Introduction to Senior Managers Certification Regime

What is the Senior Managers Regime?

After Conduct regulation was introduced into UK markets in 2013, the new regulator was keen to strip away the corporate front that many financial firms had always used to defend themselves. Instead, starting in the UK and now has been adopted in many jurisdictions around the world, the new behavioural regulators are looking to hold each individual manager to account. The latest and strongest form that this new accountability takes is the Senior Managers Regime. This set of rules is also known as SMR or SMCR.

Under SMR, each firm now has to publish, for the regulator, a clear guide to which manager is responsible for each aspect of running the business and protecting the interests of clients or customers. This entails mapping who is responsible for what business and control functions. That means a clear dividing up of roles so that various questions that the regulator might have will get a clear answer from one person only.

One of its big features is that if you’re a significant senior manager in a firm, you yourself have to write and send to the regulator a regular formal attestation. This means your own personal report as to how you’re a “fit and proper” person to be running a business, and showing how you’re “skilled and competent” in knowing how your business works. The conduct regulator pulls together all these individual reports from across the industry, so they hold a master file identifying all the people who are authorised to run financial businesses. At any point, the Conduct regulator can challenge any individual manager and ask for formal proof that he or she is qualified - that he or she knows, and oversees directly, the risks that the firm reports on.

Why SMR?

The conduct regulator introduced SMR with the aim of reducing harm to consumers and to strengthen market integrity by holding managers to account personally. Although many managers see SMR as a form of disciplinary action against the industry, in truth the regulator is looking for some simple outcomes in terms of positive attitudes and behaviour. The regulator wants to encourage firms’ staff, at all levels, to take personal responsibility for their actions, simply to behave well to each other and towards customers or clients, and to make sure everyone in the firm clearly understands who is responsible for what.

Who does SMR apply to?

In UK conduct regulation, which has led the charge on senior manager behaviour checking, the first phase of SMR applied to banks in 2016. Since then, there’s been a second phase applying to insurers in 2019, and finally, a third phase applying it to pretty much all other financial firms from 2020, including asset managers, brokers, and credit cards.

The different classifications for firms are:

• Core firm
  • Basically a mid-range financial firm that has an FCA licence (and is not one of the following other types of firm)
• Enhanced firm
  • This means a major financial firm, as defined by, for example, having more than 50 billion pounds worth of assets under management, or more than 10,000 regulated mortgages outstanding
• Limited scope firm
  • This category covers various kinds of entities that don’t pose quite such a basic threat to market stability if they fail. This includes a sole trader, a niche consumer credit provider, a secondary service company, a non-MiFID energy trader, and a claims management specialist

What are the types of testing?

The three waves of phasing-in SMR across different sub sectors slightly hide the fact that the rules themselves have been cranking up, now bringing in more forms of checking and subtler types of behaviour tests. After mandating the basic paperwork such as role mapping and attestations when SMR started, the regulator has been moving on to behaviour observation walkabouts, Culture Audits and Reputation Risk checks.

Which management roles does SMR focus on?

There’s a small number of so-called “required functions”, roles that every firm of any kind must certify.

All firms must certify:

• A Compliance Oversight person
• A Money Laundering Reporting Officer

For the larger firms, Core and Enhanced, There's a longer list of senior managers to certify.

What tasks must all senior managers complete to comply with the SMR?

When each person is appointed to a senior manager (SM) role, and once every year after that, your firm needs to check and certify that the person:

• Is “fit and proper”, meaning that they don’t have a criminal past or a personal bankruptcy they haven’t told you about
• Can demonstrate that they’re competent for the role, with qualifications and up-to-date training to prove it
• Has set out and understood their responsibilities and are signed up to the SM Conduct Rules

For Enhanced Firms there’s a bit more to do: notably, to certify and attest several other SM roles (SM Functions or SMFs) such as Chief Exec, the Chairs of Board Committees, and Independent Directors. And to set out a responsibilities map.

As part of this process, in discussion with your firm, or possibly even at a job interview for the role, you’ll need to identify your significant Senior Management Function (or SMF) – the regulator publishes a list of SM function numbers and there will be a unique one for your role.

After that, each SM in your firm, including you if you are one, needs to prepare a Statement of Responsibility – that is, the activities and systems that you alone are ultimately in charge of. In medium to large firms, there are some Prescribed Responsibilities, telling certain role holders exactly what they must do. For example, as you’d expect, the regulator would want to know that your Head of Risk identifies as being responsible for Risk oversight. Obvious really, but remember the point here is transparency: to make sure that no-one in a senior role can deny they’re responsible for the part of the business they manage.

What are the Senior Manager Conduct Rules?

For all staff:

• Act with integrity
• Act with due, care, skill and diligence
• Be open and cooperative with the regulator
• Treat customers fairly with due regard for their interests
• Observe proper standards of market conduct

For senior managers:

• Make sure your part of the firm has effective controls in place
• Make sure your part of the firm complies with regulations
• Delegate only to appropriate people, and oversee what they do
• Inform the regulator about anything they might be expected to want to know