The leading knowledge platform for the financial technology industry
The leading knowledge platform for the financial technology industry

A-Team Insight Blogs

International Compliance – A New Era for SMCR

Subscribe to our newsletter

By Andrew Shrimpton, Executive Chairman of Compliance Consulting at IQ-EQ

With great power comes great responsibility. Yes; but in the era of SMCR, heads of compliance have found out that even a medium amount of power now comes with an almost unpalatable amount of personal accountability – and legal jeopardy.

In many cases, this has already resulted in an unseemly game of buck-passing, as senior managers attempt to work out who is legitimately responsible for what – and what can be distributed elsewhere. And for the 10% of currently approved persons who are not based in the UK, it has been tempting to regard this as just another London-based spectator sport.

But this is all set to change. Buck-passing is going global, as the FCA attempts to close what it regards as a fundamental weakness in the financial market. The rules of responsibility will apply equally to foreign-domiciled compliance managers with a UK office, team and infrastructure as they do to firms founded and solely based in Britain.

That means, if the London office makes a mistake, you can still be held accountable, fined or worse, even if you’re based in New York, Boston or San Francisco.

This is quite a substantial liability shift and there is plenty that can be done to prepare, but in reality, many firms are repeating the mistakes of 2018 when GDPR came in, by burying their heads in the sand and assuming that geography would protect them. It didn’t then, and it won’t now.

All of this puts current international Heads of Compliance in an interesting position. Accept responsibility they can’t realistically adopt (or don’t want to) – or hand over the head of compliance title to someone who will, or who feels they can.

This personal Catch-22 is one of a series of questions that firms, and more importantly, individuals within those firms, will need to find answers to. One of the first things that firms will need to do is establish whether its governance structure is appropriate for the newly international SMCR jurisdiction.

In other words, is it realistic that someone outside the UK, with different working practices, cultures and even time zones, can take on the role as head of compliance? Is it enough to have a UK counterpart? Would it, in fact, be better to relocate responsibility entirely?

Firms will also need to codify responsibility to make sure the buck really lands where it’s supposed to – and that everyone understands where that is. Statements of responsibilities that set out clear duties and responsibilities, and reasonable steps that managers have to take to stop things going wrong in the first place will be needed. These are very much the end goal rather than the starting point, and should represent some pretty in-depth analysis of the firm’s current compliance processes.

It is also important to have the right systems and processes in place to make sure that paper-based accountability can be turned into reality. We often see internal ways of working, supported by embedded systems that act against responsible persons, making it easier to be irresponsible – especially in time-dependent workflows. If processes are easy and intuitive, people will do them. If they’re not, they’re far less likely to. If the person responsible is on the other side of the Atlantic, that creates intolerable levels of risk.

Firms should also make sure that the type and level of accountability is actually suited to the person it is assigned to – and then change it if necessary. The big question here is whether the individual is able to reply fully to any questions from the FCA about what is happening in the UK office.

All this will loom large in September, once the industry comes back from its summer holidays – and then there’ll be no more excuses for sand: you’re either lying on it, or burying your head in it.

Subscribe to our newsletter

Related content

WEBINAR

Recorded Webinar: Adverse media screening – how to cut exposure to criminal activity, from money laundering to human trafficking

Screening for adverse media coverage of counterparties presents an incredible opportunity for financial institutions to limit risk exposures and identify bad actors early. It is required by regulations such as the EU’s sixth Anti-Money Laundering Directive (AML 6), and is one of the most effective ways to steer clear of potential connections with sanctioned activity...

BLOG

A-Team Group ESG Handbook 2021 Details Environmental, Social and Governance Investing and Disclosure

A-Team Group has expanded its portfolio of industry-leading publications with the release of ESG Handbook 2021, a guide to Environmental, Social and Governance (ESG) investing, disclosure, and product development. The handbook offers capital markets participants, data vendors and solutions providers extensive coverage of all elements of ESG, from an initial definition and note on why...

EVENT

ESG Data & Tech Summit 2022

The inaugural ESG Data & Tech Summit will explore challenges around assembling and evaluating ESG data for reporting and the impact of regulatory measures and industry collaboration on transparency and standardisation efforts. Expert speakers will address how the evolving market infrastructure is developing and the role of new technologies and alternative data in improving insight and filling data gaps.

GUIDE

ESG Handbook 2021

A-Team Group’s ESG Handbook 2021 is a ‘must read’ for all capital markets participants, data vendors and solutions providers involved in Environmental, Social and Governance (ESG) investing and product development. It includes extensive coverage of all elements of ESG, from an initial definition and why ESG is important, to existing and emerging regulations, data challenges...