Roles and responsibilities of Managers

Back to Articles

Unlike some of the other sections of the FSA’s HSF1 application form, section H, ‘Compliance with our regulatory requirements’ was relatively easy to complete. Yes, we will have PII that is fully compliant with the minimum standards; yes, we will be compliant with the training and competence requirements; and yes, we will be compliant with the complaint handling requirements, to name but a few. We have also said yes to; ‘Will the firm be compliant with the senior management arrangements, systems and controls requirements from the date of authorisation?’

Having confirmed this, we have until January 14th 2005 to ensure we are doing it all. As Directors/Managers of your firm, you may well be an Approved Person and therefore accountable for your firm’s activities. Whilst we have all been wrapped up in SYSC, PRU and CASS; sourcebooks that are key to our preparation process, we mustn’t forget the principles which we as individuals must comply with. PRIN lists the 11 principles applicable to all firms which, in turn, cascade down to Approved Persons via the APER sourcebook. The 7 principles applicable to Approved Persons (as individuals) complement at least one of the principles applying to the firm. So, as long as you, as an approved person, comply with your seven principles, the firm will be well on the way to complying with its.

With one (or more) Approved Person(s) elected to take the apportionment and oversight function they will need to ensure that the various responsibilities will be allocated appropriately, and systems and controls maintained through effective supervision. However, just because one person is responsible for this controlled function, don’t forget to include your managers in the planning process. The SYSC (Senior Management Arrangements Systems and Controls) sourcebook is one that all managers will need to understand and it requires some thought and planning. Involve all your managers as much as you can in this process. Ensure they have input into how the rules can be applied to the day-to-day operation of your business – after all, they will be heavily involved in carrying them out.

This sourcebook covers a wide area but, for the purpose of selecting a few, have a think abut the following:

The structure of your organisation: Is your firm structured with clear reporting lines? Who is responsible for complaints, training, finance requirements and so on? How have you assessed their suitability to carry out the task?  What happens when one of these individuals is absent?

Business strategy and risk management should be given consideration. The FSA requisite is to identify, measure, manage and control all risks of regulatory concern. Have a think about any risks that could affect your business detrimentally and result in it being unable to meet its regulatory obligations. How are changes within the business communicated to staff, bringing them up to date with new procedures, updates, changes in regulation and general industry awareness? How can you reduce the chance of mismanagement and fraud within the business? How do you make certain there are always competent individuals to cover all aspects of the business at any one time? What is your contingency plan if you are unable to work from your business premises (i.e. disaster recovery)? How will you continue to operate effectively in such an event?

Have a think about all the types of management information that your firm produces and consider how it is used, or could be used, to help you review the effectiveness and compliance of your business. Information such as your complaints log, policy sales, cancellation rates and commission rates can help with effective business management and planning.

Of course as the list goes on it becomes obvious that the management controls we adopt and operate within our firms are going to be vital to our successful compliance. We must be very clear on the basics, that is what do we need to do, on a regular basis, to ensure we are compliant, we remain compliant and we can prove it.

Create a checklist of all the tasks/checks/processes that must be conducted regularly in order to implement and monitor all the disciplines adopted by your firm – use it as a working document. You may consider it unnecessary to have a dedicated audit committee (due to the size of your firm) but this doesn’t mean the responsibility of checking your firm’s compliance does not apply. Conduct regular and structured management meetings, for the purpose of reviewing your firm’s compliance against the requirements. Identify current and potential issues and resolve them.

And, as I’m sure you’ve heard before; don’t forget to document what you do. Remember your compliance manual should be an integral part of your compliance practises and procedures. Don’t let it gather dust in the corner – make it a discipline that forms part of normal working practises in your firm. It should be referred to, adhered to, reviewed and maintained. All employees should know where it is, what sections apply to them, and what each contains.

And whilst you are doing this try and keep in mind that the purpose of regulation is to install good business practises, to protect consumers and make sure we are providing a professional service. Many of us are already making a good job of this and so it may not end up being the mammoth task it appears. Yes, it’s going to take time and effort to conduct a gap analysis of where your business is at and what it needs to do. But having done this you may find yourself with a business plan that, with a bit of focus and attention, helps make your firm compliant and adds to the effectiveness and value of your existing management controls.

This article was written by Elizabeth Mills, Director, Broker Network

An edited version of this article was published in Insurance Times