UK: How The Certification Regime Will Be Extended To Insurers

Last Updated: 19 September 2017
Article by Nick Elwell-Sutton and Chris Holme

The PRA and the FCA have at last published their proposals on how they intend to extend the Senior Managers and Certification Regime to insurers.

Insurers will already be familiar with the Senior Insurance Managers Regime (SIMR), following its implementation on 7th March last year. The new proposed regime will retain many of the features of the SIMR with the significant difference being the introduction of the Certification Regime. This will be a big change, making most employees in insurers subject to the regulators' conduct rules and requiring employers to certify them as fit and proper.


The main purpose of these proposals is to align with the regulatory framework already in force for banks from 7th March 2016, while taking into account the unique characteristics of insurers. Overall, the stated intention is to implement a consistent but proportionate regulatory framework to strength individual accountability and promote effective corporate governance for all PRA regulated firms.


The FCA and PRA have each published separate consultation papers:

What are the key dates?

  • 3 November 2017 - the PRA and FCA consultations both close
  • 2017 - further consultations from each of the regulators
  • Summer of 2018 – the regulators will publish policy statements, together with final rules and HM Treasury will set the implementation date for the extended regime, currently expected during 2018


  • Whilst the PRA senior manager functions will remain, the FCA will also have its own new senior manager functions
  • The introduction of the Certification Regime will mean that most individuals in insurers will be covered by the new regime, whether as senior managers or certified persons
  • A new simple code of conduct rules will apply to almost everyone in the firm. Firms will be under a new duty to notify the regulator of breaches of conduct rules by any employee to whom the conduct rules apply
  • The existing scope of responsibilities document will be replaced by the "statement of responsibilities"; governance maps will be replaced by "responsibilities maps" (large insurers only); senior managers will be under a new "duty of responsibility"
  • The regulatory references regime which currently applies to all approved persons in insurers will be extended to apply to all individuals subject to the Certification Regime
  • There will be new handover rules, similar to those required by banks, for large insurers
  • New rules will facilitate the transfer of senior managers from a senior manager function at a banking firm to a senior manager function at an insurance firm


The SM&CR will replace the PRA Senior Insurance Managers Regime (SIMR) and the FCA revised approved persons regime for insurance firms.

This new regime will apply to all insurance and reinsurance firms which are regulated by the FCA and the PRA. This includes:

  • Insurers and reinsurers
  • Insurance special purpose vehicles (ISPVs)
  • The Society of Lloyd's
  • Managing agents
  • UK branches of third-country firms and EEA firms

The SM&CR will apply to all insurers but some of its features will apply only to Solvency II firms and large Non Directive Firms ("large insurers") (see Table 1 p.6 FCA paper)


  1. The Senior Managers regime
  2. The Certification regime
  3. The Conduct Rules


Regulator approval - As with the SIMR, the most senior individuals who perform key roles (senior management functions) will need PRA or FCA approval before starting their roles. As part of the application process, large insurers will be required to submit a management responsibilities map which replaces the current "governance maps" but which has a similar function.

Senior manager functions – The current set of PRA senior insurance management functions (SIMFs) implemented under the SIMR (or proposed under CP8/17) will not change and will be included in the new SM&CR but will be renamed senior manager functions (SMFs). However, not all insurers will be subject to the same list of SMFs (a small NDF will not need to apply the same functions as a Solvency II firm for example). The FCA proposes new SMFs for large insurers, in addition to the PRA SMFs.

Where a senior manager applies to perform a PRA and FCA function (eg a CFO will be an FCA executive director as well as a PRA senior manager) the PRA's approval covers both roles. Note though that a PRA approved senior manager who later wishes to perform an FCA SMF will need to apply to the FCA for approval to perform that new role.


New proposed FCA SMFs

  • Exec Director (SMF3)
  • Compliance oversight (SMF16)
  • Money Laundering Reporting Officer (SMF17)
  • Conduct Risk Oversight Officer (Lloyd's only SMF23b)
  • Other Overall Responsibility (SMF18)

Existing PRA SMFs (proposed to remain)

  • Chief Executive
  • Chief Finance Function
  • Chief Actuarial Function
  • With-profits Actuary
  • Chief Risk Function
  • Chief Underwriting Function
  • Underwriting Risk Oversight Function
  • Head of Key Business Area
  • Chief Operations
  • Group Entity Senior Manager

Non-Executive SMFs

New proposed FCA Non-Executive Senior Management Functions (SMFs)

  • SMF13 – Chair of Nominations Committee
  • SMF15 – Chair of the With-Profits Committee or the person(s) responsible for the with-profits advisory arrangement

