3. ICSA CPD event – senior executive accountability regime 3
Agenda
Topic Presenter Timing
Welcome Colm McDonnell 8.00am – 8.05am
Overview of the proposed reforms and
individual accountability framework
Melissa Scully 8.05am – 8.25 am
Learnings from the UK’s Senior
Managers & Certification Regime
James Beasley 8.25am – 8.50am
Q&A Colm McDonnell 8.55am – 9.00am
Networking
4. 4ICSA CPD event – senior executive accountability regime
Overview of the proposed reforms and
individual accountability framework
Melissa Scully
5. 5ICSA CPD event – senior executive accountability regime
These reforms will constrain the ability of senior
executives to escape liability for wrongdoing; the
days of individuals hiding behind the collective
will be numbered.
6. ICSA CPD event – senior executive accountability regime 6
Clear trend for regulators across the globe to focus on individual accountability
Introduction
UK
The Senior Managers and
Certification Regime
Hong Kong
The Manager-
in-Charge
regime
Australia
The Banking
Executive
Accountability
Regime
USA
The latest guidance
on the management
of business lines and
risk management
Ireland
Proposed Individual
Accountability
Framework, including
Senior Executive
Accountability Regime
Singapore
Proposed
guidelines on
individual
accountability
and conduct
7. ICSA CPD event – senior executive accountability regime 7
Supporting
focus on
culture and
conduct
Sets clear
standards
Clarifies
responsibil
ities
Shows
how
decisions
are made
More
efficient
resolution
of issues
Constrains
excessive
risk taking
Easier to
hold
individuals
to account
“The Central Bank is a strong
advocate for individual
accountability – our regulatory
focus in this area reflects our
concern that a lack of
individual accountability is a
key cultural driver of
misconduct.”
Seana Cunningham, Director of
Enforcement and Anti-Money
Laundering
Providing clarity on obligations and consequences of wrongdoing
Rationale for enhancing the system
8. ICSA CPD event – senior executive accountability regime 8
4 key elements
Overview of the proposed reforms
• All proposed reforms will require legislative change to give the CBI the empowerment to implement.
• The CBI note that is it unlikely to see a public consultation before late 2019 and at that juncture they will be fully
committed to meaningful engagement by stakeholders via a public consultation process and all evidence-based
feedback will be considered in finalising the framework.
• There is no certainty as to when the reforms will be in place however it is important to be prepared.
Enhancing existing
standards with the
introduction of three
new sets of standards:
• Common Conduct
Standards for all staff
• Additional Conduct
Standards for senior
management
• Standards for Business
An accountability regime
which places obligations
on firms and senior
individuals within them
to set out clearly where
responsibility and decision
making lies for their
business. This will
introduce Senior Executive
Functions (‘SEFs’)
Supplementing the
existing Fitness and
Probity Regime with the
introduction of a
certification regime
which would require firms
to proactively certify on
an annual basis that the
individuals in question are
fit and proper persons to
perform their functions
Removing hurdles, namely
pursuing action against an
individual where they are
a ‘person concerned in the
management’, the case
has been proven against
the firm and it can be
proven that the individual
participated in the breach,
so the CBI can pursue
individuals directly
1. Conduct
standards
2. Senior Executive
Accountability
Regime
3. Enhancements to
Fitness and Probity
4. Unified
enforcements
process
9. ICSA CPD event – senior executive accountability regime 9
What we can expect the Senior Executive Accountability Regime to cover?
Senior Executive Accountability Regime
Firms
Individual
• Credit institutions (excluding
credit unions)
• Insurance undertakings
(excluding reinsurance
undertakings, captive reinsurance
undertakings and insurance SPVs)
• Certain investment firms
• Third country branches of the
above
The regime will introduce Senior
Executive Functions (‘SEFs’) which at
least map across to PCFs under F&P:
• Board members
• Executives reporting directly to
the Board
• Heads of critical business areas.
It is recognised that there is no ‘one
size fits all’ approach - there will be
a degree of flexibility
Responsibility maps
Each in-scope firm would be required to produce a
Responsibility Map documenting key management and
governance arrangements in a comprehensive, accessible
and clear single source of reference. The maps would
cover, but not be limited to:
• Schedule of Matters reserved for the Board
• Committee terms of reference
• Reporting lines (including within Groups)
Prescribed responsibilities
1. Role specific - each SEF will have prescribed
responsibilities to their role.
