Home>SM&CR Series Insight 2: Senior Manager SM&CR Compliance
  • Print
  • Decrease text size
  • Reset text size
  • Larger text size
12.05.2018 #news

SM&CR Series Insight 2: Senior Manager SM&CR Compliance

The aim of this Insight is to breakdown the Conduct Rules for Senior Managers, who are the most senior people in your company and have the greatest potential to harm market integrity.

Rule 1: You must take reasonable steps to ensure that the business of the firm for which you are responsible is controlled effectively.

This means that you need to establish effective processes to ensure that you are aware of what you’re responsible for within your Senior Management Function.

As a starter for 10, think about each of your business process and then think about who owns each of these processes.

Useful questions to ask yourself:

·      Are all business processes mapped out and tested frequently?

·      How are key process decisions made and documented?

·      What are the process risks and corresponding controls? Are these controls understood and adhered to?

Rule 2: You must take reasonable steps to ensure that the business of the firm for which you are responsible complies with the relevant requirements and standards of the regulatory system.

The dreaded ‘reasonable steps’ can always be difficult, but, there are steps that you can take to meet this rule’s standard. We’d recommend that you develop a regulatory rule(s) map, which you should use in charting individual actions needed to ensure compliance.

Rule 3: You must take reasonable steps to ensure that any delegation of your responsibilities is to an appropriate person and that you oversee the discharge of the delegated responsibility effectively. 

Obviously, you can continue to outsource, offshore and have third party partnerships, but a Senior Manager must remain accountable for the function.

You must have an audit trail to track any delegated functions to clearly identify and explain how accountability is allocated among Senior Managers.

Before delegating, each Senior Manager needs to ensure that the proposed individual or company has the necessary training to carry out their tasks. The buck still stops with the Senior Manager as they remain accountable for actions relating to the delegated function.

Rule 4: You must disclose appropriately any information of which the FCA or the PRA would reasonably expect notice.

This rule requires the disclosure of information that would be of use to the FCA or PRA, and this will usually focus on any breach in your control environment.

Useful considerations:

·     How robust is your control framework? Weaknesses should be identified and fixed.

·     You need a breach reporting system that quickly communicates breaches to the appropriate pre-identified individual (i.e. your compliance officer).

·     You need a breach reporting system that quickly communicates breaches to the appropriate pre-identified individual (i.e. your compliance officer).

·     You need to have prepared responses to foreseeable breaches.

·     Management information you receive should detail breaches, when they occurred and remedial actions.

.