Welcome to the OAC Digest 'Roundup and Commentary Edition', which every 4 to 6 weeks extracts from the weekly editions of OAC Digest up to 5 key regulatory news items and issues (insurance related) to provide further guidance and advice from our experts.
This edition focuses on the following 5 topics, all of which were featured in the OAC Digest in the week commencing 3 October 2016. If you would like any help reviewing your own firm’s implementation of any of the requirements below, or any help on how best to manage them, we are ready to assist you.
1. FCA Policy Statement PS16/22 – Strengthening accountability in banking and insurance: regulatory references final rules
2. PRA Policy Statement PS27/16 – Strengthening accountability in banking and insurance: PRA requirements on regulatory references (Part II)
The FCA and the PRA have published policy statements setting out the final rules on regulatory references. Regulatory references are employment references for individuals subject to the Senior Managers and Certification regimes (SM&CR), Senior Insurance Managers Regime (SIMR), key function holders (KFHs) and notified non-Executive Directors (NEDs) – collectively “in scope individuals”.
This represents a fairly significant change in requirements, as previously, only Approved Persons were captured in the regime, and there was merely a duty to provide relevant information for a "fit and proper" assessment for a controlled function, and the references had to be clear, accurate and fair.
SYSC will have a new chapter (SYSC 22) and the Supervision Manual will be updated with new forms. The full rules apply to Solvency II firms and large non-Directive firms, with fewer requirements for small non-Directives and FCA-only authorised firms. The rules come into force on 7 March 2017.
The new rules will apply to banks and insurers, and the FCA is considering whether to extend these regulatory reference rules to other FCA regulated firms. A final decision has not yet been made on this.
Relevant regulated firms will need to seek references covering the last six years of employment from all former employers irrespective of the type of firm or their regulated status. In this respect firms should take “reasonable steps” to obtain current and previous employers’ references for the preceding six years; however “reasonable steps” is not defined as this is likely to vary from case to case.
The FCA has suggested that references should be supplied within six weeks, but has also stated that the references should be provided as soon as reasonably practicable. If possible references should be obtained before an application for approval is made, but the FCA and PRA both recognise that this may not always be possible to achieve. In these circumstances there is a concession for references to be obtained no later than one month before the end of the application process.
An exception to the six-year period is in respect of serious misconduct, which has no time limit and should always be disclosed.
Annex 1 to SYSC 22 gives a template for regulatory references to be given by relevant authorised persons, and disclosure requirements. This can be attached to a request for a reference. Unregulated firms are not obliged to use the template, and in reality will probably give general employment references.
Annex 3 to FCA Policy Statement PS16/22 gives a very clear and useful table providing a summary of the combined FCA and PRA regulatory reference requirements.
In PS27/16, under point 4.25, there is a table (Table 2) setting out which requirements will apply both to full-scope regulatory reference firms and FCA-authorised firms, and which will apply only to the former.
The rules come into force on 7 March 2017, but firms will be able to start utilising the revised regulatory reference template before this date and the PRA considers that it may be good practice to do so.
Firms will need to ensure that they are ready to implement the new regulatory reference rules on 7 March 2017.
The type of information which should be disclosed includes individual conduct breaches where disciplinary action has been taken leading to: a formal written warning; suspension (but not suspension pending an internal investigation) or dismissal; or reduction or recovery of any of the person’s remuneration due to a breach of a conduct requirement. The information should include a factual description of the breach (including dates) and its outcome.
In addition the reference should include all other information that is relevant as to whether the candidate is fit and proper.
The FCA and PRA would not normally expect the disclosure to include commercially sensitive information or details of an employee’s responsibilities in addition to their main role.
The regulators have commented that the employee should be given an opportunity to comment on information in a reference, in the interests of fairness.
It is intended that the duty to supply information in a regulatory reference should apply notwithstanding any agreement or termination arrangement.
There are requirements on updating references, for example if new information comes to light that would have caused the firm providing the reference to have written the original reference differently (had that information been available at the time); any serious misconduct that occurred more than six years previously but which has only emerged within six years of the date the person left the firm; and when the receiving firm has further information, this should be taken into account in the ongoing obligation to assess fitness and propriety.
There are changes in record-keeping requirements: these will now be six years retention of disciplinary and fitness and propriety findings. A firm will not be considered to be in breach of the regulatory references requirements if the reference fails to include something for which the firm is not required to keep records.
3. FCA Consultation Paper CP16/27 – Applying conduct rules to all non-executive directors in the banking and insurance sectors
FCA Consultation Paper CP16/27 proposes to extend the application of the Code of Conduct Sourcebook (COCON) to standard (those not subject to pre-approval, consequently not subject to SIMR) non-executive directors (NEDs) in insurance firms. NEDs do not meet the definition of “employee” in FSMA. FSMA has been changed to allow the FCA to apply conduct rules to any of the directors of a firm. COCON is formed of five individual and four senior managers’ conduct rules. The proposals will come into force two months after the final rules are confirmed in Q2/Q3 2017. Consultation ends on 9 January 2017.
