Diligent
Diligent
Solutions
expand_more
Products
expand_more
Industries
expand_more
Resources
expand_more
Blog
/
Boards
The Diligent team Image
The Diligent team
GRC trends and insights

SMRC: What it is, why it matters and how to handle it through entity management

July 25, 2018
0 min read
Professional selecting the word "legislation" from hologram

The Senior Managers and Certification Regime (SMCR) is a relatively new compliance regulation on British banks designed to increase the accountability of senior financial services executives for malfeasance. It was put in place largely as a result of certain financial mishaps.

With Brexit looming, and its form still, relatively speaking, up in the air, it is crucial that financial institutions which have entities operating in Britain take account of regulations like SMCR as part of their ongoing governance and compliance strategy. This post offers a brief rundown on SMCR and its requirements, the strategies that help to enforce it within institutions, and some pointers on how entity management software can put these in place.

Combatting Corruption, Enforcing Accountability

In 2016, UK regulators, namely the Financial Conduct Authority (FCA) and the Prudential Regulation Authority (PRA), had a problem: Financial malfeasance was ongoing and intensifying, yet with the exception of major scandals such as the LIBOR rigging, it continued to go mostly undetected and, when it was detected, its perpetrators got away with a slap on the wrist ' they were fined a few million pounds and possibly fired a few lower-level implementers of malfeasance. Meanwhile, the general culture of corruption went unchecked, with the leadership responsible for it staying in place.

SMCR was the solution that regulatory authorities hit on. In particular, it aimed to do three different things:

  1. Focus accountability for misdeeds on a narrow number of individuals at or near the top of the hierarchies of large financial institutions;
  2. Encourage these senior individuals to take greater responsibility for their direct actions, as well as indirect behavior that contributes to a laissez-faire culture; and
  3. Make it easier for regulators, auditors and bank employees to hold specific individuals to account for malfeasance.

Originally test-run through an initial group of financial institutions that included banks, building societies, investment and insurance firms, and credit unions, SMCR is being rolled out this year to all firms registered with the FCA. This could impact over 60,000 financial organizations by the time it's done.

Strategies for Implementation

SMCR includes numerous specific requirements now imposed on the leadership of financial institutions. Some of these include:

  • Allocating functional responsibilities to individual managers;
  • Assessing the fitness of employees for certain roles;
  • Creating a map of the constellation of management responsibility; and
  • Certifying and updating all relevant information annually.

Organizations need mapping capabilities, surveys and automated workflow tools to ensure compliance. Integrating all of the functions necessary for compliance removes a significant burden from legal and compliance teams, freeing their time and energy for value-added tasks.

Entity Management and SMCR Compliance

Blueprint OneWorld's entity management platform offers a number of tools that can be applied directly to the tasks of SMCR compliance.

Our SMCR manager, a module available as an add-on for all UK customers of our platform, is the central place from which to manage compliance with this regulation. It integrates seamlessly with Blueprint's existing data to ensure ongoing SMCR compliance. Data required for SMCR compliance can be gathered from data already in the system. It can collect additional data with pre-filled and customizable survey tools that allow data to be gathered quickly and easily. Customized workflows ensure that surveys are sent out and completed in a timely fashion for appropriate filing.

The SMCR manager also allows organizations to create flags for specific senior managers for inclusion in the certification regime. As part of the self-declaration process, senior managers answer fitness and propriety questionnaires, and review and sign off on their job description, role, title and assigned FCA Significant Harm Functions (SHFs). Automated workflows ensure that flagged managers receive and sign off on the appropriate paperwork. The automatic creation and preservation of a full audit trail for all SMCR activities provides for historical or 'As Of' reporting of SHF mappings at any point in time.

Other tools in our entity management suite can also assist compliance with SMCR. The responsibility maps and constellations it requires can be generated through our ChartIt tool. Using our entity diagramming application, organizations can create a map of their senior managers' responsibilities, along with relevant responsibilities from all different categories. This powerful data visualization tool shows reporting lines within each individual entity. Users can click on links to specific senior manager functions and their associated responsibilities for a full picture of organizational senior management duties and responsibilities.

Streamlined SMCR Compliance

The Senior Managers Regime applies to individuals performing a senior management function whether based in the UK or not. This is why the entity management tools discussed above are so important. Every identified senior manager must have a statement of responsibilities attached to their role. These statements of responsibility enable the FCA to identify and hold responsible individuals accountable if, in the FCA's view, they did not take 'reasonable steps' to prevent an event from happening that could have been prevented. In addition, the FCA must approve all individuals in this role, and if responsibilities change, filings must be updated.

SMCR requirements continue to ramp up. In tandem with the Market Abuse Regulation, which took effect in July 2016, SMCR significantly increases the compliance burden on firms operating within the UK. With strict penalties, organizations must maximize their compliance systems to ensure that relevant data and changes don't slip through the cracks.

Automation with state-of-the-art and continually updated tools ensures ongoing compliance and a lower burden on legal and compliance teams. Blueprint's fully integrated SMCR Manager draws data already in the system and captures data gathered for SMCR purposes for ongoing compliance and analysis purposes.

Blueprint OneWorld hopes to be every UK financial entity's entry point into a consistent and reliable strategy for compliance with SMCR and other regulations, which both fulfills the uniform requirements of the law and can fit the already established practices of your organization with a minimum of disruption. Please call or email us today to discuss our SMCR module and other solutions.

security

Your Data Matters

At our core, transparency is key. We prioritize your privacy by providing clear information about your rights and facilitating their exercise. You're in control, with the option to manage your preferences and the extent of information shared with us and our partners.

© 2024 Diligent Corporation. All rights reserved.