UK: Eleven Questions Answered On The Senior Managers And Certification Regime

Last Updated: 2 August 2018
Article by Celyn Armstrong, Craig Neilson and Katharine Harle

In early July the FCA and the PRA published a number of documents relating to the extension of the Senior Managers and Certification Regime (SMCR) to those firms not currently subject to that regime. These included policy statements and rules which were described as "near final", as they require approval from HM Treasury. Whilst the regulatory communications were broadly as the industry and commentators had expected from the consultation, the FCA has helpfully clarified a few matters that some firms asked about during the consultation process.

This note will briefly describe the current position regarding SMCR implementation, before setting out 11 questions that the FCA has answered in relation to firms which are regulated by the FCA but not the PRA (so called "solo-regulated" firms).

Background and update

The SMCR has applied to banks, building societies and credit unions, as well as the eight investment firms authorised by the PRA, since March 2016. The FCA issued consultation papers in 2017 proposing how it should be rolled out to all solo-regulated firms. Both the PRA and the FCA also consulted on the extension of the SMCR to insurers, which are currently subject to the Senior Insurance Managers Regime; this is not dissimilar to the Senior Managers Regime but does not include the extensive and onerous provisions of the Certification Regime and Conduct Rules. See our previous Insight piece for further details on the regime.

The regulators have now issued a number of policy statements and supervisory statements setting out in detail how the regime will apply to insurers and FCA solo-regulated firms. The FCA has also published two guides on the SMCR, aimed respectively at each type of firm. Finally, the FCA has issued a consultation paper on establishing a "directory" of individuals at SMCR firms (including banks) who will no longer be shown on the Financial Services Register. The Directory Consultation Paper will be the subject of a separate Dentons Insight piece.

In general the FCA is implementing the regime as proposed in the consultation papers. There are only a few minor changes, mainly around the boundary between the "core" and "enhanced" versions of the regime.

The FCA notes that Brexit may require certain amendments to the rules, though, as the SMCR is a (rare) example of UK regulatory policymaking that does not derive from EU legislation, these are unlikely to be extensive and will only affect EEA firms and branches.

The SMCR will come into force for insurers on 10 December 2018 and, subject to Treasury approval, for solo-regulated firms on 9 December 2019.

Eleven questions answered

1 Will firms need to appoint someone to each Senior Management Function?

The SMCR provides a more granular list of Senior Management Functions (SMFs) than the current list of controlled functions. This has prompted some firms to ask whether they are required to have individuals fulfilling each function. The FCA has confirmed that they do not: the general principle is that if a person is to carry out a role that is designated as an SMF they must be approved as such, but otherwise there is no general requirement to appoint individuals to hold SMFs.

This means that those firms that are not currently required to have a Compliance Officer or Money Laundering Reporting Officer are not required to appoint them under the SMCR. Likewise, although there are designated SMFs for the chairs of the Risk, Audit, Remuneration and Nominations Committees, the SMCR does not itself require firms to establish such committees or appoint individuals as their chairs.

2 How should firms in the enhanced regime formalise arrangements with senior individuals in the wider group?

The FCA notes that some firms may have allocated responsibility for specific functions to senior executives in other companies in the group. This will generally not be an issue for firms in the limited and core regimes, but firms in the enhanced regime are likely to have to apply for the group executive to be a senior manager. The reason is that, under the "no gaps or overlaps" principle, enhanced regime firms must allocate responsibility for each of their business areas, activities and management functions to specified individuals. If the relevant individual would not otherwise be a senior manager, they must be approved to perform the Other Overall Responsibility role (SMF18). The FCA suggests that the relationship between the firm and the relevant senior manager should be formalised, for instance through a contract of employment or a formal board delegation document.

3 Must the board chair be a non-executive director?

At present board members will be approved as either the CF1 (executive director) or CF2 (non-executive director) function. Under the SMCR the board chairperson will need to be approved to hold a specific SMF, namely the SMF9 Chair function. Whilst in banks the chair is expected to be a non-executive, the FCA has clarified that in solo-regulated firms the chair may be either executive or non-executive, though the FCA notes that there may be other obligations or good governance practices that require the chair to be a non-executive director.

4 Does the general counsel of an enhanced regime firm need to be a senior manager?

Whether the general counsel must be a senior manager is a question with a vexed history. In the banking regime, the FCA left the legal function out of its indicative list of key business and management functions. Whilst this list was not intended to be exhaustive, most banks and advisers assumed this omission to be deliberate. The FCA later clarified its view that the legal function was a key management function and, if the general counsel was accountable to the board for their oversight of that function, they should be a senior manager. However, the FCA said it would consult on the question and banks that had, in good faith, not made their general counsel a senior manager did not need to change their approach in the interim.

