UK: Senior Managers & Certification Regime: The FCA Publishes Near-Final Rules For FCA Solo-Regulated Firms

Last Updated: 13 July 2018
Article by Ian Mason, Penny A. Sanders, Kam Dhillon and Jonathan Chamberlain

The Financial Conduct Authority (FCA) has published its near-final rules and guidance on the Senior Managers & Certification Regime (SMCR).

The SMCR will replace the current Approved Persons Regime on 9 December 2019.

  • The FCA published its Policy Statement (PS 18/14) and Guide on the extension of the SMCR for FCA solo-regulated firms on 4 July 2018.
  • The PRA and FCA both issued Policy Statements (PS 18/15 and PS 15/18) on the extension of the SMCR to insurers on 4 July 2018.
  • The near-final rules and guidance contained in these Policy Statements do not differ significantly from those published in the draft consultation papers (CP 17/25 and CP 17/40 for FCA solo-regulated firms and CP 14/17 and CP 28/17 for PRA regulated insurers).
  • The SMCR aims to encourage staff to take personal responsibility for their actions; improve conduct at all levels; and make sure firms and staff clearly understand and can show who does what.

We focus here on the extension of the SMCR for FCA solo-regulated firms.


Firms need to assess the impact of the SMCR on their business now.

Key considerations for all firms

  • Which tier does your firm fall into: limited scope, core or enhanced?
  • What Senior Management Functions will apply to your firm?
  • Does your firm have individuals who will perform relevant Senior Management Functions?
  • Does your firm need to change any existing approvals, or add new ones before the SMCR begins?
  • Do you know which of your current approved persons will no longer be approved (i.e. which approvals will lapse under the SMCR)?
  • Does each of the senior managers within your firm have a Statement of Responsibility?
  • Do you know which Prescribed Responsibilities (if any) will apply to your firm and how these will be allocated to the senior managers within your firm?

Certification Regime and Fitness and Propriety Checks

  • Do you know which of the certification functions apply to your firm?
  • Do you know which employees will need to be certified on an annual basis?
  • How might the annual fitness and propriety checks fit into your firm's existing HR processes?

Regulatory References and Criminal Records Checks

  • Do you know how the new criminal record checks and regulatory reference requirements fit into your firm's existing recruitment processes?
  • Does your firm have in place the appropriate processes to obtain Criminal Records Checks for new Senior Managers? Is your firm registered with the DBS?

Conduct Rules

  • Can you identify your firm's ancillary staff (i.e. those to whom the Conduct Rules do not apply)?
  • Do you understand the Conduct Rules training and notification/reporting requirements for Senior Managers and all other staff?

Key points for firms to consider

1. Are you in scope?

The SMCR will apply to:

  1. All firms in the UK that are authorised under the Financial Services and Markets Act 2000 (FSMA) and regulated by the FCA; and
  2. EEA and third country branches with permission to carry out regulated activities in the UK.
  3. The SMCR will not apply to:
  4. Firms that are not authorised under FSMA (e.g. payment services firms); and
  5. Appointed representatives.

These firms will continue to be subject to the Approved Persons Regime.

2. If in scope, how will the SMCR apply to you?

The FCA is extending the SMCR in a way that is proportionate to the size of the firm.

As a first step, firms will need to determine which tier they fall within. There are 3 tiers of classification:

  1. Limited scope: firms in this tier will be exempt from some baseline requirements under the SMCR. Limited scope firms are those that already have exemptions under the Approved Persons Regime (e.g. limited permission consumer credit firms, sole traders, service companies, oil and energy market participants, certain insurance intermediaries and authorised internally managed alternative investment funds).
  2. Core: firms in this tier will have to comply with the baseline requirements under the SMCR.
  3. Enhanced: firms in this tier will have to comply with the extra requirements under the SMCR. Enhanced firms are those whose size, complexity and potential impact on consumers or markets warrant more attention (e.g. large investment firms, custodians, asset managers, intermediaries, consumer credit business, mortgage lenders or administrators).

3. What about group structures?

Firms must apply the SMCR at a legal entity level (rather than group level). This means there will be groups which contain firms in different tiers of the SMCR. However groups may choose to apply the highest tier of the regime to all entities in their group, but there is no expectation or requirement for firms to do this.

4. What if you are a senior manager and based overseas?

There is no territorial limitation on the SMCR. It will apply to anyone who performs a senior management function (SMF), whether they are based in the UK or overseas.

