The Senior Managers

Regime - impact on internal audit

and audit committees

Ian Gardner, Partner

Charles Portsmouth, Director

Background and overview of SMCR

Lessons learnt from the first round of

SMCR

The impact of individual accountability on

Heads of Internal Audit / Audit Committee

Chairs

Areas of focus for internal audit

Session coverage

Ongoing Individual Accountability

Senior Managers Regime

Certification Regime

Conduct Rules

SMCR is an individual accountability framework focusing

on professional standards and culture in the financial

services sector

• Most solo regulated firms

• Coverage of all 3 requirements Core Regime

• Largest and most complex firms (<1% of solo firms)

• Subject to extra requirements

Enhanced regime

• Firms currently subject to a limited application of Approved Persons Regime

• Fewer requirements than Core firms

Limited scope firms

Proposed extension of SMCR to all FCA regulated firms

Senior

Managers

Regime

Key elements of SMR

Duty of

Responsibility

Senior

Management

Functions

Statement of

Responsibilities

Prescribed

Responsibilities

Criminal

Records

Checks

Regulatory

References

Handover

Procedures

Overall

Responsibility

Persons pre-approved by PRA /

FCA Conduct Rules

Certification

Regime

Key elements of Certification Regime

No pre-approval by PRA / FCA

Applies to people who are not

Senior Managers but who can cause

significant harm to the firm or its

customers

Criminal

Records Checks

Regulatory

References

Firm must certify annually the

individuals are fit & proper for their

role

Conduct Rules

Certification

Regime

Fitness & propriety

Criminal

Records Checks

Relevant

Qualifications

Competence /

knowledge /

experience

Personal –

good repute

Regulatory

References

Personal -

integrity

Responsibilities

Map

Management & governance arrangements

Senior Managers & responsibilities

Reporting lines

Allocation of Prescribed Responsibilities

Linkage to group governance arrangements

Apply to

(nearly) all staff

You must:

Act with integrity

Act with due skill, care and diligence

Be open and cooperative with the regulators

Pay due regard to the interests of customers and treat them fairly

Observe proper standards of market conduct

Conduct Rules – First Tier

• the business of the firm for which you are responsible is controlled effectively.

• the business of the firm for which you are responsible complies with the relevant requirements and standards of the regulatory system.

• any delegation of your responsibilities is to an appropriate person and that you oversee the discharge of the delegated responsibility effectively.

Disclose appropriately any information of which the FCA or the PRA would reasonably expect to have notice.

Conduct Rules – Second Tier

Senior Managers must take reasonable steps to ensure:

SMCR: Common Misconceptions

Just an iteration of

the Approved Person’s regime

Does not involve

any sensitivity

No linkage

with other systems / processes

Other business areas not involved

SM&CR is owned by

Compliance

Challenges Record keeping

BAU Ownership

Identifying Certified Persons

SMF direct reports

Annual Certification

Handover process

Regulatory references

Role of HR, 2LOD & 3LOD

SMCR: Key implementation challenges

Understanding

Accountability

Governance

Reasonable steps

Alignment

Embedding

What steps are reasonable? Evidence

needed?

Processes & controls operating in line

with my responsibility?

Do I understand SMR and my own role &

responsibilities?

How do I appoint & oversee direct reports

& ensure I remain accountable?

MI to Board or Committee robust,

focussed, timely & accurate?

Robust processes embedded but

responsive to change in business?

Challenges for SMFs and questions for IA

The Impact of SMR on Audit Committees

Practical implications

• Conducting and evidencing effective Chairmanship

• Evidential and proactive support for and management of Head of Internal Audit

AC Chair: Responsibility for chairing and overseeing the performance of any committee responsible for the oversight of the internal audit function …

Significant functions

An effective Audit Committee demonstrates the attributes of a high performing team

Clear vision

Focussed discipline

Teamwork

Inspiring leader

Key attributes

Impact of SMR – Heads of IA

Senior Manager Regime

Certification Regime

Conduct Standards

Role/ responsibilities

Fitness & propriety

Team leadership

Relevance of IA activity

Insightful/ impactful assurance

Stakeholder engagement

Say it as it is

IA's culture

Practical

implications - HIA

Conduct standards

Quality

Delivery

Impact/ influence

Evidence

Practical

implications – IA function

Potential areas of

focus

Conduct standards

Accountabilities & delegation

Fitness & propriety

Reporting & management information

Governance

Training & awareness

Role of HR, 2LOD & 3LOD

Thematic areas of focus for IA