Existing PRA Non-Executive functions (proposed to remain)

  • Chair
  • Senior Independent Director
  • Chair of Remuneration Committee
  • Chair of Risk Committee
  • Chair of Audit Committee

PRA and FCA proposals for Senior Manager responsibilities

  • A statement of responsibilities - mapping what they are responsible and accountable for. This replaces the existing "scope of responsibilities" document required under the SIMR but has a similar function;
  • A duty of responsibility – meaning that if something goes wrong in an area they are responsible for, the PRA or FCA will be able to hold them accountable if the regulator considers that the senior manager did not take "reasonable steps" to stop it from happening;
  • Prescribed responsibilities – these will vary by firm, and are specific responsibilities that the PRA or FCA will require firms to place on their senior managers. These are to make sure that there is a senior manager accountable for the SM&CR and key conduct and prudential risks. The FCA is proposing some new prescribed responsibilities which are in addition to the prescribed responsibilities already applicable under the SIMR. The full list of prescribed responsibilities will apply to large insurers; there are few prescribed responsibilities for small NDFs, third-country branches and ISPVs; and they will not apply to EEA branches;
  • Overall responsibilities – senior managers in large insurers must be responsible for each of the firm's business functions and activities.


This is the biggest single change which will affect insurers. The new Certification Regime will cover people who are not senior managers, but whose jobs mean they have a big impact on customers, markets, or the firm and includes all individuals who are already designated a Key Function Holder. These roles are called "significant harm functions". These individuals will not need to be approved by the PRA or FCA; rather they will be approved by their own firm. Their firm will have to "certify" they are suitable (fit and proper) to carry out their job (with a review taking placed by the firm at least once a year).

The Certification Regime only applies to employees and not to NEDs.

The PRA and FCA propose slightly different certification functions, but the two do not conflict:

  • The PRA proposes that all key function holders (KFHs) in large insurers, along with ISPVs should be designated certification functions, unless that function is a PRA SMIF or FCA controlled function, or they are a NED.
  • The FCA proposes that their Certification Regime is made up of 8 significant harm functions known as certification functions. Some of the roles currently requiring approval under the approved persons regime will no longer need FCA approval and will instead be covered by the Certification Regime. The FCA proposes to apply the Certification Regime and conduct rules to incoming branches of non-UK firms comprising of both EEA and non-EEA branches.

The FCA Handbook and the PRA Rule book will set out the roles that are certification functions. The proposed roles set out in the consultation papers are as follows:

FCA's proposed roles as related to insurers

  • Significant Management function
  • CASS oversight function
  • functions subject to qualification requirements
  • Material Risk Takers
  • Anyone who supervises or manages a person performing a Certification Function

PRA's proposed roles

  • all Key Function Holders (KFHs) for all large insurers along with ISPVs
  • Material Risk Takers (MRTs) this will only apply to large insurers
  • individuals who are managing a Material Risk Taker

The PRA would normally consider the following as KFHs (or MRTs for large firms):

  • investment management (including reconciliation, valuation, or reporting, of asset holdings or positions)
  • claims management
  • underwriting and pricing of products
  • reinsurance
  • capital management
  • liquidity management
  • operational systems and controls
  • information technology (IT) and
  • managing MRTs (for 'large firms')


These will apply to almost all individuals working in financial services. The conduct rules set high level standards of behaviour.

Some conduct rules already apply to approved persons in insurers under the SIMR and the approved persons regime.

  • The PRA proposes to extend the application of its conduct rules to all employees holding a PRA certification function (including key function holders (KFHs) and MRTs at large insurers).
  • The FCA proposes to apply conduct rules to:

    • All senior managers approved by the FCA
    • All certified persons covered by the Certification Regime
    • All other employees other than ancillary staff.

The FCA proposes to apply its conduct rules to the above individuals in relation to both a firm's regulated, and unregulated, financial services activities.

As with the SIMR, the PRA and FCA will require firms to notify them of internal disciplinary action against individuals within scope of the SM&CR for breaching a conduct rule. Firms are also expected to train their staff so that they know how the conduct rules apply to them.

