• Stephen Taylor , CCO at MYCOMPLIANCEOFICE


• 05.02.2018 08:00 am
undisclosed

For more than 15 years, Stephen Taylor has helped financial organizations mitigate and manage regulatory compliance and enterprise risk more effectively by implementing targeted technology and solutions.  As Chief Commercial Officer for MyComplianceOffice, Mr. Taylor is driving the growth of the business globally, both within Financial Services and Corporate organizations.   Mr. Taylor was previously Global Market Manager for Wolters Kluwer Financial Services’ Enterprise, Risk & Compliance business responsible for growing the GRC product portfolio.  For more information, visit www.mycomplianceoffice.com

The Financial Conduct Authority (FCA) announced in December it has extended the deadline for firms to comply with a proposed expansion of its Senior Managers and Certification Regime (SMCR), which aims to hold more individuals accountable for their conduct.  The FCA is allowing a longer phase-in for the tens of thousands of firms affected under the regulation, including asset managers that now have until mid- to late 2019 to comply. 

Since 2016, SMCR has applied to the majority of regulated entities operating in the United Kingdom (UK), including banks, building societies and credit unions. The Bank of England and Financial Services Act of 2016 set in motion an expansion of SMCR to cover all FCA-approved firms operating in the UK.  This includes nearly 50,000 firms and 200,000 individuals from a wider range of sectors, such as investment advisers, hedge funds, asset managers and stockbrokers. International firms with offices in the UK will also need to adhere to the expanded regulation. 

TECH TOOLS TO FACILITATE SMCR COMPLIANCE 

CENTRALIZED REPOSITORY 

• A centralized repository of employees, their classification and responsibilities 
• Repository of employee licenses and training
• Automated Employee/Manager risk scores
• Flexible scheduled attestation capability
• Integrated conflicts management capability

SOPHISTICATED WORKFLOW AND EASE OF USE 

• Allows you to manage activities including notifications, reminders and escalations
• Onboarding workflows for new employees
• Makes it easy to manage remediation and ongoing issues

TRANSPARENCY AND CONTROL

• Enhanced Dashboards viewing the status of all activities
• Easy reporting for management and auditors
• Full audit trail of pending and completed activities

The SMCR is actually two regimes: the Senior Managers Regime (SMR) and the Certification Regime. SMR is an overhaul of the previous Approved Persons Regime (APR), introduced after the financial crisis of 2008 to address what regulators described as “profound lapses in banking standards.”  Under SMR, senior managers will now be held accountable for any breaches of compliance by staff within their areas of responsibility. 

The Certification Regime covers individuals who are not necessarily a senior manager, but whose role and responsibilities could cause harm to customers or the firm.   Firms are responsible for checking and certifying at least once a year that these individuals are fit and suitable to perform their duties.

The last part of the legislation that makes up SMCR are the “Conduct Rules.”  The FCA Handbook provides a consolidated view of Conduct Rules with which all regulated firms must comply.  Among other things, the FCA rules stipulate that individuals must conduct themselves with integrity, due skill, care and diligence. 

Additionally, the rules require senior managers to: 1) take reasonable steps to ensure their business complies with relevant regulatory requirements; 2) take reasonable steps to ensure that any delegation of their responsibilities is to an appropriate person and that he/she oversees the discharge of delegated duties effectively; and 3) disclose appropriately any information of which

According to a recent survey conducted by international law firm Allen and Overy with global risk advisory Willis Towers Watson, the threat of regulatory investigation tops the list of c-suite liability concerns amid a striking spike in investigations opened by the FCA against individuals.  Yet only 43% of respondents were aware of the regulator’s plan to extend the SMCR to all directors of FCA-regulated companies.

Particularly given the disparity in the sizes and types of companies covered by the expanded regime, the ability for firms to operate within an increased scope of scrutiny requires a new level of operational agility.  Technology can facilitate compliance by making it easier for firms to monitor, analyze and manage conduct. 

New conduct management software solutions enable firms to create and leverage a repository of relevant information, including employee responsibilities, qualifications and compliance conflicts that may arise.  The tools allow authorized users to automate employee/manager risk scoring and assessments; and can be configured to instantly flag potential issues such as trading, outside business activities or gifts and entertainment requests.

Leveraging today’s technology, firms can more easily integrate and share conduct-related data, including regulatory notices and staff certifications.  With dashboards to centrally view the status of conduct surveillance activities, including escalations and remediation of open cases, these platforms increase transparency. www.mycomplianceoffice.com  

Additionally, advanced conduct management solutions feature powerful documentation and reporting capabilities, availing a full audit trail for senior managers as well as compliance officers and regulators, when needed.  With the SMCR extension for many firms a mere matter of months in the offing, implementing supportive technology to foster code of conduct compliance is one of five practical steps firms can take now to prepare:

1. Consult official FCA documentation to prepare yourself and your firm for SMCR. The Official FCA Manual outlines governance arrangements, as well as job titles and responsibilities by individual.
2. Complement your in-house compliance expertise, if needed.  Consider engaging a qualified consultant if you do not have a compliance professional on staff familiar with SMCR and what’s needed to transition.
3. Identify your senior managers and prepare them as necessary.  In addition, conduct an internal audit to identify non-senior management individuals who fall under the Certification Regime and certify them as suitably qualified and trained at least once a year. 
4. Implement and configure conduct management software to track, manage and record employee conduct and SMCR-related compliance activities within a single platform, including manager roles, reporting lines, committee structures and details about senior management and other responsible individuals.
5. Once you have identified all those affected by SMCR, train them on their new responsibilities and the processes that will be used to monitor compliance. While special onus is placed on senior managers and those falling under the Certification Regime, all staff need to be trained to adhere to the new rules.​