SM&CR has increased emphasis on personal accountability within firms and caused many senior managers to abandon ship for less risky roles, Ascent partner lead Maria Phillips told FinTech Global.
Following the financial fallout in 2008, the UK’s Financial Conduct Authority (FCA) set out to improve the sense of responsibility in companies, particularly focusing on senior managers’ responsibilities. This culminated in the implementation of the Senior Managers and Certification Regime (SM&CR) in 2016. The regulation had two main goals: to champion cultures of staff members taking responsibility for bad behaviour and enable firms to pinpoint where accountability lies for processes. As of December 9 2019, it will also relate to solo-regulated firms and claims management companies.
The market has been positive to the regulation. When UK Finance, the trade association, polled 25 banking institutions and 60 senior managers, it found 93% felt SM&CR had improved the UK’s financial market. Now, more emphasis is being put into changing office culture, clarifying roles, deepening scrutiny and strengthening decision reviews.
However, it has some downsides. Maria Phillips, partner lead at Ascent (a RegTech firm that automates compliance) believes the regulation has helped achieve the FCA’s goal of boosting integrity but has also caused more administrative and reporting costs. The extra burdens were also noted by the UK Finance study. It recommended certain requirements be altered, such as the need of an up-to-date management responsibilities map (MRM) becoming a bi-annual process instead.
Phillips believes more challenges are on the horizon. “I feel the biggest risk for the market right now is that senior managers are leaving these roles and moving to less risky positions in FinTech, RegTech or adjacent sectors,” she said. “These senior people have considerable knowledge and with this turnover, the result may well show up in the years to come.”
Implementing technology solutions like artificial intelligence could remove some of the burdens placed on financial services and their senior managers. Phillips explained how most entities have either deployed SM&CR platforms built through repurposed HR systems, which can only handle around 50% of the workflows or they have entirely resided to a manual process. She argued that this is not the most effective way for a business to meet compliance and solving this could alleviate some of the administrative burdens they are facing.
She added, “I believe that entities require a suite of systems such as the existing HR systems which track and remediate identified conduct issues. These HR systems should work jointly with a regulatory knowledge system and a full training system that can identify a bespoke set of regulation for each senior manager. However, the problem with this suggested approach is the issue of multiple vendors. Multiple vendors are costly and need to integrate with open APIs as they form an interdependent set of platforms.”
It is impossible to completely remove the risk of human error. Deploying a dedicated solution for compliance can accelerate the operations of senior managers and remove some of their fears.
Ascent also help firms save time. Instead of forcing firms to manually sift through pages and pages of regulatory requirements and obligations, the RegTech company leverages AI to automatically identify the obligations that are most relevant to the customer — whether it is entirely new or just being updated. Its platform bolsters traceability within a business by curating every requirement needed of them and placing them into a single location where they can be monitored and managed.
Technology is becoming more intuitive every day. Greater responsibilities are being placed on AI, machine learning and natural language solutions within businesses, leaving them at the helm for many of a firm’s daily operations. But technology can make a mistake. What happens when a decision made by a solution results in a negative impact for a business or breach of compliance and who is to blame?
“The responsibility remains with the senior managers in this context and the regulation is very clear on this,” Phillips answered. “Technology will not replace the manager.” Instead, it is more useful to think of tech as a way to empower people to do more and focus on higher-priority tasks.
Accessing the full potential of technology and letting it have more control of a system is just a matter of trust, which will take time. It’s a similar problem which has faced operations between financial institutions and RegTechs. It was not that long ago that an institution would prioritise building a solution in-house, rather than looking for a third-party vendor. Regulations like the updated Payment Services Directive (PSD2) are changing this.
Over the past three years, Phillips has seen better acceptance and engagement of RegTech solutions from financial institutions. It has even gotten to the point where firms are establishing their own RegTech teams. But this is not to say things are perfect and more can still be done to foster trust and adoption between financial services firms and RegTech firms.
“I feel we are reaching a point where financial institutions know RegTechs are the way forward and RegTechs have over the last few years significantly improved their market offering,” she said. “In the next 24 months, I think we will see RegTech adoption reach its fuller potential”.
To cement the trust between financial institutions and RegTechs, Phillips believes it could be just as simple as system audits and monthly reconciliations in accounting. Through routine tests and regular feedback between the two players, they can fix any issues and tackle any rising fears.
Boosting trust between companies and technology could eventually become incorporated into the SM&CR regulation. The UK’s Treasury Committee recently argued banks should be held accountable and fined when their systems go down. Last year, TSB’s IT systems went down leaving a lot of customers without access to their online banking. Last month, Revolut faced similar technical issues which left customers unable to log into their accounts.
In an increasingly cashless society, IT failures could be devastating to consumers. The Treasury Committee believes heftier fines would encourage them to ensure their systems are more robust. One of the suggestions was to expand the SM&CR regulation to cover financial market infrastructure.
The FCA’s decision to extend the regulation to solo-regulated firms and claims management companies appeared to foster positive feelings, with businesses calling for it to cover more areas of the market., is safe to say personal accountability will continue to be a major topic in the financial market. “But it may be more on the traceability side,” Phillips concluded. “Technology is providing the path to a more cost-efficient way to comply, but regulators seem like they want more and more to be fully traceable, so undoubtedly we should keep an eye on this space”
Copyright © 2018 RegTech Analyst