Related provisions for BIPRU 4.3.31
Table: FCA-prescribed senior management responsibilities
FCA-prescribed senior management responsibility |
Explanation |
Equivalent PRA-prescribed senior management responsibility |
Part One (applies to all firms) |
||
(1) Responsibility for the firm's performance of its obligations under the senior management regime |
The senior management regime means the requirements of the regulatory system applying to relevant authorised persons insofar as they relate to SMF managers performing designated senior management functions, including SUP 10C (FCA senior management regime for approved persons in relevant authorised persons). This responsibility includes: (1) compliance with conditions and time limits on approval; (2) compliance with the requirements about the statements of responsibilities (but not the allocation of responsibilities recorded in them);4 (3) compliance by the firm with its obligations under section 60A of the Act (Vetting of candidates by relevant authorised persons); and4 4(4) compliance by the firm with the requirements in SYSC 22 (Regulatory references) so far as they relate to the senior management regime, including the giving of references to another firm about an SMF manager or former SMF manager. |
|
(2) Responsibility for the firm's performance of its obligations under the employee certification regime |
The employee certification regime means the requirements of sections 63E and 63F of the Act (Certification of employees) and all other requirements of the regulatory system about the matters dealt with in those sections, including:4 4(1) SYSC 5.2 (Certification Regime); 4(2) the requirements in SYSC 22 (Regulatory references) so far as they relate to the employee certification regime, including the giving of references to another firm about a certification employee or former certification employee; and |
|
(3) Responsibility for compliance with the requirements of the regulatory system about the management responsibilities map |
This responsibility does not include allocating responsibilities recorded in it |
|
(4) Overall responsibility for the firm's policies and procedures for countering the risk that the firm might be used to further financial crime |
(1)2 This includes the function in SYSC 6.3.8R (firm must allocate to a director or senior manager overall responsibility within the firm for the establishment and maintenance of effective anti-money laundering systems and controls), if that rule applies to the firm. (2)2 The firm may allocate this FCA-prescribed senior management responsibility to the MLRO but does not have to. (3)2 If the firm does not allocate this FCA-prescribed senior management responsibility to the MLRO, this FCA-prescribed senior management responsibility includes responsibility for supervision of the MLRO. |
None |
2(4A) Acting as the firm’swhistleblowers’ champion |
The whistleblowers’ champion’s allocated responsibilities are set out in SYSC 18.4.4R |
|
Part Two (applies to all firms except for small CRR firms and credit unions) |
||
(5) Responsibility for: (a) leading the development of; and (b) monitoring the effective implementation of; policies and procedures for the induction, training and professional development of all members of the firm'sgoverning body. |
||
(6) Responsibility for monitoring the effective implementation of policies and procedures for the induction, training and professional development of all persons performing designated senior management functions on behalf of the firm other than members of the governing body. |
||
(7) Responsibility for: (a) safeguarding the independence of; and (b) oversight of the performance of; the internal audit function, in accordance with SYSC 6.2 (Internal Audit) or article 24 of the MiFID Org Regulation.5 |
This responsibility includes responsibility for: (a) safeguarding the independence of; and (b) oversight of the performance of; a person approved to perform the PRA's Head of Internal Audit designated senior management function for the firm. |
|
(8) Responsibility for: (a) safeguarding the independence of; and (b) oversight of the performance of; the compliance function in accordance with SYSC 6.1 (Compliance) or article 22 of the MiFID Org Regulation5. |
This responsibility includes responsibility for: (a) safeguarding the independence of; and (b) oversight of the performance of; the person performing the compliance oversight function for the firm. |
|
(9) Responsibility for: (a) safeguarding the independence of; and (b) oversight of the performance of; the risk function, in accordance with SYSC 7.1.21R and SYSC 7.1.22R (Risk control). |
This responsibility includes responsibility for: (a) safeguarding the independence of; and (b) oversight of the performance of; a person approved to perform the PRA's Chief Risk designated senior management function for the firm. |
|
(10) Responsibility for overseeing the development of and implementation of the firm's remuneration policies and practices in accordance with SYSC 19D (Remuneration Code) |
||
Part Three (applies in specified circumstances) |
||
(11) Overall responsibility for the firm's compliance with CASS |
