Preventing Harm & the SMCR

Posted by

Katharine Leaman

on 20 Apr 2023


The financial services sector has an opportunity to show society we've changed substantially post the global financial crisis of 2008. Don't waste it.

Preventing Harm & the SMCR

It's more important than ever for us all to recognise just how important it is to throw ourselves into the spirit of SMCR. It hasn’t just been the global financial crisis (GFC) that’s given rise to society’s high expectations of us.

Let’s face it; there have been multiple serious events that have completely undermined public confidence in our financial services sector.

We might like to pretend that the regulators love to impose new rules on us and drive up our costs. So far, as SMCR is concerned, this perception couldn’t be further from the truth.

Meeting SMCR Expectations Webinar

We must recognise that SMCR is not just some concept invented in an ivory tower. In fact, the regulators are only doing what the general public has been told to do. These are our customers, clients, and counterparties. Our sector exists to serve these people, so we have to meet their expectations. The time to do that is now.

Steps to prevent harm within the SMCR

The Senior Managers and Certification Regime (SMCR) expects a material shift in individual conduct and corporate culture within the financial services industry in the UK. This regime instils the behavioural change needed to achieve good corporate governance and risk management practices.

Essentially, the regime goes to the heart of how firms deliver what their customers want and need. This is critical to preventing harm.

What is harm? Financial loss, distress, and loss of access (to markets, to an ATM, to an account). Harm is the damage caused to our customers or markets.

It starts with something small such as a conflict that hasn’t been prevented or controlled and unmanaged, it builds into a rule breach, and if we allow it, it will grow into something far more serious such as market abuse.

Free SMCR Compliance Crossword

We all believe that we are doing the right thing for our customers, and perhaps we don’t receive many complaints or grievances. Look at the figures from the Financial Ombudsman Service and the Financial Services Compensation Scheme over the past decade that tell a different story.

Since the global financial crisis, society has continually raised the stakes regarding its expectations of culture within financial services. Society tells us that it expects us to change whatever we think we are doing. And that change has to result in a material shift.

Be proactive in harm prevention

SMCR is so much more than a process to follow. Preventing harm means thinking proactively about joining the dots and looking for opportunities to reinforce good conduct. So whenever changes are occurring, think about the read-across.

  1. Organisation changes - changes to structure, reporting lines, products, services, and markets all have a knock-on effect on your SMCR arrangements and may require new training and mapping.
  2. Delegations - staff changes, increasing responsibility, and succession planning are key areas that either happen or have been planned, which need to be documented, and individuals briefed.
  3. Governance - whenever you introduce a new committee or meeting, you have to consider its terms of reference, who has voting rights, who can attend as a member, and who’s just an observer or presenter.
  4. Handoffs between SMFs - a key facet of SMCR is that there are no under or overlaps between SMFs areas of responsibility. You have to constantly take the lessons daily to reassess whether SMFs understand who is accountable – is it HR, IT or the hiring manager's fault if a new joiner isn’t onboarded?
  5. New areas of regulatory responsibility - the regulators are constantly being given new powers and remits by the Treasury. We have to keep abreast of the impact this has on our SMFs, often there isn’t a new Prescribed Responsibility added, but there is an expectation that an SMF will be responsible.
  6. Training - the very nature of our sector means that we are constantly innovating, evolving and developing; all those changes lead to having to keep ourselves abreast with those changes. The beauty of our sector is that there’s no such thing as being so experienced that there’s nothing left to learn!

These will all be familiar topics to you, but the challenge is making the read-across and constantly asking the questions.

This means that the SMCR is not a process operated over there and reviewed once a year; rather, it's ongoing. It continuously demonstrates the way firms think about and can 'show and tell':

  • The firm is actively planning on being around, at least for the medium term - which is good for its owners, employees, and customers; and
  • That they genuinely recognise that putting their customers' interests at the heart of their business model is nothing other than good business sense.

A firm that plans to survive and thrive is more likely to make more sensible management decisions that positively impact everyone.

