Responding to the FCA Dear CEO Letters and SMCR requirements
13 March 2020
On the 6th and 20th January this year, the FCA issued out Dear CEO letters to general insurance and asset management firms to raise key risks that they identified. The letters are asking firms to assess whether they present these risks and if so, what actions they will put in place to mitigate them in line with the Senior Managers and Certification Regime (SM&CR).
FCA also published a letter to Financial Advice businesses on 21st January, where they set out their intent “to take pre-emptive action on the firms and issues posing the greatest harm.”
These three letters follow a very similar Dear CEO letter from PRA to Insurance Firms in November of last year, which identifies very similar areas of focus for supervisory activity and potential interventions. They specify:
“You can expect our supervisory focus over the next year to include discussions with you, your boards and your management teams to understand how your firm is addressing these issues to the extent relevant to your business.”
It is clear that FCA and PRA have a very consistent and joined up approach to prioritising and taking action against these material risks. So, what are the key areas?
- Good Culture, Effective Governance and Proper Conduct
- Non-Financial Misconduct
- Effective Risk and Control Frameworks
- Effective implementation of SM&CR
Chief Execs, Directors and Senior Managers are being specifically tasked with discussing these letters with their Boards and confirming whether these issues are relevant to them, supported by more detailed, specific analysis to identify any actions they believe should be taken by their firm.
It is not surprising that firm’s implementation of SM&CR is directly referenced in each of these letters. Both regulators have been very clear that they see SM&CR as a key part of the solution for effecting and embedding long lasting cultural change across financial services.
This stiffening of regulation has been spearheaded by non-financial misconduct; poor culture having been identified as the root cause of major conduct failures within the industry. Organisations are expected to be proactive in tackling these issues to create a positive environment. The FCA will be assessing the suitability of senior management to ensure that they correctly address any non-financial misconduct. They want to see firms evaluating their purpose to drive the management of their business and see tangible steps taken towards a positive culture change.
At a recent briefing, a senior FCA representative confirmed that a ‘stock take’ similar to the recent Banking SM&CR review was planned for early 2020 and that Supervisory Teams were being trained on how to assess SM&CR effectiveness.
The Treasury Select Committee (TSC) report (published 4th March 2020) approving Dr. Andrew Bailey as the new Governor of the Bank of England identifies serious concerns, “specifically around culture, transparency and insufficient speed of action” within the FCA itself during his tenure and setting out the TSC intent to “keep a close eye” on the performance of the City Watchdog under the interim CEO Christopher Woolard. The Select Committee also makes a commitment to “assess progress in improving the culture of the finance industry”.
With the FCA under scrutiny in these areas itself, it is not surprising that they are ‘passing on’ the pressure. The recently published Sector Views 2020 by FCA references Culture, Governance, Conduct or SM&CR over 50 times!
The clear challenge, therefore, for Chief Execs, Directors and Senior Managers is to review their responses to these risks and issues and in their boards and governance committees to formally confirm that their programmes of actions and their control frameworks are adequate and effective, including their implementation of SM&CR. Assessing their implementation of SM&CR means also reviewing whether it is delivering the intended outcomes of improving conduct and culture and therefore better customer outcomes.
The key question then is how do Senior Managers and CEOs know that their implementation of SM&CR and their wider conduct and culture programmes are effective?
Implementing expert systems to embed these programmes of change within firms gives management and oversight teams across all ‘Three Lines of Defence’ visibility of their effectiveness.
Expert systems provide a transparent line of sight into how well SM&CR and conduct and culture initiatives are working and also ensure efficient and auditable record keeping.
Rigorous record keeping, without interrupting already overburdened front office teams is critical to guaranteeing the confidence and certainty required by Senior Managers.
In FCA’s Enforcement Performance report last year they published an increase of over 30% of ‘ ‘Open Cases’ (650 cases open as at 31st March 2019), and undoubtably this number will have significantly gone up again when this year’s report is published in the Summer. Interestingly, looking at the details of the open cases, over 200 of them are categorised by the regulator as being directly related to issues with culture, governance or conduct.
Given the rise in personal accountability, if I was a CEO, I would want a mature, proven technology solution to give me the assurance that in these areas of culture, governance, conduct and SM&CR, I was personally secure.
How software can help
“inadequate investment in technology and operational resilience has led to deficient systems which could cause harm to market integrity or loss of sensitive data.”- FCA
Our SMCR software solution, Pentana Compliance, can help you meet these FCA expectations laid out in the Dear CEO letters by setting out the regulators’ requirements in a simple, intuitive system, allowing you to demonstrate effective leadership and deliver culture change. Request a free demo today.
Related blog posts
Here are some more blog posts that you might be interested in.
The SMCR Conduct Rules are a key element of the Senior Managers Certi...Continue reading
For firms of a certain size, the complexity and scale needed for complying with the Senior Manager's Certification Regime means that SMCR technology is the only viable option for managing these requirements. The risk to the firm, and individually ...Continue reading