(A) This responsibility only applies to a firm to which CASS applies. (B) A firm may include in this FCA-prescribed senior management responsibility whichever of the following functions apply to the firm: (a) CASS 1A.3.1R (certain CASS compliance functions for a CASS small firm); (b) CASS 1A.3.1AR (certain CASS compliance functions for a CASS medium firm or a CASS large firm); (c) CASS 11.3.1R (certain CASS compliance functions for certain CASS small debt management firms); or (d) CASS 11.3.4R (certain CASS compliance functions for a CASS large debt management firm); but it does not have to. (C) If the firm does not include the functions in (B) in this FCA-prescribed senior management responsibility, this FCA-prescribed senior management responsibility includes responsibility for supervision of the person performing the functions in (B) that apply to the firm. |
None |
Allocation of overall responsibility for a firm’s activities, business areas and management functions
Table: examples of how the requirements for submitting statements of responsibilities work
1Example |
Comments |
(1) A firm applies for approval for A to perform the executive director function and the money laundering function. |
There should be a single statement of responsibilities document that covers the two functions. The combined document should be included with the application for approval. |
(2) Firm X applies for approval for A to perform the executive director function. Firm Y applies for approval for A to perform the money laundering function. Both firms are relevant authorised persons. |
There should be separate statements of responsibilities for each firm. This is the case even if Firm X and Firm Y are in the same group. |
(3) A firm applies for approval for A to perform an FCA-designated senior management function and a PRA-designated senior management function. The arrangements in SUP 10C.9 for FCA functions to be absorbed into PRA ones do not apply and so there are separate applications to the FCA and PRA. |
The single statement of responsibilities document should cover both the FCA and the PRA functions. |
(4) A has approval to perform the executive director function. Later, A is to be appointed to perform the money laundering function for the same firm. This will also result in substantial changes to A’s duties as an executive director. |
The firm should not use Form J to notify the changes to A’s duties as an executive director. The firm should submit a revised single statement of responsibilities document along with the application to perform the money laundering function. The single statement of responsibilities document should cover both functions. The part relating to A’s duties as an executive director should be updated. |
(5) A has approval to perform the executive director function. Later, A is to be appointed to perform the PRA's chief risk officer designated senior management function for the same firm. This will also result in substantial changes to A’s duties as an executive director. |
The firm should not use Form J to notify the changes to A’s duties as an executive director. The firm should submit a revised single statement of responsibilities document along with the application to perform the PRA function. The firm should not submit the revised single statement of responsibilities document separately to the FCA. Instead, it should include it as part of the application to the PRA. The single statement of responsibilities document should cover both the FCA and the PRA functions. The part relating to A’s duties as an executive director should be updated. |
(6) A has approval to perform the money laundering function. The approval to perform the money laundering function is subject to a condition. The firm is applying to vary that condition. |
The firm should include a revised statement of responsibilities with the application. The firm should not use Form J. It should submit a revised statement of responsibilities along with the application to vary the approval. |
(7) A has approval to perform the executive director function and the money laundering function for the same firm. The approval to perform the money laundering function is subject to a condition. The firm is applying to vary that condition. As part of the same arrangements, there are to be substantial changes to A’s job as an executive director. |
The firm should not use Form J to notify the changes to A’s duties as an executive director. The firm should submit a revised single statement of responsibilities document along with the application to vary the approval for the money laundering function. The single statement of responsibilities document should be updated and should cover both functions. |
(8) A has approval to perform the executive director function and the PRA's chief risk officer designated senior management function for the same firm. The arrangements in SUP 10C.9 for FCA functions to be absorbed into PRA ones do not apply and so there are separate FCA and PRA approvals. The approval to perform the PRA's chief risk officer designated senior management function is subject to a condition. The firm is applying to vary that condition. As part of the same arrangements, there are to be substantial changes to A’s job as an executive director. |
The firm should not use Form J to notify the changes to A’s duties as an executive director. The firm should submit a revised single statement of responsibilities document along with the application to vary the PRA function. The firm should not submit the revised document separately to the FCA. Instead it should include it as part of the application to the PRA. The single statement of responsibilities document should cover both the FCA and the PRA functions and should be updated. |
