The Senior Managers and Certification Regime (SM&CR or SMCR) is a financial services regulation in the UK designed to impose personal accountability on senior managers at financial services firms and improve the conduct of all employees at these firms. This regulation replaces the Approved Persons Regime (APR) that applied to certain senior/approved persons at regulated firms (in case of insurance firms, it replaced the Senior Insurance Managers Regime or SIMR).
Below we explain each of the key areas you need to know about when implementing the SM&CR:
There are three key parts to the SM&CR: Senior Managers Regime, Certified Persons Regime and Conduct Rules.
Enforces a detailed and clearer allocation of responsibilities between senior managers at each firm, with particular emphasis placed on key documents - 'Statements of Responsibilities' and 'Responsibilities Maps'. These will help to record the allocation of responsibility to individual Senior Managers and to demonstrate to the regulators that there are no gaps or excessive overlaps.
Senior Managers have a statutory duty of responsibility "to take reasonable steps to prevent regulatory breaches in the areas of the firm for which they are responsible".
Requires firms to check and confirm that employees performing roles relating to the firm's regulated activities are fit and proper, based on their qualifications, competence and personal characteristics. Upon confirming this, the firm needs to issue them with a certificate that must be renewed at least once a year.
A set of rules provided in the FCA's Code of Conduct Handbook (COCON) that cover all individuals: Senior Managers, Certified Persons and other employees.
The SM&CR has been rolled out in three waves:
The range of firms in the third wave is very diverse. So the FCA has grouped them into three categories to ensure that the regulation is proportionate to their sizes and activities.
It takes dozens of checks across your entire population of senior managers and certified persons to conduct SMCR. We have created SMCR 360 to save you time and reduce risk, by streamlining your processes, automating your chase-ups and helping you get it all done in a fraction of the time.
The FCA has guided that all firms must ensure that all employees subject to the conduct rules must be notified and provided with 'suitable' training, such that they have an awareness and broad understanding of all of the conduct rules, and a deeper understanding of the practical application of the specific rules which are relevant to their work.
Skillcast provides a comprehensive set of e-learning courses for all financial firms, including banking and insurance firms that are already in scope, and the solo-regulated firms that will come into scope from 9 Dec 2019.
Skillcast provides a set of courses for each type: Banking, Insurance, Core, Limited Scope and Enhanced
We provide further variations of conduct rules course for Certified Persons to cover specific positions in banking, e.g. corporate finance and customer functions.
The Senior Managers Regime (SMR) applies to those perform a Senior Management Function (SMF). The FCA has classified particular functions as SMFs, so that it knows who a firm's senior decision-makers are, and to make sure that firms clearly allocate specific responsibilities to those key individuals. In certain circumstances, firms can have more than one individual performing a single SMF. However, the FCA expects the SMFs to be shared only where it is appropriate and justified.
The list of SMFs that applies depends on the type of firm.
SMF1 | Chief Executive | Core and Enhanced firms |
SMF3 | Executive | Core and Enhanced firms |
SMF7 | Group Entity Senior Manager | Enhanced firms only |
SMF 9 | Chair (non-executive) | Core and Enhanced firms |
SMF10 | Chair of the Risk Committee | Enhanced firms only |
SMF11 | Chair of the Audit Committee | Enhanced firms only |
SMF12 | Chair of the Remuneration Committee | Enhanced firms only |
SMF13 | Chair of the Nominations Committee | Enhanced firms only |
SMF14 | Senior Independent Director | Enhanced firms only |
SMF27 | Partner | Core and Enhanced firms |
SMF16 | Compliance oversight | Core and Enhanced firms (and sole traders, authorised professional firms and oil market participants) |
SMF17 | Money Laundering Reporting officer | Core and Enhanced firms and (and sole traders and oil market participants) |
SMF18 | Other Overall Responsibility | Enhanced firms only |
SMF29 | Limited Scope Function | Limited Scope firms (e.g. limited permission consumer credit firms, authorised professional firms, firms that intermediate insurance without this being principal business) |
The Overall Responsibility requirement means that an Enhanced firm will need to make sure that every activity, business area and management function has a Senior Manager with overall responsibility for it. This is to prevent an unclear allocation of responsibilities.