5. What are the new Senior Management Functions?

Governing Functions


Chief Executive


Executive Director


Group Entity Senior Manager




Chair of the Risk Committee


Chair of the Audit Committee


Chair of the Remuneration Committee


Chair of the Nominations Committee


Senior Independent Director



Required Functions


Compliance Oversight


Money Laundering Reporting Officer


Other Overall Responsibility


Limited Scope Function (currently the CF8 Apportionment and Oversight Function).

Systems & Controls Functions


Chief Finance Function


Chief Risk Function


Head of Internal Audit


Chief Operations Function

EEA Branches


EEA Branch Senior Manager

Third Country Branches


Head of Third Country Branch

Note for Non-Executive Directors (NEDs): Only those NEDs who hold a Chair role (including Chairs of Committees) will be approved by the FCA. Other NEDs currently approved by the FCA as CF2s will not need to be approved by the FCA - their existing approval will lapse under the SMCR. However NEDs will still be subject to the FCA's Conduct Rules, fitness and propriety requirements and regulatory reference rules.

6. What is the 12 week rule?

The SMCR allows someone to cover for a senior manager, without being approved by the FCA, where the absence is temporary or reasonably unforeseen and the appointment is for less than 12 consecutive weeks.

7. Statement of Responsibilities

The Statement of Responsibilities is a single document that every senior manager will need to have, clearly setting out their role and responsibilities. This is required under FSMA and applies to all firms.

8. Responsibilities Map

This applies to enhanced firms only. Enhanced firms must prepare and maintain a Responsibilities Map. This is a single document that sets out the firm's management and governance arrangements.

9. Certification Regime

This applies to employees whose role means that it is possible for them to cause significant harm to the firm or its customers and/or market integrity. These roles are called 'certification functions'.

These employees will not need to be approved by the FCA. Instead, firms will need to check and confirm, at least once a year, that these employees are fit and proper to perform their role and issue them with a certificate.

The certification regime only applies to employees of firms - i.e. anyone who personally provides, or is under an obligation to provide, services to the firm under an arrangement made between the firm and the person providing the services or another person, and is subject to (or to the right of) supervision, direction or control by the firm as to the manner in which those services are provided. This means it may include secondees and contractors, but does not apply to NEDs.

The following are certification functions under the SMCR:

  • Significant management function (currently CF29)
  • Proprietary traders
  • CASS operational oversight function (currently CF10a)
  • Functions subject to qualification requirements (e.g. mortgage advisers and retail investment advisers)
  • Client dealing function (anyone dealing in or arranging investments with clients, including retail and professional clients and eligible counterparties) (e.g. financial advisers, people involved in corporate finance business, people involved in dealing or arranging deals in investments and investment managers)
  • Anyone who supervises or manages a certified function (directly or indirectly) but is not a senior manager
  • Material risk takers
  • People with responsibility for algorithmic trading

Firms have 12 months from the commencement date of the SMCR to complete the fitness and propriety checks and the certification process.

The certification regime generally applies to employees based in the UK (or if overseas, employees that are dealing with UK clients) - unless the employee is a material risk taker, in which case they are subject to the certification regime regardless of their location.

10. Fitness and Propriety

This applies to all firms.

Firms must take responsibility for their staff being fit and proper to do their jobs. This applies to anyone performing a SMF or a certification function. It also applies to NEDs who are not senior managers (except in limited scope firms).

Assessing a person's fitness and propriety includes consideration of the following:

  • Honesty, integrity and reputation
  • Competence and capability, including whether the person satisfies any relevant FCA training and competence requirements
  • Financial soundness

Firms must collect evidence when assessing candidates for senior manager positions, certification functions or NED roles (even if they are not senior managers).

Firms must also undertake criminal record checks. This is mandatory for applicants for senior manager roles and NEDs who are not senior managers. It is optional for individuals performing certification functions.

Firms must request a reference for senior manager and certification function candidates from their past employers (going back 6 years unless it is for serious misconduct, in which case there is no time limit). This also applies to NEDs who aren't senior managers.

  • Past employers must disclose:
  • Details of any disciplinary action taken due to breach of conduct rules;
  • Any findings that the person was not fit and proper; and
  • Any other information relevant to assessing whether a candidate is fit and proper (e.g. number of upheld complaints).

11. The Conduct Rules

These apply to all firms and the majority of employees within the firm.

The Conduct Rules are a new set of enforceable rules that set basic standards of good personal conduct against which the FCA can hold people to account. The Conduct Rules are intended to help firms shape their culture, standards and policies, and promote positive behaviours, from the top down and the bottom up, to reduce harm.

The Conduct Rules apply to a firm's regulated and unregulated financial services activities (including any related ancillary activities).

