Senior managers feel the heat as government changes accountability regime
New regulations on strengthening individual accountability in UK banking mean that banks will in future have to focus much more on the culture, governance structure, allocation of individual responsibilities and best practices.
To adjust fully to the new regime – effective from last month and imposed in the wake of the banking crisis of 2008 plus a host of subsequent scandals – will take further time and resources, executives say.
Organisations cite different challenges depending on their size and the nature of their operations. However, the shift will have to be as much about industry culture as compliance, according to Andrew Browne, chief executive of the British Bankers’ Association (BBA).
The regime covers three main areas: senior managers regime (SMR), certification regime (CR) and conduct rules, which will from March 2017 apply to all banking staff (except ancillary roles). Together these emphasise individual accountability in a way that was deemed to be lacking in the former approved persons regime.
Later on the whole system appears to be referred to as SMCR. If that’s its name, the reader needs to be told (and the abbreviation explained) here, or earlier.
Under SMR, the responsibilities of individuals holding senior manager functions are now more clearly defined and it should therefore be easier for them to be held personally responsible when things go wrong. The UK’s Financial Conduct Authority (FCA) and the Prudential Regulation Authority approve these functions and individuals are listed under the Financial Services Register.
One of the key changes of the new SMR is the possible prosecution of individual senior managers. This can happen if they have taken decisions that cause an institution to fail or were aware of the risk that these decisions could cause; and when their are these two separate circumstances, or two necessary conditions (decisions plus conduct needed for prosecution)? Not clear conduct falls far below what could be expected of a senior manager holding that role.
Companies were required to identify individuals who fall under the new certification regime and train them before it came into force. Firms are now also required to approve the certified staff (a role previously carried out by regulators) when they join the firm and then on an ongoing basis.
Essentially the regulators have shifted the onus onto companies themselves for assessing relevant individuals’ “fitness and propriety”. If that assessment is successfully completed the firm is required to produce a physical certificate for each relevant employee, valid for a maximum of 12 months.
This shift entails the scrapping of the “approved persons register”, the previous list of about 50,000 names drawn up by the regulator, and some bankers have told Ethical Corporation of client concerns about the move to certification by managers instead.
The senior manager regime will cover about 7,000 senior bankers and 3,500 insurers. Tracey McDermott, acting head of the FCA, has said the need for a public register could be part of the consultation due to take place when the scheme is extended beyond banks and big insurers in 2018.
“Now that certified individuals are no longer approved by the FCA, clients cannot check them in the way they could on the old register,” said one banker, who declined to be identified. “Some firms still have the approved persons regime in place so there is a slight gap. But this should be closed once the senior managers and certified individuals regimes apply to all financial services after 2018.”
Olinka Kelcikova took on a compliance manager role at Arbuthnot Latham & Co more than a year ago. She led the Individual Accountability Project for the bank from the compliance perspective, and says the bank’s board and other senior managers have taken a proactive stance from the outset.
“One of the key things within this project was communication within the business, as employees’ understanding of the requirements makes it much easier to implement the changes,” Kelcikova says. “In our case it started with the senior management, board and the executive committee where the key messages relating to conduct risk, culture and individual accountability have been discussed and communicated, so that when regulations came into force there were no surprises.”
Arbuthnot Latham is a growing bank with around 250 employees. The bank made the decision to provide in-house face-to-face training to all relevant staff and senior managers. It originally considered outsourcing this but Kelcikova says that the decision to train in-house was the right one.
“It meant that the training was tailored to our business, was personal and provided individuals with an opportunity to ask questions directly relating to their role. Understanding the requirements and what it means to each individual is crucial.”
Kelcikova accepts that larger banks and financial institutions, while perhaps better resourced, would not necessarily find this process so straightforward.
Some of Arbuthnot Latham’s training has focused on reassuring its financial advisers that if they do their jobs properly, this regime doesn’t mean any significant changes in their day-to-day role, Kelcikova says. “In terms of the conduct rules, these were already in place for approved persons under the old regime. The main difference is that individuals are now more accountable and will have to face the consequences if they fail to meet the standards of these rules”.