Overall Responsibility means that a Senior Manager:
SMF2 | Chief Finance Function | Enhanced firms only |
SMF4 | Chief Risk Function | Enhanced firms only |
SMF5 | Head of Internal Audit | Enhanced firms only |
SMF24 | Chief Operations Function | Enhanced firms only |
In addition to the responsibilities inherent in the definition of each SMF, the regulators have listed certain 'Prescribed Responsibilities' (PRs) that the Firm is required to allocate between Senior Managers. Each PR would generally be allocated to the Senior Manager who performs the SMF most closely linked to the given responsibility. PRs can be shared but not split between Senior Managers. Where a responsibility is shared, it is recorded identically in each of the Senior Manager's Statements of Responsibilities. If there is a breach, all Senior Managers sharing that responsibility may be required to demonstrate that they took reasonable steps to prevent or stop the breach.
The list of PRs that applies depends on the type of firm. Responsibilities (a), (b), (b-1), (d) below cannot be allocated to SMF 18 (Other Overall Responsibility) and responsibilities (j), (k), (l) below should be performed by a NED if possible.
(a) | Performance by the firm of its obligations under the SMR, including implementation and oversight | All firms |
(b) | Performance by the firm of its obligations under the Certification Regime | All firms |
(b-1) | Performance by the firm of its obligations in respect of notifications and training of the Conduct Rules | All firms |
(d) | Responsibility for the firm's policies and procedures for countering the risk that the firm might be used to further financial crime | All firms |
(z) | Responsibility for the firm's compliance with CASS (if applicable) | All firms |
(c) | Compliance with the rules relating to the firm's Responsibilities Map | Enhanced firms only |
(j) | Safeguarding and overseeing the independence and performance of the internal audit function (in accordance with SYSC 6.2) | Enhanced firms only |
(k) | Safeguarding and overseeing the independence and performance of the compliance function (in accordance with SYSC 6.1) | Enhanced firms only |
(l) | Safeguarding and overseeing the independence and performance of the risk function (in accordance with SYSC 7.1.21R and SYSC 7.1.22R) | Enhanced firms only |
(j -3) | If the firm outsources its internal audit function, taking reasonable steps to ensure that every person involved in the performance of the service is independent from the persons who perform external audit, including supervision and management of the work of outsourced internal auditors, and management of potential conflicts of interest between the provision of external audit and internal audit services | Enhanced firms only |
(t) | Developing and maintaining the firm's business model | Enhanced firms only |
(s) | Managing the firm's internal stress-tests and ensuring the accuracy and timeliness of information provided to the FCA for the purposes of stress-testing | Enhanced firms only |
(za) | Responsibility for an AFM's assessments of value, independent director representation and acting in investors' best interests | Authorised Fund Managers |
Senior Managers have a statutory duty of responsibility "to take reasonable steps to prevent regulatory breaches in the areas of the firm for which they are responsible".
The FCA can take action against a Senior Manager (SM) where it can show that:
The burden of proof for all these elements lies on the FCA. The SM does not need to show that they took reasonable steps - rather it is for the FCA to prove that they did not. The defence against such action is if the senior manager can show that they took "the steps that are reasonable for a person in that position to take to prevent a regulatory breach from occurring".
All Senior Managers must be approved by the FCA, which assesses whether are fit and proper to perform the given function or responsibility.
Three key factors determine whether you are Fit and Proper:
When determining a person's financial soundness, the FCA will not normally require a statement of assets or liabilities of the person. Limited financial means does not in itself affect the suitability of a person to perform an SMF.
When appointing a Senior Manager or Certified Person, firms are required to obtain a regulatory reference from all their past employers going back six years. This requirement also applies when appointing NEDs who are not Senior Managers. For this purpose, firms need to retain records of disciplinary and fit and proper findings going back six years, and not enter into arrangements that conflict with their disclosure obligations.
SM&CR incorporates new high-level standards of behaviour that will apply to almost all employees who carry out financial services activities in a firm. Some Conduct Rules apply to all employees, while others apply only to Senior Managers. The Conduct Rules are intended to drive up standards of individual behaviour in financial services. By applying them to a broad range of staff, the FCA aims to improve individual accountability and awareness of conduct issues across firms.
Individual Conduct Rules (ICRs): apply to all employees, with the exception of ancillary staff, such as facility managers, personal assistants, receptionists, medical staff, IT and HR, who perform a purely non-financial services role. These ICRs also apply to Non-Executive Directors.
Senior Manager Conduct Rules (SMCRs): apply to only to Senior Managers, including NEDs (SC 4 even applies to out of scope NEDs)