‘Reasonable Steps’ Under SMCR: A Practical Guide

What the Defence Actually Requires — Documentation, Discipline and Decision-Making

“Reasonable steps” is the most consequential phrase in the Senior Managers Regime. It appears in the Duty of Responsibility under section 66B of the Financial Services and Markets Act 2000, and in three of the four Senior Manager Conduct Rules (SC1, SC2 and SC3). The phrase is the gateway between conduct that engages personal regulatory liability and conduct that does not. When an SMF is examined by the FCA in the context of a contravention or breach in their area, the central question is invariably the same: did the SMF take reasonable steps?

This guide explains what “reasonable steps” actually means in practice — what the FCA expects to see when it examines an SMF’s conduct, what evidence constitutes a credible reasonable steps defence, and the documentation discipline that distinguishes SMFs who manage the regime well from those who run into difficulty when failures emerge. It also covers the recruitment dimension — what experienced SMFs look for in firms before accepting appointment, and what hiring firms can do to create environments where the reasonable steps standard can actually be met.

What’s missing from most online explanations of “reasonable steps” is the practical detail. The phrase is judgment-laden, but the FCA’s enforcement decisions and the academic and practitioner literature provide a clear picture of what actually counts as evidence. That’s the gap this guide fills.

Where the Test Comes From

The “reasonable steps” test originates from section 66B of FSMA — the Duty of Responsibility:

A person who, at any time, was a senior manager in relation to a relevant authorised person is guilty of misconduct if all of the following conditions are met… [including that] the senior manager did not take such steps as a person in the senior manager’s position could reasonably be expected to take to avoid the contravention occurring (or continuing).

The standard is repeated in the Senior Manager Conduct Rules — SC1, SC2 and SC3 all use the formulation “you must take reasonable steps to ensure…”. The unifying test is what a reasonable senior manager in the SMF’s position would have done.

The standard is not perfection. It is not what an idealised perfect senior manager would do. It is what a reasonable senior manager in the SMF’s actual position — with the SMF’s actual responsibilities, information, resources, and constraints — could reasonably be expected to do. This contextual standard is important: what is reasonable for the SMF of a small Core firm differs from what is reasonable for the SMF of a large Enhanced firm with extensive resources.

The Five Pillars of a Reasonable Steps Defence

Drawing on FCA enforcement decisions, FCA published guidance, and the practitioner literature, a credible reasonable steps defence typically rests on five pillars:

1. Awareness

The SMF must demonstrate awareness of the relevant matters in their area — the controls that exist, the risks that are present, the regulatory requirements that apply, and the operational reality of their function. SMFs who are demonstrably uninformed about their area cannot make out a reasonable steps defence even if they delegated effectively.

Evidence: induction records, ongoing training, briefing documents reviewed, committee papers attended to, business reviews conducted.

2. Active oversight

Awareness alone is not enough. The SMF must demonstrate active engagement with the area — receiving and reviewing relevant reports, asking questions, requesting additional information where appropriate, and maintaining ongoing line of sight rather than purely retrospective awareness.

Evidence: meeting attendance, questions asked (captured in minutes or notes), reports requested, follow-ups initiated, decisions taken.

3. Challenge

Where the SMF identifies issues, gaps, or concerns, they must challenge — to delegates, to other senior managers, to the board where appropriate. Challenge that goes nowhere is still evidence; what the FCA examines is whether the SMF identified issues and pursued them appropriately, not whether the issues were ultimately resolved.

Evidence: documented challenges raised, dissents recorded in minutes, written communications challenging decisions, records of issues escalated.

4. Escalation

Where challenge does not resolve a matter, escalation is required — to the next level of governance, to other SMFs with adjacent responsibility, to the board, and in appropriate circumstances to the regulator. The reasonable steps standard does not require the SMF to fix everything personally — it requires them to ensure issues reach the right level for resolution.

Evidence: escalation records, communications to senior management or the board, records of board attention given to escalated matters, regulatory notifications made.

5. Remediation oversight

Where issues have been identified, the SMF must oversee remediation — ensuring that fixes are actually delivered rather than merely promised. SMFs who identify issues and then lose track of remediation cannot rely on the original identification as a defence if the issue subsequently materialises into a contravention.

Evidence: remediation plans reviewed, progress reports received and challenged, completion verified, lessons learned documented.

What Reasonable Steps Looks Like in Different Scenarios

The application of the reasonable steps standard depends on context. Three scenarios illustrate the range:

Scenario 1: An ongoing programme matter

An SMF responsible for an area where a known issue exists (e.g., a control weakness identified by internal audit) needs to:

Be informed about the issue at appropriate level of detail
Engage with remediation planning — challenge the timeline, resources, and approach where appropriate
Receive ongoing progress reports and challenge slippage
Verify completion and ongoing operation of the fix
Where remediation is delayed beyond reasonable timelines, escalate to senior governance and consider regulatory notification

The reasonable steps documentation for this scenario consists of the trail showing the SMF’s engagement at each stage. Generic “I knew about it and they were dealing with it” responses do not satisfy the standard.

