SM&CR: how did we get here?

SM&CR: how did we get here?






The Senior Managers and Certification Regime (SM&CR) applies to all organisations regulated by the Bank of England’s Prudential Regulation Authority (PRA) and Financial Conduct Authority (FCA), including banks, insurers, and solo-regulated firms. The FCA says the SM&CR aims to reduce harm to consumers and strengthen market integrity by making individuals more accountable for their conduct and competence.

While the regulators have assured that the SM&CR’s goal is to enable a cultural shift in accountability rather than imposing fines, firms will still be on the line for serious penalties if they don’t comply. So, how did we get here?

The shake up

Following the 2008-09 financial crisis and several exposed shortcomings in banking governance, confidence in banks was at an all time low. Parliament took action, appointing the Parliamentary Commission on Banking Standards to investigate and make recommendations on the professional standards and culture of the UK banking sector.

The findings were damning, with the Commission Chair Andrew Tyrie MP publicly stating “a lack of personal responsibility has been commonplace throughout the industry. Senior figures have continued to shelter behind an accountability firewall”.

The Commission demanded reform to ensure individual responsibility and accountability, particularly for those in senior positions—prompting the PRA and FCA to completely scrap the Approved Persons Regime (APR), replacing it with the SM&CR.

A shift from box ticking to real cultural change

The key difference between the APR and the SM&CR is a transferal of responsibility from regulatory bodies to individual firms. By putting the onus back on firms, regulators aim to promote an attitude of taking responsibility because it’s the right thing to do - not just because it’s regulated.

Under the SM&CR firms will be required to:

  • identify applicable Prescribed Responsibilities (PR), assign each one to a Senior Manager Function (SMF), and map these out in a company-wide Responsibilities Map and detailed in individual Statement of Responsibilities (SoR)
  • facilitate training on the new Conduct Rules for all employees, and report breaches within 7 days for senior managers and annually for other individuals
  • Upload company and employee function information to the Directory: a new public register of individuals in UK financial services  

While these changes will certainly create extra administrative legwork for firms, they are crucial in fostering an organic and ongoing culture of responsibility and accountability.

What’s happened so far?

  • 7 March 2016: UK deposit takers, PRA-designated investment firms and UK branches of foreign banks become governed by the SM&CR
  • May 2016: the Financial Services and Markets Act is changed, broadening the scope for the SM&CR to include insurers and solo-regulated firms
  • 10 December 2018: insurers become governed by the SM&CR

What will happen next?

  • 9 December 2019: some 47,000 solo-regulated firms become governed by the SM&CR
  • 9 March 2020: deadline for banks and insurers to upload company information and employee functions to the Directory
  • 9 December 2020: deadline for solo-regulated firms to upload company information and employee functions information to the Directory

Is your organisation ready for 9 December 2019? For an overview of the upcoming changes, see EnOC’s guide on what you should know.

Read more from EnOC

Sustainability at EnOC
The deadline for SM&CR certification has arrived
With Great Power Comes Great Responsibility
Warning sounded over lack of SMCR teeth