The FSA’s approved persons’ regime, now past its first decade, has undergone a number of revisions reflecting the key regulatory developments of the last decade in response to the global financial crises and remedying the perceived regulatory shortcomings that have taken part of the blame for them.
The rise of the Risk Manager
In response to the financial crisis, there were a number of reviews – the FSA led Turner review and the Government’s Walker review identified a number of failings in the corporate governance and risk management of financial institutions.
The Turner review recommendations included improved professionalism and independence of risk management, requiring clear, independent and unconflicted reporting lines for risk and the proper resourcing of risk committees. Lord Turner also recommended that risk managers should be expected to provide genuine challenge (through board representation as well as technical competence and attention to effective communication). Lord Turner proposed that the effectiveness of risk management and corporate governance should be reviewed and reported on by the auditors. With regards to non-executive directors Lord Turner recommended that only through increased technical expertise in the relevant area and improved resources and oversight time, could these directors be expected to deliver their role as a check on internal sources of risk, such as dominant chief executives and their aggressive growth strategies.
The Walker review made 39 recommendations and is also responsible for the FSA’s changes in the remuneration arena. Among these the review endorsed the need for closer attention to be paid to the balance of boards in relation to the risk strategy of the business; and the introduction of senior advisors into the FSA’s approval process for non-executive directors of listed financial institutions.
Fit, proper and competent? The new process
The FSA have had some time now to do their own root cause analysis on the shortcomings in the boardroom that have contributed to these issues, and they reached similar conclusions on the key issues:
- Insufficient challenge in the board, particularly non-executive directors failing to challenge executive directors;
- Inadequate understanding of the business model;
- Failure to understand the risks particularly in relation to activities considered higher up the risk spectrum.
In its early years, the FSA’s inclination seemed to be to reduce and simplify its regulation however more recently, there has been a sea change and the FSA have formed the view that its regime is not granular enough. In particular previously it would have been possible for those in significant influence functions to assume new responsibilities without the necessity for an application for further approvals. The FSA’s move to principles based regulation has not inhibited the FSA from making its approvals regime even more prescriptive with new applications required for each role change.
As part of the drive to raise the standards in the City’s boardrooms, the FSA have increasingly scrutinised firms due diligence on candidates and been willing, supported by the new ‘senior advisors’, to directly question candidates on their competence.
The FSA has specified the areas where candidates’ competence would be evaluated as: market knowledge, business strategy, risk management and controls, financial analysis and controls, and governance and oversight controls. Candidates can now expect to be grilled on their understanding of approved persons’ responsibilities and their views on the main risks posed by the business strategy as part of the process of obtaining approval.
The FSA’s interest in how candidates perform in the roles will be followed up as part of the new Arrow process and intensive and intrusive supervision, in the course of which the FSA may review approved persons appraisals and other reports on their performance. If all else fails the FSA will commission a Section 166 report into senior management’s performance of its responsibilities.
With the FSA raising the bar again, now more than ever firms are recognising the value of thorough preparation in the application process, often seeking external expertise and saving themselves time, money and sleepless nights in the long run.
The new controlled functions. Do you have a full house?
The FSA is entitled to specify controlled functions in three areas, activities involving a significant influence over the conduct of authorised person’s affairs; those relating to customers and those involving dealing with the property of customers of the authorised person.
The FSA has broken these three categories into five within its regime (of which four are significant influence functions): governing functions, required functions, systems and controls functions, significant management functions and the customer functions.
For governing functions six new roles have been introduced: parent entity, chairman functions and senior independent director roles have been introduced to strengthen the governance framework.
The senior independent director has opened up the possibility of the non-executive directors appointing their own chairman.
In the light of the objectives that I have just discussed, the other changes are self explanatory: more Chairpersons – audit, risk, remuneration.
Three new systems and controls functions have been introduced including finance, risk and internal audit. The Client Assets operational oversight function is now a required function alongside the Money Laundering Reporting Officer.
Apportionment and oversight (previously also a required function) has been dispensed with for MIFID business and is now entirely superseded by these new roles.
Although some of these changes have been slightly delayed pending the introduction of the FSA’s online application process, this is another area where the regulator’s scrutiny has intensified. We have seen a marked upturn in governance reviews, both at the regulator’s and at the firm’s instigation. The message for all firms is that they need to get their arrangements fit for purpose as a priority before the FSA comes to call.
TCF: a step change for non-executive directors
As mentioned above, Walker saw the role of non-executive directors as key to delivering the challenge to executive decision making that good corporate governance requires. No change to the Combined Code was recommended – the focus being instead on ensuring that board members demonstrate the right behaviours, through ensuring that both industry specialism and high level experience in other sectors is available on these boards. Time, training and support were also crucial as well as exceptional leadership abilities in the chairman or woman.
As the overriding governance objective for major financial institutions was considered to be risk management. This discipline should be allocated a dedicated non-executive director with a direct report from the chief risk officer.
