FCA Reviews Implementation of SM&CR in Banking Sector

The following are the key findings of the review:

• Senior Manager Accountability. Senior managers across all firms were clear on what accountability means in the context of their jobs and day-to-day activities. Some non-executive directors were concerned the regime expected too much from the Board. The SM&CR does not seek to redefine the roles of non-executives. FCA sees the oversight role of non-executive directors and their ability to challenge management as a key safeguard for the interests of firms’ stakeholders. FCA looks to senior managers to think more broadly and to create an environment where the risk of misconduct is minimized, for example through nurturing healthy cultures.
• Certification. FCA states that it found that firms have implemented processes to oversee the certification population. They have taken steps to ensure their frameworks are robust with several checks and balances in place to support the competence assessment and provision of training. However, most firms could not demonstrate the effectiveness of their assessment approach, use of subjective judgment, or how they ensure consistency across the population.
• Regulatory References. All firms were positive about the concept of regulatory references and its intention to address the potential issue of "rolling bad apples." However, the majority felt that the industry had some way to go to improve the quality and timeliness of references. Another challenge for firms is that other firms are not always consistent in recording breaches of the Conduct Rules. This depended on their size, risk appetite, and from where they recruit senior managers and certification staff.
• Conduct Rules. Interviewees believed that staff generally understand the conduct rules. However, evidence suggests that firms have not always sufficiently tailored their conduct rules training to job roles of staff. However, there was insufficient evidence to be confident that firms have clearly mapped the conduct rules to their values. Many firms were often unable to explain what a conduct breach looked like in the context of their business.
• Impact on Culture. Most firms said that they had embarked on culture change work before the implementation of the regime. These initiatives were prompted by a number of factors, including past conduct issues, the impact of ring-fencing, and the remuneration code. The regime is having an impact on the mindset of senior managers. However, SM&CR is primarily enabling firms to improve their controls environment, which they expect to lead to improved behaviors. It is not clear to what extent the regime has been linked to culture.
• Unintended Consequences of Regime. For most firms, SM&CR did not lead to significant unintended consequences. There is evidence that processes and controls on approvals of new products and businesses have been tightened. Most firms mentioned the additional staff and work required to administer the regime. However, this was seen by many as part of creating a robust governance environment within their firm.
• Overcoming initial implementation issues. Most firms continued to embed the regime, particularly below the senior manager level, with a focus on the spirit of the regime and ensuring their approach is proportionate. Generally, the larger banks, with more resources and exposure to the regulators, are more mature in their approach. Firms described the initial stages of implementation as challenging but came to see clear definition of accountability as beneficial. There is some room for further progress at the certification level and potentially more significant weaknesses in the implementation of the conduct rules for other staff.

For this review, FCA interviewed 45 people at 15 banking sector firms as well as trade associations, the Banking Standards Board, FCA, and PRA. The key element of the review was interviews with individuals in firms who have worked with SM&CR. The SM&CR was introduced for deposit-taking firms and dual-regulated investment firms (the banking sector) in March 2016. The SM&CR is an important way to establish a culture of accountability for conduct and it aligns with the cross-sector business priority to continue to work on firm culture and governance. The findings of the review will be of interest to the banking sector and to all SM&CR firms. This includes solo-regulated firms that will be coming into the regime in December 2019 and insurers, for which the regime commenced in December 2018

Related Link: Results of Review

Keywords: Europe, UK, Banking, SM&CR, Operational Risk, Governance, Conduct Risk, PRA, FCA