FCA Annual Report Outlines Focus Areas for 2019-20 and Beyond

The following are the key highlights of the relevant updates presented in the report:

• During this period, FCA extended the Senior Managers and Certification Regime (SM&CR) to nearly all FSMA-authorized firms. FCA also made changes to the SM&CR and issued clarifications that firms had asked for. This included amending the scope of the client dealing function and clarifying how SM&CR applies to the legal function. FCA consulted on these in January 2019 and published final rules in July 2019. Firms that are newly subject to the SM&CR have a transitional period to deliver staff training on the Conduct Rules and certify relevant employees as fit and proper. 
• In December 2019, together with BoE, FCA published a policy summary and consultation paper on how firms can strengthen their operational resilience. FCA plans to publish the final rules on this in a Policy Statement, which is likely to be published in the first half of 2021. FCA has completed its first round of assessments of the highest impact firms’ technology and cyber resilience. During 2019-20, FCA identified two key areas for further work: third parties and change management. 
• FCA aims to better understand why change management is the greatest cause of reported technology incidents. The initial analysis of this data has helped FCA to better understand why firms have rated themselves as mature in this area. By the end of 2020, FCA plans to hold a roundtable with participants and leading technology firms to discuss the challenges identified in its analysis and to disseminate relevant best practices. FCA will also publish a report so that other firms can understand what was found and learn from this. 
• To address cyber risks, together with BoE, FCA used CBEST regulatory tool to assess the highest impact firms in terms of their vulnerability to cyber attacks. FCA plans to test 88 firms over a five-year period and has collectively, with the PRA completed 18 CBEST tests to date. Timeline for testing has been impacted by the COVID-19 pandemic and the planned multi-firm work was put on hold to better understand firms’ weaknesses in identifying their key assets, detecting cyber attacks on these assets, and how they can improve resilience. FCA will be reviewing this decision once the demands on firms from the current pandemic have subsided.
• With respect to regtech, the previous work of FCA focused on the automation of regulatory reporting process. A project group has been setup to explore the potential for machine-executable regulatory reporting and the creation of common industry data standards and definitions. Common definitions between firms and the regulator could make regulatory interpretation more consistent and regulators could improve the quality of data from firms. During this period, FCA published a Viability Assessment of the technological and economic factors that may affect the move toward more automation in regulatory reporting. This assessment flagged up the many hurdles that need to be overcome to move to a more automated future. FCA is now working on a number of initiatives, using its data strategy to help transform the way it collects, stores, visualizes, and analyzes the data it collects from firms.
• For addressing climate change risks, in March 2020, FCA had proposed a new disclosure rule to improve premium-listed issuers’ climate-related disclosures, with consultation period for these proposals closing on October 01, 2020. FCA aims to publish a Policy Statement, the finalized rules, and Technical Note on this early in 2021. Additionally, FCA has been conducting policy research to better understand how sustainable investment products are designed and delivered and whether the disclosures that firms make on these products accurately reflect their climate-related (and wider sustainability) characteristics and are sufficient to enable consumers to make effective decisions. FCA will use these insights to inform ongoing work with the Treasury in line with the UK Government’s commitment in the Green Finance Strategy to match the ambition of the objectives of the EU Sustainable Finance Action Plan. 

Related Links

• Press Release
• Annual Reports and Accounts (PDF)

Keywords: Europe, UK, Banking, Insurance, Securities, Annual Report, Governance, SM&CR, Operational Risk, Regtech, COVID-19, Brexit, ESG, Climate Change Risk, Sustainable Finance, FCA