Enough time has passed that the term ‘SMCR – The Senior Managers and Certification Regime’ is probably well on your radar.
Since the FCA published their near final rules in July 2018 we have been speaking to various financial institutions and in more cases than not, the stage of progression is the same. The new regulations are on the agenda for discussion but no action has been taken. We have outlined the steps that should be followed in preparation for the SM&CR extension.
Confirming classification and understanding where your firm sits within the Regime is the first step required. The FCA categorises firms into three separate areas and the extent of the actions required vary for each of these: Limited Scope, Core or Enhanced. You can find out which type your firm belongs to in the table below. In this blog we talk more generally about the requirements for SMCR. For more details visit the FCA guide here.
The next step for any firm is to consider who will hold a Senior Management Function (SMF) if you don’t already know. A SMF is defined by the FCA as ‘a new type of controlled function under the Financial Services and Markets Act 2000)’. In reality, it is likely to be similar to those already covered by the Approved Person’s Regime (APR). However, this is a good opportunity to ensure that people truly understand the extent of their responsibilities, because you need to be able to evidence that they have accepted these responsibilities if challenged. Consider how you may be able to demonstrate ‘Point in Time’ evidence of this, at short notice if challenged.
Those that will fit within the Certification Regime must also be decided on. Once all functions have been agreed on, a reason to justify why should be made.. Which functions apply will depend on your firm type, details of which can be found in the FCA’s guide here. Once you have identified who falls into the Certification Regime, consider how you will certificate. Some do this as part of their annual appraisal, others have a parallel approach. Remember, the purpose of the SMCR regime is to ensure that everyone is aware of their responsibilities and are being held accountable. Is your certification process supporting that? Again, how easy is it for you to evidence your certification approach?
The next part of the process is creating Statement of Responsibilities (SoRs); a single document that every Senior Manager (those that hold functions) will need to have, that sets out their role and responsibilities. This document needs to be self-contained, not referring to other documents. You may need to send this to the FCA on request so ideally it should be centrally held and easily accessible.
Good practice requires changes to existing contractual arrangements to reflect the SMCR and Certification Regime? This not only emphasises the importance of these requirements to staff but also highlights to the FCA the regime is being taken seriously. This also provides the opportunity to show support and protection towards staff in response to any breach that occurs.
Finally, internal policies and practices will likely need to be modified to accommodate the changes imposed by the extended Senior Management and Certification Regime. A key difference of the new regime is the fact that firms can be called upon to provide ‘Point in Time’ evidence of compliance across all the points above. Whereas spreadsheets or traditional HR Software may have provided a workaround in the past, now may be the time to consider a specialist but affordable software solution like Actus Comply.
Above we have outlined how SMCR should work in practice. It is important to note that the requirements are wide-ranging depending on the type of firm and will involve a variety of stakeholders to complete the process. Whilst the deadline for SMCR compliance (December 2019) may seem far away, the reality is that it is not and therefore the sooner steps are taken to reach compliance with the extended regime, the better.
If you would like more information about how Actus can help you through the process, visit out Actus Comply page below. You may also like to read about how Performance Management and SMCR integrate together to help with compliance and culture change.