Individual conduct rules

These apply to most employees and directors in a firm and cover:

  1. The duty to act with integrity;
  2. The duty to act with due care, skill and diligence;
  3. The duty to be open and cooperative with the FCA, the PRA and other regulators;
  4. The duty to pay due regard to the interests of customers and treat them fairly; and
  5. The duty to observe proper standards of market conduct.

Senior manager conduct rules

These cover:

  1. The duty to take reasonable steps to ensure that the business of the firm for which the senior manager is responsible is controlled effectively;
  2. The duty to take reasonable steps to ensure that the business of the firm for which the senior manager is responsible complies with the relevant requirements and standards of the regulatory system;
  3. The duty to take reasonable steps to ensure that any delegation of the senior manager's responsibilities is to an appropriate person and that the senior manager oversees the discharge of the delegated responsibility effectively; and
  4. The duty to disclose appropriately any information of which the FCA or PRA would reasonably expect notice.

Do the Conduct Rules apply to all employees in a firm?

The Conduct Rules apply to the majority of employees working in firms.

The FCA consider the following roles as ancillary and therefore out of scope of the Conduct Rules: receptionists, switchboard operators, post-room and print-room staff, facilities management, events management, security guards, invoice processing, medical staff, records management, drivers, corporate social responsibility staff, data controllers and processors, cleaners, catering staff, personal assistants and secretaries, IT helpdesk staff and human resources administrators.

Training requirements

Firms must train relevant staff on how the Conduct Rules apply to their role and a senior manager must be allocated the prescribed responsibility for this.

Senior managers and certification staff will need to be trained, and abide by, the Conduct Rules from the start of the SMCR.

Firms have 12 months to put in place processes to comply with the training and reporting requirements and train their other staff on the Conduct Rules.

Firms must notify the FCA when disciplinary action has been taken against a person for breaches of the Conduct Rules. Disciplinary action means:

  • Issuing a formal written warning;
  • Suspension or dismissal of a person; or
  • Reduction or recovery of remuneration (clawback).

For senior managers the notification must be made within 7 business days of concluding disciplinary action, and for other individuals notification must be made as part of the firm's annual reporting.

12. Duty of Responsibility

This applies to all firms.

Every senior manager must have a duty of responsibility under FSMA. It means if a firm breaches one of the FCA's requirements, the senior manager responsible for that area could be held accountable if they didn't take reasonable steps to prevent or stop the breach.

The burden of proof lies with the FCA to show the senior manager did not take the steps a person in their position could reasonably be expected to take to avoid the firm's breach occurring.

13. Prescribed Responsibilities

These apply to core, enhanced and third country branches. None of the Prescribed Responsibilities apply to Limited Scope and EEA Branches.

Prescribed Responsibilities are specific responsibilities that a firm must give to executives who are the most senior persons responsible for that activity or area. This is to ensure the senior managers are accountable for key conduct and prudential risks.

Firms can only divide or share a Prescribed Responsibility in limited circumstances, where they can show that this is appropriate and justifiable.

There are 12 Prescribed Responsibilities:

  • Performance by the firm of its obligations under the SMR, including implementation and oversight.
  • Performance by the firm of its obligations under the Certification Regime.
  • Performance by the firm of its obligations in respect of notifications and training of the Conduct Rules.
  • Responsibility for the firm's policies and procedures for countering the risk that the firm might be used to further financial crime.
  • Responsibility for the firm's compliance with CASS (if applicable).
  • Compliance with the rules relating to the firm's Responsibilities Map.
  • Safeguarding and overseeing the independence and performance of the internal audit function.
  • Safeguarding and overseeing the independence and performance of the compliance function.
  • Safeguarding and overseeing the independence and performance of the risk function.
  • If the firm outsources its internal audit function, taking reasonable steps to ensure that every person involved in the performance of the service is independent from the persons who perform external audit, including supervision and management of the work of outsourced internal auditors and management of potential conflicts of interest between the provision of external audit and internal audit services.
  • Developing and maintaining the firm's business model.
  • Managing the firm's internal stress-tests and ensuring the accuracy and timeliness of information provided to the FCA for the purposes of stress-testing.
  • For AIFMs: Responsibility for the firm's value for money assessments, independent director representation and acting in investors' best interests.

Limited scope firms and EEA branches will not need to apply the Prescribed Responsibilities, but they will apply to all other firms.

14. What about Brexit?

The FCA developed the policy in the underlying rules in the context of the existing UK and EU regulatory framework. It will keep the policy under review to assess whether any amendments will be required due to changes in the UK regulatory framework. This includes changes that result from the UK's vote to leave the EU.

