The Covid-19 pandemic was the ultimate test for the operational resilience of many firms. But despite the many logistical challenges, the financial services industry has so far come through the crisis relatively unscathed. However, it did shine a light on the importance of being prepared for disruption, whether that be third-party issues or a data breach.
As such, the FCA is due to publish its policy statements on the matter, alongside the PRA and BoE. In order to be proactive and protect your business, you should already be mapping out your key business activities – those that need to stay functioning in order to service customers – and the resources needed to keep them running. We’d also recommend stepping up your assurance and oversight of third-party providers. They play a key part in your ability to serve your customers and meet regulatory expectations.
The end of the transition period came and went, and while a new UK-EU trade deal was secured at the eleventh hour, it offered little in the way of clarity for the financial services sector. The FCA has put in a number of measures to ensure a stable and smooth transition, including the temporary permission regime (TPR).
In Q1 of 2021, we expect to see the finalised guidance to the FCA’s consultation paper on its approach to international firms.
Come March 2021, solo-regulated firms should’ve undertaken the first assessment of the fitness and propriety of their Certified Persons, submitted their data for the FCA Directory, and trained all staff across the business on the new conduct rules.
Interestingly, the FCA has previously come under fire for having ‘no teeth’ when enforcing SMCR. With the watchdog repeatedly reinforcing its commitment to improving culture and governance, with the regime at the heart of it all, it could be that the regulator doubles down on enforcement in response to said criticism. In which case, you need to be ready.
Firstly, you’ll need to get all the evidence lined up to show that every Certified Function holder in your business is fit and proper, and that you can clearly demonstrate the assessment criteria. For both the certification regime and the new conduct rules, aligning annual assessments and training with existing HR processes can save a lot of time and effort.
To fully meet FCA expectations, we’d recommend using scenario testing on a regular basis. This’ll uncover how robust your SMCR arrangements really are, whether your Senior Managers truly understand what’s required of them, and whether you need to plug any gaps in your policies and procedures.