The financial services industry has seen significant regulatory change in recent years, with the forthcoming extension of the Senior Managers and Certification Regime (SM&CR) the latest ruling to introduce changes at the heart of an organisation.
Individual accountability is a UK requirement that has started to be noticed in other jurisdictions. The concept of senior managers being clear on their areas of accountability and responsibility is not something that will disappear.
Singapore, Hong Kong and Australia have finalised their position on the matter and other countries like the US and Ireland have noted there may be similar regimes. The Australian regime is most like the UK SM&CR regime and is called the Banking Executive Accountability Regime (BEAR) which came into effect for the largest banks in Australia on 1st July 2018, and will come into effect for other authorised deposit-taking institutions (ADIs) a year later.
None of the other regimes are currently as advanced or as wide-reaching as the UK SM&CR regime.
Whereas traditionally firms may have looked to increase the size of their compliance and monitoring team in response to changes within the regulatory regime, this approach is becoming increasingly unsustainable and unaffordable. As RegTech moves beyond the realm of hype and cements its place in the financial services sector, our latest guest blog, from Don Scott, Technical Director at Recordsure’s sister company TCC, examines the areas where technology solutions can have a positive impact on compliance.
Governance and oversight
A cornerstone of effective governance is ensuring senior managers have access to the right data at the right time. With the forthcoming introduction of SM&CR to the wider industry, firms need to have an understanding of how the governance works within their operation and any areas of weakness.
Where gaps are identified, technology can complement and strengthen the existing human governance and review process. AI-led solutions, such as Recordsure, are enabling firms to extract structured data from customer conversations, meeting notes and scanned documents to inform senior managers’ decisions and identify emerging risks before they lead to customer detriment.
‘Reasonable steps’ and regulatory expectations
SM&CR requires senior managers to take reasonable steps to control the areas of the business that they are personally responsible for. Although these reasonable steps are not prescribed by the FCA, they are defined as those actions that an individual would reasonably be expected to take in order to prevent a regulatory breach. This includes effective oversight, and as highlighted above, technology can play a vital role in demonstrating the expected level of oversight, through effective reporting mechanisms.
The FCA is aware of the existence of new technology applications that provide this level of oversight, including 100% monitoring of all interactions, and is likely to be asking firms why they are not using the full breadth of solutions available to help them manage their conduct risk. Dismissing the idea of using such solutions without adequate research would not be considered reasonable, instead firms should take the time to understand what technology is available, how accessible it is and the impact it could have on the business.
An appropriate financial services culture can’t be dictated or imposed, instead it develops organically through the behaviours, values and attitudes demonstrated at all levels of the firms. The FCA’s approach has changed from promoting the theoretical virtues of a positive culture to practically assessing data from across all areas of an organisation to form a view on whether its culture meets expectations.
Technology will never be a panacea for poor culture. But, through the collection and reporting of relevant and timely management information (MI), it can help firms to understand their culture. It also enables the firms to evidence that it is resulting in positive customer outcomes and identify areas where improvements could be made, thus demonstrating its commitment to meeting regulatory expectations.