(9) A has approval to perform the executive director function and the money laundering function for the same firm. Sometime later, A is to give up the money laundering function and take up the PRA's chief risk officer designated senior management function. This will involve major changes to A’s role as executive director. |
The answer to example (5) applies. The application to the PRA to perform the PRA function should be accompanied by a single document that: (1) contains the statement of responsibilities for the new function; (2) contains the revised statement of responsibilities for the executive director function; and (3) reflects the fact that A is no longer performing the money laundering function. |
(10) A firm has approval for A to perform the executive director function and the money laundering function. A then ceases to perform the money laundering function but continues to perform the executive director function. |
The firm must submit: (a) Form C for the money laundering function; (b) Form J; and (c) a single updated statement of responsibilities document that covers the executive director function. |
(11) A has approval to perform the executive director function and the PRA's chief risk officer designated senior management function for the same firm. Later, A gives up his role as chief risk officer. |
The firm must submit: (a) Form C for the PRA function; (b) Form J; and (c) a single updated statement of responsibilities document that covers the executive director function. The firm should not submit the revised single statement of responsibilities document separately to the FCA. Instead, it should include it as part of the notification to the PRA. |
(12) A has approval to perform the executive director function. Later, A is to be appointed to perform the money laundering function for the same firm. The application is rejected. |
The single statement of responsibilities document submitted as part of the application will no longer be correct as it reflects the proposed new approval. If the only changes to the single document in the version sent with the application are ones, clearly and exclusively tied to the new function, the firm will not need to amend the document as the changes will automatically fall away. In any other case (for instance if the application is approved conditionally), it is likely that the firm will need to update it using Form J. In any case, the FCA may contact the firm to agree a revised single statement of responsibilities document. |
(13) A has approval to perform the executive director function. Later, A is to be appointed to perform the money laundering function for the same firm. This will not result in any changes to A’s duties as an executive director. However, there have been some insignificant changes to A’s role as an executive director since the firm submitted the most recent single statement of responsibilities document. The changes are not connected to A’s appointment to perform the money laundering function. |
The answer for example (4) applies. The single statement of responsibilities document should be updated to cover the changes to A’s duties as executive director, as well as covering A’s new money laundering role. It does not matter that the changes to A’s role as an executive director are not significant. |
(14) A has approval to perform the executive director function. Later, A’s business unit grows in size and so the firm needs to apply for A to be approved to perform the PRA's Head of Key Business Area designated senior management function. However, A’s responsibilities do not change. |
The firm should submit a revised single statement of responsibilities document along with the application to perform the PRA function. The firm should submit a single statement of responsibilities document that covers both the FCA and the PRA functions. It should not submit the revised single statement of responsibilities document separately to the FCA. Instead, it should include it as part of the application to the PRA. |
2(15) Firm X has a branch in the United Kingdom. Firm Y is a UK authorised subsidiary3 of firm X. Firm X is a third-country relevant authorised person and firm3 Y is a UK relevant authorised person. Both firms apply for approval for the same individual (P) to perform the executive3director function. |
There should be separate statement of responsibilities for P for each firm. |
The single statement of responsibilities document means the single document described in SUP 10C.11.13D |
Table: Examples of how the need for dual FCA and PRA approval in relation to PRA-authorised persons is reduced
1Example |
Whether FCA approval required |
Whether PRA approval required |
Comments |
(1) A is appointed as chief risk officer and an executive director. |
No. He is not treated as performing the executive director function. |
Yes |
Chief risk officer is a PRA-designated senior management function. A’s functions as a director will be included in the PRA-designated senior management function. To avoid the need for FCA approval, A’s appointment as director should not take effect before PRA approval for the chief risk officer role. |
(2) Same as example (1), except that A will take up the role as an executive director slightly later because the approval is needed from the firm's shareholders or governing body. |
No |
Yes |