15. Next steps & transitional provisions

Senior managers and certification staff must be identified and trained, and abide by the Conduct Rules, from 9 December 2019, but firms will have 12 months from that date to train other staff on the Conduct Rules.

Firms have to identify their certification staff by 9 December 2019, but have 12 months from that date to complete the initial certification processes.

Each senior manager is required to have a Statement of Responsibilities. Firms are not required to submit these to the FCA for individuals that are currently approved persons and converting over to the SMCR, but must be able to provide a senior manager's Statement of Responsibilities to the FCA on request.

16. Links for further information

Extending the SMCR to FCA firms (near-final rules) - FCA's PS 18/14:

Extending the SMCR to Insurers (near-final rules) - FCA's PS 18/15 and PRA's PS 15/18:

SMCR Guide for FCA solo-regulated firms:

Read the original article on

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

To print this article, all you need is to be registered on

Click to Login as an existing user or Register so you can print this article.

Events from this Firm
7 Nov 2019, Seminar, Birmingham, UK

Providing content specifically tailored to the needs of GCs and Heads of Legal working in government organisations and their affiliates.

14 Nov 2019, Seminar, London, UK

Providing content specifically tailored to the needs of GCs and Heads of Legal working in government organisations and their affiliates.

Similar Articles
Relevancy Powered by MondaqAI
In association with
Related Topics
Similar Articles
Relevancy Powered by MondaqAI
Related Articles
Related Video
Up-coming Events Search
Font Size:
Mondaq on Twitter
Mondaq Free Registration
Gain access to Mondaq global archive of over 375,000 articles covering 200 countries with a personalised News Alert and automatic login on this device.
Mondaq News Alert (some suggested topics and region)
Select Topics
Registration (please scroll down to set your data preferences)

Mondaq Ltd requires you to register and provide information that personally identifies you, including your content preferences, for three primary purposes (full details of Mondaq’s use of your personal data can be found in our Privacy and Cookies Notice):

  • To allow you to personalize the Mondaq websites you are visiting to show content ("Content") relevant to your interests.
  • To enable features such as password reminder, news alerts, email a colleague, and linking from Mondaq (and its affiliate sites) to your website.
  • To produce demographic feedback for our content providers ("Contributors") who contribute Content for free for your use.

Mondaq hopes that our registered users will support us in maintaining our free to view business model by consenting to our use of your personal data as described below.

Mondaq has a "free to view" business model. Our services are paid for by Contributors in exchange for Mondaq providing them with access to information about who accesses their content. Once personal data is transferred to our Contributors they become a data controller of this personal data. They use it to measure the response that their articles are receiving, as a form of market research. They may also use it to provide Mondaq users with information about their products and services.

Details of each Contributor to which your personal data will be transferred is clearly stated within the Content that you access. For full details of how this Contributor will use your personal data, you should review the Contributor’s own Privacy Notice.

Please indicate your preference below:

Yes, I am happy to support Mondaq in maintaining its free to view business model by agreeing to allow Mondaq to share my personal data with Contributors whose Content I access
No, I do not want Mondaq to share my personal data with Contributors

Also please let us know whether you are happy to receive communications promoting products and services offered by Mondaq:

Yes, I am happy to received promotional communications from Mondaq
No, please do not send me promotional communications from Mondaq
Terms & Conditions (the Website) is owned and managed by Mondaq Ltd (Mondaq). Mondaq grants you a non-exclusive, revocable licence to access the Website and associated services, such as the Mondaq News Alerts (Services), subject to and in consideration of your compliance with the following terms and conditions of use (Terms). Your use of the Website and/or Services constitutes your agreement to the Terms. Mondaq may terminate your use of the Website and Services if you are in breach of these Terms or if Mondaq decides to terminate the licence granted hereunder for any reason whatsoever.

Use of

To Use you must be: eighteen (18) years old or over; legally capable of entering into binding contracts; and not in any way prohibited by the applicable law to enter into these Terms in the jurisdiction which you are currently located.

You may use the Website as an unregistered user, however, you are required to register as a user if you wish to read the full text of the Content or to receive the Services.

You may not modify, publish, transmit, transfer or sell, reproduce, create derivative works from, distribute, perform, link, display, or in any way exploit any of the Content, in whole or in part, except as expressly permitted in these Terms or with the prior written consent of Mondaq. You may not use electronic or other means to extract details or information from the Content. Nor shall you extract information about users or Contributors in order to offer them any services or products.

