Understanding the “significant management” certification function

“Significant Management” is one of the 8 “Certification Functions” detailed in SYSC 27 (the others being CASS oversight, Proprietary trader, Functions requiring qualifications, Managers of certification employees, Material risk takers, Client-dealing and Algorithmic trading).

There are basically two routes that can lead to the conclusion that an individual is performing the “significant management” certification function.

Firstly, anyone with “significant responsibility for a significant business unit” will be performing the “significant management” certification function.[1]

Secondly, anyone performing certain specified roles which would constitute senior management functions except for the fact that the senior management functions in question do not apply to the firm, will also be regarded by the FCA as performing the “significant management” certification function.

“Significant responsibility for a significant business unit”

In practice, the determination as to whether an individual has “significant responsibility for a significant business unit” requires a firm to exercise a degree of judgement – specifically in terms of what constitutes “significant responsibility” and what constitutes a “significant business unit”.

“…significant responsibility…”

The question of whether a responsibility is “significant” needs to be considered in terms of the nature and scale of a firm’s activities.?Put simply, the larger, more complex and more risky an activity for which an individual is responsible, the more likely it is that this responsibility will be “significant”.?Helpfully, the FCA has provided a non-exhaustive list of factors which firms should consider on this front.?These are:

1.??????the size and significance of the firm’s business in the UK;

2.??????the number of regulated activities carried on, or proposed to be carried on, by the firm (or other members of its group);

3.??????its group structure;

4.??????its management structure (for example, matrix management); and

5.??????the size and significance of its international operations, if any.[2]

?

“…for a significant business unit…”

A “business unit” is NOT limited to one that carries on commercial activities with customers and third parties or one that earns revenue. ?Rather, a “business unit” can be an internal support department that has no contact with people outside the firm. This could include human resources, the legal department, operations, or information technology.[3]

The following (non-exhaustive) list of factors can help to determine whether a “business unit” is “significant”:

1. its risk profile;
2. its use or commitment of the firm’s capital;
3. its contribution to P&L;
4. the number of employees, certification employees or senior managers within the unit;
5. the number of customers of the unit; and
6. any?other factor?which makes the unit significant to the conduct of the firm’s affairs so far as relating to a regulated activity (remember: to qualify as an FCA “Certification Function”, the function(s) performed by an individual must be connected to the performance of a regulated activity (SYSC 27.3.4G(2)).[4]

?The FCA provides an illustrative, non-exhaustive list of “significant business units”.?This includes being the head of (or being a member of a committee that makes decision in relation to) any of the following:

1.??????retail banking;

2.??????personal lending;

3.??????corporate lending;

4.??????salvage or loan recovery;

5.??????proprietary trading;

6.??????designated investment business;

7.??????effecting contracts of insurance;

8.??????credit-related regulated activity;

9.??????making material decisions on the commitment of the firm’s financial resources, its financial commitments, its assets acquisitions, its liability management or its overall cash and capital planning;

10.???processing confirmations, payments, settlements, insurance claims, client money and similar matters;

11.???administration of contracts of insurance;

12.???complaints handling; or

13.???determining whether an applicant should be accepted for credit (including lending) and on what terms.[5]

?

Specified roles which constitute “significant management”

“Significant management” and senior management functions

A person performs the “significant management” certification function if the person performs a role which satisfies the definition of Chief Finance Officer (SMF 2), Chief Risk Officer (SMF 4), Head of Internal Audit (SMF 5) or Chief Operations Officer (SMF 3) BUT that FCA-designated senior management function does not apply to the firm in question.

By way of example, an individual who may be performing the “significant management” certification function is the Chief Risk Officer of an SM&CR ‘core’ firm.?The Chief Risk Officer Senior Management Function does NOT apply to core firms. As such, that person would be regarded as performing the “significant management” certification function, rather than the Chief Risk Officer Senior Management Function. However, this would only be the case if there was no other relevant Senior Management function being performed by the individual in question.?For example, if the individual was performing the Chief Risk Officer role as part of their job as an Executive Director (a Senior Management Function which DOES apply to core firms) then the individual would be considered to be performing the Executive Director Senior Management function (SMF 3) rather than the “significant management” Certification Function.[6]

“Significant management” and the legal function

By way of reminder, a UK SMCR firm must ensure that, at all times, one or more of its Senior Managers has “overall responsibility” for each of the activities, business areas and management functions of the firm.[7]?However, notwithstanding this requirement, a firm may allocate local or overall responsibility for the legal function to someone who is not a Senior Manager.[8]?The FCA will consider that individual to be subject to the certification regime on account of the fact that he/she is performing the “significant management” (or the “material risk taker” certification function (or both)).[9]

?

[1] SYSC 27.8.4R

[2] SYSC 27.8.8G

[3] SYSC 27.8.7G

[4] SYSC 27.8.9G.?

[5] SYSC 27.8.5G

[6] SYSC 27.8.7AG

[7] SYSC 26.3.1R

[8] SYSC 26.4.9R

[9] SYSC 27.9.1G