By now, adviser firms should have all their arrangements in place for the Senior Managers and Certification Regime, which came into effect on 9 December. In the run up to this date every firm should have checked it was truly prepared.
To support advisers in doing so the Nucleus platform produced a first-rate guide in partnership with Phil Young of Zero Support. It came complete with checklists and case studies and should have been the first port of call for anyone unsure about the important set of changes.
The aim of the SMCR is to change the governance system in firms by accentuating the personal accountability of senior managers – to encourage a positive culture in their organisations. It involves some extra checks for senior managers, who must have formal statements setting out what they are responsible for. Advisers and some other staff must be certified and there are new conduct rules that everyone should both know and understand.
If you are a senior manager of an advice firm, the SMCR really matters because the new rules make it much easier for the FCA to take action against an individual senior manager.
The SMCR was introduced first for large banks and similar businesses because some individuals in these larger organisations were able to claim that they did not know about some of the bad behaviour going on further down in their business, especially after the 2008 crash. The regime has now been cascaded down to the rest of the financial sector.
The implications of the SMCR are greater for larger adviser businesses but every firm is affected and needs to take action to meet the new requirements. However, appointed representative firms are not directly affected and will stay under the current approved persons regime.
Most adviser firms are categorised as ‘core’ firms, but a few large businesses come under the heading of ‘enhanced’ and they have some extra obligations. These larger entities are generally beyond the scope of the Nucleus guide.
At the other end, sole traders and authorised professional firms are likely to be counted as ‘limited scope’ and have slightly fewer new requirements.
The FCA may take action against a senior manager if there has been a regulatory breach in an area for which that manager is responsible and they have failed to take reasonable steps to avoid the breach or stop it from continuing.
A senior manager will not be considered to be in breach if they have “exercised due and reasonable care when assessing the information available to them, have reached a reasonable conclusion and have acted on it”.
Statement of responsibilities
Every senior manager must have a statement of their responsibilities within the firm. Each year the firm must assess whether individual senior managers are fit and proper to carry out their role. This will include assessing their competence and carrying out a criminal records check.
The old controlled functions (CF1, CF10 and so on) have disappeared under the SMCR and have been replaced with new ‘senior manager functions’. Conversion to the new SMFs is automatic, except for company chairs where a new form should have been completed.
The new categories are: chief executive, SMF1 (previously CF3); executive director, SMF3 (CF1); partner, SMF27 (CF4); chair, SMF9 (CF2 or CF1); compliance oversight, SMF16 (CF10); and money laundering reporting officer, SMF17 (CF11).
Here is a high-level action checklist from the Nucleus guide (there are several other more detailed ones also in the publication):
- Have you confirmed which regime you fall under?
- Have you distributed the prescribed responsibilities and SMFs?
- Do your senior managers have a statement of responsibility?
- Has everyone been certified and referenced?
- Do you need to notify the FCA about anything?
- Has everyone been trained on the new conduct rules?
- Do you need to revise your employment contracts, GDPR policy or training and competence/appraisal scheme in line with the SMCR?
Danby Bloch is chairman of Helm Godfrey and head of editorial strategy at Platforum