In your use of the Website and/or Services you shall: comply with all applicable laws, regulations, directives and legislations which apply to your Use of the Website and/or Services in whatever country you are physically located including without limitation any and all consumer law, export control laws and regulations; provide to us true, correct and accurate information and promptly inform us in the event that any information that you have provided to us changes or becomes inaccurate; notify Mondaq immediately of any circumstances where you have reason to believe that any Intellectual Property Rights or any other rights of any third party may have been infringed; co-operate with reasonable security or other checks or requests for information made by Mondaq from time to time; and at all times be fully liable for the breach of any of these Terms by a third party using your login details to access the Website and/or Services

however, you shall not: do anything likely to impair, interfere with or damage or cause harm or distress to any persons, or the network; do anything that will infringe any Intellectual Property Rights or other rights of Mondaq or any third party; or use the Website, Services and/or Content otherwise than in accordance with these Terms; use any trade marks or service marks of Mondaq or the Contributors, or do anything which may be seen to take unfair advantage of the reputation and goodwill of Mondaq or the Contributors, or the Website, Services and/or Content.

Mondaq reserves the right, in its sole discretion, to take any action that it deems necessary and appropriate in the event it considers that there is a breach or threatened breach of the Terms.

Mondaq’s Rights and Obligations

Unless otherwise expressly set out to the contrary, nothing in these Terms shall serve to transfer from Mondaq to you, any Intellectual Property Rights owned by and/or licensed to Mondaq and all rights, title and interest in and to such Intellectual Property Rights will remain exclusively with Mondaq and/or its licensors.

Mondaq shall use its reasonable endeavours to make the Website and Services available to you at all times, but we cannot guarantee an uninterrupted and fault free service.

Mondaq reserves the right to make changes to the services and/or the Website or part thereof, from time to time, and we may add, remove, modify and/or vary any elements of features and functionalities of the Website or the services.

Mondaq also reserves the right from time to time to monitor your Use of the Website and/or services.


The Content is general information only. It is not intended to constitute legal advice or seek to be the complete and comprehensive statement of the law, nor is it intended to address your specific requirements or provide advice on which reliance should be placed. Mondaq and/or its Contributors and other suppliers make no representations about the suitability of the information contained in the Content for any purpose. All Content provided "as is" without warranty of any kind. Mondaq and/or its Contributors and other suppliers hereby exclude and disclaim all representations, warranties or guarantees with regard to the Content, including all implied warranties and conditions of merchantability, fitness for a particular purpose, title and non-infringement. To the maximum extent permitted by law, Mondaq expressly excludes all representations, warranties, obligations, and liabilities arising out of or in connection with all Content. In no event shall Mondaq and/or its respective suppliers be liable for any special, indirect or consequential damages or any damages whatsoever resulting from loss of use, data or profits, whether in an action of contract, negligence or other tortious action, arising out of or in connection with the use of the Content or performance of Mondaq’s Services.


Mondaq may alter or amend these Terms by amending them on the Website. By continuing to Use the Services and/or the Website after such amendment, you will be deemed to have accepted any amendment to these Terms.

These Terms shall be governed by and construed in accordance with the laws of England and Wales and you irrevocably submit to the exclusive jurisdiction of the courts of England and Wales to settle any dispute which may arise out of or in connection with these Terms. If you live outside the United Kingdom, English law shall apply only to the extent that English law shall not deprive you of any legal protection accorded in accordance with the law of the place where you are habitually resident ("Local Law"). In the event English law deprives you of any legal protection which is accorded to you under Local Law, then these terms shall be governed by Local Law and any dispute or claim arising out of or in connection with these Terms shall be subject to the non-exclusive jurisdiction of the courts where you are habitually resident.

You may print and keep a copy of these Terms, which form the entire agreement between you and Mondaq and supersede any other communications or advertising in respect of the Service and/or the Website.

No delay in exercising or non-exercise by you and/or Mondaq of any of its rights under or in connection with these Terms shall operate as a waiver or release of each of your or Mondaq’s right. Rather, any such waiver or release must be specifically granted in writing signed by the party granting it.

If any part of these Terms is held unenforceable, that part shall be enforced to the maximum extent permissible so as to give effect to the intent of the parties, and the Terms shall continue in full force and effect.

Mondaq shall not incur any liability to you on account of any loss or damage resulting from any delay or failure to perform all or any part of these Terms if such delay or failure is caused, in whole or in part, by events, occurrences, or causes beyond the control of Mondaq. Such events, occurrences or causes will include, without limitation, acts of God, strikes, lockouts, server and network failure, riots, acts of war, earthquakes, fire and explosions.

By clicking Register you state you have read and agree to our Terms and Conditions