SMCR’s purpose is to change the culture of financial services firms. In the FCA’s own words,
The regulation has been designed to improve and tighten individual accountability within an organisation, protecting the consumer and the integrity of the financial services sector. It will help clarify roles, responsibilities and accountability. Culpability will extend across every level of the business, and staff must be able to demonstrate they’ve taken reasonable steps to comply.
Far from being a box-ticking exercise, this extension to SMCR will introduce big shifts within UK regulatory structure as well as all regulated firms, affecting their relationship with the regulator and their employees alongside their day-to-day operations and culture. SMCR applies a similar catch-all to GDPR in that it applies to all domestic financial services regulated by the FCA, but also to any international firms operating within the UK.
SMCR comprises three tiers that will apply to firms in different ways, depending on individual criteria and set-up. Where there’s a group of regulated firms, you’ll need to assess which elements of SMCR are most applicable to each legal entity. As you’d expect, this process can become difficult to manage and time-consuming. Firms that are affected typically have these options to choose from:
Firms will need to allocate time, resources, foresight and planning, and will be expected to use SMCR to assist with wider ongoing culture change programmes. It’s important that firms embrace the spirit of the regime, and keep up with developments as the regime takes shape.