Financial Conduct Authority (FCA) and the Prudential Regulation Authority (PRA) have set out detailed rules for monitoring, tracking and reporting on SM&CR. Critically, it shifts the ownership from the FCA to the firm itself so every FS firm needs to be aware of their legal obligations under this ruling.

What needs to be reported on?

The regime replaces what was previously known as the Approved Person Regime (APR) and defines a set of Senior Management Functions (SMF) which each include a defined set of prescribed and overall responsibilities (SoR’s) which must be allocated to a senior manager within a firm. Additionally, the Senior Manager needs to be able to evidence that their Certifications and Continuing Professional Development (CPD) are up-to-date and that they are meeting a pre-defined set of Conduct principles. Financial services firms need to be able to evidence annually that they (and others) are meeting these requirements as well as maintain real-time records and notify the FCA of any changes. Clearly, managing this process manually in any but the smallest business is likely to be very difficult and worse than that – RISKY!

Read more about Actus Comply – SMCR specific software

Although only senior managers have to evidence their compliance with the SMF, virtually every member of staff within a financial services firm has to have had their professional competence certified, CPD assessed and their conduct evaluated at least annually. Again, this should be documented and reported on to the FCA.

Who does this apply to?

So banks have had to meet these standards for the past couple of years but now the rules have been extended to cover almost all Financial Services Firms from Insurers to IFA’s, essentially it will apply to all FSMA authorised firms. It also applies to branches of non-UK firms with permission to carry out regulated activities in the UK.

The FCA have created three new classifications to allow the requirements to be applied in line with potential risk. Enhanced which, will have expected to meet requirements that are similar to the banking SM&CR rules; Core (which applies to the majority) and Limited Scope who will have a lighter set of requirements. The regime applies per legal entity so if you have more than one legal entity in your firm then you need to apply the regime to each one, again adding complexity and admin so you may want to consider a system like Actus Comply.

What are the requirements?

We have summarised below

  • Enhanced Firms have 17 SMF’s; 12 Prescribed Responsibilities and some additional Overall Responsibilities. Full details are in Chapter 7 of the FCA paper itself.
  • Core Firms have 6 SMF’s to report on which comprise of 4 Governing Functions namely Chief Executive; Executive Director; Partner; Chair and 2 Required Functions; Compliance Oversight and Money Laundering Reporting Officer. There are also 5 Prescribed Responsibilities that must be given to Senior Managers and an additional responsibility for Authorised Fund Managers if relevant – remember to duplicate this for each legal entity!
  • Limited Firms have 3 SMF’s – SMF 29 – Limited Scope Function; SMF16 – Compliance Oversight; SMF 17 – Money Laundering Officer. The Governing Functions will depend on specific permissions and activities and the FCA direct you to their handbook to read about these.  No Prescribed Responsibilities apply to Limited Scope firms.

How Actus Comply can help you meet the new SM&CR requirements?

Actus Comply has been designed in partnership with clients in the Financial Services Sector to specifically meet the needs of the new SM&CR Regime. Not only does it meet your new SM&CR Regulatory requirements, but it can also provide a one stop shop for appraisal and performance management and any other regulatory requirements such as GDPR or Health and Safety.

Actus Comply Features include:
  • Ready to go SM&CR templates whether you are a Limited; Core or Enhanced Firm
  • Ability to define and track CPD
  • Conduct appraisals
  • Self service certification
  • Real time reporting

If you are a financial services institution looking to improve your performance management processes and meet your upcoming SM&CR obligations in one cost effective package, why not get in touch. We are also happy to work through Compliance Consultancies and Training Partners if preferred.

Read more about Actus Comply

Contact us