A discussion paper followed, but no consultation. In the press conference to launch its 2018/19 business plan, the FCA said the planned consultation had been a casualty of the need to devote extra resources to Brexit and would not take place until April 2019 at the earliest.

The FCA SMCR policy statement again states the FCA's view that the legal function is not exempt from the "overall responsibility requirement" applicable to enhanced firms (i.e. the "no gaps or overlaps" principle referred to above). However, the policy is under review and the position will be clarified by a further consultation, and if necessary further rules, before the SMCR comes into force.
As things stand, firms subject to the enhanced regime should plan on the basis that their general counsel should be a senior manager. However, it is worth noting that the FCA has stressed that the general counsel is accountable for the management and oversight of the legal function, rather than for the (privileged) legal advice that they or their lawyers give.

5 How should enhanced regime firms allocate the Chief Operations Function?

The Chief Operations Function (SMF24) is defined as "the most senior person responsible for managing the internal operations (including HR), systems and technology of a firm". As there is considerable variation in how these responsibilities are apportioned amongst firms in practice, the FCA's rules give some detailed guidance on who should hold the function. Broadly, where there is a single senior person reporting to the board on these functions, he or she should be the sole holder of the function. Where there are equally senior people all reporting to the board, whether split by function (e.g. head of technology and head of operations) or by business line (e.g. COO for broking and COO for advisory), they should all hold the SMF24 function, with actual responsibilities being split between them.

6 In a partnership structure, will all partners need to be senior managers?

All partners must be senior managers, unless they are what the FCA rules uncharitably call "partners without influence", i.e. they play no part in the management of the firm. In this case they are "unlikely" to be performing the partner function. The FCA's view is that most partners will have some involvement in managing a firm, though it recognises that this will not apply in every partnership. Partnerships will have to think carefully about how their governance and management arrangements work in practice, and decide whether any of their partners genuinely play no part in the firm's management.

7 What records do senior managers need to take to comply with the duty of responsibility?

One of the most difficult practical issues for senior managers in banks is how to record that they are, on a day-to-day basis, taking reasonable steps to prevent regulatory breaches in their areas (the so-called "duty of responsibility"). Senior managers' understandable concerns that the regulator may seek evidence of compliance years after the fact have led, in some cases, to a culture of excessive paperwork and unnecessary making and recording of challenges during the decision-making process.

In response to concerns about this raised during the consultation, the FCA states that the duty of responsibility does not impose additional obligations to keep records explaining or justifying steps taken (or not taken). It goes on to say, however, that it may be in senior managers' interests to keep records of relevant steps they take. Furthermore, the FCA points out that senior managers (and significant influence function holders under the current regime) are obliged to take reasonable steps to make sure that their business area complies with the FCA's rules, including the requirement to keep records allowing the FCA to monitor the firm's compliance with its rulebook.

It is unlikely that firms or their senior managers will take comfort from the FCA's statement on these points. They will have to strike a balance between the need to keep reasonable evidence of compliance and the need to run their business efficiently and effectively.

8 Can someone be both a senior manager and a certified person?

The FCA states that if a senior manager performs a role that is subject to the certification regime, and that role is not related to their SMF, then they will also need to be certified. For example, if a senior manager meets the definition of the client dealing function (broadly equivalent to the current CF30 role), they must be certified for that function. Whilst this has been rare in the banking regime, given the different size and structure of many solo-regulated firms it may become more common.

9 How should firms assess the fitness and propriety of different levels of staff?

The FCA notes that firms should apply the certification requirements proportionately to different functions, and do not need to adopt the same criteria for fitness and propriety regardless of a person's seniority or role. It gives the example of a trainee retail investment adviser, who may be certified as fit and proper on the condition that they continue to meet basic standards and work under supervision.

10 Does the regulatory reference requirement contravene employment law or the GDPR?

One of the more onerous requirements of the SMCR is that firms are required to give a "regulatory reference", i.e. a detailed reference in a standard template, in relation to a former employee or director who is applying for a senior management or certification function at another firm. Firms are also required to update these references if new information comes to light. The reference must contain all information relevant to the assessment of an individual's fitness and propriety (although the FCA points out that this is an existing requirement).

In response to concerns around employment law and GDPR compliance, the FCA states that its rules only require firms to disclose information that has been properly verified, and there is therefore no conflict with duties under the general law to former employees or firms requesting references. The FCA also believes that the requirement does not contravene the GDPR, as the information employers are required to give is proportionate, storage of the information is for an appropriate amount of time, and it is appropriate to store it and provide it to a new employer, in order to comply with regulatory rules.