The FCA proposes:
- that standard NEDs be subject to the five FCA Individual Conduct Rules set out in COCON and to Senior Manager Conduct Rule 4;
- that Senior Manager Conduct Rules 1, 2 and 3 will not apply to standard NEDs unless, as well as being a standard NED, he/she also fall into one of the other categories of ‘senior conduct rules staff’ as defined in the FCA Glossary;
- to introduce additional guidance to Individual Conduct Rule 2 (the requirement to act with due skill, care and diligence) to clarify that this rule applies to a director (whether executive or non-executive) when acting as a member of the board or other governing body or of its committees;
- to extend the application of the guidance in COCON 1 Annex 1 on the role and responsibilities of NEDs to insurance firms; and
- to amend the conduct breach report (Form H).
Applying the conduct rules above will effectively reinstate the position NEDs were in under the previous Approved Persons Regime. It is our view that most if not all standard NEDs will already be meeting the requirements of these new conduct rules and the applicable standards. We also consider that standard NEDs at insurers should not be too concerned about these proposals, as they are no more than an extension of the regime requiring Boards to adhere to basic good standards of individual conduct.
4. PRA Consultation Paper CP34/16 - Strengthening accountability in banking and insurance: amendments and optimisations
This consultation paper includes the PRA’s proposed optimisations for the SIMR in sections 2 (amendments) and 4 (optimisations).
Section 2 detail:
- sets out the PRA’s expectations on the duty of responsibility;
- applies certain Conduct Rules to those non-executive directors (NEDs) who are not senior managers under the SMR or SIMR; (also see section 3. above); and
- minor, technical changes to the PRA’s Statement of Policy on conditions, time limits and variations of approval.
In particular, with regard to insurers, CP34/16 proposes (in section 4):
- amendments to Long form A, Short Form A, and Form E for Solvency II firms, and the SoR form for both Solvency II firms and large NDFs;
- that smaller insurers outsourcing their internal audit function, allocate a new Prescribed Responsibility to a NED who performs a SIMF or an FCA controlled function;
- a streamlined SIMR for firms in run-off that no longer have regulatory permissions to write new business; and
- corresponding changes to rules and (in addition to revisions for PS27/16 above) SS35/15 – Strengthening individual accountability in insurance. (Note that SS35/15 only applies to Solvency II firms and the Society of Lloyd’s and managing agents.)
The PRA states that the key differences between the streamlined SIMR for firms without permission to effect contracts of insurance and the full SIMR for Solvency II insurance firms would be as follows:
- firms without permission to effect contracts of insurance would only be required to have individuals approved to perform the Head of Firm without permission to effect contracts of insurance function (SIMF19A); Chief Finance function (SIMF2) and, where applicable, With-Profits Actuary function (SIMF21), rather than the full suite of SIMFs which Solvency II insurance firms are required to have; and
- there would be a smaller set of four PRA Prescribed Responsibilities (similar to those for small NDFs and transitional run-off firms), which these firms would need to allocate among their SIMFs, or to an FCA controlled function who is in a ‘relevant senior management function’.
However, these firms will still need to appoint key function holders (KFHs) for the four mandatory key functions (ie actuarial, risk management, internal audit, and compliance), ensure that they are fit and proper on an ongoing basis, and notify these individual KFHs to the PRA on appointment with all the information needed for a fit and proper assessment.
Consultation ends on 9 January 2017.
5. PRA Consultation Paper CP35/16 – Whistleblowing in UK branches
NOTE THAT THE FOLLOWING DOES NOT APPLY TO UK-BASED FIRMS
This consultation paper contains proposals requiring UK branches of both EEA and non- EEA insurers to inform their workers about the regulators’ whistleblowing services.
The policy proposals included in this consultation paper require:
- UK branches of non-EEA banks, and of both EEA and non-EEA insurers to inform their workers about the FCA and PRA’s whistleblowing services; and
- any non-EEA banking group with both a UK branch and UK subsidiary which is subject to the regulators’ whistleblowing rules, to inform the staff of the branch of the subsidiary’s whistleblowing arrangements. This proposal does not apply to insurers.
The proposals contained in this consultation paper have been designed in the context of the current UK and EU regulatory framework. The PRA will keep the policy under review to assess whether any changes would be required due to changes in the UK regulatory framework, including those arising once any new arrangements with the European Union take effect.
“Whistleblowers’ champion” - this prescribed responsibly does not apply to UK branches and the PRA will not be requiring UK branches to create an equivalent position.
In addition, UK branches will not be required to establish their own internal whistleblowing channels. This is because differences in the laws of the UK jurisdictions and a firm’s home country could mean whistleblowers are unprotected and could potentially be put at risk by raising concerns. When making rules on whistleblowing the PRA has always considered the protection of potential whistleblowers to be the predominant concern. As such, the PRA considers that requirements should not be put in place which might result in detrimental treatment for whistleblowers.
Consultation on Whistleblowing in UK branches ends on 9 January 2017. The final rules are expected to come into force in September 2017.
For more information
Senior Regulatory Compliance Consultant
< Back to News & insight