SMCR+ View - July 2023

We don't know about you, but July has felt like a long month - perhaps the undeniable climatic changes across Europe and heart-breaking scenes in Greece and elsewhere, or perhaps it's simply the mid-year hump! Whatever the reason, this SMCR+ View is bound to raise your spirits...with a focus on the interlock between the SMCR and Artificial Intelligence ("AI") (a topic at the forefront of everyone's mind), ongoing government interest in Non-Financial Misconduct ("NFM") within financial services, Final Notices and more.

As always, if you have feedback for us please let us know!

1. FCA's approach to Non-Financial Misconduct ("NFM")

In June's SMCR+ View we highlighted the Treasury Select Committee's Letter to the FCA which stated that "culture in financial services, and the experiences of women in the industry, are ongoing concerns of the Treasury Committee." Since then, we have seen the FCA's response which makes it very clear that it does not consider NFM to be outside the scope of the FCA's regulatory remit - the FCA link NFM and culture to decision making and risk management. At the same time, however, the FCA highlights that there are limitations to the scope of its powers or the appropriateness of it as a regulator taking action (particularly following Frensham v FCA). Specifically, the letter notes that the FCA "is not an alternative to criminal prosecution, a firm's internal disciplinary processes or for proceedings through the Employment Tribunal". Nikhil Rathi, Chief Executive of the FCA was also questioned in front of the Treasury Committee in relation to NFM and the letter.

Since the implementation of the SMCR the vast majority of complex conduct issues on which we have advised have involved an element of NFM and while firms have become more sophisticated after seven years of the SMCR and are committed to achieving the right outcomes, NFM is a challenge that isn't going away. We know, for example, that NFM is being carefully considered as part of the broader 2023 SMCR Review being conducted by HM Treasury and the PRA/FCA (driven by the Edinburgh Reforms agenda) and the Diversity and Inclusion Consultation Paper (assuming it is ever actually published, although it has recently been promised for September). The FCA indicated in the letter that it does intend to provide further guidance on how NFM should be considered within its rules later in 2023...as ever with this topic, let's wait and see...

This month the Treasury Committee also opened an Inquiry into "Sexism in the City" to examine the barriers faced by women in financial services, in order to explore further how firms, the Government and regulators can play a role in combatting sexual harassment and misogyny. It is an interesting remit and whilst the role of regulators in relation to sexual harassment has long been discussed, our view is that it is a hugely difficult question as to whether the FCA should have power to tackle misogyny. The FCA indicated in its letter that NFM may be an area where Parliament chooses to legislate should it wish to specify that certain offences should lead to an automatic prohibition from the regulated sector. This is something the Treasury Committee also questioned - i.e. whether Parliament needed to give the FCA more powers to deal with such incidents.

The Inquiry's Call for Evidence is open until the 1 September 2023 and we would be keen to advocate on behalf of firms if there are views you would like to share - please do let us know if you'd be interested in speaking on this.

A final nugget of NFM intel - the FCA confirmed that it has prohibited seven individuals for NFM and is currently considering six prohibition cases, and has opened two enforcement investigations related to NFM.

For more on this, please read our insight "The murky world of NFM" and if you have any questions, please reach out to any of the following individuals: Emma Sutcliffe (Partner), Penny Miller (Partner), Andrea Finn (Partner), Richard Sims (Partner) or Amy Sumaria (Managing Associate).

2. FCA - Feedback Statement on Big Tech and Artificial Intelligence ("AI") (FS 23/4)

Following last October's Discussion Paper on the potential competition impacts of Big Tech in retail financial services, the FCA has now published its Feedback Statement. The FCA outline that (along with the Consumer Duty) the SMCR will assist the FCA in managing the potential competition risks once Big Tech has entered the market and ensure there is a level playing field. Where the SMCR is applicable, including Big Tech firms authorised under FSMA 2000, the most senior individuals will be held accountable if they do not take reasonable steps to prevent or stop breaches of applicable regulatory requirements. 

Nikhil Rathi's speech on this Feedback Statement, confirmed that the SMCR provides the FCA with a clear framework to respond to innovations in AI, and reiterates that Senior Managers will be ultimately accountable for the activities of the firm. Mr Rathi also acknowledged the risks that Big Tech may pose to operational resilience and outsourcing and indicates regulatory focus on these areas including clarifying where responsibility lies when things go wrong in the context of critical third parties (something to also consider in the context of the recent PRA Senior Manager enforcement discussed in this Flash SMCR+ View).

Perhaps looking into his crystal ball of future regulatory debate, Mr Rathi referenced suggestions in Parliament that there should be a bespoke SMCR-type regime for senior individuals managing AI systems, who may not typically have performed roles which are subject to FCA scrutiny but who will now be increasingly central to the firm's business.

