The FCA’s Senior Manager Regime (SMR) went into effect at the beginning of March, and according to the Financial Times, banks have submitted just under 250 titles of managers that will be subject to the new regulations (although the final number is estimated to be as large as 10,000 or more). Going forward, these managers will be held personally accountable for non-compliance on a variety of subjects, with potential penalties including fines and even jail time. While these managers are in a high-stakes position, this is only the beginning of the SMR compliance question for firms regulated by the FCA.
The bigger question has to do with March 7, 2017. On this date, the FCA’s Conduct Rules, which are a part of the SMR, will expand to cover all non-ancillary employees (basically anyone that’s not part of catering, security, etc.). As a point of reference, in 2015 one of the largest Tier 1 UK-based banks (who I will not name here) had over 48,000 employees in the UK alone, a large majority of whom would undoubtedly be impacted by the Conduct Rules’ widening scope. This alone would reflect an almost 200x increase of the number of people covered by this new regulation. And that’s just for one firm in one country. This firm likely has employees in other countries who are covered by this rule, and there might be other firms headquartered in other countries who have affected employees as well. The final count of affected employees has the potential to reach several hundred thousand when all is said and done.
How are firms going to cope?
The key theme for regulated firms is going to be “Scalability”. What works for 20 covered employees will not work for 20,000. This means firms will need to scale processes, investigations, teams, and technology across the enterprise in order to address the new Conduct Rules requirements. And all without sacrificing consistency, productivity, and general operations. This may seem like an insurmountable challenge – but is it actually?
The Conduct Rules that apply to all non-ancillary employees are quite basic:
- You must act with integrity
- You must act with due skill, care, and diligence
- You must be open and cooperative with the FCA, the PRA and other regulators
- You must pay due regard to the interests of customers and treat them fairly
- You must observe proper standards of market conduct
Firms will be required not only to notify all employees of these new rules, but train them on what it means to them and their job function. This means firms will need technology to develop and distribute rules, policies, and trainings, ensure employees review the materials, and finally, capture and report of sign-offs and attestations. This will be key in demonstrating compliance to the new regulations and will likely be rolled out by a combination of Compliance and HR teams.
Additionally, if a firm suspects a breach of the rules by any employee, they must investigate that breach and report it to the FCA. This creates another technological challenge wherein firms will likely need case management and investigation capabilities that can handle these sorts of processes. Crucially, any investigation process will need to be consistent and repeatable, much like in a typical financial crime and compliance sense.
These go hand in hand with many other operational considerations that firms will need to address, including designing new processes, policies, and trainings. For example, in addition to creating processes for rule distributions and investigations, firms should consider creating processes for self-declaration, attestation, and reporting to make these processes repeatable going forward. Again, more often than not, this will fall under the remit of HR and Compliance, so I expect both teams will find they will be called upon to help develop operational and risk strategies with key stakeholders across lines of business and geographies more often than before. These teams especially will see their world change very rapidly as a result of these rules.
I think the FCA’s efforts to increase accountability, fitness, and propriety in the financial industry certainly have merit, but they do not come without growing pains. Firms will need to evolve and adapt quickly to stay compliant. The countdown has begun – and if they start sooner rather than alter, I have no doubt they will be prepared.