The Senior Managers and Certification Regime (SMCR) extension to all FSMA authorised firms introduced a 'Duty of Responsibility' for Senior Managers.
This Duty of Responsibility enables the regulators (the PRA and FCA) to take action directly against a Senior Manager regarding a breach at a regulated firm if they can show that the Senior Manager failed to take 'reasonable steps' to prevent or stop the breach.
The Duty of Responsibility is in section 66A(5) of the Financial Services and Markets Act 2000 (FSMA). The statutory Duty of Responsibility has been applied to Senior Managers of banking firms since May 2016. It applied to Senior Managers of dual-regulated insurers with effect from 10 December 2018 and most FCA solo-regulated firms from 9 December 2019.
As detailed in the FSMA, to take enforcement action, the regulators must be able to show that a Senior Manager "did not take such steps as a person in the senior manager's position could reasonably be expected to take to avoid the contravention occurring (or continuing)".
The burden of proof lies with the regulators. The Senior Manager does not need to show that they took reasonable steps. It is for the regulator(s) to prove that they did not. However, while this may be the case, Senior Managers want to understand what action they can take to demonstrate that they took reasonable steps.
The FCA has issued guidance that includes a non-exhaustive list of considerations that it will consider when determining whether or not a Senior Manager has taken 'reasonable steps'.
The guidance is in the FCA Handbook, in DEPP 6.2.9E.
The FCA's Policy Statement, PS 18/16, sets out how the FCA will apply the Duty of Responsibility to insurers and FCA solo-regulated firms.
The PRA, in its Consultation CP14/17, proposed that its guidance for applying the Duty of Responsibility to insurers would mirror its existing guidance for applying the Duty of Responsibility to deposit-takers and PRA-designated investment firms. The PRA confirmed this approach in Supervisory Statement 28/15, issued alongside the FCA's PS 18/16.
In PS18/16, the FCA comments that it may be in the interest of a Senior Manager (SM) to keep records of relevant steps they take in case questions are raised, whether by their firm, its lawyers, auditors, insurers or customers, the FCA or another regulator.
The FCA Handbook Guidance is a useful starting point for Senior Managers when considering how to protect themselves.
Keeping abreast of regulatory concerns and developments, particularly those that will impact their role and responsibilities.
Understanding the impact of all relevant statutory, common law and other legal obligations relevant to their role and responsibilities.
Ensuring that any delegation of their responsibilities is only made to an appropriate person with the necessary capacity, competence, knowledge, seniority, skill, and steps are undertaken to oversee any delegated responsibility.
Ensuring that the reporting lines concerning the firm's activities for which they are responsible are made clear to staff and operate effectively.
Implementing appropriate policies and procedures to review staff members' competence, knowledge, skills and performance to assess their suitability to fulfil their duties.
Reviewing the governance, operational and risk management arrangements for the firm's activities for which they were responsible, including, where appropriate, corroborating and challenging the information available to them.
Understanding and informing themselves about the firm's activities for which they are responsible, including:
Interestingly the FCA says that where SMs are involved in a collective decision affecting the firm's activities for which they were responsible, and it was reasonable for the decision to be taken collectively, it will review the steps.
The FCA will review whether the SM took reasonable steps to ensure:
This point may make SMs more cautious when asked for their input or conclusions on issues that appear to depart from their allocated role and responsibilities.
It is also important that SMs and firms ensure their Statements of Responsibilities (SoR) are accurate and kept up to date. And where applicable, firms' Management Responsibilities Maps should reflect the responsibilities in Senior Managers' SoRs. The regulators will consider these documents when determining the extent of the SM's responsibilities in a firm.
In March 2019, the FCA published Final Guidance FG19/2 to assist solo-regulated firms when preparing their SoRs and Responsibilities Maps.
We have created an SMCR roadmap to help you navigate the compliance landscape, supported by a comprehensive library of SMCR Courses and a fully integrated SMCR 360 Compliance Toolkit.
We also have over 100 free compliance training aids, including assessments, best practice guides, checklists, desk aids, eBooks, games, posters, training presentations and even e-learning modules!
Finally, the SkillcastConnect community provides a unique opportunity to network with other compliance professionals in a vendor-free environment, priority access to our free online learning portal and other exclusive benefits.