Originally published by Out-Law.com

The Senior Managers and Certification Regime (SMCR), which is designed to make individuals at financial firms more accountable, will apply to insurers from 10 December 2018.

The SMCR's conduct rules will apply to all regulated firms from 10 December 2018, and the rest of the SMCR will apply to those firms in 2019.

The SMCR is made up of the senior managers' regime, the certification regime and the conduct rules. This is called the core regime. Firms subject to the Solvency II Directive, large non-directive firms (NDFs) and insurance special purpose vehicles will transition automatically, while small NDFs and small run-off firms will be required to submit additional information to the Financial Conduct Authority (FCA) before they can transition.

The Prudential Regulation Authority (PRA) is expected to publish its policy statement on extending the SMCR to insurers shortly.

The FCA has yet to confirm shortly the date by which all firms subject to the Solvency II Directive and large NDFs will need to submit conversion documents to transition their relevant approved individuals into the new regime.

Its policy statement on the duty of responsibility and extending the SMCR to solo-authorised firms and insurers is expected this summer.

Senior manager's regime

The most senior people in a firm will be approved by the FCA and firms will have to ensure managers are suitable for their role and review this once a year.

Senior managers will be required to have:

  • a statement of responsibilities – replacing the existing governance maps. The PRA said that these documents should promote clarity and transparency about the individual responsibilities of each senior manager and a firm or group's management and governance arrangements. The statement of responsibilities should be a single document describing the firm's management and governance arrangements in order to demonstrate that there are no gaps in accountability.
  • a duty of responsibility - under SMCR senior manager functions (SMF) will have a duty of responsibility to take reasonable steps to avoid the firm breaching its regulatory duties in the area for which they are responsible. This duty of responsibility (14-page / 232KB PDF) means that regulators can take action against a senior manager where
    • there is a contravention of a relevant requirement by the senior manager's firm;
    • at the time of the contravention or during any part of it, the senior manager was responsible for the management of any of the firm's activities in relation to which the contravention occurred; and
    • the senior manager did not take such steps as a person in their position could reasonably have been expected to take to avoid the contravention occurring or continuing.

    Whilst this is an additional burden, if Senior Managers observe the PRA's conduct standards then this should assist in discharging this duty.

    • Prescribed responsibilities - these will vary by firm and are responsibilities that the FCA will require firms to place on their senior managers. The allocation of these responsibilities should help insurers to determine which controlled functions are required. The PRA Rulebook says that certain prescribed functions must be allocated to a controlled function holder.

The certification regime

The SMCR introduces a new certification regime for insurers. They must identify which individuals are performing "certification functions", which the Financial Services and Markets Act says are functions that "require[s] the person performing it to be involved in one or more aspects of the firm's affairs, so far as relating to a regulated activity, and...those aspects involve, or might involve, a risk of significant harm to the firm or any of its customers".

Firms must assess each year whether someone is fit and proper to perform their role and issue a certificate to them if they are. This is in addition to the existing Senior Insurance Manager Requirements, which will be retained under SMCR, to conduct ongoing fitness and propriety assessments of in-scope persons.

Some of the staff in the scope of the Certification Regime may previously have been subject to regulator approval. This will no longer be required under the Certification Regime. This is to reinforce that firms, rather than the regulator, are responsible for ensuring their staff are fit and proper.

Insurers will therefore have to develop procedures that will allow them to effectively determine whether individuals are fit and proper to do their jobs and maintain appropriate records of these assessments.

The Certification Regime will only apply to employees of firms; it will not apply to non-executive directors.

The PRA proposes that the certification functions should include all non-controlled function key function holders and "'material risk takers' (MRTs) of large firms, meaning those with £1 billion in premium income for last three years.

The FCA's proposed certification function is wider and includes:

  • Significant Management Function (replacing CF29)
  • CASS oversight function (replacing CF10a)
  • Functions subject to qualification requirements
  • Client dealing function
  • MRTs (see above)
  • Anyone who supervises or manages a person performing a Certification function.

Both the PRA and FCA have proposed that the certification regime will become effective 12 months from the SMCR effective date, in December 2019. Firms will not be required to obtain regulatory references for existing employees who will be performing the same role after the start of the new regime.

