Head of Commercial and Governance at EC3 Legal Sara Ager gives a fuller explanation of the regime than that issued on the grandfathering deadline.
There are some important changes currently being put into place by the Prudential Regulation Authority (PRA) and the Financial Conduct Authority (FCA) in the form of the Senior Insurance Managers Regime ('SIMR') and the FCA's changes to the Approved Persons Regime. This is a new statutory duty on senior managers (including NED’s) to take reasonable steps to prevent regulatory breach and came into effect in January 2016 and with them bring personal liability for Senior Managers in their area of responsibility.
The rules aim to standardise UK regulations with the EU's Solvency II Directive by encouraging senior managers and other key figures who run insurers to act with integrity, honesty, care and skill. The key drivers of the revised rules are the desire to ensure that senior managers take responsibility for their actions and that the regulating authorities are able to easily identify, and hold to account, specific individuals who may have allowed a regulatory breach to occur in their area of responsibility.
The regulations apply to UK insurance and re-insurance firms as well as branches of non- EEA insurers, society of Lloyds and managing agents and Insurance special purpose vehicles.
The SIMR is a natural extension of Pillar 2 under Solvency II. As part of governance and risk management, firms will be required to make an on-going assessment of the fit and proper status of all persons performing key functions.
What do the regulations call for?
The SIMR replaces the Significant Influence Functions which formerly operated under the Approved Person regime. The range of people subject to PRA approval will now be narrowed to those falling within certain role-specific criteria, with the aim being to increase individual accountability
What is required by the Company regulated by the PRA/FCA:
- they must identify all persons carrying on Key Functions (namely Risk Management, Compliance, Internal Audit & Actuarial)
- must ensure that persons who perform Key Functions are fit and proper
- must allocate Prescribed Responsibilities to an approved person and must provide the PRA with a summary of the significant responsibilities allocated to each Key Function Holder
- must draw up and maintain a Governance Map
- must require a Key Function holder to observe PRA Conduct Standards and a person performing a Key Function to observe PRA Individual Conduct Standards
- notify the PRA of new Key Function Holders, seek PRA approval of new SIMFs and seek FCA approval of new FCA controlled functions.
What does it mean in practice?
The provisions were brought into effect on 1 January 2016 and are being implemented in stages until 7 September 2016 when they will be fully in force.
Governance maps were to have been in place by 1 January 2016. Where an individual had been carrying on a function corresponding to a Key Function under the old regime, there was a provision allowing for the ‘grandfathering’ of those individuals by submitting an application for approval of SIMF’s and the FCA for controlled functions. The deadline for submission of these applications was 8 February 2016 and meeting this deadline would have avoided the need to make a completely new application.
If the grandfathering deadline of 8 Feb 2016 was not met, new applications needed to have been submitted by 4 March 2016 as the SIMR comes into force on, and Prescribed Responsibilities are to be allocated by, 7 March 2016. 7 March 2016 is the date at which Approved Persons become subject to the new Conduct Rules.
Looking forward, by 7 September 2016 all Scope of Responsibilities documents is to be ready for FCA review. It is not required that these documents are submitted to the FCA as a matter of course but the FCA maintains the right to request that these be submitted at anytime after 7 September 2016.
7 September 2016 is also the date on which the Whistleblowing rules take full effect with firms being required to implement a host of measures to protect Whistleblowers.
The following roles are expressly included within the new regime although this list is not intended to be exhaustive:
PRA - Senior Insurance Management Functions (SIMFs)
- Executive Functions: Chief Executive/Chief Finance /Executive Director/Chief Risk/Head of Internal Audit
- Oversight Functions: Chairman/Chair of Risk Committee/Chair of Audit Committee/Chair of the Remuneration Committee/Senior Independent Director (N ED)
- Group functions: Chief Actuary/With Profits-Actuary/Chief Underwriter/Underwriting Risk Oversight
- Third Country branch function
- Insurance specific functions
FCA - Significant Influence Functions (SIFs)
As above for the PRA plus
- Governing functions not approved by PRA to include: nominations committee/chair with profits /director of unincorporated association
- Required functions: Compliance/Risk/Governance/CASS oversight/Money Laundering
How does the SIMR differ to the Approved Persons Regime?
What will be needed?
- Governance MapsThis should be at least updated quarterly and in the event of a significant change to the firm's governance structure. The Governance Map is to set out the firm's governance arrangements identifying by name that is responsible for which Key Function.
Approved Person Regime AmendmentsThe FCA and PRA will be involved in the approval of the most senior executive and non – executive directors at Insurers:
- The PRA will need to pre-approve SIMF
- The FCA will need to pre approve SIF
Key Function HoldersThe PRA must be informed of new and existing Key Function Holders and provided with information so that Key Function Holders can be assessed. The following Key Function Holder individuals will need the PRA’s pre-approval to perform, before they can start performing the role, the CEO, CFO, CRO, Chief Actuary, Head of Internal Audit, and for GI firms, the Chief Underwriting Officer. All SIMFs and SIFs must be fit and proper and the Company will need to satisfy that the person can perform this role and evidence the following:
- they are of good character
- they are competent, knowledgeable and have relevant experience
- have the necessary qualifications
- have the necessary training
- A new set of Conduct StandardsThese conduct standards are similar to current APER conduct standards but with a new responsibility for the oversight of the discharge of any delegated responsibilities, along with a responsibility related to the PRA’s insurance objective. The Conduct Standards will be directly enforceable against PRA SIMFs (and certain FCA SIFs) and, for the first time, other senior executives and directors of a parent (or group) company who have a significant influence on the management or conduct of a firm’s affairs.
- Ensuring that the firm has complied with its obligations to satisfy itself that every person who performs a key function is a fit and proper person
- Responsibility for overseeing the adoption of the firm’s culture in the day-to-day management of the firm
- Production and integrity of the firm’s financial information and its regulatory reporting
- Management of the allocation and maintenance of the firm’s capital and liquidity
- Development and maintenance of the firm’s business model
- Performance of the firm’s Own Risk and Solvency Assessment (ORSA)
- Induction, training and professional development for all the firm’s key function holders (other than members of the governing body)
- Policies and procedures for the induction, training and professional development for all members of the firm’s governing body
- Responsibility for leading the development of the firm’s culture by the governing body as a whole
- Oversight of the independence, integrity and effectiveness of the firm’s policies and procedures on whistleblowing and for ensuring staff who raise concerns are protected from detrimental treatment
- Oversight of the firm’s remuneration policies and practices
What are the considerations for the Company?
- All Companies need to have or begin to review their governance arrangements (including Group arrangements, where relevant). One would hope that firms have identified and assigned PRA SIMFs and FCA CIFs responsibilities and have reviewed relevant job description to ensure that they are applicable with appropriate reporting lines and observe conduct rules. This however, is an on-going responsibility and there needs to be both cultural awareness and processes to support this on-going requirement.
- Companies will need a Governance map and a process to review the Governance map to include:
- regular review and update of the Governance map
- annual appraisals
- business development
- There is a need to raise awareness of the reasonable expectations of regulators and the importance of consistent and accurate record keeping.
- Provide advice and support, to include D&O cover, as appropriate, for their Senior Managers and in particular NED’s. Ensure that the NED’s sitting on their Board are suitably skilled for performing the function that is required from them and provide a means to keep their knowledge current.
- In respect of other regulatory requirements, by way of illustration conduct risk principles and reporting, the Company must ensure that the information made available and fed up to senior managers caught by this regime allows them to perform their function properly and does not unnecessarily expose them to regulatory fines and penalties.
For more information please contact Sara Ager at EC3 Legal LLP.