In a year that saw the average FCA fine against individuals almost treble in size, the adage “with great power comes great responsibility” could never be more true.  Nor is it any small coincidence that such a significant increase in individual fines should correlate with the implementation of, and expanded scope of the Senior Managers and Certification Regime (SMCR), which is set to be further extended to some 47,000 solo-regulated firms in December 2019; nor the record number of cases that were opened in 2018 alone.  

The SMCR is clearly a direct response to those factors that contributed to and culminated in the financial crisis:  firms being completely agnostic of, or knowingly and repeatedly flouting the rules, with no one really having any specific or direct ownership of or accountability for such behaviour.  This lack of ownership and accountability perpetuated what can only be described as a complete lack of control, with little being done to address or mitigate the problems.  Whilst firms and individuals who are clearly responsible for certain infringements of regulatory rules and requirements will, in all likelihood, be given some kind of dispensation where they are seen to be acting in good faith to address issues,  recent cases are unequivocal: where the same mistakes are being made repeatedly; where there is a flagrant disregard for the rules and where the guidance of auditors and regulators alike continues to fall on deaf ears, the regulator is less likely to be so forgiving.  

Under SMCR, repeat “offending” will simply not be tolerated and not only will firms (who can often continue on the back of their prestigious identities) face punitive action from the regulator, the senior individuals responsible will also be directly held to account.  There is a very clear expectation from the regulator that where issues have been identified, steps should be taken to address them without undue delay.  It is therefore very much in the interests of the responsible individual to ensure that this happens – aspiring ultimately to a culture of being “Only wrong Once”.  

The fundamental principles of improved culture, governance and accountability upon which the SMCR is founded are indeed straightforward, if not commendable.  However, one can but ask what practically these principles actually look like at a grass root level from an individual senior manager’s and firm perspective; and how (if at all) differences in the individual’s responsibilities and firm-wide success objectives can be easily reconciled.    

Like much of the discourse coming out of the FCA in recent years, SMCR has a pronounced focus on governance.  Firms, and more importantly their senior managers and certified individuals, will need to consider exactly how they define governance and whether, not wanting too much to resonate with the language of Brexit, they want a “hard” governance structure or a “soft” one.  

Regardless of which approach is adopted, firms and the responsible individuals assigned such functions will have to accept that the type of governance required will require a decisive shift away from  siloed” methodologies of working which have become somewhat endemic to today’s financial services sector.  The focus instead needs to be on achieving true integration and interconnectivity between individuals, departments, functions and systems – a holistic “front-to-end approach” where transparency and “talking” is the order of the day. 

The assignment of responsibilities can no longer be the application of titles only.  Such titles will need to be substantive in nature with individuals assigned specific responsibilities demonstrating appropriate experience, knowledge and know-how around that for which they are responsible.  Individuals who have often largely remained unchallenged as the backbone of certain organisations for years, if not decades, will not only be forced to think outside the box but to physically extricate themselves from the box in pursuit of alternative solutions that strategically support their organisation’s business and operational models; facilitates compliance with increasingly complex regulatory requirements; most importantly not only is seen to but actually does put the interests of clients first.  

Nor should governance be limited to the organisational structure, policies, procedures, oversight of the efficacy of controls and the performance of functions that have been outsourced/offshored.   It goes to the very decisions those individuals make. 

As the industry hurtles towards an era of digitisation, should responsible individuals really be placing reliance on “one-stop fintech” organisations which, in one breath will facilitate your holiday booking plans whilst performing your regulatory required daily reconciliations in the other: reliance on organisations which arguably may well have cutting edge technological solutions which somewhat lacks true financial services knowledge, experience or expertise. 

Would the prudent approach not be to embrace third-party providers who combine financial services expertise with leading technological solutions?