The FCA recently added a webpage reminding solo-regulated firms of their obligation to report breaches of its conduct rules (and ensuing disciplinary action) as required under the Senior Managers and Certification Regime (SM&CR). Firms may also have received direct notice from the FCA of the addition of this new return to their GABRIEL reporting schedules. In this alert, we look at the details of how this important new regulatory return should be completed.
What is REP008?
The full name of the new return is REP008 - Notification of Disciplinary Action relating to conduct rules staff (other than SMF managers). A downloadable version of the return (also known as Form H) can be found in SUP 15 Annex 7R.
REP008 is an annual return that must normally be submitted by 31 October, or the next business day, each year. This year, 31 October falls on a weekend therefore the return is due by 2 November. The reporting period will be 1 September to 31 August; however, again for this year only, the applicable period is from 9 December 2019 (when SM&CR came into force) until 31 August 2020.
The disciplinary action referred to in the REP008 covers:
- The issuing of a formal written warning;
- The suspension or dismissal of a person; or
- Reduction or recovery of remuneration (clawback).
Who should be submitting the return?
The REP008 should be submitted by the Senior Manager Function holder (SMF) with the Prescribed Responsibility for Performance by the firm of its obligations in respect of notifications and training of the Conduct Rules (PR3).
Firms are reminded within the return itself that this is an obligation derived from Section 64C of the Financial Services and Markets Act 2000 (FSMA). Specifically, firms are warned that providing information that is materially false, misleading or deceptive is potentially a criminal office.
Which staff does it apply to?
Again, the application this year is slightly different. Only breaches committed by Certification Staff and Directors who are not SMFs/non-Executive Directors (NED) are relevant for this year’s return.
SM&CR is formally extended to all Conduct Rules staff (i.e. all staff except SMFs and ancillary staff) from 31 March 2021 (this timetable was recently put back from 9 December 2020 due to the Covid-19 crisis). Hence, next year’s return will apply differently for two periods: from 1 September 2020 till 31 March 2021 to Certification Staff and NEDs only, and from 1 April to 31 August 2021 to all staff except SMFs and ancillary (Note that ancillary refers to support staff whose roles are incidental to the regulated activities of the firm, such as security guards, receptionists and catering staff).
What about Conduct Rule breaches by Senior Managers?
Breaches by SMFs must be reported to the FCA using Form D (available in SUP 10C Annex 6R); or a Form C where the individual’s FCA approval is being withdrawn (this is known as a qualified Form C). The notification should be made via Connect within 7 business days of the conclusion of the relevant disciplinary process. Hence, SMF rule breaches are not relevant to the REP008.
What qualifies as a Conduct Rule breach?
This is something of a £64k question and one that is undoubtedly causing angst across the industry.
Firms and their employees should already be familiar with the Conduct Rules themselves including those for all Conduct Rule individuals (COCON 2.1) and those for Senior Managers (COCON 2.2). Firms were required to provide those affected (SMFs, NEDs and Certification Staff) with training in the Conduct Rules by 9 December last year, and this should have included firm specific examples of behaviour that would amount to breaches of the Conduct Rules.
Further guidance from the FCA in the form of the general factors for assessing compliance with the rules, and specific guidance on the rules themselves, can be obtained from COCON 3 and 4 respectively.
Egregious breaches of rules (for example, market abuse which is in turn a breach of Individual Rule 5 on Market Conduct) are clear enough. Where interpretation becomes more problematic are instances of inadvertent, or what may be considered very minor, breaches.
Firms will be mindful that reporting such events to the FCA could have a serious detrimental effect on an individual’s ability to work in the financial services industry. At the same time, overlooking repeated or wanton bad behaviour is something that Firms are not permitted to ignore and discovered omissions will be treated very seriously by the FCA. We expect firms to seek legal counsel at the very least in the more marginal cases.
What details need to be reported?
Assuming there have been reportable instances of conduct rule breaches within the relevant period, the following details will have to be provided:
- Details about the individual who has committed the breach;
- Details about what Conduct Rules have been breached; and
- Details about the disciplinary action taken.
Note: where disciplinary action has not been concluded because of an appeal by the employee, or a declared intention to appeal, by the time of the REP008 submission, the event must still be reported. A follow up report on the outcome of the appeal procedure must then be made to the FCA in the next year’s return.
What if we have had no conduct rule breaches?
The simplest outcome which we hope will apply to most firms: a nil return. Note that this nil return still requires a submission on GABRIEL.
However, this is still an appropriate moment to review the Firm’s training, disciplinary and record-keeping processes in relation to the Conduct Rules, ensuring that these are all fit for purpose and specific to the Firm’s operating model and business offering.
Next steps for firms
- Check your GABRIEL schedule for the correct addition of the REP008;
- Review your disciplinary procedures and resolve any outstanding events;
- Review your disciplinary records for the reportable period against the requirements of the REP008 itself; and
- Draft the REP008 return and, subject to review by the governing body, make the submission on GABRIEL on behalf of the Prescribed Responsibility holder.
ACA provides a comprehensive and practical suite of SM&CR solutions, designed to help firms and individuals review and maintain compliance against regulatory requirements and expectations.
Our SM&CR services include post-implementation assurance reviews of your firm's current framework and ongoing assistance with employee assessments and training.
- SM&CR Implementation Planning and Support factsheet (Download)
- SM&CR Five Point Check List (Download)
- Webcast: Senior Managers & Certification Regime: Reducing Harm, Strengthening Integrity
- Webcast: Senior Managers & Certification Regime: What you need to know