• Skip to primary navigation
  • Skip to main content
  • Skip to footer
The Evolution of ESG RegulationThe Evolution of ESG RegulationThe Evolution of ESG Regulation

CUBE global

  • Products
        • RegPlatform product overviewOur enterprise product, providing regulatory intelligence for large, global financial institutions looking to tackle complex compliance.
        • RegAssure product overviewOur highly intuitive, seamless compliance product, that grows with your small or medium sized business.
        • CUBE's technology
  • Solutions
        • PrivacyGlobal governance for data privacy regulations, the world over
        • RecordsHolistic oversight of ever-growing regulations for records
        • CybersecurityAutomated workflows for up to date, relevant data on cyber
        • Technology riskEffective policies and controls to mitigate technology risk
        • Financial crime and AMLWatertight audit trails to show risk-based rationale
        • View all solutions
  • Resources
        • Resource hubLifting the lid on financial services, compliance, and regulation
        • Read

        • Case Studies
        • Blog posts
        • Reports
        • RegNews
        • Brochures
        • Find

        • Compliance Corner
        • Compliance confessions
        • ESG Conference
        • CUBE’s regulation game
        • Listen

        • Videos
        • Webinars
        • Podcasts
  • Partners
        • Advisory and consulting partnersEnhance your regulatory compliance offering with the entire suite of CUBE regulatory data.
        • Integration partnersCompliance is complex enough without over-complicated integration procedures.
        • Technology partnersAdd value to existing customer applications with a unified window into regulatory intelligence.
        • Partners overview
  • About us
        • About usThe story of who we are, how we got here and why we’re exceptionally proud of what we do
        • TeamThe visionaries and leaders powering CUBE’s success
        • NewsThe latest news from CUBE
        • CareersOur movement to transform regulatory data into regulatory intelligence
        • ContactWant to know more? Get in touch
  • Request a demo
Customer login
Home » Resources » Senior Managers and Certification Regime (SMCR): an overview

Estimated reading time: 5 minutes

What is the Senior Managers and Certification Regime?

The Senior Managers and Certification Regime is a regulation designed to enhance the accountability and conduct of UK financial services firms and their employees.

Administered by the Financial Conduct Authority (FCA), the Senior Managers and Certification Regime (SMCR) imposes a range of compliance obligations on individuals and firms, including training and certification requirements, with potentially significant penalties for non-compliance.

A brief history of SMCR

The SMCR was conceived in the wake of the 2008 financial crisis and followed the publication of the UK’s Parliamentary Commission on Banking Standards (PCBS). The PCBS recommended a new approach to accountability in the banking industry, with an emphasis on the conduct of senior management employees.

Introduced in 2016, the SMCR replaced the UK’s existing set of conduct rules: the Approved Persons Regime (APER). The SMCR was initially applied to the banking sector (banks, building societies, credit unions, and large investment firms) before it was expanded to dual-regulated insurance providers in 2018, and then to all FCA-regulated firms from December 2019.

The impact of Covid-19 on SMCR

The SMCR’s Conduct Rules were originally set to be introduced for UK solo-regulated firms by 9 December 2020 but the FCA pushed back the implementation deadline to offer firms more flexibility under Covid-19 pandemic restrictions. The new deadline for the implementation of the Conduct Rules was set for 31 March 2021.

What is the Senior Managers Regime?

The SMCR requires firms to ensure that senior employees are suitable for high responsibility roles. Accordingly, the SMCR’s Senior Managers Regime requires firms to conduct suitable due diligence on their senior managers including criminal record checks, credit checks and directorship checks.

Managers must be approved by either the FCA or the Prudential Regulation Authority (PRA) prior to assuming their positions, and be certified by those regulatory bodies once a year. Senior Managers Regime also requires firms to set out the obligations of each senior manager clearly in a Statement of Responsibilities.

What is the Certification Regime?

The SMCR’s Certification Regime seeks to address the risk posed by employees whose role may allow them to do ‘significant harm to the firm or its customers’. Under the Certification Regime, firms must implement a certification process for employees to ensure that they are fit and proper to perform their roles competently and safely. Although the specific certification process does not need to be approved by the FCA or the PRA, it should be suitably robust and involve, for example, a criminal record check.

