SM&CR: Senior Managers

Learn how the regime impacts Senior managers in your firm.

The Senior Managers and Certification Regime (SM&CR) was extended in December 2019 to include solo-regulated firms. In order to understand the Senior Managers Regime, solo-regulated firms must first be classified into one of the three categories listed below. Firms should use the decision tree in SYSC 23, Annex 1 to establish which category they fall under. We’ve also published our guide to the categories, which can also help to establish which one applies to your firm:

  1. Core – firms will have to comply with baseline requirements.
  2. Enhanced – this will apply to those firms depending on the size, complexity and potential impact on consumers/markets which warrant more attention. These firms will have extra requirements to comply with.
  3. Limited Scope – these firms will be exempt from the baseline requirements and will generally have fewer Senior Management Functions (“SMFs”).

Once a firm knows their category they should then use Annex 1 of SUP 10C to see which Senior Management Functions (SMFs) are relevant to them.  SMFs vary depending on which category a firm is. Section 59(1) of the Financial Services and Markets Act 2000 (FSMA) states that a person who is performing a “controlled function” in relation to a regulated activity must be approved by the appropriate regulator.

With respect to FCA solo-regulated firms which are subject to the SM&CR, this means that any individual performing an “FCA-designated senior management function” must be approved by the FCA before taking up his or her position.

Senior Management Functions

The list of “FCA-designated senior management functions” is set out in the table below:

Type Description of FCA controlled function
FCA governing functions
SMF 1: Chief Executive
SMF 3: Executive Director
SMF 7: Group entity senior manager
SMF 10: Chair of the governing body
SMF 11: Chair of the audit committee
SMF 12: Chair of the remuneration committee
SMF 14: Senior independent director
SMF 15: Chair with profits committee
SMF 19: Head of third country branch
SMF 27: Partner
FCA required functions
SMF 6: Compliance oversight
SMF 17: Money Laundering reporting
SMF 18: Other overall responsibility
SMF 22: Other local responsibility
SMF 23b: Conduct risk oversight (Lloyd’s)
SMF 29: Limited scope
Other high-level management functions
SMF 21: EEA branch senior manager
Systems and controls functions
SMF 2: Chief Finance Officer (CFO)
SMF 4: Chief Risk Officer (CRO)
SMF 5: Head of internal audit
SMF 24: Chief of Operations (COO)

 

Firms must ensure that senior management functions are allocated to the most senior individual within the firm who has responsibility for a particular issue.  That individual should have an appropriate level of competence and experience to discharge his or her duties.  However, if a firm does not currently have an individual performing a particular senior management function, it is not necessary to create that role simply so that the senior management function can be allocated.

Prescribed Responsibilities

The FCA has also defined a number of ‘prescribed responsibilities’. Core and Enhanced firms, but not Limited Scope firms must allocate each ‘prescribed responsibility’ that applies to it to one or more of its senior managers.  The ‘prescribed responsibilities’ for solo firms are listed below. In the case where firms are regulated by other codes of conduct or regulations, they have extra responsibilities:

Prescribed Responsibilities (for Solo regulated firm) UK core firm Enhanced scope firm Third country core firm
Responsibility for the firm’s performance of its obligations under the senior managers regime.
Y
Y
Y
Responsibility for the firm’s performance of its obligations under the certification regime.
Y
Y
Y
Responsibility for the firm’s policies and procedures for countering the risk that the firm might be used to further financial crime.
Y
Y
Y
Responsibility for the firm’s obligations for: (a) conduct rules training; and (b) conduct rules reporting.
Y
Y
Y
Responsibility for: (a) safeguarding the independence of; and (b) oversight of the performance of; the internal audit function, in accordance with the internal audit requirements for SMCR firms and the PRA requirements.
-
Y
-
Responsibility for: (a) safeguarding the independence of; and (b) oversight of the performance of; the compliance function in accordance with the compliance requirements for SM&CR firms.
-
Y
-
Responsibility for: (a) safeguarding the independence of; and (b) oversight of the performance of; the risk function, in accordance with the risk control requirements for SM&CR firms and the PRA requirements.
-
Y
-
Responsibility for compliance with the requirements of the regulatory system about the management responsibilities map.
-
Y
-
Responsibility for management of the firm’s risk management processes in the UK.
-
-
Y
Responsibility for the firm’s compliance with the UK regulatory system applicable to the firm.
-
-
Y
Responsibility for the escalation of correspondence from the PRA, FCA and other regulators in respect of the firm to each of the governing body or the management body of the firm and, as appropriate, of the firm’s parent undertaking and the ultimate parent undertaking of the firm’s group.
-
-
Y
Responsibility for taking reasonable steps to ensure that every person involved in the performance of the firm’s internal audit function is independent from the persons who perform external audit, including: (a) supervision and management of the work of outsourced internal auditors; and (b) management of potential conflicts of interest between the provision of external audit and internal audit services.
-
Y
-
Responsibility for: (a) managing the firm’s internal stress tests; and (b) ensuring the accuracy and timeliness of information provided to the FCA and other regulatory bodies for the purposes of stress testing.
-
Y
-
Allocation of responsibility for compliance to an approved person.
Y
Y
Y
Responsibility for the development and maintenance of the firm’s business model by the governing body.
-
Y
-


The FCA expects that a prescribed responsibility will be allocated to the most senior employee or office responsible for managing the area in question.  Furthermore, that individual is expected to be “sufficiently senior and credible” and “have sufficient resources and authority” in order to enable him/her to exercise management and oversight responsibilities effectively.  Certain prescribed responsibilities should only be allocated to non-executive directors.  Others should only be allocated to executive directors.  Firms should avoid allocating too many responsibilities to a single senior manager.  Prescribed responsibilities should not be split or shared between senior managers unless it can be justified – for example, as part of a job share or handover.

Statutory duty of responsibility

Section 66A(5) of FSMA imposes a statutory ‘duty of responsibility’ on every Senior Manager under which personally liability can arise if the senior manager fails to take such steps as could be ‘reasonably expected’ in the circumstances to prevent a breach of FCA requirements from occurring in relation to the part of the business for which they have responsibility. The burden of proof lies with the FCA, and not with the senior manager.