11 Should firms submit a conduct rules breach report if the employee has left?

Under the SMCR firms will be required to report disciplinary action taken against any of their staff (except ancillary staff such as secretaries and cleaners) for reasons that amount to a breach of the conduct rules. Reports must be submitted annually, or within seven business days in the case of senior managers. A nil return must be submitted if appropriate and a late return fee will be levied if no return is submitted. The FCA stresses that these rules are additional to existing rules about notifying significant issues to the FCA, such as Principle 11 and the rules in SYSC 15.3.

Where the employee leaves the firm, the position around reporting depends on timing. If the employee leaves during the disciplinary process, which cannot be completed, no report should be made. If the employee leaves after the disciplinary process has been completed, a report should be made. In addition, if the employee appeals against the disciplinary action, a report should be made but an update given if the action is overturned.

Dentons is the world's first polycentric global law firm. A top 20 firm on the Acritas 2015 Global Elite Brand Index, the Firm is committed to challenging the status quo in delivering consistent and uncompromising quality and value in new and inventive ways. Driven to provide clients a competitive edge, and connected to the communities where its clients want to do business, Dentons knows that understanding local cultures is crucial to successfully completing a deal, resolving a dispute or solving a business challenge. Now the world's largest law firm, Dentons' global team builds agile, tailored solutions to meet the local, national and global needs of private and public clients of any size in more than 125 locations serving 50-plus countries.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

To print this article, all you need is to be registered on

Click to Login as an existing user or Register so you can print this article.

Similar Articles
Relevancy Powered by MondaqAI
In association with
Related Topics
Similar Articles
Relevancy Powered by MondaqAI
Related Articles
Related Video
Up-coming Events Search
Font Size:
Mondaq on Twitter
Mondaq Free Registration
Gain access to Mondaq global archive of over 375,000 articles covering 200 countries with a personalised News Alert and automatic login on this device.
Mondaq News Alert (some suggested topics and region)
Select Topics
Registration (please scroll down to set your data preferences)

Mondaq Ltd requires you to register and provide information that personally identifies you, including your content preferences, for three primary purposes (full details of Mondaq’s use of your personal data can be found in our Privacy and Cookies Notice):

  • To allow you to personalize the Mondaq websites you are visiting to show content ("Content") relevant to your interests.
  • To enable features such as password reminder, news alerts, email a colleague, and linking from Mondaq (and its affiliate sites) to your website.
  • To produce demographic feedback for our content providers ("Contributors") who contribute Content for free for your use.

Mondaq hopes that our registered users will support us in maintaining our free to view business model by consenting to our use of your personal data as described below.

Mondaq has a "free to view" business model. Our services are paid for by Contributors in exchange for Mondaq providing them with access to information about who accesses their content. Once personal data is transferred to our Contributors they become a data controller of this personal data. They use it to measure the response that their articles are receiving, as a form of market research. They may also use it to provide Mondaq users with information about their products and services.

Details of each Contributor to which your personal data will be transferred is clearly stated within the Content that you access. For full details of how this Contributor will use your personal data, you should review the Contributor’s own Privacy Notice.

Please indicate your preference below:

Yes, I am happy to support Mondaq in maintaining its free to view business model by agreeing to allow Mondaq to share my personal data with Contributors whose Content I access
No, I do not want Mondaq to share my personal data with Contributors

Also please let us know whether you are happy to receive communications promoting products and services offered by Mondaq:

Yes, I am happy to received promotional communications from Mondaq
No, please do not send me promotional communications from Mondaq
Terms & Conditions (the Website) is owned and managed by Mondaq Ltd (Mondaq). Mondaq grants you a non-exclusive, revocable licence to access the Website and associated services, such as the Mondaq News Alerts (Services), subject to and in consideration of your compliance with the following terms and conditions of use (Terms). Your use of the Website and/or Services constitutes your agreement to the Terms. Mondaq may terminate your use of the Website and Services if you are in breach of these Terms or if Mondaq decides to terminate the licence granted hereunder for any reason whatsoever.

Use of

To Use you must be: eighteen (18) years old or over; legally capable of entering into binding contracts; and not in any way prohibited by the applicable law to enter into these Terms in the jurisdiction which you are currently located.

You may use the Website as an unregistered user, however, you are required to register as a user if you wish to read the full text of the Content or to receive the Services.

You may not modify, publish, transmit, transfer or sell, reproduce, create derivative works from, distribute, perform, link, display, or in any way exploit any of the Content, in whole or in part, except as expressly permitted in these Terms or with the prior written consent of Mondaq. You may not use electronic or other means to extract details or information from the Content. Nor shall you extract information about users or Contributors in order to offer them any services or products.