SMCR Compliance Roadmap

Senior management needs to lead by example

The management and Board of each firm have to create an environment of openness where individuals feel empowered to do the right thing and escalate things that concern them where they observe them.

What is critical is that the senior management team 'walk the talk' and are seen to actively demonstrate the desired behaviours themselves - in a practical way and on a day-to-day basis. This means that all concerns should be taken seriously and properly considered.

It also means that we recognise that our 'star' players - whether they are revenue generators or the future high performers – are also setting a standard. This is regardless of their role or seniority, so we have to be more public in how we address any actual or perceived poor behaviour from these individuals.

Constantly reassess your current SMCR state

To prevent harm, we need to be constantly reassessing and evolving. This means our Boards and management need to easily articulate why they believe they're in a good place and what needs to happen next to enhance that position. But obviously, the story must be truthful and recognise that there will be work to do.

Firms need to look at their business model: from the board down to the most junior employee. They should think about where they can make enhancements to tighten up because nothing ever works as expected 100% of the time.

Considerations often include operations, manual processes, new technology or ways of working and keeping the perennial management information relevant, timely and accurate. All of these practices are common in large and small firms.

For example, let us consider the firm's most important asset - its people. How might a board or management assess how to prevent harm that their people under 'SMCR' could cause?

Consider how you recruit, motivate, manage, reward, monitor, and promote your people. Then consider if and how you are proactively and regularly looking at whether you've got:

  • the right people,
  • in the right roles,
  • and having the skills that they need.

Remember that things change, sometimes unexpectedly and at short notice. So also consider your succession planning, talent pool and how you access that talent pool. Consider how inclusive your approach is, as you don’t want the risk of groupthink in your business.

About SMCR 360 Compliance Toolkit

Consider all your business activities

Many firms now use an SMCR risk-mapping exercise to help them identify the various sources of their risks (such as in marketing, finance, or financial crime). After identifying the risks, they can plan:

  • what they need to do
  • who is going to do it
  • the resources needed
  • by when action needs to be taken
  • who will check it's complete to the standards set by the board.

Firms need to pass on to the senior management team to identify the management information produced.

Firms must tailor policies, processes, and risk management actions to their unique circumstances. For example, it would be pointless for a new consumer credit firm to have anything like a high street bank's risk assessment or policies or procedures.

There is no 'one size fits all' approach - whatever some consultancies might suggest. Instead, firms should aim for a 'fit-for-purpose' approach that satisfies the requirements of both their regulators and their board.

Firms must show the communication lines that enable information to travel from the shop floor to the board. This is also necessary for management decisions and policies to flow in the opposite direction.

Free SMCR SMF Desk Aid

Keep it as simple as possible

You don’t need to make your business look more complicated than it is. Frankly, you and your colleagues need to understand how the business works. If it's too complicated, you risk creating confusion which is how harm seeps in.

Think through all the relevant factors that might impact your business model - and these should, today, include non-financial factors such as environmental, social and governance responsibilities.

Senior regulators have commented that the SMCR “Culture is like DNA. It shapes judgements, ethics and behaviours”. Essentially, it works to prevent harm to consumers and strengthen market integrity.

The task of firms today preparing for the SMCR is to show that they are taking culture and conduct, and individual accountability seriously.

Click me

Want to learn more about SMCR Compliance?

We have created an SMCR roadmap to help you navigate the compliance landscape, supported by a comprehensive library of SMCR Courses and a fully integrated SMCR 360 Compliance Toolkit.

We also have over 100 free compliance training aids, including assessments, best practice guides, checklists, desk aids, eBooks, games, posters, training presentations and even e-learning modules!

Finally, the SkillcastConnect community provides a unique opportunity to network with other compliance professionals in a vendor-free environment, priority access to our free online learning portal and other exclusive benefits.

Free SMCR Implementation Best Practice Guide

FCA regulated firms have an obligation to ensure that all Senior Managers have taken reasonable steps to prevent regulatory breaches in their areas of responsibility.

Our free guide will help you follow best practices when implementing your SMCR programme. 

Download your free training aid