Individual conduct rules:

Label Conduct rule Regulator
Rule 1 You must act with integrity PRA/FCA
Rule 2 You must act with due skill, care and diligence PRA/FCA
Rule 3 You must be open and cooperative with the FCA, the PRA and other regulators PRA/FCA
Rule 4 You must pay due regard to the interests of customers and treat them fairly FCA only
Rule 5 You must observe proper standards of market conduct FCA only

Additional conduct rules applying to Senior Managers:

SC1 You must take reasonable steps to ensure that the business of the firm for which you are responsible is controlled effectively PRA/FCA
SC2 You must take reasonable steps to ensure that the business of the firm for which you are responsible complies with the relevant requirements and standards of the regulatory system PRA/FCA
SC3 You must take reasonable steps to ensure that any delegation of your responsibilities is to an appropriate person and that you oversee this effectively PRA/FCA
SC4 You must disclose appropriately any information of which the FCA or PRA would reasonably expect notice PRA/FCA
SC5 When exercising your responsibilities, you must pay due regard to the interests of current and potential future policyholders in ensuring the provision by the firm of an appropriate degree of protection for their insured benefits. PRA only


  • Work with HR, legal and compliance to build the strands of the new Certification Regime into the employee lifecycle so that they are taken into consideration on recruitment, training (particularly the new conduct rules), promotion, appraisal and dismissal
  • Make staff aware of what is on the horizon and in particular that most will, in future, be covered by the conduct rules
  • Review your recording and reporting systems for all staff to ensure that when managers address disciplinary issues, the relevant records are recorded appropriately as they may need to be reported to the PRA or FCA; ensure than an appropriate reporting procedure is in place
  • Engage in more detailed planning in relation to how you will prepared for and implement this new regime

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

To print this article, all you need is to be registered on

Click to Login as an existing user or Register so you can print this article.

Similar Articles
Relevancy Powered by MondaqAI
In association with
Related Topics
Similar Articles
Relevancy Powered by MondaqAI
Related Articles
Related Video
Up-coming Events Search
Font Size:
Mondaq on Twitter
Mondaq Free Registration
Gain access to Mondaq global archive of over 375,000 articles covering 200 countries with a personalised News Alert and automatic login on this device.
Mondaq News Alert (some suggested topics and region)
Select Topics
Registration (please scroll down to set your data preferences)

Mondaq Ltd requires you to register and provide information that personally identifies you, including your content preferences, for three primary purposes (full details of Mondaq’s use of your personal data can be found in our Privacy and Cookies Notice):

  • To allow you to personalize the Mondaq websites you are visiting to show content ("Content") relevant to your interests.
  • To enable features such as password reminder, news alerts, email a colleague, and linking from Mondaq (and its affiliate sites) to your website.
  • To produce demographic feedback for our content providers ("Contributors") who contribute Content for free for your use.

Mondaq hopes that our registered users will support us in maintaining our free to view business model by consenting to our use of your personal data as described below.

Mondaq has a "free to view" business model. Our services are paid for by Contributors in exchange for Mondaq providing them with access to information about who accesses their content. Once personal data is transferred to our Contributors they become a data controller of this personal data. They use it to measure the response that their articles are receiving, as a form of market research. They may also use it to provide Mondaq users with information about their products and services.

Details of each Contributor to which your personal data will be transferred is clearly stated within the Content that you access. For full details of how this Contributor will use your personal data, you should review the Contributor’s own Privacy Notice.

Please indicate your preference below:

Yes, I am happy to support Mondaq in maintaining its free to view business model by agreeing to allow Mondaq to share my personal data with Contributors whose Content I access
No, I do not want Mondaq to share my personal data with Contributors

Also please let us know whether you are happy to receive communications promoting products and services offered by Mondaq:

Yes, I am happy to received promotional communications from Mondaq
No, please do not send me promotional communications from Mondaq
Terms & Conditions (the Website) is owned and managed by Mondaq Ltd (Mondaq). Mondaq grants you a non-exclusive, revocable licence to access the Website and associated services, such as the Mondaq News Alerts (Services), subject to and in consideration of your compliance with the following terms and conditions of use (Terms). Your use of the Website and/or Services constitutes your agreement to the Terms. Mondaq may terminate your use of the Website and Services if you are in breach of these Terms or if Mondaq decides to terminate the licence granted hereunder for any reason whatsoever.

Use of

To Use you must be: eighteen (18) years old or over; legally capable of entering into binding contracts; and not in any way prohibited by the applicable law to enter into these Terms in the jurisdiction which you are currently located.

You may use the Website as an unregistered user, however, you are required to register as a user if you wish to read the full text of the Content or to receive the Services.

You may not modify, publish, transmit, transfer or sell, reproduce, create derivative works from, distribute, perform, link, display, or in any way exploit any of the Content, in whole or in part, except as expressly permitted in these Terms or with the prior written consent of Mondaq. You may not use electronic or other means to extract details or information from the Content. Nor shall you extract information about users or Contributors in order to offer them any services or products.