In your use of the Website and/or Services you shall: comply with all applicable laws, regulations, directives and legislations which apply to your Use of the Website and/or Services in whatever country you are physically located including without limitation any and all consumer law, export control laws and regulations; provide to us true, correct and accurate information and promptly inform us in the event that any information that you have provided to us changes or becomes inaccurate; notify Mondaq immediately of any circumstances where you have reason to believe that any Intellectual Property Rights or any other rights of any third party may have been infringed; co-operate with reasonable security or other checks or requests for information made by Mondaq from time to time; and at all times be fully liable for the breach of any of these Terms by a third party using your login details to access the Website and/or Services

however, you shall not: do anything likely to impair, interfere with or damage or cause harm or distress to any persons, or the network; do anything that will infringe any Intellectual Property Rights or other rights of Mondaq or any third party; or use the Website, Services and/or Content otherwise than in accordance with these Terms; use any trade marks or service marks of Mondaq or the Contributors, or do anything which may be seen to take unfair advantage of the reputation and goodwill of Mondaq or the Contributors, or the Website, Services and/or Content.

Mondaq reserves the right, in its sole discretion, to take any action that it deems necessary and appropriate in the event it considers that there is a breach or threatened breach of the Terms.

Mondaq’s Rights and Obligations

Unless otherwise expressly set out to the contrary, nothing in these Terms shall serve to transfer from Mondaq to you, any Intellectual Property Rights owned by and/or licensed to Mondaq and all rights, title and interest in and to such Intellectual Property Rights will remain exclusively with Mondaq and/or its licensors.

Mondaq shall use its reasonable endeavours to make the Website and Services available to you at all times, but we cannot guarantee an uninterrupted and fault free service.

Mondaq reserves the right to make changes to the services and/or the Website or part thereof, from time to time, and we may add, remove, modify and/or vary any elements of features and functionalities of the Website or the services.

Mondaq also reserves the right from time to time to monitor your Use of the Website and/or services.


The Content is general information only. It is not intended to constitute legal advice or seek to be the complete and comprehensive statement of the law, nor is it intended to address your specific requirements or provide advice on which reliance should be placed. Mondaq and/or its Contributors and other suppliers make no representations about the suitability of the information contained in the Content for any purpose. All Content provided "as is" without warranty of any kind. Mondaq and/or its Contributors and other suppliers hereby exclude and disclaim all representations, warranties or guarantees with regard to the Content, including all implied warranties and conditions of merchantability, fitness for a particular purpose, title and non-infringement. To the maximum extent permitted by law, Mondaq expressly excludes all representations, warranties, obligations, and liabilities arising out of or in connection with all Content. In no event shall Mondaq and/or its respective suppliers be liable for any special, indirect or consequential damages or any damages whatsoever resulting from loss of use, data or profits, whether in an action of contract, negligence or other tortious action, arising out of or in connection with the use of the Content or performance of Mondaq’s Services.


Mondaq may alter or amend these Terms by amending them on the Website. By continuing to Use the Services and/or the Website after such amendment, you will be deemed to have accepted any amendment to these Terms.

These Terms shall be governed by and construed in accordance with the laws of England and Wales and you irrevocably submit to the exclusive jurisdiction of the courts of England and Wales to settle any dispute which may arise out of or in connection with these Terms. If you live outside the United Kingdom, English law shall apply only to the extent that English law shall not deprive you of any legal protection accorded in accordance with the law of the place where you are habitually resident ("Local Law"). In the event English law deprives you of any legal protection which is accorded to you under Local Law, then these terms shall be governed by Local Law and any dispute or claim arising out of or in connection with these Terms shall be subject to the non-exclusive jurisdiction of the courts where you are habitually resident.

You may print and keep a copy of these Terms, which form the entire agreement between you and Mondaq and supersede any other communications or advertising in respect of the Service and/or the Website.

No delay in exercising or non-exercise by you and/or Mondaq of any of its rights under or in connection with these Terms shall operate as a waiver or release of each of your or Mondaq’s right. Rather, any such waiver or release must be specifically granted in writing signed by the party granting it.

If any part of these Terms is held unenforceable, that part shall be enforced to the maximum extent permissible so as to give effect to the intent of the parties, and the Terms shall continue in full force and effect.

Mondaq shall not incur any liability to you on account of any loss or damage resulting from any delay or failure to perform all or any part of these Terms if such delay or failure is caused, in whole or in part, by events, occurrences, or causes beyond the control of Mondaq. Such events, occurrences or causes will include, without limitation, acts of God, strikes, lockouts, server and network failure, riots, acts of war, earthquakes, fire and explosions.

By clicking Register you state you have read and agree to our Terms and Conditions