The answer for (1) applies. The arrangements in this section apply if the application to the PRA says that A will start to perform the potential FCA governing function around the time of the PRA approval as well as at that time. |
(3) Same as example (1) but the application to the PRA does not mention that it is also intended that A is to be an executive director. |
Yes, to perform the executive director function. |
Yes |
SUP 10C.9.8R does not apply if the application for PRA approval does not say that A will also be performing what would otherwise be an FCA governing function. |
(4) A is to be appointed as chief executive and an executive director. |
No. A is not treated as performing the executive director function. |
Yes |
Being a chief executive is a PRA-designated senior management function. A’s functions as a director will be included in the PRA controlled function. |
(5) A is appointed as chief risk officer. Later, A is appointed as an executive director while carrying on as chief risk officer. |
Yes, when A takes up the director role. The executive director function applies. |
Yes, when A takes up the chief risk officer role. |
SUP 10C.9.8R does not apply because, when the firm applied for approval for A to perform the PRA chief risk officer designated senior management function, there was no plan for A also to perform the executive director function. |
(6) A is appointed as an executive director. Later, A takes on the chief risk officer function and remains as an executive director. |
Yes, when A is appointed as director. The executive director function applies. |
Yes, when A takes up the chief risk officer role. |
When A is appointed as chief risk officer, A is still treated as carrying on the executive director function. A retains the status of an FCA-approved person. |
(7) A is appointed as chief risk officer. A then stops performing that role and for a while does not perform any controlled function for that firm. Later, A is appointed as an executive director with the same firm. |
Yes, when A is appointed as an executive director. The executive director function applies. |
Yes, when A takes up the chief risk officer role. |
SUP 10C.9.8R does not apply because there is no current PRA approval when A is being appointed as a director. |
(8) A is appointed as an executive director and chief risk officer at the same time. Later, A gives up the role as chief risk officer but remains as an executive director. |
No, on A’s first appointment (see example (1)). But when A gives up the role as chief risk officer, FCA approval is needed to perform the executive director function. Form E should be used. The application should state that it is being made as a result of A ceasing to perform a PRA-designated senior management function. Form A should be used if there have been changes in A’s fitness (SUP 10C.10.9D(4)) |
Yes, on A’s first appointment. |
When A stops being a chief risk officer, A stops performing a PRA-designated senior management function. However, being an executive director requires FCA approval. A does not have that approval because A did not need it when A was first appointed. The combined effect of SUP 10C.9.8R and the relevant PRA rules is that the firm has three months to secure approval by the FCA. During that interim period, A keeps the status of a PRA approved person performing the director element of the PRA chief risk designated senior management function - which is included in that function under relevant PRA rules. The relevant PRA rules say that, during this transitional period, A is still treated as performing the PRA chief risk designated senior management function and SUP 10C.9.8R says that, for as long as A is performing a PRA-designated senior management function, A does not perform the executive director function. |
(9) A is appointed as the chief finance officer and an executive director at the same time. Later, A switches to being chief risk officer while remaining as an executive director. |
No |
Yes |
The arrangements in SUP 10C.9.8R continue to apply, even though A switches between PRA-designated senior management function after the PRA's first approval. |
(10) A is appointed chief risk officer and an executive director. A goes on temporary sick leave. A takes up his old job when he comes back. |
No, neither on A’s first appointment nor when A comes back from sick leave. |
Yes |
SUP 10C.9.8R still applies on A’s return because A does not stop performing either the PRA's chief risk function or what would otherwise have been the executive director function just because A goes on temporary sick leave. |
(11) A is appointed to be chairman of the governing body and chairman of the nomination committee at the same time. |
No. A does not need approval to perform the chair of the nomination committee function. |
Yes, on first appointment. |
Being chairman of the governing body is a PRA-designated senior management function. Therefore, the answer for example (1) applies. |
2(12) ‘A’ is to be appointed to perform the Head of Overseas Branch PRA-designated senior management function (SMF19) for a third-country relevant authorised person. A is also an executive director of that firm’sUKbranch. |
No. A is not treated as performing the executive3director function. |
Yes |
A’s functions as a director will be included in the PRA controlled function. |
Note: The relevant PRA rules can be found in Chapter 2 of the part of the PRA rulebook called ‘Senior Management Functions’ |
Table: FCA-prescribed senior management responsibilities for third-country relevant authorised persons.
