SMCR View - July 2021

We were waiting for the PRA's feedback on its SMCR Evaluation report from December 2020 (suggested for Q2) and the PRA and FCA's joint Discussion Paper on Diversity & Inclusion (due in June according to the Regulatory Initiatives Grid) before sending this email, but alas we still haven't had sight of them yet. Whilst we await the D&I paper, please do watch our conversation with Sheldon Mills (Executive Director, FCA) on diversity and inclusion matters here.

As always, your feedback is always welcome on whether this update is helpful and please let us know if you have any questions on any of the below. To access all previous versions of SMCR View please visit our website.

Financial crime / AML failings - Retail Banks

This month the FCA published a Dear CEO letter it sent to retail banks in May regarding their disappointment over firms falling short of AML and financial crime requirements. The FCA identified common weaknesses across financial crime systems and frameworks which have not only precipitated this letter but also other regulatory interventions (e.g. skilled person reviews, business restrictions and enforcement actions). We've put together a brief summary of their key concerns here, but 'what is the SMCR angle' we hear you cry? Well, a few things:

1. there are direct implications for retail banks' SMF 17 (MLRO) and (if a different person) the Senior Manager with prescribed responsibility (d) ("PR d") for financial crime. The FCA have said that whilst all Senior Managers have a responsibility in relation to financial crime, the SMF 17 and Senior Manager with PR (d) hold particular responsibility for these matters and the FCA will be looking at whether these Senior Managers have carried out their responsibilities effectively. By 17 September 2021 the Senior Manager responsible for financial crime must have conducted a gap analysis of their firm's financial crime arrangements against the common weaknesses identified in the letter. They must have sufficient seniority to conduct this review effectively and should complete it promptly. The results should be shared internally and prompt, reasonable steps taken to remediate gaps identified. The FCA may ask for evidence of steps taken in the future so record keeping will be an important part of this exercise for firms.
2. the individuals identified in (1) in other firms should be considering whether the FCA's concerns are relevant to their firms and whether they should be doing a gap analysis/remediation programme similar to that required by retail banks, and
3. it should act as a reminder for Senior Managers across the Board to consider their reasonable steps - weaknesses flagged** in many cases related** to the lack of documented rationale for why certain decisions had been reached and this is also an important feature for Senior Managers discharging their duty of responsibility more broadly.

Sharing of Conduct Rule breaches with accredited bodies - FCA

Back in March this year the FCA consulted on introducing a new rule in the Training and Competence Sourcebook (which broadly is relevant to firms with retail clients) requiring firms to notify accredited bodies ("ABs") at the same time as the FCA (which it is required to do under TC 2.1.31R). Under TC 2.1.31R (which isn't a new rule), firms must notify the FCA as soon as reasonably practicable after becoming aware that (or having information which reasonably suggests that) a retail investment advisor has failed to comply with COCON in carrying out their controlled function (or may have failed to comply with COCON) and the event is significant. Fast-forward to June and the FCA remain of the view that it is appropriate for such information to be shared by firms directly with these ABs. Therefore, firms must report COCON breaches to ABs within the same timeframe as reporting to the FCA where the event is significant. Examples of "significant events" given by the FCA include cases where there is risk of consumer detriment or events/series of events indicating recurrent issues. Even where a final determination has not been made on the individual's culpability for the breach, this information should be shared and if it is eventually determined that no breach has occurred then that outcome should be communicated to ABs subsequently. Given the requirement to share information with ABs piggy-backs off the requirement to inform the FCA, firms will already be reporting 'significant events' to the FCA, but employers of retail investment advisors should ensure that their processes also lead to reporting to the applicable AB. This increased reporting obligation (including of potential breaches) emphasises the need for appropriate care in relation to how matters are described given the potential implications for the individual. There is a one year implementation period which means that the new rule comes into force on 25 June 2022.

Climate related disclosures - FCA

The long-awaited FCA consultation on its climate-related disclosure proposals for asset managers, life insurers and FCA-regulated pension providers has landed. There is an indirect SMCR angle to the proposals for asset managers. The FCA is using the SMCR Enhanced Firm £50bn Assets under Management ("AuM") test, as a threshold for when the rules will apply. Enhanced Firms with more than £50bn AuM will be subject to the rules a year sooner than other asset managers (i.e. 1 January 2022). The FCA anticipates that this will capture 34 firms only. This is not the first time the FCA have used the SMCR categorisation thresholds as the trigger for whether certain requirements apply to firms / when they begin to apply...back in March the FCA outlined the new operational resilience rules will apply to Enhanced SMCR firms. 

Implementation of Basel standards - non-performing loan securitisations - PRA

The PRA released its consultation paper on the PRA's proposed rules in respect of the implementation of updated prudential standards agreed by the Basel Committee on Banking Supervision (BCBS) for non-performing loan (NPL) securitisations. There is a specific section at 2.12, under the heading Fixed risk weight for qualifying senior tranches, the PRA proposed updating SS10/18 to include an expectation that a firm's SMF 16 (Compliance Oversight) should satisfy themselves that performing loans are not being included in non-performing exposure (NPE) securitisations for the purpose of reducing the capital charge on such loans.