In your use of the Website and/or Services you shall: comply with all applicable laws, regulations, directives and legislations which apply to your Use of the Website and/or Services in whatever country you are physically located including without limitation any and all consumer law, export control laws and regulations; provide to us true, correct and accurate information and promptly inform us in the event that any information that you have provided to us changes or becomes inaccurate; notify Mondaq immediately of any circumstances where you have reason to believe that any Intellectual Property Rights or any other rights of any third party may have been infringed; co-operate with reasonable security or other checks or requests for information made by Mondaq from time to time; and at all times be fully liable for the breach of any of these Terms by a third party using your login details to access the Website and/or Services

however, you shall not: do anything likely to impair, interfere with or damage or cause harm or distress to any persons, or the network; do anything that will infringe any Intellectual Property Rights or other rights of Mondaq or any third party; or use the Website, Services and/or Content otherwise than in accordance with these Terms; use any trade marks or service marks of Mondaq or the Contributors, or do anything which may be seen to take unfair advantage of the reputation and goodwill of Mondaq or the Contributors, or the Website, Services and/or Content.

Mondaq reserves the right, in its sole discretion, to take any action that it deems necessary and appropriate in the event it considers that there is a breach or threatened breach of the Terms.

Mondaq’s Rights and Obligations

Unless otherwise expressly set out to the contrary, nothing in these Terms shall serve to transfer from Mondaq to you, any Intellectual Property Rights owned by and/or licensed to Mondaq and all rights, title and interest in and to such Intellectual Property Rights will remain exclusively with Mondaq and/or its licensors.

Mondaq shall use its reasonable endeavours to make the Website and Services available to you at all times, but we cannot guarantee an uninterrupted and fault free service.

Mondaq reserves the right to make changes to the services and/or the Website or part thereof, from time to time, and we may add, remove, modify and/or vary any elements of features and functionalities of the Website or the services.

Mondaq also reserves the right from time to time to monitor your Use of the Website and/or services.


The Content is general information only. It is not intended to constitute legal advice or seek to be the complete and comprehensive statement of the law, nor is it intended to address your specific requirements or provide advice on which reliance should be placed. Mondaq and/or its Contributors and other suppliers make no representations about the suitability of the information contained in the Content for any purpose. All Content provided "as is" without warranty of any kind. Mondaq and/or its Contributors and other suppliers hereby exclude and disclaim all representations, warranties or guarantees with regard to the Content, including all implied warranties and conditions of merchantability, fitness for a particular purpose, title and non-infringement. To the maximum extent permitted by law, Mondaq expressly excludes all representations, warranties, obligations, and liabilities arising out of or in connection with all Content. In no event shall Mondaq and/or its respective suppliers be liable for any special, indirect or consequential damages or any damages whatsoever resulting from loss of use, data or profits, whether in an action of contract, negligence or other tortious action, arising out of or in connection with the use of the Content or performance of Mondaq’s Services.


Mondaq may alter or amend these Terms by amending them on the Website. By continuing to Use the Services and/or the Website after such amendment, you will be deemed to have accepted any amendment to these Terms.

These Terms shall be governed by and construed in accordance with the laws of England and Wales and you irrevocably submit to the exclusive jurisdiction of the courts of England and Wales to settle any dispute which may arise out of or in connection with these Terms. If you live outside the United Kingdom, English law shall apply only to the extent that English law shall not deprive you of any legal protection accorded in accordance with the law of the place where you are habitually resident ("Local Law"). In the event English law deprives you of any legal protection which is accorded to you under Local Law, then these terms shall be governed by Local Law and any dispute or claim arising out of or in connection with these Terms shall be subject to the non-exclusive jurisdiction of the courts where you are habitually resident.

You may print and keep a copy of these Terms, which form the entire agreement between you and Mondaq and supersede any other communications or advertising in respect of the Service and/or the Website.

No delay in exercising or non-exercise by you and/or Mondaq of any of its rights under or in connection with these Terms shall operate as a waiver or release of each of your or Mondaq’s right. Rather, any such waiver or release must be specifically granted in writing signed by the party granting it.

If any part of these Terms is held unenforceable, that part shall be enforced to the maximum extent permissible so as to give effect to the intent of the parties, and the Terms shall continue in full force and effect.

Mondaq shall not incur any liability to you on account of any loss or damage resulting from any delay or failure to perform all or any part of these Terms if such delay or failure is caused, in whole or in part, by events, occurrences, or causes beyond the control of Mondaq. Such events, occurrences or causes will include, without limitation, acts of God, strikes, lockouts, server and network failure, riots, acts of war, earthquakes, fire and explosions.

By clicking Register you state you have read and agree to our Terms and Conditions