Senior Managers Regime: Reasonable steps - testing the outcomes
20 November 2017
A key tenet of the Senior Managers Regime (SMR) is the duty of responsibility placed on Senior Managers (SM). This is the new duty to ensure that as an SM, you have taken reasonable steps to discharge your responsibilities.
On one level this doesn’t feel so different. As an SM you will have procedures and policies, governance structures and management information (MI). But the purpose of the regime is in part to challenge SMs. So, a question to consider is not ‘do we have the right policies and MI?’ but in fact ‘what policies and MI do I need to achieve the right outcomes?'.
The Financial Conduct Authority (FCA) has said that in the event of a problem, it will look at all the circumstances of the case, including the seriousness of the breach, the person’s position, responsibilities and seniority, and the need to use its enforcement powers effectively and proportionately. But what does this mean for firms?
Firms should think about this holistically. Because, by its very nature, the regime impacts individuals, it feels very personal. But that can drive people to make individual decisions, which while understandable, may not be best for the firm as a whole.
Many firms I’ve spoken to have found individuals with a range of worries about being subject to the regime. Are my challenges and interjections appropriately noted in board meetings? How do I document meetings? How do I manage delegation? Do I have the MI that I want? How much MI is that? How long is it kept for? What happens if I leave the firm?
The first piece of advice I give to firms is: you need to be proportionate.
You need to address this as a senior management team, and you need to come up with a solution that works for everyone - and the firm.
One method that has proved invaluable to some firms is scenario testing. Often when mapping responsibilities firms think about ‘normal times’. But in stress scenarios - where something has gone wrong - you may find people and roles flex.
In this scenario testing, you are then able to test underlying policies and MI. For example, if you expected a particular SM or committee to address or prevent a problem occurring, why didn’t they? Was there an absence of MI? Were the reporting lines incorrect? Did the Statement of Responsibility tally with real life, and make clear where the accountability lay? If something had been delegated, could you identify this from the documentation? Do the controls in place mitigate the risk arising from the stressed situation appropriately? Fundamentally, when tested is the SM able to use existing documentation to prove that they took reasonable steps - this is the real crux of it.
For some this may sound like an unnecessary degree of complexity. The reality is that in a regime that is based on a retrospective view of an outcome, this method of testing is one of the few ways to really kick the tyres. Try it - it might surprise you!