What is the SM&CR and how does it affect fines?

The Senior Managers and Certification Regime (SM&CR) holds senior managers personally accountable for their areas of responsibility. Since its introduction, the FCA can fine individuals who fail to take reasonable steps to prevent regulatory breaches in their business areas, increasing personal liability for compliance failures.

Can the FCA fine individuals?

Yes, the FCA can and does fine individuals. Under the Senior Managers and Certification Regime (SM&CR), senior managers can be held personally accountable for regulatory failures. Individual fines have ranged from a few thousand pounds to over £600,000, and the FCA can also ban individuals from working in financial services.

Senior Managers Regime: Personal Liability & FCA Fines

Senior Managers Regime and FCA Fines

Under SM&CR, the FCA can fine individuals directly — over 45 senior managers have been penalised since full implementation in 2016, with total individual fines exceeding £18 million and over 120 prohibition orders issued. The Senior Managers and Certification Regime has transformed individual accountability in financial services, making personal liability a genuine deterrent rather than a theoretical concept.

SM&CR Overview

The regime rests on three interconnected pillars. The Senior Managers Regime establishes individual accountability for those in senior roles, requiring regulatory approval before appointment and creating personal responsibility for defined areas of the business. The Certification Regime requires firms to certify that other key staff, while not requiring regulatory approval, are fit and proper for their roles. The Conduct Rules establish behavioural standards applicable to all staff, creating a cultural foundation for individual accountability.

Key features of the regime include Statements of Responsibilities that document each senior manager's accountabilities, the Duty of Responsibility that can make senior managers personally liable for breaches in their areas, regulatory references that follow individuals between firms, and conduct rule breach reporting that creates ongoing compliance obligations.

Individual FCA Fines Under SM&CR

Since full implementation in 2016, the FCA has fined over 45 individuals under SM&CR and related regimes, with total individual fines exceeding £18 million. The average individual fine stands at approximately £400,000, though amounts vary significantly based on seniority and breach severity. The FCA has issued over 120 prohibition orders preventing individuals from working in regulated roles.

Notable individual cases illustrate the regime's application. A Chief Compliance Officer received a £76,000 fine for failing to ensure adequate AML systems, demonstrating that CCOs bear personal responsibility for control effectiveness. A Chief Executive received a £642,000 fine for failure to act with integrity and misleading the FCA, emphasising that the duty of candour to the regulator is paramount. A Head of Trading received a £1.4 million fine plus prohibition for market manipulation, showing that conduct rules apply regardless of commercial pressure to generate profits.

The Duty of Responsibility

Senior managers can be held personally accountable when three conditions are met: the firm must have breached regulatory requirements, the breach must have occurred in the senior manager's area of responsibility as documented in their Statement of Responsibilities, and they must have failed to take reasonable steps to prevent or stop the breach.

The assessment of "reasonable steps" considers several factors. These include the nature and complexity of the business being managed, the resources available to the senior manager including budget and headcount, the individual's knowledge and experience relevant to the risks in question, and what actions they took to address known or emerging risks before the breach occurred.

Protecting Yourself Under SM&CR

Maintaining comprehensive documentation provides essential protection for senior managers. This means keeping records of key decisions and the rationale behind them, documenting oversight activities including committee attendance and challenge provided, maintaining thorough handover records when responsibilities change, and evidencing instances where you challenged proposals or escalated concerns.

Strong governance practices further protect individuals. This requires clear delegation arrangements that document who is responsible for what, regular management information review with evidence of action on exceptions, escalation procedures that ensure issues reach the right level, and control testing that demonstrates ongoing verification of effectiveness.

Continuous professional development helps senior managers meet their responsibilities. Understanding the full scope of your accountabilities is essential, as is knowing the conduct rules that apply to your role. Regular refresher training keeps knowledge current, while staying updated on enforcement actions helps identify emerging regulatory expectations.

Trends in Individual Enforcement

The FCA has clearly signalled increased focus on individual accountability. This manifests through more investigations specifically targeting senior managers rather than just firms, greater willingness to use prohibition powers that end careers in financial services, increased use of public censure that damages individual reputations even without financial penalty, and a trend toward higher individual fines that create meaningful personal deterrence.