Scenario 2: An emerging matter requiring rapid response

An SMF who learns about a significant issue requiring rapid response (e.g., a cyber incident, a material control failure discovered, a regulatory query indicating concerns) needs to:

Convene appropriate decision-making forums quickly
Make decisions on response — including resourcing, communications, regulatory notification
Document decisions taken with the basis
Engage the board appropriately
Manage ongoing response with documented rationale at decision points

For rapid-response scenarios, the documentation discipline matters even more because the SMF cannot construct evidence after the fact. Decisions made under pressure need to be recorded contemporaneously.

Scenario 3: A delegation matter

An SMF who has delegated responsibility for an operational area (e.g., regulatory reporting) to a senior team member needs to:

Have made the delegation deliberately — to a named individual with documented capability
Establish reporting arrangements that provide visibility into delegate performance
Receive and review reports substantively, not just receive them
Maintain ongoing engagement — at minimum periodic deep-dive reviews
Respond to escalations from the delegate appropriately

The “delegation reasonable steps” defence is particularly examined when the underlying delegated activity goes wrong. SMFs who can demonstrate the discipline above are typically better positioned than those who relied purely on the delegate’s competence.

What Doesn’t Constitute Reasonable Steps

FCA enforcement decisions provide a clear picture of conduct that does not satisfy the reasonable steps standard:

Generic oversight without specific engagement. “I had general oversight of the area” is not enough. The FCA expects specific engagement with specific matters
Reliance on the team without verification. “I trusted my team” does not satisfy the standard if the SMF cannot demonstrate substantive review of what the team produced
Awareness without action. Knowing about issues and not taking action — particularly where the issue subsequently materialises into a contravention — typically fails the standard
Tolerance of repeated issues. Where similar issues have arisen multiple times and the SMF has not driven structural change, the cumulative pattern affects the reasonable steps assessment
Failure to escalate to the right level. Where an issue clearly warrants board attention or regulatory notification and didn’t get it, the SMF’s reasonable steps defence is weakened
Constructed evidence. Documentation produced after the fact, recollection-based accounts of contemporaneous decisions, and similar are scrutinised carefully and typically given limited weight

The Documentation File — What Good Looks Like

Experienced SMFs maintain a “reasonable steps file” — not necessarily as a formal document, but as a discipline. The file consists of contemporaneous records of the SMF’s engagement with their area:

Component	What it contains
Committee minutes	Minutes of relevant committees with the SMF’s contributions captured accurately
Decision logs	Significant decisions taken outside committee context with basis and alternatives
Personal notes	Notes from one-to-ones, ad-hoc discussions, personal reflections on matters under consideration
Information requested and reviewed	Reports requested, what was received, what review was conducted
Challenge records	Challenges raised in any forum, captured with the substance and outcome
Escalation records	Matters escalated, to whom, when, with what response
Training and competence	Ongoing development relevant to the role
Calendar / diary	Time spent on different aspects of the role, particularly time spent on areas under scrutiny

The discipline is built into day-to-day work, not assembled retrospectively. SMFs who maintain it consistently are substantially better positioned when issues subsequently emerge than those who don’t.

The Personal Notebook Practice

Many experienced SMFs maintain a personal notebook — physical or digital — capturing day-to-day observations, decisions, challenges, and concerns. The notebook is the SMF’s personal contemporaneous record, separate from formal firm documentation. It captures the things that don’t make it into committee minutes but matter when reasonable steps is examined: what the SMF was thinking, what they considered, what they decided, what they were concerned about. The discipline of maintaining a personal notebook is one of the most consistent practices among SMFs who have managed the regime well over multiple years.

Reasonable Steps and the Firm’s Culture

An important and sometimes-overlooked dimension is that the reasonable steps standard cannot be met by an SMF in a firm whose culture obstructs it. SMFs need:

Access to information — including information they may not be specifically told about but should know
The ability to challenge — without retaliation or career consequences
Functional escalation paths — where escalations actually receive attention
Board engagement — where the board takes regulatory matters seriously
Resources — including budget, headcount, and time to discharge their responsibilities
Honest reporting — where bad news reaches senior management without filtering

Where these conditions are not met, the SMF’s reasonable steps defence becomes harder to make out — but more fundamentally, the SMF cannot fulfil the function effectively. Experienced SMFs evaluate these factors carefully during recruitment and frequently walk away from firms where the conditions don’t support effective performance.