Conduct rules and standards

The PRA and FCA set out conduct standards and conduct rules respectively. These overlap and are set out below:

Rule

Regulator

Application

Acting with integrity

PRA/FCA

Controlled/controlled function holders and persons performing controlled functions

Acting with due skill, care and diligence

PRA/FCA

Controlled/controlled function holders and persons performing controlled functions

Be open and co-operative with the FCA, the PRA and other regulators

PRA/FCA

Controlled/controlled function holders and persons performing controlled functions

Pay due regard to the interests of customers and treat them fairly

FCA

controlled function holders

Observe proper standards of market conduct

FCA

controlled function holders

Take reasonable steps to ensure that the business of the firm for which you are responsible complies with relevant regulatory requirements

PRA/FCA

Controlled/controlled function holders and persons performing controlled functions (other than non-controlled function NEDs)

Disclose appropriately any information of which the FCA or PRA would reasonably expect notice.

PRA/FCA

Controlled/controlled function holders and persons performing controlled functions

When exercising your responsibilities, pay due regard to the interests of current and potential future policyholders in ensuring the provision by the firm of an appropriate degree of protection for their insured benefits.

PRA

Controlled/controlled function holders and persons performing controlled functions

The regulators can enforce these rules directly against controlled function holders. Insurers will be responsible to the regulators for the compliance of non-controlled function key function holders and persons performing key functions.

Changes under SMCR

The Conduct Rules outlined above will be extended to apply to:

  • senior managers;
  • certification staff;
  • non-executive directors who are not senior managers; and
  • other employees, except ancillary staff, i.e. people who don't perform a role specific to financial services such as receptionists or catering staff.

Amendments to forms

The PRA has proposed introducing a streamlined set of SMCR forms for both banking firms and insurers. The PRA proposes amending the existing forms so they no longer distinguish between firm types. The FCA has made similar proposals, updating forms to reflect the SMCR and consolidating the forms to remove the distinction between different types of dual-regulated firms in many of the current forms.

Additional controlled functions under SMCR

The PRA is set to retain its list of Senior Insurance Manager Functions (SIMFs). The FCA proposes adding the following SMFs:

Executive roles

SMF3 – Executive Director (replacing CF1)

SMF18 – Other Overall Responsibility

SMF16 – Compliance Oversight (replacing CF10)

Non-executive roles

SMF13 – Chair of Nominations Committee (replacing CF 2A)

SMF15 – Chair of With-Profits Committee (replacing CF 2B)

Conversions

The FCA has proposed a conversion scheme for roles under the existing regime to be converted to SMFs where the equivalent role exists under the SMCR. There is no need for firms to apply for re-approval.

What SMCR means in practice

In relation to SIMFs the transition is more straightforward. The functions themselves will not change from SIMR to SMCR. The position in relation to Significant Influence Functions (SIF) is more involved. Insurers will have to inform the FCA, in their applications, of all the individuals they intend to assign a new FCA-controlled SMF.

Insurers must therefore understand both the current SIF functions that individuals will perform and the equivalent mapped function under SMCR.

Insurers must also notify all relevant individuals that they are subject to the Conduct Rules; give all relevant individuals training on Conduct Rules – to include a 'deeper understanding of the specific rules which are relevant to their work'; and notify the FCA of breaches of Conduct Rules.

At the date of implementation, firms falling within the scope of the SMCR ought to have policies and processes in place for the following key deliverables:

  • drafted Statement of Responsibilities and updated role profiles for all SMF holders
  • identified and grandfathered SMF holders
  • allocated PRA/FCA-prescribed responsibilities to SMF holders, with documented rationale
  • identified certified persons
  • assessment of fitness/propriety for SMFs/CPs completed, ideally integrated within performance review process
  • adjustments to governance/decision-making frameworks, board/committee terms of reference/composition
  • attestations/confirmations as to compliance with requirements
  • training delivered to all SMF/certified persons on obligations, including Conduct Rules
  • amendments to employment contracts
  • amendments to Code of Conduct/whistleblowing/disciplinary policies/ procedures
  • updated D&O/insurance arrangements
  • IT systems infrastructure upgraded to monitor/maintain compliance

How should insurance firms prepare?

The shifting of reporting responsibility onto the regulated firms means that insurers should ensure that they are adequately resourced to implement the key deliverables above. Specifically, measures ought to be put in place for the following:

Training: train staff who are subject to the new rules, as well as identifying and training appropriate staff with responsibility for fitness and propriety testing of others.

Assessment as fit and proper: insurers will need to issue certificates of fitness and propriety to certified staff. Firms should consider whether this will be done through annual appraisals or an alternative process.

Documentation: consider whether key employment documents such as template service agreements and settlement agreements need to be updated to take account of a firm's obligations under the new regime.

Policies and procedures: firms should review their HR policies to ensure, for example, that they deal with any performance or disciplinary issues in relation to senior managers and certified staff as well as confidentiality provisions for whistleblowing.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances,