SMCR: Theory, Policy & Practice

The Senior Managers and Certification Regime (SMCR) is a relatively new compliance regime for British banks, enforced by the Financial Conduct Authority (FCA), which aims to increase the accountability of senior financial services executives for malfeasance. It was introduced to certain banks, building societies, credit unions and investment firms starting in March 2016, expanded to reach a wider number of companies at the beginning of the present year and is scheduled for full implementation at the beginning of 2019.

With Brexit looming in the distance, and its form still up in the air, it's more important than ever before that financial institutions maintaining British entities or subsidiaries take into account regulations like SMCR as part of their ongoing compliance strategy. This post offers, in brief terms, the background for the regulation, discusses its legal purpose and function, and introduces the basics of SMCR compliance through an integrated entity management software platform.


In 2016, UK regulators, namely the FCA and the Prudential Regulatory Authority (PRA) had a problem: Financial malfeasance was ongoing and intensifying. Yet ' with the exception of major scandals such as the LIBOR incident, which involved both UK and US investigations and ended up with major banks on the hook for penalties ' it continued to go mostly undetected; in one of the cases it was detected, its perpetrators got away with a slap on the wrist. They were fined a few million pounds and possibly fired a few lower-level implementers of malfeasance, while the general culture of corruption went unchecked, with the leadership responsible for it staying in place.

SMCR was the solution that regulatory authorities hit on. In particular, it aimed to do three different things:

  1. Focus accountability for misdeeds on a narrow number of individuals at or near the top of the hierarchies of large financial institutions;
  2. Encourage these senior individuals to take greater responsibility for their direct actions, as well as indirect behavior that contributes to a laissez-faire culture; and
  3. Make it easier for regulators, auditors and bank employees to hold specific individuals to account for malfeasance.

What does SMCR do?

SMCR has two aims: to ensure everyone acting within financial institutions is 'fit and proper' to do the work they are assigned, and to ensure banks and investment firms, in particular, are not taking risks that are unreasonable to their investors, clientele and the wider financial markets.

You may have already detected a peculiarity of age in the naming of 'senior managers,' but that's unintentional. It actually applies to those of the highest rank in financial institutions, whatever their age ' such as, board members, members of the C-suite or those in equivalent positions who have significant influence within the business and/or the ability to cause significant harm to a firm's interests.

The first major requirement of SMCR is that companies will be obliged to internally recertify an employee's fitness and propriety to handle the responsibilities they've been assigned on an annual basis, although if glitches happen during that year, HR must be able to deal with them immediately.

Second, SMCR significantly extends the timetable for the recruitment of senior managers, especially (but not exclusively) if those roles need pre-approval from the FCA and other authorities. Now, it will take around three months before this pre-approval is granted, and there are firm barriers against individuals acting in these rules before pre-approval.

Third, SMCR requires a comprehensive review of disciplinary procedures. This is a rule that reflects the unfortunate reality that, in a disagreement between a firm and an individual authorized to act on its behalf that results in dismissal, the disciplinary procedures already in place may not correspond to what the company decides to do in any individual instance. Along the fitness and propriety lines already discussed, SMCR aims to limit the inconsistency between business and regulator decisions and to impose harsher accountability standards.

Alongside the SMCR, the FCA has also introduced its Conduct Regime (CR) to roll out with application to the same firms. The CR is wider, in that it affects the vast majority of staff at a regulated firm and requires adherence and observation of certain prescribed standards of conduct. Companies and individuals found to be in noncompliance with either will face sanctions from the FCA.

A Software Solution for SMCR

Blueprint OneWorld's entity management software offers a robust and clear framework to help your organization manage the difficulties of compliance with SMCR. Our solution is three-pronged: the SMCR module itself, the CR module and our ChartIt solution.

The Senior Managers Regime module, available to all of our British customers, allows classification of the affected legal entities to assist in compiling and condensing lists of Senior Management Function (SMFs), prescribed and overall responsibilities to relevant sections. It also introduces a Responsibility Map, which comprises:

  • Mapping of SMFs and relevant responsibilities from all categories;
  • Reporting lines within an entity; and
  • Individual Statements of Responsibility tied to individual SMFs and associated responsibilities.

For dealing with the broader CR rules, our CR module flags individual employees as part of the CR and details their self-declaration process, including the following steps:

  • Fitness and Propriety questionnaire;
  • Review and sign-off of job descriptions, role/title and assigned FCA significant harm functions;
  • Automated workflow for approval of self-declaration by relevant managers; and
  • Full audit trail allows for historical or 'as of' reporting of SMF mappings at any point.

Finally, using our ChartIt tool, organizations can create a map of their senior managers' responsibilities, along with relevant responsibilities from all different categories within an entity. ChartIt is a powerful visualization tool that allows users to follow reporting lines through each entity and over the patchwork of an entire international organization.

Blueprint OneWorld hopes to be every UK financial entity's entry point into a consistent and reliable strategy for compliance with SMCR and other regulations that both fulfills the uniform requirements of the law and can fit the already established practices of your organization with a minimum of disruption. Please call or email us today to discuss our SMCR module and other solutions.