This is the third in our series of Senior Mangers & Certification Regime (SM&CR) articles that we will be releasing in the run up to the 9 December 2019 commencement date for solo-regulated firms. The other articles in this series can be found here:
- Implementing SM&CR for solo-regulated insurance businesses – Part 1: Four fundamental elements
- Implementing SM&CR for solo-regulated insurance businesses – Part 2: Six tasks to be starting now
In this article we will be focusing on the HR processes that your firm should be developing now, in order to have them implemented by the commencement date which is now just five months away.
As the majority of the firms we deal with are SM&CR Core firms, the advice in this article has been tailored as such. If you are a Limited or Enhanced firm, or an EEA/Third Country branch, slightly different rules apply, and we would be happy to discuss them with you. As with our previous articles we are framing this article around the application of the new regime to general (non-life) insurance intermediaries.
Development of HR processes
Firms will be expected to develop various HR processes to enable them to be compliant with the SM&CR requirements by the implementation date and thereafter. The development of these HR processes will require Compliance and HR to work in unison, with Compliance supplying the regulatory technical knowledge and HR utilising its experience of building fit for purpose internal processes.
This is a key aspect of any SM&CR project, as if you have the right processes in place from the start it will make it a lot easier for your firm to meet its ongoing FCA requirements under the new regime.
Assessing the Fitness and Propriety of relevant employees and directors
Firms will be expected to assess the Fitness and Propriety of SMFs, Certified Staff and NEDs before their roles commence and then on an on-going basis. This is to ensure that key individuals are fit and proper to do their jobs. A process for making this assessment will need to be built into your firm’s selection and on-boarding procedures or when an individual is promoted or transferred to a relevant role.
You will need to build a similar process into your annual performance review cycle for the relevant staff. A process will also be needed for ad-hoc fitness and propriety assessments, which can be used if negative information comes to light. This process will ensure that your firm can react appropriately and in real time to any concerns that an individual may no longer be fit and proper to do their job.
The FCA has set out what it expects firms to take into account when making their Fitness and Propriety assessments in the FIT module of the Handbook. This includes:
- Honesty, integrity and reputation
- Competence and capability, including whether the person satisfies any relevant FCA training and competence requirements
- Financial soundness
A common approach which we advocate is to incorporate a self-declaration process into the annual performance review cycle whereby relevant staff are asked to respond to a questionnaire covering the above. This could include questions such as “have you been declared bankrupt?” and require the employee to provide further information to explain any positive answers. The firm could then operate a policy of risk-based verification of the answers. Contracts of employment would need to be modified, in line with Data Protection legislation, to set the expectation that relevant staff are required to complete the questionnaire, and that the firm is permitted to verify or follow up as required.
Some firms find it easier and more beneficial to apply these F&P assessments across the entire population of staff. Indeed, there is little if any downside to doing so, and it supports a strong and positive culture.
Issuing certificates to Certified Staff
A process will need to be developed that allows firms to issue Certified Staff with a certificate after checking and confirming they are fit and proper to do their jobs. This certification process will need to be completed at least once a year and firms should consider whether the individual has:
- obtained a qualification
- undergone, or is undergoing, training
- an adequate level of competence
Certificates issued by firms should state that the Senior Manager responsible for the certification process is satisfied that the certified individual has been assessed as fit and proper to perform their specified role. A record of the certificate issued will need to be kept, so a process will also need to be built ensuring this happens for all your firm’s Certified Staff.
Carrying out criminal records checks when required
As part of the Fitness and Propriety assessment, firms must collect extra evidence when assessing candidates for Senior Manager and NED positions (even when a NED is not a Senior Manager). Part of this extra evidence is carrying out criminal records checks. An HR process will need to be put in place to ensure these checks are carried out during selection and on-boarding, and that evidence of these checks is retained.
Firms and candidates for SMFs also need to declare to the FCA if a candidate acquires a disclosable criminal record at any time after the initial application for approval. Contracts of employment should therefore include a suitable disclosure obligation to ensure the firm is kept informed in a timely fashion.
You should ensure that criminal records checks cover all relevant jurisdictions where possible, taking into account where the person has lived and worked. The firm should make reasonable efforts to obtain this information from other jurisdictions.
Criminal records checks will not be mandatory for Certified Staff or other employees, but firms may choose to conduct these checks as permitted by their contracts of employment and to the extent permitted by the law.
Obtaining and providing regulatory references
Under the SM&CR firms must now request a regulatory reference from past employers of any Senior Managers, Certified staff and NEDs. Regulated firms will also have to supply a regulatory reference when requested by another firm, in a template form that the FCA has designed.
Requesting a regulatory reference should be built into the selection and on-boarding processes your firm has for these relevant roles. Your firm should ensure it is keeping complete and accurate records of employees’ performance thus enabling you to give an accurate regulatory reference if required. Firms should also put a process in place to ensure that any regulatory reference given by the firm contains the correct information in the correct format, and is retained to enable the firm to update that reference if new information about that individual comes to light after they have left the firm.
The regulatory reference rules require firms to:
- Request a reference from all previous employers in the past 6 years for people applying for Senior Manager, Certification and non-approved NED roles.
- Share this information between firms in a standard template.
- Disclose certain information going back 6 years. This includes details of any disciplinary action taken due to breaches of the Conduct Rules and any findings that a person was not fit and proper.
- Disclose any other information relevant to assessing whether a candidate is fit and proper covering the previous 6 years, unless it relates to serious misconduct in which case there is no time limit.
- Retain records of disciplinary and fit and proper findings going back 6 years.
- Not enter into any arrangements that conflict with their disclosure obligations (e.g. non-disclosure agreements)
- Firms will also need to update regulatory references where new, significant information comes to light.
We hope you have found this article useful and if you have any questions about anything raised in this article, or more general SM&CR questions please do get in touch.