On 23 January 2019, the FCA published Consultation Paper CP19/4*** “Optimising the Senior Managers & Certification Regime and feedback to DP16/4 – Overall responsibility and the legal function” (the “Consultation Paper”). The consultation period closes on 23 April 2019, with a Policy Statement slated for Q3 2019 and a ‘go live’ date for the new regulations of 9 December 2019.
By way of background, the Senior Managers Regime (“SMR”) requires all banks, insurers, and enhanced sole-regulated firms to appoint a Senior Manager who assumes “Overall Responsibility” for each of the firm’s activities, business areas and management functions. Questions had been raised as to how this requirement applied to the legal function. The answer will come as music to the ears of most General Counsels within financial services firms.
The issue was first highlighted in a Discussion Paper published by the FCA in September 2016. Some respondents argued that including the legal function within the SMR was appropriate as the legal function often performs more than simply an advisory role – assisting with product design and approval, acting as an operational ‘line of defence’ and even making a contribution to overall business performance. It was also suggested that inclusion of the legal function within the SMR would reinforce its independence, emphasise its importance as a control function and drive up standards of conduct.
On the flip side, other respondents argued that the principle of legal professional privilege would be undermined if the legal function were included within the SMR. Under the SMR, every Senior Manager is subject to a Duty of Responsibility. As a result, a Senior Manager can be held accountable if he/she has not done that which is reasonable to prevent a regulatory breach occurring on his/her ‘patch’ on his/her ‘watch’. It was argued that the existence of the Duty of Responsibility with respect to the legal function would put firms under pressure to waive legal professional privilege so as to allow Senior Managers who were also Heads of Legal to prove that they had discharged their legal obligations. This, it was said, could give rise to a conflict of interest between, on the one hand, the need of a Head of Legal to rely on legally privileged information so as to demonstrate compliance and, on the other hand, the requirement for that individual to recommend the non-disclosure of information which was protected by legal privilege.
Concerns were also raised that including the legal function within the SMR might undermine the independence of the function. Arguments focused on the possibility that personal accountability might make in-house counsel more conservative and less likely to pro-actively offer advice or challenge actions of other functions. It was also pointed out that Senior Manager Conduct Rule 4 requires Senior Managers to notify the FCA of anything of which it would reasonably require notice. This, it was pointed out, could create a conflict with the duty of confidentiality and Principle 4 of the Solicitors Regulatory Authority – which requires legal practitioners to always act in the best interests of their clients.
Ultimately, the FCA proposed to exclude the Head of Legal from the requirement to be approved as a Senior Manager. The main driver behind this was the potential adverse impact that it might have on the principle of legal professional privilege and the potential for conflicts of interest to arise. Of course, this DOES NOT mean that anyone who is a solicitor is exempted from inclusion as a Senior Manager. So, for example, a COO or Head of Compliance who happens to be a lawyer will still be in-scope for the purposes of the SMR.
On balance, the arguments supporting exclusion of the legal function from the SMR are more persuasive and so the FCA should be applauded. It is true that legal functions are often involved in the design and approval of new products. However, this helps greatly in enhancing basic regulatory compliance and so should be encouraged, not put in jeopardy. Whether considering new product approval specifically, or the effectiveness of an internal legal function more generally, the principles of independence and legal privilege both play critical roles. They are the ‘grease to the wheel’ which enable frank conversations to take place and commercial risk-based decisions to be taken in their proper context. Proposals to bring the legal function within the scope of the SMR always seemed far more likely to endanger, rather than support, these principles. It’s only natural to be more cautious and circumspect when you feel a finger pointing at you. Let’s not forget that the SMR is specifically designed to engender just this type of feeling. But is it really what you want from your most senior lawyer? His or her real value comes from ‘telling it like it is’, warts and all. And to what end anyway? Heads of Legal will be included under the Certification Regime in any event (and all lawyers will be subject to the Conduct Rules). As such, almost all of the benefits of including Heads of Legal within the SMR are delivered, but without the concomitant risks.
One of the stated intended outcomes of the SM&CR is that it will drive the improvement of systems and controls within firms. Put simply, the FCA wants to be able to come, ‘lift the bonnet’ on a firm and quickly assess the suitability of senior management. The impact of these rules should not be underestimated. The concept of personal liability is focusing the minds of senior executives on the processes they currently follow and the audit trails that are generated. As part of our new regtech JV, we at DRS are developing a prototype application designed to help firms navigate their way through the minefield that is the SM&CR. If compliance with this regulation may prove challenging for your firm and you think that you might benefit from a different perspective on how compliance might be achieved, pick up the phone or drop us a line.