FCA-prescribed senior management responsibility in relation to the branch |
Explanation |
Equivalent PRA-prescribed UK branch senior management responsibility |
(1) Responsibility for the firm’s performance of its obligations under the senior management regime |
The senior management regime means the requirements of the regulatory system applying to relevant authorised persons insofar as they relate to SMF managers performing designated senior management functions, including SUP 10C (FCA senior management regime for approved persons in relevant authorised persons). This responsibility includes: (1) compliance with conditions and time limits on approval; (2) compliance with the requirements about the statements of responsibilities (but not the allocation of responsibilities recorded in them);3 (3) compliance by the firm with its obligations under section 60A of the Act (Vetting of candidates by relevant authorised persons); and3 3(4) compliance by the firm with the requirements in SYSC 22 (Regulatory references) so far as they relate to the senior management regime, including the giving of references to another firm about an SMF manager or former SMF manager. |
PRA-prescribed UK branch senior management responsibility 6.2(1) |
(2) Responsibility for the firm’s performance of its obligations under the employee certification regime |
The employee certification regime means the requirements of sections 63E and 63F of the Act (Certification of employees) and all other requirements of the regulatory system about the matters dealt with in those sections, including:3 3(1) SYSC 5.2 (Certification Regime); 3(2) the requirements in SYSC 22 (Regulatory references) so far as they relate to the employee certification regime, including the giving of references to another firm about a certification employee or former certification employee; and |
PRA-prescribed UK branch senior management responsibility 6.2(2) |
(3) Responsibility for compliance with the requirements of the regulatory system about the management responsibilities map |
This responsibility does not include allocating responsibilities recorded in it. |
PRA-prescribed UK branch senior management responsibility 6.2(3) |
(4) Responsibility for management of the firm’s risk management processes in the UK |
PRA-prescribed UK branch senior management responsibility 6.2(4) |
|
(5) Responsibility for the firm’s compliance with the UKregulatory system applicable to the firm |
PRA-prescribed UK branch senior management responsibility 6.2(5) |
|
(6) Responsibility for the escalation of correspondence from the PRA, FCA and other regulators4 in respect of the firm to the governing body and/or the management body of the firm or, where appropriate, of the parent undertaking or holding company of the firm’sgroup |
This includes taking steps to ensure that the senior management of the firm and, where applicable, the group, are made aware of any views expressed by the regulatory bodies and any steps taken by them in relation to the branch, firm or group. |
PRA-prescribed UK branch senior management responsibility 6.2(6) |
(7) Local responsibility for the firm’s policies and procedures for countering the risk that the firm might be used to further financial crime |
(A) This includes the function in SYSC 6.3.8R (a firm must allocate overall responsibility to a director or senior manager within the firm for the establishment and maintenance of effective anti-money laundering systems and controls), if that rule applies to the firm. (B) The firm may allocate this FCA-prescribed senior management responsibility to the MLRO but does not have to. (C) If the firm does not allocate this FCA-prescribed senior management responsibility to the MLRO, this FCA-prescribed senior management responsibility includes responsibility for supervision of the MLRO. (D) Local responsibility is defined in SYSC 4.8.10R (Local responsibility for a branch’s activities, business areas and management functions). |
None |
(8) Local responsibility for the firm’s compliance with CASS |
(A) This responsibility only applies to a firm to which CASS applies. (B) A firm may include in this FCA-prescribed senior management responsibility whichever of the following functions apply to the firm: (1) CASS 1A.3.1R (certain CASS compliance functions for a CASS small firm); (2) CASS 1A.3.1AR (certain CASS compliance functions for a CASS medium firm or a CASS large firm); (3) CASS 11.3.1R (certain CASS compliance functions for certain CASS small debt management firms); or (4) CASS 11.3.4R (certain CASS compliance functions for a CASS large debt management firm); but it does not have to. (C) If the firm does not include the functions in (B) in this FCA-prescribed senior management responsibility, this FCA-prescribed senior management responsibility includes responsibility for supervision of the person performing the functions in (B) that apply to the firm. (D) Local responsibility is defined in SYSC 4.8.10R (Local responsibility for a branch’s activities, business areas and management functions). |
