Finance Monthly May 2019 Edition

area of HR. These questions come from two areas; the need to have robust processes for recruiting staff into Senior Manager and Certification roles and the need to demonstrate that individuals in those regimes are competent to undertake their role on an ongoing basis. From experience with the banking sector, the processes that are most likely to be challenged are: - References: The new rules require firms to gain positive work references for the last six years before an individual can be appointed into an SMF or Certification Role. Experience from the banking sector showed the process of requesting, and being able to provide, references was patchy. However, the new rules are clear, satisfactory references for the last six years are mandatory. Therefore, a firm’s processes need to be stringent on seeking and being able to provide regulatory references for all external hires. Expect that effort will need to be put into tightening up your referencing process. - Job descriptions (JDs): Although the best practice is for job descriptions to be regularly updated, change is such a constant in organisations that JDs are often out of date. Added to that, SM&CR will force attention on accountability, competence etc., and the need to make explicit any new accountabilities taken on as a result of SM&CR. Combined, this means that it is very likely that there will need to be a significant overhaul of JDs across large parts of your firm. Time should be assigned to create and gain agreement to these updated JDs. - Employment contracts: Our experience in the banking sector was that as soon as JDs were updated, many individuals started discussions, which sometimes led to a negotiation, about employment contracts. Increased pay to reflect the increased accountability was the most common discussion point, particularly for those holding SMF Functions. However, similar discussions were also had in key roles in the Certification Regime. - Fit & Proper (F&P) checks: Like JDs, the approach to F&P checks varied widely between banks. However, the incoming SM&CR regulation is clear, firms must satisfy themselves that every individual in SMR and Certification is fit and proper to undertake their role each year. Some organisations assumed that F&P checks were all about financial soundness when in practice F&P covers three key areas, Financial Soundness, Competence & Capability and Integrity. This means that any F&P check introduced as part of your Certification Regime must be multi-faceted and not just focused on the financials. Firms in the wider financial services sector need their fit and proper checks to be robust. There is lots of guidance out there in the market place now the regime has been in operation for some time. However, we would advise firms to consider the wider market advice on this topic before they decide on what the fit and proper component of their response to SM&CR might look like. Also a small, but often overlooked point is ensuring that the sensitive data underpinning F&P checks needs to be held securely, with a balance struck between tight control over access and visibility for those needing oversight. - Competence: As discussed above, because the regulator’s expectations are for competent, not just compliant staff and senior managers, it is up for firms to be able to evidence this. Expect robust discussions about competence and, in the first instance, whether your performance appraisal process is ‘up to the job’. If so, that’s great; if not, however, something needs to be implemented that evidences employee competence on an ongoing basis. Ensuring robust SM&CR records will ask searching questions of your supporting processes. Anticipate the need to review, and probably, strengthen your processes. If not, the quality of your records, and so decisions, may well be at risk. Challenge 4 SM&CR will start to fundamentally change how you operate. Being compliant with the new rules is not just about providing accurate and up-to-date records, ultimately SMC&R is about a cultural change within financial services. The FCA, our conduct regulator, has been clear on their views and expectations on this. For firms that think they will just implement SM&CR as per the rule book then walk away, they are very much mistaken. It’s no understatement when I say that SM&CR is fundamentally the greatest change in regulation that I’m likely to see in the remainder of my working life. When talking with senior executives in the banking sector, it’s clear that there is a far greater focus on corporate governance and personal conduct. Whilst many firms are not formally required to adhere to the Corporate Governance Code, SM&CR challenges firms to ask themselves questions such as: Are we effectively governed?; Do our committees and processes deliver the business results we want?; Are our committees effective or are they just ‘talking shops’? This focus on corporate governance is significant and certainly has increased since 2016. Alongside this, there is far more interest in the personal conduct of individuals at all levels in firms by senior executives. One could be cynical and say this new level of interest is the direct result of certain senior managers being personally accountable for the conduct of individuals in the Senior Manager Regime and Certification Regimes. Whilst there may be some truth in that cynical view, the reality remains that personal conduct is, and will remain, under scrutiny like never before. As part of the senior managers regime, it was essential that we had a robust system to evidence how we have met the regulatory requirements. Worksmart has been core to ensuring that we have met the requirements of the rules”. Lisa Nowell, Chief Risk Officer, Masthaven Bank “ “ 15 www.finance-monthly.com ASK THE EXPERT - SM&CR