Mark Turner, managing director of compliance and regulatory consulting at Duff & Phelps, breaks down the six essential steps that peer-to-peer lending firms need to follow when putting a plan in place to comply with both new P2P and SMCR regulations
TWO sets of far-reaching regulations from the Financial Conduct Authority (FCA) are coming into effect on 9 December. These regulations will greatly affect the conduct and governance structure of P2P firms.
The first are a package of P2P-specific regulations that introduce more explicit requirements for firms to clarify their governance structures and to protect investors. For example, the new regulation will require firms to create formal plans for winding-down platforms. It also outlines the minimum information P2P lending platforms need to provide investors to make informed decisions and requires that investors know that their capital is at risk. There are more requirements, and if you haven’t already, I strongly encourage you to read the FCA’s policy statement which outlines the new requirements.
The second set of new regulations coming into force on 9 December is the Senior Managers & Certification Regime (SMCR), which extends to the entire financial sector industry and creates a system that enables firms and regulators to hold individuals to account for their actions. At its core, SMCR requires the formal identification and assignation of key responsibilities to accountable Senior Managers. In the case of any wrongdoing, SMCR enables the regulator to take action where those Senior Managers failed to take reasonable steps to prevent it.
SMCR gives regulators the tools to take action at the individual level if firms are not acting in accordance with the FCA’s conduct rules which are: acting with integrity, acting in the best interests of customers, and acting with due skill, care and diligence. Opportunities to avoid responsibility through the ambiguity of complex organisations structures or unclear job descriptions are also eliminated under SMCR.
Without a doubt, SMCR is going to fundamentally change the expectations on the management at P2P firms, with Senior Managers who are seen to have failed in their duties potentially facing individual enforcement action.
The two new sets of regulations combined will place several new requirements on both firms and the individuals that run them. However, this means that P2P firms don’t have long to prepare for these two new sets of regulations before they come into effect.
The following six-step process will help firms come to grips with the work that will need to be done to create a plan of action.
- Identify who the firm’s Senior Managers are and confirm individual accountabilities under SMCR.
Identify and resolve any areas of ambiguity of roles and responsibilities among senior managers. Ensure that senior managers understand what is required of them under the new rules.
- Check that existing governance and oversight arrangements are fit for purpose.
Consider whether policies, MI and committee structures are adequate for the business, and that decisions can be evidenced and securely stored so they can be retrieved if needed at a later date.
- Review marketing and financial promotions materials for compliance with new rules.
Check that marketing messaging remains appropriate, including all advertising, and that the firm’s website and other financial promotions are designed to protect less experienced investors.
- Review investor appropriateness assessment processes.
In light of the new specific requirement to conduct a formal appropriateness assessment for P2P investors, in line with guidance set by the FCA. This should include flags where the Compliance team may need to step in to ensure that both the letter and spirit of the new requirements are being adhered to.
- Check wind-down arrangements are in place.
Including the requirement to produce and maintain a “P2P resolution manual” as required under the new regulations, including the identification of backup servicer arrangements.
- Report back to senior managers.
Following steps 2-5, the senior managers identified in Step 1 should be made aware of any areas that may require further attention, to ensure they understand the risks that they are taking on under SMCR and allow them to put in place remediation plans. Where gaps are significant, senior managers will need to consider whether they require FCA disclosure.
These new requirements may take some time for P2P firms to come to grips with, however, I believe they are a step in the right direction and will help the industry grow and prosper in the long term. The regulations are designed to create the right governance structures, processes and controls – areas in which the P2P sector as a whole needs to focus its attention on if it is going to continue to appeal to retail investors.