2. General list - mandatory responsibilities for firms which
must be allocated to individuals carrying out SEFs in
order to ensure that there is an SEF accountable for all
key conduct and prudential risks relevant to the firm.
Scope
Statements of responsibilities
SEFs will be required to document a Statement of
Responsibilities which clearly sets out their role and areas
of responsibilities
10. ICSA CPD event – senior executive accountability regime 10
Depending on the scale and complexity of the firm, expect opportunities as well as
challenges
The upside - a source of strategic advantage
• Emotive implications
• Understanding / interpreting the
obligations
• Underestimating the amount of work
• Developing and drafting documents
• Operational challenges
• Meeting training needs
• Timing of implementation
• Improved governance
• Faster and better decision making?
• Support culture change and initiatives
• Formalise intra-group arrangements
• Promote good customer outcomes
• Increase stand-alone operations of
Irish entities
Challenges
Opportunities
11. ICSA CPD event – senior executive accountability regime 11
What can firms do to prepare?
Looking ahead
Get your governance in order
A key first step should be to ensure that the
governance arrangements for the organisation are fit
for purpose and are not unnecessarily complex.
Make sure that all governance artefacts are up to
date
Strengthen culture
The reforms are intrinsically linked to promoting a
culture of ethical compliance by firms and
individuals. For many there is still a lot to do in this
area
Begin preparing your Board and
executives
Like any key regulatory development, it is important
that the Board and executive are up to speed,
prepared and help drive the changes. Further, some
executives may require contractual changes
Take advantage of existing processes
and capabilities
Think about existing tools and processes such as
scenario analysis, risk appetite measures etc. that
can be leveraged to understand how accountability
operates in practice and understand the nuances
Incorporate individual accountability into
training
The conduct standards suggested and SEF
responsibilities are not too different from existing
expectations, therefore start to think about how they
can be incorporated into existing training
Designate implementation responsibility
Implementation should be lead by a member of the
senior management team. Ensuring preparedness
will requite a multi-faceted team, not simply the
compliance function. Take action now to get the right
team in place
12. 12ICSA CPD event – senior executive accountability regime
Learnings from the UK’s Senior Managers &
Certification Regime
James Beasley
13. ICSA CPD event – senior executive accountability regime 13
1. Recap on the regime
2. SMCR project structure and lessons learned
3. Impact of Reasonable Steps on CoSec
4. Conclusion on the role of the CoSec in accountability regimes
5. Questions
Introduction
Senior Managers & Certification Regime
14. ICSA CPD event – senior executive accountability regime 14
New documentation
New roles and duty of
responsibility
Focus on
Individual
Accountability
Introduces Senior Management
Functions with a statutory duty
of responsibility.
The Certification regime includes
roles which can cause
“significant harm to the firm or
its customers”.
The Responsibility Map is a
requirement to describe how
individual accountability is
apportioned and how governance
operates in a firm.
The Statement of Responsibilities
set out the areas of the business
that the Senior Manager is
responsible and accountable for.
SMCR introduces some changes to
processes including enhanced criminal
record checks, monitoring conduct breaches
and obtaining regulatory references dating
back six years for people applying for
Senior Manager, Certification and non-
approved NED roles.
Introduces two tiers of Conduct Rules
to firms’ regulated and unregulated
financial services activities (including
any related ancillary activities carried
on in connection with a regulated
activity).
New Conduct Standards
Enhanced processes
Recap on the regime
The UK Senior Managers and Certification Regime - Key provisions
15. ICSA CPD event – senior executive accountability regime 15
Potential project structure and lessons learned
Lessons learned #1 - Work streams
The following table sets out a strawman implementation programme work stream structure with the areas particularly
relevant to the CoSec function in bold.
Work stream Description
Scoping
Legal entities, Senior Executive Functions, Certified staff population, conduct
rules staff populations and responsibilities allocations.
Registrations and regulatory
deliverables
Statements of Responsibilities, regulatory application forms, certified staff
data capture, job descriptions, retention of documentation.
Policies and processes
Policies and BAU processes (eg SoR maintenance and regulatory reporting).
End to end employee lifecycle. Role creation, talent acquisition, vetting, on-boarding,
annual fit and proper assessment, conduct rule breach and disciplinary,
remuneration, off boarding and referencing. Should cover roles of compliance, risk
and business in execution.
