Action against Approved Persons/Senior Managers

The FCA can take disciplinary action against an approved person where there is evidence of personal culpability on the part of the approved person. Personal culpability will arise where the behaviour is considered deliberate, or the standard of behaviour is below that which would be reasonable. This could occur where the approved person has responsibility for managing the systems and controls, was aware of issues and weaknesses but did nothing to rectify them.

The Senior Managers and Certification Regime (SMCR) also introduced a Duty of Responsibility for every Senior Manager. This means that if a firm breaches one of the FCA requirements, the Senior Manager responsible for that area could be held accountable if they didn’t take reasonable steps to prevent or stop the breach.

The burden of proof lies with the FCA to show that the Senior Manager didn’t take the steps a person in their position could reasonably be expected to take to avoid the firm’s breach occurring. When deciding whether to take action against someone based on the Duty of Responsibility, the FCA will look at all the circumstances of the case. This includes the seriousness of the breach, the person’s position, responsibilities, and the need to use enforcement powers effectively and proportionately.

The full criteria for taking action are set out in DEPP 6.2.9 –A to 6.2.9 –F and include:

1. The SMF manager’s statement of responsibilities, including whether the SMF manager was performing an executive or non-executive role.
2. The firm’s management responsibilities map. (Enhanced Firms only)
3. How the firm operated, and how responsibilities were allocated in the firm in practice.
4. The SMF manager’s actual role and responsibilities in the firm, to be determined by reference to, among other things, minutes of meetings, emails, regulatory interviews, telephone recordings and organisational charts.
5. The relationship between the SMF manager’s responsibilities and the responsibilities of other SMF managers in the firm.

Additional considerations to which the FCA would expect to have regard include:

1. the role and responsibilities of the SMF manager (for example, such steps as an SMF manager in a non-executive role could reasonably be expected to take may differ, depending on the circumstances, from those reasonably expected of an SMF manager in an executive role;
2. whether the SMF manager exercised reasonable care when considering the information available to them;
3. whether the SMF manager reached a reasonable conclusion on which to act;
4. the nature, scale and complexity of the firm’s business;
5. the knowledge the SMF manager had, or should have had, of regulatory concerns, if any, relating to their role and responsibilities;
6. whether the SMF manager (where they were aware of, or should have been aware of, actual or suspected issues that involved possible breaches by their firm of relevant requirements relating to their role and responsibilities) took reasonable steps to ensure that the issues were dealt with in a timely and appropriate manner;
7. whether the SMF manager acted in accordance with their statutory, common law and other legal obligations;
8. whether the SMF manager took reasonable steps to ensure that any delegation of their responsibilities, where this was itself reasonable, was to an appropriate person with the necessary capacity, competence, knowledge, seniority and skill, and whether the SMF manager took reasonable steps to oversee the discharge of the delegated responsibility effectively;
9. whether the SMF manager took reasonable steps to ensure that the reporting lines, whether in the UK or overseas, in relation to the firm’s activities for which they were responsible, were clear to staff and operated effectively;
10. whether the SMF manager took reasonable steps to satisfy themselves, on reasonable grounds, that, for the activities for which they were responsible, the firm had appropriate policies and procedures for reviewing the competence, knowledge, skills and performance of each individual member of staff to assess their suitability to fulfil their duties;
11. whether the SMF manager took reasonable steps to assess, on taking up each of their responsibilities, and monitor, where reasonable, the governance, operational and risk management arrangements in place for the firm’s activities for which they were responsible (including, where appropriate, corroborating, challenging and considering the wider implications of the information available to them), and whether they took reasonable steps to deal with any actual or suspected issues identified as a result in a timely and appropriate manner;
12. whether the SMF manager took reasonable steps to ensure an orderly transition when another SMF manager under their oversight or responsibility was replaced in the performance of that function by someone else;
13. whether the SMF manager took reasonable steps to ensure an orderly transition when they were replaced in the performance of their function by someone else (Enhanced Firms only);
14. whether the SMF manager failed to take reasonable steps to understand and inform themselves about the firm’s activities for which they were responsible, including, but not limited to, whether they:

• failed to ensure adequate reporting or seek an adequate explanation of issues within a business area, whether from people within that business area, or elsewhere within or outside the firm, if they were not an expert in that area; or
• failed to maintain an appropriate level of understanding about an issue or a responsibility that they delegated to an individual or individuals; or
• failed to obtain independent, expert opinion where appropriate from within or outside the firm as appropriate; or
• permitted the expansion or restructuring of the business without reasonably assessing the potential risks; or
• inadequately monitored highly profitable transactions, business practices, unusual transactions, or individuals who contributed significantly to the profitability of a business area or who had significant influence over the operation of a business area;
• whether the SMF manager took reasonable steps to ensure that, where they were involved in a collective decision affecting the firm’s activities for which they were responsible, and it was reasonable for the decision to be taken collectively, they informed themselves of the relevant matters before taking part in the decision, and exercised reasonable care, skill and diligence in contributing to it;
• whether the SMF manager took reasonable steps to follow the firm’s procedures, where this was itself appropriate;
• how long the SMF manager had been in role with their responsibilities and whether there was an orderly transition and handover when they took up the role and responsibilities;
• whether the SMF manager took reasonable steps to implement (either personally or through a compliance department or other departments) adequate and appropriate systems and controls to comply with the relevant requirements and standards of the regulatory system for the activities of the firm.