In August the FCA published “Corporate governance of the Financial Conduct Authority”, which followed on from its adoption by the FCA Board the previous October. Publishing anything in August, when many people will be away on holiday, means that it tends to slip under the radar and draws very little comment, which is a shame, bearing in mind it is certainly a topic of real interest to the FCA.
If I’m being honest, whilst not being the most exciting 83 page read, it does detail the role and responsibilities, terms of reference and practices and processes by which the FCA is directed. What the document also does is provides an interesting, templated approach for how the regulator sets out its own information.
And whilst the FCA are not required to follow the UK Corporate Governance Code, they did note that; “The Board is committed to meeting high standards of corporate governance and has decided that the FCA should comply with the Code where appropriate and applicable. The Board will present a corporate governance statement within the FCA’s Annual Report each year that will provide an explanation of how the FCA is governed in line with the principles of the Code.”
Culture and governance have been at the heart of regulation for many years and are in inextricably linked. When the regulator looks at culture they focus on leadership, purpose, governance and the approach to managing and rewarding staff. Corporate governance is not prescribed by the FCA for regulated firms, although there are general requirements under SYSC. Good corporate governance is all about effective oversight, sound decision making and this in turn should result in a reduction in potential harm to both consumers and the market. The Senior Managers and Certification Regime (SM&CR) is an example of how the FCA expect it to work at a practical level within firms.
With this in mind, firms need to look at a number of key corporate governance elements demanded by SM&CR. All of which can be readily supported by technology to ensure that keeping everything up to date is achievable. The key components and the expected functionality within bespoke SM&CR software (italics) are:
Structure
This will depend on the size of the firm and needs to reflect who and where decisions need to be made to manage risk, i.e. Responsibilities Maps.
Roles and Responsibilities
The framework needs to set out roles and responsibilities, decisions need to be made by the right group of people and it should be clear how issues can be escalated, i.e. Prescribed Responsibilities and Statements of Responsibilities.
Management Information
What is the data telling you and how can it enhance decision making? For Boards to have oversight of a firm it requires both qualitative and quantitative MI, which is timely, accurate, complete and relevant, i.e. minutes of Committee meetings.
Record-keeping
There should be a record of Board and Committee decisions, discussions and challenges. One of the requirements under SM&CR is that senior managers should take Reasonable Steps and this needs to be evidenced, i.e. Duty of Responsibility.
A key question any regulator will be asking when working with firms on specific supervisory topics around governance will be “How engaged, and how seriously is the firm and it’s Senior Leadership team taking the relevant regulatory topic?”
A powerful way in which firms can evidence this is by implementing sound corporate governance practices around the individual SM&CR elements, and utilising technology to enhance operational efficiencies, provide greater clarity and provide the MI that demonstrates the commitments made to the defined regulatory requirements. Technology will document these discussions and decisions will readily retrievable, so providing the necessary evidence should be regulator request it.
For more information on how Worksmart could help you and your firm through the challenges that CD has presented, reach out to our team of experts at info@worksmart.co.uk or book a meeting to find out how the latest RegTech can help you navigate the Consumer Duty.
Download blog here.