Training and communications
Notifications, training development and delivery for SMFs, Certified staff and
conduct rules staff (new joiners and ongoing).
Reasonable steps
Assessment for each Senior Executive Function and implementation of
subsequent changes including governance, delegations, escalation,
management information and record keeping
Are these work streams appropriate for your organisation?
Who should lead each work stream?
16. ICSA CPD event – senior executive accountability regime 16
Programme
considerations
Some firms experienced significant
debate over which individual should
lead the SMR project. Smaller firms
often nominated the CEO as sponsor, in
line with expectation for this individual
to be accountable for regime on BAU
basis.
Working groups typically need good
coordination across Compliance,
Legal, CoSec, HR and in some cases
COO and IT.
Once timings on the new regime are
clearer, those firms with a supervisor
may want to plan the timing of an
initial regulatory interaction as well as
grandfathering timescales.
There can be significant discussion over
key areas such as allocation of
responsibilities. The regulations require
a firm “to keep a record of its reasoning”
so clear design documentation is
important.
Cross-
Functional
Involvement
Regulatory
interaction
Programme
Ownership
Documenting
rationale
Appropriate
sequencing
of
workstreams
Board
involvement
Planning out Board milestones is important to ensure a smooth approval process. Some firms have found that Directors
(including NEDs) wanted more active discussion and the opportunity to input at an earlier stage than planned.
A considerable number of firms spent a lot of initial time on the Senior Managers aspects of the
programme, only to find that changes needed for “fit and proper and conduct monitoring” processes
have a longer than expected implementation time.
Potential project structure and lessons learned
Lessons learned #2 – Delivering the programme
17. ICSA CPD event – senior executive accountability regime 17
Population identification
Allocating
responsibilities
Responsibility map
development
Fit and proper processes
(Certification)
Individual vs. collective
responsibilities
Reasonable steps
framework development
Conduct rules monitoring
and breach reporting
Operational challenges
(maintaining records,
monitoring and recording
systems)
!
What about other unforeseen knock-on impacts
affecting CoSec?
Potential project structure and lessons learned
Lessons learned #3 – Design and development
!
!
!
!
!
18. ICSA CPD event – senior executive accountability regime 18
Knowledge and understanding
Handover – on starting or leaving a SMF role, take responsibility for
understanding all aspects of the business, including key risks in areas
where you have individual and collective responsibility.
Regulatory – maintain an awareness of relevant requirements and
standards of the regulatory system.
Technical – maintain your technical skills, through continuing
professional development.
Organise and control
Reporting lines – establish and articulate clear lines of
control in your area.
Delegation – ensure any delegations are clearly documented
and understood, and continue to oversee and review the
performance of delegated responsibilities.
Resource – maintain appropriate resource levels and
skillsets, and take steps to manage any resource constraints.
Succession planning – be proactive in identifying talent and
planning for the future.
Governance – establish relevant committees, ensure
attendees are appropriate and attend.
Review and improve
Reporting – interrogate the information you receive and
produce to identify potential improvements.
People – continually assess the competence and capability of
your team, identify training needs and deal with poor
performance.
Controls – implement, police, review and update
appropriate policies, procedures and controls.
Challenge and discussion – encourage a culture of
challenge within your team and contribute personally to
collective decision making within the firm.
Be proactive – prioritise key risk areas and take pre-
emptive actions to prevent breaches occurring.
Resolve and learn
Take action – where potential issues occur take
responsibility for ensuring they are resolved.
Support – seek and obtain appropriate expert advice
or assurance, whether internal or external.
Escalate – raise issues and follow them up with
relevant staff, committees and Boards.
Action plans – document action owners and
timeframes and follow through to completion.
Lessons learned – use resolved issues to inform and
improve your control frameworks.
Knowledge
and
understanding
Organise and
control
Resolve and
learn
Review and
improve
Evidence
!
!
!
!
!
!
!
!
!
Reasonable steps
Impact on CoSec
Market knowledge – understand the broader markets
in which the firm operates.
Your firm – receive and review regular updates and
reports from your team and maintain a wider
understanding of the activity of the firm.
19. ICSA CPD event – senior executive accountability regime 19
• Compliance, HR and the Company Secretary are key stakeholders both in the implementation of the regime and as part of the Business As
Usual (BAU) processes.
