Complying with the Senior Managers & Certification Regime using EQMS

number of FCA enforcements


The majority of financial firms want to take every step possible to ensure they and their team are protecting customers, acting responsibly and complying with every regulation. 

It should come as no surprise then that many firms have welcomed the FCA's new Senior Managers & Certification Regime (SMCR). 

The SMCR places a greater emphasis on individual accountability, featuring new sanctions and criminal offence charges for senior members of staff found to behave recklessly.  

Since enforced in 2017, a sharp rise in the number of individuals, not firms, have been fined and 63% of FCA open investigations are currently focused on individuals. 

While the SMCR should not fundamentally change how reasonable senior managers organise their businesses, it's an opportunity to enhance and embed governance, risk and compliance best practice throughout the organisation. 

Accountability can be scary - in particular for new senior managers. Without giving them the tools and guidance, they won't achieve their best results and will be inundated with administrative burden. 

This article shares how financial firms use EQMS by Qualsys to facilitate good governance, manage risk and comply with the SMCR. 

Alternatively, download our SMCR datasheet for a list explaining how EQMS helps you to comply with SMCR.  



1) Audit trail for everything

According to the SMCR, senior managers need to ensure they have full control of their areas of responsibility, that individual actions can be evidenced, and their choices are defensible.

Every change has an audit trail in EQMS

When something is changed, such as a risk tolerance level, the audit trail will automatically record when, what, who, how, and why it was updated. This audit trail is incorruptible, so senior managers can feel confident they've taken the necessary steps to justify and communicate changes. 

Audit trail


2) Role management 

Under the revised legislation, your firm must be a mini-regulator.

Your firm has a responsibility for assessing fitness and propriety, assessing conduct rule breaches and reporting to regulators and other firms. This requires compliance to be embedded throughout the organisation. Processes and policies must be documented, kept current and approved. 

Document Manager makes this process manageable. For example, each Statement of Responsibility can be planned, managed and reviewed on an ongoing basis within the system. This keeps the team aligned, consistent levels are found across your business and ensures there are no gaps. 



3) Handling resignations / new starters 

Firms must request six years of regulatory references when hiring new Senior Managers or Certified Persons. In small firms with low staff turnover, this can be easily managed. But for larger firms, implementing a workflow audit for on-boarding and off-boarding employees will ensure every reference is requested and properly recorded. 

EQMS enables all these records to be maintained, the process to be managed and only authorised personnel to view the document. 

Induction process onboarding new employees


4) Undertake routine risk assessments

Risk, compliance and controls reports must be routinely produced so senior managers can be aware and live up to their fiduciary obligations and personal accountability to manage risk and compliance. 

Risk Manager makes it easy and quick for risks to be identified, assessed, treated, monitored and to produce instant risk reports.  

 risk management software


What to do now: 

Download our SMCR datasheet for a more detailed explanation of how governance, risk and compliance software helps you to comply with financial regulations.  

 SMCR - datasheet

Topics: Tools

Share your thoughts on this article