More recently the FSA has brought the significant influence function to the fore in ensuring that financial institutions are delivering the ‘Treating customers fairly’, for example requiring the specific allocation of responsibility for complaints handling to a member of senior management.
The FSA took up the same message regarding the critical importance of the non-executive director in this year’s Retail Conduct Risk Outlook and committed to more intensive and intrusive scrutiny of the non-executives’ roles in financial institutions, specifically in the context of fair treatment of customer and senior management responsibility for ensuring that this is delivered.
Next month, the FSA is hosting a conference for non-executives on their responsibilities in ensuring the fair treatment of customers. Hot topics are very likely to include:
- How to ensure that boards have access to the right skill and industry knowledge;
- Whether to require the appointment of an independent director to be responsible for the delivery of ‘TCF’ or to be a customer ‘champion’;
- Ensuring that the board have adequate oversight of the fair treatment of customers including taking responsibility for ensuring that the firm’s products are delivering the right outcomes for customers;
- How to ensure that directors have access to the right kind of management information, including the proper oversight of product development, with the effective inclusion of oversight functions such as compliance;
- In the complaints arena, how to ensure that management identify issues early, that in depth root cause analysis is carried out and that remedial action is promptly taken and;
- The extent to which measures for regulatory objectives should be built into directors’ personal development plans and objectives, so that they are incentivised through the reward framework.
RDR: more governance challenges
As well as major product providers, the FSA has the network model on its risk radar, particularly in the light of the strain that the current economic climate is imposing on such firms. Its supervisory activity has identified significant issues with the controls and oversight arrangements of firms in this sector, particularly in relation to appointed representatives. The FSA think that RDR will only increase the pressure on firms in these areas, particularly for those firms intending to increase their advisor numbers and product range substantially as their strategic response to this initiative.
Any substantial increase in resources or product range will bring with it the risk that, without proper planning, the compliance function will become overstretched and the business will outgrow its oversight systems and controls. The key areas that firms will need to strengthen include monitoring procedures, levels of compliance resource and standards of due diligence carried out on incoming appointed representatives.
CASS: will your firm be next?
The new Controlled function 10A has already been introduced as a requirement for medium and large CASS firms to ensure that systems and controls deliver compliance with CASS, board reporting and the CMAR.
This does not mean that other firms with client money are exempted but that the person with responsibility for oversight can sit on the board of these firms.
Client money has been top of the FSA’s hit list for some years. There was a Dear CEO letter in the insurance sector way back in 2005 and again in 2009, followed by thematic work on investment managers and insurance intermediaries. The Lehman’s collapse highlighted how bad things could be in even the most respectable institution and also what a tortuous legal mess ensued on insolvency, a situation which is currently still unresolved. Unsurprisingly the proposals for the resolution arrangements for investment banks have also touched on this area.
In the report of its thematic review the FSA has shown its willingness to explore the full range and flexibility of its regulatory toolkit with everything from asset freezing and closing firms, to S.166 reports and written reminders to the Board.
The report consistently identified weaknesses in senior management oversight in this area and that such weakness increased the risk of non-compliance.
However with the introduction of this CF the FSA has hard wired senior management responsibility in this area into the regime. The FSA have specifically linked this extension to the two aspects of regulatory accountability being clarity regarding who is accountable; and the ease of taking enforcement action against the relevant person (the credible deterrence agenda).
With more asset requirements and Enforcement cases every week, there is every sign that the FSA’s patience with the CASS ‘can’t dos and won’t dos’ is wearing thin. CASS compliance, including sound and effective governance, must be the top priority for any firm with client money – and with plenty of expertise available, this is one area where the FSA will accept no excuses.
Where next for the Enforcers?
Whilst the FSA’s expectations of its approved persons seem to spiral ever upwards, it remains the case that the FSA has taken very few scalps from the cream of the business community, despite strong public opinion on where responsibility for the financial crises should lie. Most recently Margaret Cole, currently Deputy Head of the Conduct Business Unit, in her evidence to the Treasury Select Committee advocated that the Financial Conduct Authority should be given powers to take action against those directors held responsible for the failure of a financial institution, similar presumably to the director’s disqualification regime. Perhaps she hopes that this could make life a little easier for her former colleagues in Enforcement. Whether or not her proposal comes to anything, there’s no disputing that testing times lie ahead for senior management across this industry.
- Alternative Asset Advisory
- Compliance and Regulatory Consulting
- Disputes and Investigations
- Legal Management Consulting
- M&A Advisory
- Real Estate Advisory Group
- Restructuring Advisory
- Tax Services
- Transaction Opinions
- Consumer, Retail, Food and Restaurants
- Energy and Mining
- Financial Services and Asset Management
- Healthcare and Life Sciences
- Media and Entertainment
- Real Estate
- Technology and Telecom
- Alternative Assets
- Compliance and Regulatory
- Cost of Capital
- Disputes and Investigations
- Goodwill Impairment
- Legal Management
- Risk Premium
- Transfer Pricing
- Transaction Opinions
- Latin America
- U.S. / Canada