What is SMCR Duty of Responsibility?

Posted by

Sharon Williams

on 30 Sep 2022

The Senior Managers and Certification Regime (SMCR) extension to all FSMA authorised firms introduced a 'Duty of Responsibility' for Senior Managers.

This Duty of Responsibility enables the regulators (the PRA and FCA) to take action directly against a Senior Manager regarding a breach at a regulated firm if they can show that the Senior Manager failed to take 'reasonable steps' to prevent or stop the breach.

When can regulators take enforcement action?

The Duty of Responsibility is in section 66A(5) of the Financial Services and Markets Act 2000 (FSMA). The statutory Duty of Responsibility has been applied to Senior Managers of banking firms since May 2016. It applied to Senior Managers of dual-regulated insurers with effect from 10 December 2018 and most FCA solo-regulated firms from 9 December 2019.

As detailed in the FSMA, to take enforcement action, the regulators must be able to show that a Senior Manager "did not take such steps as a person in the senior manager's position could reasonably be expected to take to avoid the contravention occurring (or continuing)".

The burden of proof lies with the regulators. The Senior Manager does not need to show that they took reasonable steps. It is for the regulator(s) to prove that they did not. However, while this may be the case, Senior Managers want to understand what action they can take to demonstrate that they took reasonable steps.

SMCR Best Practic Scenario Tests

What are reasonable steps?

The FCA has issued guidance that includes a non-exhaustive list of considerations that it will consider when determining whether or not a Senior Manager has taken 'reasonable steps'.

The guidance is in the FCA Handbook, in DEPP 6.2.9E.

Factors considered when assessing reasonable steps:

  1. The Senior Manager's role and responsibilities
  2. How long the Senior Manager has been in their role
  3. Whether there was an orderly handover when they took up the role
  4. Whether they have implemented adequate and appropriate systems and controls
  5. The information available to them
  6. What they did with that information
  7. How tasks had been delegated and managed.
    Free COCON Breaches Desk Aid

How to demonstrate reasonable steps

The FCA's Policy Statement, PS 18/16, sets out how the FCA will apply the Duty of Responsibility to insurers and FCA solo-regulated firms.

The PRA, in its Consultation CP14/17, proposed that its guidance for applying the Duty of Responsibility to insurers would mirror its existing guidance for applying the Duty of Responsibility to deposit-takers and PRA-designated investment firms. The PRA confirmed this approach in Supervisory Statement 28/15, issued alongside the FCA's PS 18/16.

In PS18/16, the FCA comments that it may be in the interest of a Senior Manager (SM) to keep records of relevant steps they take in case questions are raised, whether by their firm, its lawyers, auditors, insurers or customers, the FCA or another regulator.

Free SMCR Training Tips Desk Aid

How Senior Managers can protect themselves

The FCA Handbook Guidance is a useful starting point for Senior Managers when considering how to protect themselves.

1. Stay up-to-date with regulations

Keeping abreast of regulatory concerns and developments, particularly those that will impact their role and responsibilities.

2. Understand the impact of regulations

Understanding the impact of all relevant statutory, common law and other legal obligations relevant to their role and responsibilities.

3. Delegate appropriately

Ensuring that any delegation of their responsibilities is only made to an appropriate person with the necessary capacity, competence, knowledge, seniority, skill, and steps are undertaken to oversee any delegated responsibility.

Free Delegation E-learning Module

4. Create clear & effective reporting lines

Ensuring that the reporting lines concerning the firm's activities for which they are responsible are made clear to staff and operate effectively.

5. Implement knowledge & performance reviews

Implementing appropriate policies and procedures to review staff members' competence, knowledge, skills and performance to assess their suitability to fulfil their duties.

6. Implement governance & risk reviews

Reviewing the governance, operational and risk management arrangements for the firm's activities for which they were responsible, including, where appropriate, corroborating and challenging the information available to them.

7. Stay informed about activities you are responsible for

Understanding and informing themselves about the firm's activities for which they are responsible, including:

  • Seeking an adequate explanation of issues within a business area if they are not an expert in that area;
  • Maintaining an appropriate level of understanding about an issue or a responsibility that they have delegated to another individual(s);
  • Obtaining independent, expert opinion where appropriate;
  • Only permitting the expansion or restructuring of the business after having reasonably assessed the potential risks;
  • Monitoring highly profitable transactions, business practices, unusual transactions, or individuals who contribute significantly to the profitability of a business area or who have significant influence over the operation of a business area.

Free SMCR Compliance Crossword


Interestingly the FCA says that where SMs are involved in a collective decision affecting the firm's activities for which they were responsible, and it was reasonable for the decision to be taken collectively, it will review the steps.

The FCA will review whether the SM took reasonable steps to ensure:

  • That they informed themselves of the relevant matters before taking part in the decision; and
  • Exercised reasonable care, skill and diligence in contributing to it.

This point may make SMs more cautious when asked for their input or conclusions on issues that appear to depart from their allocated role and responsibilities.

It is also important that SMs and firms ensure their Statements of Responsibilities (SoR) are accurate and kept up to date. And where applicable, firms' Management Responsibilities Maps should reflect the responsibilities in Senior Managers' SoRs. The regulators will consider these documents when determining the extent of the SM's responsibilities in a firm.

In March 2019, the FCA published Final Guidance FG19/2 to assist solo-regulated firms when preparing their SoRs and Responsibilities Maps.

Click me

Want to learn more about SMCR Compliance?

We have created an SMCR roadmap to help you navigate the compliance landscape, supported by a comprehensive library of SMCR Courses and a fully integrated SMCR 360 Compliance Toolkit.

We also have over 100 free compliance training aids, including assessments, best practice guides, checklists, desk aids, eBooks, games, posters, training presentations and even e-learning modules!

Finally, the SkillcastConnect community provides a unique opportunity to network with other compliance professionals in a vendor-free environment, priority access to our free online learning portal and other exclusive benefits.

Free SMCR Implementation Best Practice Guide

FCA regulated firms have an obligation to ensure that all Senior Managers have taken reasonable steps to prevent regulatory breaches in their areas of responsibility.

Our free guide will help you follow best practices when implementing your SMCR programme.

Download your free training aid