The culture, conduct and individual responsibility are not something that could be fixed overnight, Kelcikova adds. “What banks need now is to have some breathing space to implement the changes and test their processes in practice.”
It is clear that documentation and record keeping – especially relating to decisions made, challenges provided and actions taken – have become essential.
“We are at the early stages of the new regime,” Kelcikova says. “We expect to see some further changes later this year, i.e. on the employment references. There is no doubt that the regulator will conduct some thematic reviews, which will provide further clarity. Benchmarking against these as well as information from enforcement cases and speeches by the regulator are and will remain an important tool for the firms.”
Simon Hills, executive director of prudential capital and risk at the BBA, says the SMR and certification systems will help play an important role in rebuilding public trust as and when wrongdoers are held to account. However, he echoes McDermott’s comment that “it is not about trying to get heads on sticks”.
Alongside Basel III – the reform measures developed by the Basel Committee on Banking Supervision to improve risk management, transparency and governance – bigger capital and liquidity requirements, and the introduction of the recovery and resolution regime, the SMCR this is the first use of this abbreviation, and we don’t know what it stands for. We’ve had SMR defined, and CR defined, but if the whole thing is knowns as SMCR, the story needs to say so (and explain what the letters are) somewhere near the top will focus the attention of the most senior managers on making sure their banks are robust, Hills says.
“In the event that they take reckless decisions leading to the failure of a bank, they could be held criminally liable and jailed for up to seven years,” he says.
Particular challenges have included crafting the statements of responsibilities and responsibility maps for senior managers. For instance, how can the senior manager responsible for treasury be reassured that the actions of perhaps hundreds of junior colleagues are appropriate given that he or she is answerable for them? A solution may include an internal attestation process down the chain of command, Hills says.
“There is now also a requirement on new employers to take up regulatory references and for previous employers to give them when asked, to tackle the so-called ‘rolling bad apples’ problem,” Hills says, referring to the ease with which unsuitable or dishonest personnel have sometimes been able to move from one bank to another.
As for any public concerns about the scrapping of the approved persons register, potential clients are always free to demand that banks show them an individual’s credentials and fitness for the role, he says.
Once the SMCR regime has been in place a while longer, Hills hopes the regulators will share their observations about how different banks and insurance companies have been implementing it so that good practice can be shared and a better understanding of supervisory expectations reached.
The BBA is also in the process of planning a conference on the first 100 days of the SMCR, which will similarly help banks share best practice and identify common concerns and problems.
Sidebar: lawyers out in force
In this Q&A, Julie Matheson, a partner at London-based Kingsley Napley LLP, talks about the impact of the new accountability rules
Q What kind of logistical and other challenges do banks face under the new regime?
A Putting the onus on financial institutions themselves may prove problematic. Setting aside the additional logistical burden, for example registering to carry out criminal record checks (which was previously the domain of the FCA), institutions may adopt a more cautious approach in assessing an individual’s fitness and propriety than the FCA would have done, for fear of being too lenient and attracting criticism.
Q How can organisations can best embed personal accountability into their cultures?
A The shift of approach towards all staff members (apart from ancillary staff) being subject to the conduct rules should make each individual employee more aware of his or her conduct. Institutions should, however, have already implemented training on the new regimes and should be enforcing the message that a lapse in proper conduct could have significant consequences.
Q How prepared is the sector for this regulatory change?
A We have observed a readiness from institutions to facilitate the change in regime; fitness and propriety checks are being carried out and discussed with staff members. We have, however, also heard anecdotal evidence of a defensive culture from senior managers who will bear the brunt of enforcement should something go wrong that falls within their area of responsibility: the increased involvement of lawyers at meetings to discuss responsibilities has been reported.
We have also noted that financial institutions are taking increasing amounts of legal advice on responsibilities-mapping and making sure all decisions are recorded, to protect them should questions be asked in the future.accountability governance ethical communication finance benchmarking responsibility