If you have any questions please contact Minesh Tanna (Global AI Lead and Partner) and Angus Brown (Supervising Associate).

3. FCA - Guidance Consultation - Financial promotions on social media (GC 23/2)

The FCA has published a Guidance Consultation on financial promotions on social media (much needed given the existing guidance FG 15/4 is almost a decade old). The headline - evolution, not revolution. The key principles of existing guidance are to be retained but there is helpful guidance on how expectations on the prominence of information should apply to different social media channels and guidance on cross border complexities, amongst other things. The FCA explicitly calls out Principle 3 (firms must take reasonable care to organise and control its affairs responsibly and effectively), and its expectation that firms using influencers to communicate financial promotions on social media are taking appropriate steps to ensure they understand the product or service they are promoting and are aware of the relevant rules. The reference to Principle 3 is interesting considering the introduction of Principle 12 through the Consumer Duty, and may indicate how the FCA will look to ensure compliance with the Consumer Outcomes via systems and controls.

This will be relevant to Senior Managers with responsibility for overseeing financial promotions, social media marketing and any specific marketing partnerships with influencers. For relevant firms, it may also be of interest to the Consumer Duty Champion.

For more on this please contact Penny Miller (Partner) or Amy Sumaria (Managing Associate).

4. Board governance - Report on financial services Board memberships

This month, EY published this report indicating that on average European financial services Board members hold an average of three Board positions, and just over a quarter hold at least four Board positions. The numbers of Board members holding more than two Board positions varied between sectors: 49% of Board members of asset managers, 41% of Board members of insurers and 39% of Board members of banks. This research has raised concerns about Board members' ability to carry out their roles effectively with 82% of investors polled believing that sitting on three or more Boards could present challenges to directors' abilities to govern effectively. Whilst this is EU focussed, in the UK we already have directorship limits (which are derived from European regulations) applicable to Significant SYSC firms and the requirement that the Board members are fit and proper to perform their role (of which capacity tends to form part of competence and capability). However, this report shines a light on this matter and, in an ESG world, highlights the importance of Board composition and time commitments of each Board member.

The report also found that 82% of European financial services investors stated that the gender diversity of the boardroom has a significant influence on their decision to invest. 28% of listed European financial services firms have under 40% female representation in their boardroom, which is the level required by June 2026 to comply with the European Commission's European Women on Boards Directive. The FCA has also introduced Diversity & Inclusion disclosure requirements for listed companies which we discussed in March's SMCR+ View.

We have been assisting a number of firms with Board and Governance matters including Board evaluations, skills gap analyses and succession planning. We are seeing more activity from the FCA in this space. If you would like to discuss this and our experience or have any questions, please reach out to Penny Miller (Partner), Emma Sutcliffe (Partner) or Amy Sumaria (Managing Associate).

5. FCA Annual Report -- Skilled Person Reports data

The FCA has published it's 2022/23 annual report and accounts, which includes some interesting data. The FCA confirmed that in 2022/23, it used its powers under Section 166 of FSMA (Skilled Person Reports) in 47 cases, with the reviews examining regulatory issues including controls and risk management frameworks, financial crime, corporate governance and senior management arrangements (including culture), adequacy of advice, adequacy of systems and controls, client money and client asset arrangements. The sector with the highest number of reviews (14) was the retail investments sector, followed by retail banking and payments sector (9 each). Across the sectors, four reviews related to governance and individual accountability.

6. PRA - Consultation Paper on Pillar 3 remuneration disclosure requirements (CP 14/23)

Another remuneration related Consultation Paper from the PRA, this time on the proposals to enhance proportionality of Pillar 3 remuneration disclosure requirements for smaller banks and building societies. This follows on from the PRA's CP 4/23 and CP 5/23 on the Strong and Simple Framework. The PRA sets out a number of proposals intended to enhance proportionality by reducing the number of remuneration disclosure requirements for firms classified as simpler-regime firms, small CRR firms and small and non-complex institution ("SNCI") firms, in particular the information to be disclosed using the UK REMA template (remuneration policy). The deadline for responses is 20 September 2023.

For more information, please contact Tair Hussain (Partner).

7. FCA - Dear CEO letter on Liquidity Management Multi-Firm Review (Asset Managers)

The FCA has published a Dear CEO letter with the key findings of its multi-firm review of liquidity management by Authorised Fund Managers ("AFMs"). Whilst the review focuses on AFMs, the FCA expects all asset managers and managers of AIFs to consider the findings for their businesses.