What are the SMCR’s Conduct Rules?

The SMCR’s Conduct Rules are intended to raise a firm’s professional conduct and accountability standards, shaping both internal culture and policy. The rules establish minimum standards of conduct that can be judged by the FCA, and emphasize a need for responsibility at a personal and institutional level. The Conduct Rules apply to employees at every level of authority (ancillary employees may be exempt) and are split into two tiers:

  • Individual Conduct Rules. Applicable generally to most employees in a firm, the individual conduct rules require individuals to:
    • Act with integrity, care, skill, and diligence.
    • Cooperate with the FCA, PRA, and other regulators.
    • Treat customers fairly and act in their interests.
    • Observe proper market standards.
  • Senior Manager Conduct Rules: The second tier of conduct rules requires senior managers to:
    • Take steps to control their business effectively.
    • Ensure that their business is run in compliance with the relevant regulatory standards.
    • Delegate their responsibilities (where necessary) to an appropriately qualified person and provide oversight to ensure that the chosen person discharges those responsibilities correctly.
    • Disclose any necessary information to the FCA and PRA.

SMCR Compliance Considerations

Employee screening is the foundation of SMCR compliance. Firms must be confident that the individuals they appoint to senior management positions are capable of providing effective oversight and contributing to a culture of regulatory accountability. Accordingly, an SMCR employee screening solution should feature the following measures and processes:

  • A definition of a senior management role.
  • The specific background checks necessary for each senior management role.
  • The Statement of Responsibilities relevant to each senior management role.
  • Regulatory pre-approval (FCA, PRA) of senior managers.
  • Verification that senior managers understand their responsibilities and how to avoid compliance violations.
  • Definition and identification of Certified Persons.
  • Assessment of Certified Persons (with annual reassessment).
  • Training for all employees that are subject to Conduct Rules.

The penalties for SMCR non-compliance

Non-compliance with SMCR regulations carries both personal and institutional liability. SMCR penalties range from fines and financial restrictions to custodial sentences for individuals, and vary depending on the seriousness of the breach (as assessed by the FCA).

The FCA tends to impose financial penalties for SCMR breaches. In 2018, SMCR fines totaled £785,000, including a £321,000 fine for a senior manager of Barclays who breached the Individual Conduct Rules. Beyond addressing failures in accountability, due diligence, and professional fitness, the FCA’s approach to SMCR compliance focuses on incidents of market abuse, money laundering, and financial crime.

What is the future of SMCR?

The FCA has acknowledged the disruption to SMCR compliance caused by the Covid-19 pandemic restrictions. In April 2020, it issued guidance for firms seeking to use temporary arrangements to manage the challenges of the crisis such as staff absences and other health and safety concerns. With that in mind, the temporary modifications to SMCR compliance that were introduced as a result of the pandemic are set to be rolled back over the course of 2021 – with the expectation that those measures will end by 30 April 2021.


Some observers have pointed out that the number of SMCR enforcement actions has been relatively low. While the collective amount of SMCR fines has increased since 2017, almost one third of SCMR investigations that have been opened since its introduction have been closed with no action. The pace of SMCR investigations and the number of enforcement actions they generate are expected to increase as UK Covid-19 restrictions are rolled back.

Related resources
View all articles
A man in a suit leaning on a large percentage sign.
Compliance Corner

What is STIFC?

Lightbulbs
Compliance Corner

Fintech vs Regtech: what is the difference?

Image shows a hand at a cash machine, typing in their pin.
Compliance Corner

What is the Bank Secrecy Act?

All about the California Consumer Privacy Act
Compliance Corner

California Consumer Privacy Act 2023 Update


Want CUBE updates and latest industry news sent straight to your inbox?

Footer

Add CUBE logo here

  • Products
    • Partners
    • Solutions
  • Resource hub
    • Blogs
    • Reports
    • Brochures
    • Compliance Corner
    • Webinars
    • Podcasts
    • Videos
  • Behind CUBE
    • About us
    • Meet the team
    • Careers
    • News US
    • Contact us
  • The legal bits
    • Privacy policy
    • Cookie policy
    • Terms of use
    • Accessibility
Follow us:
  • LinkedIn
  • Twitter
  • YouTube

© 2023 CUBE Content Governance Global Limited

  • English
  • US