The COVID-19 crisis has renewed business focus on operational risk and resilience, and business continuity planning (BCP). These activities require defined accountabilities for and effective control of key functions, clear and effective delegation of tasks, and oversight of responsibilities and key risks across the organisation.
These concepts also are central to the Central Bank of Ireland’s proposed Individual Accountability Framework and Senior Executive Accountability Regime (SEAR).
SEAR will apply to, at a minimum, the Pre-Approval Control functions (PCFs) under the current fitness and probity regime who will occupy Senior Executive Functions (SEFs). Under SEAR, and similar to the UK Senior Manager and Certification Regime (SM&CR), they will be required to:
Below we outline regulatory developments which provide useful insights into how PCFs can address both the challenges posed by COVID-19 and prepare for individual accountability under SEAR.
In February 2020 the CBI proposed introducing new PCF roles focussing on individuals responsible for key areas of business risk, such as IT resilience, as well as significant business areas. These proposed roles include the Chief Information Officer and Head of Material Business Line.
Similarly, the UK SM&CR introduced the Chief Operating Officer Senior Manager Function (SMF) in late 2017, with responsibility for managing the internal operations and technology of the firm. Subsequently the UK regulators released a series of discussion and consultation papers focussing on operational resilience, most recently in January 2020. They contain the following key themes:
These principles are consistent with recent European regulatory activities. They are relevant not only to Senior Manager Functions such as the COO, but also to each Senior Manager who is individually accountable for demonstrating adequate control and oversight over his or her respective area(s).
This UK approach provides useful insight for Irish institutions both dealing with the current COVID-19 environment, and preparing for the introduction of SEAR. Current PCF role holders should ensure that they fully understand their accountabilities and responsibilities, and areas of operational risk and resilience within their functions (such as outsourcing risk and dependencies on third parties). Ultimately, they must ensure that their respective functions are effectively controlled, and that tasks are not only delegated effectively but also subject to ongoing oversight and challenge when required. In the current environment, this is even more of a challenge and therefore requires focused attention.
In your role as PCF/SEF, below are some questions for consideration across key business activities in your firm:
We hope that you find these insights useful. Please feel free to contact us if you wish to discuss this or any of your needs further.