Strategies for Aligning Policies, Procedures, and Culture with SM&CR

The financial services sector has faced increased scrutiny after the Treasury Committee’s Sexism in the City inquiry revealed that non-financial misconduct is prevalent and suggested that Non-Disclosure Agreements (NDAs) were being used to silence victim’s claims.  

In response, the FCA has requested data from firms regarding incidents of non-financial misconduct, their methods of detection and resolution and further outcomes, to assess problematic cultures and practices in the sector.   

The FCA’s interest in firms’ measures to prevent and address non-financial misconduct underscores its focus on transparency and accountability. The quality of a firms’ record-keeping and compliance with regulation will reveal much about its organisational culture.   

Compliance with the Senior Management and Certification Regime (SM&CR) is crucial to addressing and preventing non-financial misconduct. Introduced in the insurance sector in 2019, SM&CR aims to strengthen market integrity of and reduce the risk of consumer harm by increasing personal accountability, improving conduct, and delineating individual responsibilities throughout a firm. 

Given the questions surrounding the culture of the financial services sector, it is vital that firms adhere to SM&CR and the FCA’s Conduct Rules and embed transparency and accountability throughout their policies, procedures, and culture. This will help to ensure that people feel able to speak up and report non-financial misconduct so that risks of harm are identified and acted upon.  

Steps Firms can take to Align with SM&CR:  

Ensure all individuals are aware of and understand their responsibilities and level of personal accountability.  

 Firms should regularly review compliance with SM&CR and maintain a demonstrable, firm-wide understanding and awareness of roles, responsibilities and personal accountability.  Roles with Senior Management Functions (SMFs) should be checked regularly, along with their associated Statement of Responsibilities (SoR), to ensure that the Prescribed Responsibilities have been clearly identified, understood, and listed in their job specifications. 

Firms should also review and check that responsibilities have been distributed appropriately. Note that the FCA must be informed if there are any changes to Senior Management responsibilities or how they are shared with other Senior Managers.  

Plan and execute thorough ongoing assessments of staff fitness and propriety.  

Those performing Senior Management Functions, and or carrying out Certification Functions, hold significant influence; their misconduct could cause harm to the firm, consumers and integrity of the sector. Therefore, firms should plan how to continuously, and effectively, assess the ongoing fitness and propriety of staff and ensure that they remain competent in their role. 

Some firms simply request that Senior Managers sign an annual attestation to their fitness and propriety, however UKGI recommends that this attestation is reviewed and validated by the HR Manager, providing independent verification and evidence of the ‘fitness and propriety’ of SMF holders to continue in their role.  

This step demonstrates a rejection of complicity and fosters openness and transparency, evidencing to both the regulator and wider organisation that fitness and propriety assessments are thorough, that your firm values integrity and it will hold individuals accountable for their conduct.  

Exercise Due diligence during appointment of employees 

When appointing a Senior Manager and assessing their fitness and propriety, firms should from the outset exercise due diligence, obtaining and verifying regulatory references and conducting criminal record checks. Applications to the FCA to appoint a Senior Manager should include a Statement of Responsibilities, job specification and a copy of the candidates CV.  

Conducting thorough checks and providing all necessary documentation demonstrates that the prospective candidate’s fitness has been rigorously assessed and assists FCA case officers assessing the application, ensuring that the fitness, propriety and competence of candidates is independently verified to a high standard and satisfaction of the regulator.  

Maintain effective procedures for identifying, investigating, and addressing breaches of the Conduct Rules 

Firms must establish effective procedures to identify, investigate, and address any breaches of the Conduct Rules and take steps to ensure staff understand procedures for reporting breaches, subsequent processes, and potential outcomes. This is key to developing a culture where employees feel safe, able to speak up or report concerns, and everyone is held accountable for their conduct.  

 Establishing effective procedures for reporting, investigating and dealing with misconduct helps to nurture transparency, as can good record-keeping. It allows fitness and propriety at all levels to be assessed with accuracy and openness and for breaches of the Conduct Rules to be reported to the FCA as required, which is key considering potential risk of harm to consumers, other employees and the integrity of the sector.  

Embed SM&CR from the top down and bottom up in firm culture  

A firm’s integration of SM&CR should be closely linked with its HR function to ensure SM&CR is incorporated, not only in its policies and procedures, but overall culture. Firms should also include SM&CR as an agenda item at board meetings and address conduct related concerns in conjunction with HR policies and procedures.  

 Not only does this contribute to a culture of psychological safety, within which staff feel safe and empowered to report any concerns or incidents of misconduct, it allows the firm’s HR team to adequately investigate and deal with Conduct Rule breaches and report issues to the FCA as required.  

 Power and position grants individuals no immunity from accountability, a notion which, when outwardly supported top levels of a firm, can percolate throughout an organisation and solidify positive and progressive attitudes and cultures.  

Provide Adequate Training  

Providing adequate training can help employees to understand SM&CR and the importance of adherence to the overall culture of the firm, sector, and consumers. Importantly, this includes ensuring that staff undertake a minimum of 15 hours’ CPD each year, in the core competencies defined by the FCA. Staff must also be trained in the FCA’s Conduct Rules. The individual Conduct Rules apply to most financial services staff but there is also an additional, higher tier of Conduct Rules that apply to Senior Managers. Training should cover how the Conduct Rules apply to the specific role of the individual. Therefore, firms should determine what type of training staff should undergo and provide training that is appropriate and relevant to the day-to-day role of employees. 

 Online platforms such as The Development Zone offer extensive course catalogues covering relevant topics. These can be used by firms to easily build learning plans that cater to all levels and roles, helping to instil knowledge and skills to create healthy cultures- all whilst fulfilling annual CPD requirements. All staff CPD should be recorded in accordance with FCA expectations and firms should be able to produce these records upon request.  

Delegation/Handover of Responsibilities  

Firms should regularly review arrangements for delegating responsibilities between Senior Managers and establish appropriate handover procedures in preparation for instances where a Senior Manager may have to pick up aspects of another colleagues SMF responsibilities. To mitigate risks of harm, it is vital that the individual filling in or taking over the role has a full understanding and awareness of responsibilities and key issues they will inherit from their absent colleague.  

The same applies if a Prescribed Responsibility is moved to another Senior Manager, in which case their associated Statement of Responsibility must also be updated and sent to the regulator.   

In conclusion  

Ensuring that policies, procedures and culture align with SM&CR strengthens businesses, improves resilience and helps to secure a culture of accountability, higher levels of conduct and protects both the integrity of the sector and consumers. A correct understanding and implementation of SM&CR maintains a safe, open environment in which everyone understands their responsibilities and is accountable for their actions and conduct. Following the FCA investigation and request for firm data on misconduct incidents, firms should review their policies, procedures and data to ensure that they can demonstrate full compliance and transparency.  

Additional Support and Guidance  

If you are interested in additional support with ensuring your firm is compliant with SM&CR, get in touch with UKGI. Our specialists review and consult on a range of aspects, from governance structure to policies and procedures, and can curate comprehensive and pragmatic action plans aimed at strengthening SM&CR compliance within your firm.  

UKGI also deliver bespoke training programs to help staff in SMF and other roles understand the regulatory requirements of the Regime and how conduct relates to their daily role.