• The Company Secretary function must ensure that it is clear on its role in the implementation and under BAU.
• It should consider what BAU process will the Company Secretary function will own and which it will need to input into.
• In some firms we have seen the Company Secretary play an overarching role in maintaining compliance with the Regime, specifically in
relation to the Senior Manager elements of the regime.
• For the larger firms an SMCR Office has been established.
CoSec -
Implement
ation
• Planning and milestones for the Board – ensuring that the Board is updated as to the progress of the implementation
and that key decisions and documents are signed off efficiently.
• Briefings and deep dives for the Board – ensuring that the Board understands collectively and as individuals what the
regulatory requirements are.
• Drafting key documentation – Company Secretary is likely to play a role in supporting the documentation of the
individual Director responsibilities in their Statements of Responsibility.
• Review of MI to the Board to ensure supporting reasonable steps – At many firms the Regime has triggered a
review of MI as Board Papers are a key source of evidence when demonstrating Reasonable steps. Specifically, MI around
the various elements of the regime has been developed e.g. regarding Conduct Rule breaches.
CoSec -BAU
• Board Appointments and Suitability - There will likely be processes that the Company Secretary already supports
that will be impacted by the new regime. Appointments to the Board and Fit and Proper assessments being two key
processes.
• Supporting Reasonable Steps– There may be certain responsibilities that the CoSec will be well positioned to support
individuals in demonstrating Reasonable Steps (e.g. the Prescribed Responsibilities for Board Training)
Role of the Company Secretary in Accountability Regimes
A key stakeholder and support function
21. 21ICSA CPD event – senior executive accountability regime
Governance in financial services
About us
22. ICSA CPD event – senior executive accountability regime 22
Governance in financial services
About us
We are specialist team who provide a range of corporate governance services, sharing insight into the latest developments
and the practical challenges associated with implementing good governance. Bringing together governance consultants,
former regulators, company secretaries and industry professionals, our team delivers a wide range of governance services in
the financial services industry with the goal of helping firms operate in a robust yet efficient way.
Board and
committee
evaluation
Assessing the
effectiveness of
the Board and its
committees
through
interviews, survey
tools, review of
documentation,
case studies and
observation, to
deliver insightful,
value-adding,
reports
Individual
accountability
framework
Leveraging
experience from
similar regimes
we can provide
advice on how
such a framework
might be
implemented in
practice and the
impact on current
governance
arrangements
Governance
reviews
Conducting
independent
assessments,
internal audits
and regulatory
driven reviews of
specific areas of
governance such
as committees,
policy
frameworks,
delegated
authorities or the
overall
governance
framework
Governance
design
Designing and
implementing new
governance
frameworks (to
include processes,
policies and
procedures)
following
regulatory
scrutiny, changes
in leadership or
ownership,
growth, structural
reform, M&A
activity and legal
entity changes
Reporting and
compliance
Advising on the
latest governance
reporting
developments and
compliance
requirements,
undertaking
benchmarking
exercises and
governance
compliance
reviews
Company
secretarial
advisory
support
Conducting
function reviews
or advising on
best practice in
delivering
governance
support - our
team includes
governance
professionals and
company
secretaries who
can bring insights
in this area
23. ICSA CPD event – senior executive accountability regime 23
Colm McDonnell, Partner – Risk Advisory
+353 (0) 1 417 2348
cmcdonnell@deloitte.ie
Melissa Scully, Senior Manager – Centre for Corporate
Governance
+353 (0) 1 417 8656
mscully@deloitte.ie
James Beasley, Director – Financial Services
Governance
+44 20 7007 4793
jbeasley@deloitte.co.uk
Sean Smith, Partner – Risk Advisory
+353 (0) 1 417 2306
seansmith1@deloitte.ie
David Kinsella, Partner – Risk Advisory
+353 (0) 1 417 2529
davkinsella@deloitte.ie
Centre for Corporate Governance
Our Centre for Corporate Governance is
designed to provide boards and senior
management with a single point of access to
current developments, Deloitte perspectives,
learning materials and other useful
information related to corporate governance.
See our website for further details -
http://www2.deloitte.com/ie/en/pages/gover
nance-risk-and-compliance/solutions/center-
corporate-governance.html
Contact details
Further information