By Dennis Slattery, CEO, EDMworks
The Financial Conduct Authority (FCA) is pushing forward with a strategy requiring senior managers to sign written statements or “attestations” in which they personally confirm their firm’s compliance with particular regulatory requirements. But it’s not just the FCA as global regulators are pursuing similar agendas. BCBS 239 being a case in point where attestations are required with respect to risk data and reporting quality and the governance processes around it.
A major driver for the attestation strategy has been the UK Banking Reform Act 2013. This seeks to implement specific responsibilities, certification requirements and conduct rules for senior management functions within the bank. After a period of consultation, the new rules are due to hit the banks this year with a potentially huge impact on senior management accountability.
A look inside the the FCA and the Prudential Regulatory Authority’s (PRA) consultation paper on the new regime shows clear overlap between BCBS 239 and the new SMR. For example, the PRA have prescribed several key responsibilities that mirror BCBS 239 objectives:
- The production and integrity of the firm’s financial information and its regulatory reporting in respect of its regulated activities
- Embedding the firm’s culture and standards in relation to the carrying on of its business and the behaviours of its staff in the day-to-day management of the firm
The FCA has included heads of business units and core functions such as risk, finance, customer service and product development within the new regime. All these functions use data for decision support and senior managers will need to ensure it is fit for their purposes. They are accountable. Whilst the Chief Data Officer isn’t specifically mentioned (surely a huge oversight), information technology is included.
There will be limited room for escape for senior managers. The FCA is pushing hard to clarify accountability within ‘matrix management’ structures that are an essential part of modern banking. Designated senior managers will have to negotiate and accept ‘Statements of Responsibility’ that state their accountabilities clearly.
Data lies at the heart of banking so initiatives on BCBS 239 for improved architecture and governance are critical for the new SMR too. This will reinforce the agenda for business ownership of data.
Workable data ownership and stewardships models, as part of a broader data governance roll-out, will be in more demand than ever. For senior managers to accept accountability for data means they must be able to delegate to key trained staff who know the data and understand the firm’s processes for maintaining data quality.
There is a deluge of regulation coming. It is absolutely crucial to look inside the regulations, see the commonality and address issues once. Effective governance and ownership models will address many aspects of the impending regulatory wave.