None |
Table: To whom does COCON apply? 9
9Persons to whom COCON applies |
Comments9 |
(1) An SMF manager.9 |
|
(2) An employee (“P”) of a relevant authorised person who:9 (a) performs the function of an SMF manager;9 (b) is not an approved person to perform the function in question; and9 (c) is required to be an approved person at the time P performs that function.9 |
|
(3) An employee of a relevant authorised person who would be an SMF manager but for SUP 10C.3.13R (The 12-week rule). 9 |
|
(4) A certification employee employed by a relevant authorised person.9 |
This applies even if the certification employee has not been notified that COCON applies to them or notified of the rules that apply to them.9 |
(5) An employee of a relevant authorised person who would be a certification employee but for SYSC 5.2.27R(1) (Scope: emergency appointments) or SYSC 5.2.28AR (Scope: temporary UK role). 9 |
|
(6) Any employee of a relevant authorised person not coming within another row of this table, except one listed in column (2). 9 |
This row does not apply to an employee of a relevant authorised person who only performs functions falling within the scope of the following roles:9 (a) receptionists; (b) switchboard operators; (c) post room staff; (d) reprographics/print room staff; (e) property/facilities management; (f) events management; (g) security guards; (h) invoice processing; (i) audio visual technicians; (j) vending machine staff; (k) medical staff; (l) archive records management; (m) drivers; (n) corporate social responsibility staff; (o) data controllers or processors under the data protection legislation;10 (p) cleaners; (q) catering staff; (r) personal assistant or secretary; (s) information technology support (ie, helpdesk); and (t) human resources administrators /processors. |
(7) An FCA-approved person or PRA-approved person approved to perform a controlled function in a Solvency II firm or a small non-directive insurer. 9 |
This row does not apply to approved persons approved to perform a controlled function in SUP 10A.1.15R to SUP 10A.1.16BR (appointed representatives).9 |
(8) A standard non-executive director of:9 (a) a relevant authorised person; 9 (b) a Solvency II firm; or 9 |
This row only applies to a UK domestic firm.9 |
Note: In accordance with the Glossary, Solvency II firm includes a large non-directive insurer.9 |
- (1)
A management responsibilities map for a branch maintained by a third-country relevant authorised person must include the matters listed in SYSC 4.5.7R, subject to the modifications in (2).
- (2)
Unless the context requires otherwise, the following terms in SYSC 4.5.7R are modified as follows:
Reference in SYSC 4.5.7R
Modification
treated as a reference to the branch
governing body, management body, senior management and senior personnel
(a) treated as a reference to the branch’sgoverning body, management body, senior management or senior personnel;
(b) the Glossary definitions of these terms are adjusted so as to refer to the branch rather than the firm as a whole
treated as including the rest of the firm
treated as a reference to PRA-prescribed UK branch senior management responsibilities
functions allocated under SYSC 4.7.8R (Allocation of overall responsibility for a firm’s activities, business areas and management functions)
treated as a reference to functions allocated under SYSC 4.8.10R (Local responsibility for a branch’s activities, business areas and management functions)
- (1)
The guidance below applies to management responsibilities maps for branches maintained by third-country relevant authorised persons, subject to the modifications in (2):
- (a)
SYSC 4.5.11G to SYSC 4.5.12G (Guidance about management responsibilities maps);
- (b)
SYSC 4.5.15G (Single document);
- (c)
SYSC 4.5.16G to SYSC 4.5.17G (Purpose of SYSC 4 Annex 1G (The main business activities and functions of a relevant authorised person));
- (d)
SYSC 4.5.18G to SYSC 4.5.20G (Contents of SYSC 4 Annex 1G (The main business activities and functions of a relevant authorised person));
- (e)
SYSC 4 Annex 1G (The main business activities and functions of a relevant authorised person); and
- (f)
SYSC 4.5.21G to SYSC 4.5.22G (Records).
- (a)
- (2)
Unless the context otherwise requires, the following terms and cross-references in the guidance in (1) are modified as follows:
Reference in guidance in (1)
Modification
treated as a reference to the branch
(a) treated as a reference to the branch’sgoverning body, senior management or senior personnel;
(b) the Glossary definitions of these terms are adjusted so as to refer to the branch rather than the firm as a whole
treated as a reference to the other local responsibility function
treated as a reference to SYSC 4.6.7R
subject to modification under SYSC 4.6.9R(2)
treated as a reference to SYSC 4.8.10R
the reference to SYSC 4.5.13G in SYSC 4.5.15G(5)
treated as a reference to SYSC 4.6.29G