The prudential regulator for UK insurance firms is consulting on regulatory changes that it hopes will herald a new era of personal accountability for senior insurance managers. Yet the ball is also going to be put very firmly in the hands of the firms they work for. If recent thematic reviews from the conduct regulator are anything to go by, many regulated insurance firms will have their work cut out to meet the proposed standard.
The Prudential Regulatory Authority (PRA) has just released its proposed ‘senior insurance managers regime’ (SIMR) for consultation. It’s described as a new regulatory framework for individuals, designed “to ensure the fitness and propriety of all those individuals who are effectively running an insurer or performing a key function”. And the roles covered are executive ones: chief executive officer, chief finance officer, chief risk officer and head of internal audit (collectively to be called senior insurance manager functions – SIMFs) .
That’s OK, many of you will think: “I’m not one of them”. A closer look into the SIMR consultation indicates a different story. Here’s how.
These SIMFs have to be able to able to demonstrate that they meet three generic standards: acting with integrity, acting with due skill, care and diligence, and dealing with regulators in an open and co-operative way. How they do this is focussed around a set of ‘prescribed core responsibilities’. Five of the 10 listed caught my eye:
- ensuring that the firm has complied with the obligation to satisfy itself that persons performing a key function are fit and proper;
- leading the development of the firm’s culture;
- embedding the firm’s culture and standards in its day-to-day management;
- induction, training and professional development for all the firm’s key function holders;
- maintenance of the independence, integrity and effectiveness of the whistleblowing procedures, and the protection of staff raising concerns.
It then talks about embedding these responsibilities in policies, disciplinary and recruitment procedures, and the like. This all has a familiar ring to it, so what’s new for firms?
Firms have to “…carry out their own fit and proper assessment of those ‘key function holders’…“, as well as (everyone take note) those to whom a SIMF holder has delegated those prescribed core responsibilities. The PRA will then supervise those assessments on an ex-post basis. In other words, the regulator will be monitoring firms’ assessment of their senior managers’ responsibilities, just as much as the individuals themselves.
So while the SIMR may indeed herald a new era of personal accountability in the UK insurance market, it will also put a new onus on firms to prove that their executives have met the ‘fit and proper’ standards. I suspect that ‘self assessment’ by the SIMF holder in question, or a few references and checks by the firm, will see the regulator do one of those quick draws in of breath that UK builders are famous for when asked how much repairs will cost.
The PRA will be looking for evidence of training and ongoing professional development around issues like conflicts of interest, ethical culture and whistleblowing. And for evidence of how the firm has assessed its ethical culture and taken steps to guide it in the right direction. It will pay particular attention to whistleblowing. And, as ever, it will want to see evidence of monitoring and oversight of all this.
Individual accountability – yes, and the two regulators are sure to hold up failings in a quite public manner. But what we will see more of will be firms fined for having inadequate ‘fit and proper’ assessments. Just as insurance firms have been fined for poorly implemented processes to control bribery (even though no bribery was found), the same will happen for inadequate ‘fit and proper’ assessments, even when all the executives were above reproach. Indeed, those insurance firms most as risk of this could be those run by executives with impeccable credentials. That would be a hard blow to such executives to take.