One of the key findings in the review was the insufficient weight many firms were attaching to liquidity risk management in governance arrangements, with insufficient challenge and escalation, particularly in stressed environments. The FCA emphasised messages from its February 2023 Dear CEO asset management supervision strategy letter around good governance and its importance during periods of heightened market uncertainty. The FCA reiterate their expectation for clear lines of accountability and escalation, Board expertise being sufficient to oversee key risks (including liquidity risks), and risk related management information being provided in a timely manner - all of which will facilitate the firm in responding to volatile market conditions or redemption stress.

Next steps? The CEO and Board of relevant firms must review their firm's liquidity management arrangements, consider the FCA's findings and make any necessary enhancements.

Please get in touch with Darren Fox (Partner) or Amy Sumaria (Managing Associate) for more information.

8. Final Notices and Decision Notices - PRA and FCA

There have been a number of Decision and Final Notices issued by the PRA and FCA this month in relation to: (1) Denis Lee Morgan (Final Notice) prohibiting him from performing any Senior Manager Functions and withdrawing his approvals as an SMF 3 and SMF 16, (2) Sqoan Financials Limited (Decision Notice) cancelling the firm's Part 4A permission, (3) Credit Suisse International and Credit Suisse Securities (Europe) Ltd (Final Notice) relating to failures in risk management and governance in connection with Archegos Capital Management; and (4) Paul Steel (Final Notice) fining him £3,694,400 (although he is only required to pay £850k to the FCA for the FSCS) for providing unsuitable advice to customers. This latter matter resulted in a breach of Individual Conduct Rule 1 (acting with honesty and integrity) and Individual Conduct Rule 3 (being open and cooperative with the FCA).

There's something for all Senior Managers across various lines to consider across these different Notices in terms of culture, management structures, competence and capability, lines of defence, management of risk, escalation and integrity (turns out selling a client book to yourself for less than its value meaning customers can't pursue for redress despite being given unsuitable advice isn't OK). Some of our key takeaways include:

• Regulatory returns Sqoan Financials Limited failed to pay periodic fees and levies owed to the FCA and had failed to submit the necessary returns including the Directory Persons Attestation (as required under SUP 16.26.18R to 16.26.20R) thus resulting in the FCA concluding that Sqoan had failed to provide required regulatory information. So a reminder to make sure that such Directory Person Attestations are made where required. Likely one for SMF 16s.
• Culture: The regulators clearly impress the importance of culture in relation to balancing business risk and reward. There is a reminder of the regulators' long standing expectation for firms to have "speak-up" cultures. This is relevant to all Senior Managers, but particularly those holding culture prescribed responsibilities ("PRs").
• Matrix management structures: Many firms operate matrixed legal structures reflecting geographical, jurisdictional and/or business division lines, but the regulators expectations are that these structures do not result in overly complex organisations that can't be readily navigated or which inhibits effective risk management. Where firms operate global functions, particularly global control functions, there must be sufficient UK challenge and no overreliance on overseas counterparts - this is similar to earlier messages we've seen on this point in relation to financial crime (see the May 2021 Dear CEO Letter to retail banks). This is relevant to Boards, control Senior Managers and the Senior Manager with the PR for the SMR. 
• Lines of defence: Nothing new here but something highlighted by regulators is the importance of the first line of defence in actively identifying, measuring, managing and reporting risks. The second line should independently monitor the first line and the third line must provide independent oversight and challenge. The second line must be empowered to exercise authority to protect and adequately oversee the business and that relevant functions are appropriately staffed (both qualitatively and quantitively) and have sufficient systems and procedures in place to support these functions. There is also reference to effective risk management arrangements where business is remotely booked to the UK and ensuring that there are clear escalation lines to relevant, local Senior Managers. This is relevant to all Senior Managers, and particularly Control SMFs - e.g. CCO (SMF 16), CIA (SMF 5) and CRO (SMF 4).
• Escalation and governance: The PRA also emphasised the importance of terms of reference for governance bodies to ensure that they have clear purpose and that they are sufficiently embedded within organisations. For firms that have just implemented the Consumer Duty this is an important takeaway to consider for new product governance and/or Consumer Duty Committees. The regulators have been clear that these governance frameworks should adequately scrutinise and discuss appropriately escalated risks.
• Lessons learned: The importance of addressing lessons learned from issues which arise within firms is of critical importance and what is clear is that firm's that fail to do this and then experience similar or perhaps avoidable issues in the future will not be looked on kindly by the regulators. This means ensuring (1) remediation programmes are completed, (2) that firms don't just consider each issue in a siloed manner, but rather take a step back, join the dots and consider holistically whether there are broader matters that need addressing, and (3) firms are in a position to demonstrate how they have learned from past experience.

We have extensive experience of acting in cases such as PRA enforcement actions so please do get in touch if you'd like to discuss. For further information, please contact Emma Sutcliffe (Partner) or Richard Sims (Partner).