FCA Enforcement Patterns

The FCA has been increasingly active in pursuing personal accountability for senior managers since SMCR’s introduction. The patterns of enforcement that engage the reasonable steps test typically involve:

Sustained failures the SMF was aware of. Not single events but persistent patterns where the SMF had visibility and didn’t drive resolution
Significant operational events. Material outages, cyber incidents, control breakdowns, regulatory reporting failures — events that subsequently attract FCA attention
Customer harm or market disruption. Conduct that has harmed customers or affected market integrity, where senior management oversight is examined
Regulatory disclosure failures. Where the FCA learned about matters through external sources rather than firm notification, both SC4 and the Duty of Responsibility typically engage

The enforcement examination typically reconstructs the SMF’s role through documentation and interviews. SMFs with strong contemporaneous records are typically able to make out reasonable steps defences; those without are often not.

Practical Steps for SMFs

For SMFs navigating the regime, several practical disciplines support a credible reasonable steps position:

Build documentation habits early. The discipline is hardest to start when an issue has already emerged. Build it from day one of the SMF role.

Engage substantively with information. Receiving reports without reading them, attending meetings without contributing, accepting delegate updates without challenge — these patterns weaken the reasonable steps position even if no specific issue has emerged yet.

Maintain personal records. Personal notes that capture decisions, concerns, and reflections add evidential value beyond formal firm documentation.

Engage the board appropriately. Issues that warrant board attention should reach the board, with the SMF’s role in escalation visible.

Don’t assume colleagues will document on your behalf. The SMF’s reasonable steps file is the SMF’s responsibility. Relying on others to capture the SMF’s contributions doesn’t work.

Take regulatory notification obligations seriously. SC4 and Principle 11 require active engagement with disclosure. Where notification might be required, err toward notification rather than away from it.

Consider professional support. SMFs facing significant operational events should consider engaging legal counsel early — both to support the firm’s response and to advise the SMF on personal position.

Practical Steps for Hiring Firms

Boards recruiting SMFs can support effective discharge of the regime by:

Drafting clear Statements of Responsibility. Ambiguous or overly broad SoRs create uncertainty about what the SMF is actually responsible for. See our SoR & MRM Guide.

Demonstrating board engagement on regulatory matters. Showing candidates that the board takes regulatory matters seriously — through committee structures, agenda content, and board attention to compliance — builds confidence.

Resourcing the function appropriately. SMFs need budget, team, and time. Under-resourcing the function while expecting full SMCR discharge is unrealistic.

Supporting documentation discipline. Firms can provide structures (committee processes, reporting templates, document management) that support good documentation practice.

Being honest about regulatory history. Firms with regulatory history should disclose it during recruitment. Discovery during reference work or after acceptance damages the relationship.

A Note from Our Founder — Adrian Lawrence FCA

“Reasonable steps” is the most consequential phrase in the SMCR regime. It is the gateway between conduct that triggers personal regulatory liability and conduct that does not, and it is judged on the basis of what the SMF actually did — evidenced by contemporaneous records, not constructed retrospectively. Experienced SMFs internalise this discipline early and practise it consistently. SMFs who don’t are typically the ones who run into difficulty when issues subsequently emerge.

The conversation I have with candidates approaching SMF for the first time is usually about documentation discipline. The biggest practical adjustment from a non-regulated leadership role to an SMF role is the need to capture decisions, challenges, escalations and information flows in records that would withstand subsequent scrutiny. Most senior leaders develop these habits over time; the candidates who build them deliberately from day one are better positioned than those who learn them through difficulty later.

The conversation I have with hiring boards is sometimes about whether the firm’s environment supports the reasonable steps discipline. SMFs cannot make out a reasonable steps defence in firms where they don’t have access to information, where challenge is suppressed, where escalations aren’t actioned, or where the board doesn’t engage substantively. Experienced candidates evaluate these factors carefully — and rightly walk away from firms where the conditions don’t support effective performance. The firms that recruit the strongest SMFs are the ones that have done the cultural and operational work to create environments where the discipline is actually possible.

At FD Capital we work on senior management mandates regularly across the FCA-regulated population, and we routinely advise both firms and candidates on the practical SMCR dimensions of placements. If you are recruiting an SMF or considering an SMF appointment, I’m happy to have a direct conversation.

Speak to Adrian about a Senior Manager appointment →

Adrian Lawrence FCA | Founder, FD Capital | ICAEW Verified Fellow | ICAEW-Registered Practice | Companies House no. 13329383

Hire Senior Management Function Approved Persons

SMF placements require candidates with the discipline, regulatory awareness and leadership capability to operate the SMCR framework effectively. FD Capital places SMF candidates across all named functions, with appropriate matching to firm culture and regulatory profile.

020 3287 9501

FCA Regulated Firm Recruitment › | Contact Us

Reasonable Steps’ Under SMCR: A Practical Guide