SMF2 Recruitment: Find a Chief Finance Function Approved Person Who Has Done This Before

SMF2 is the Senior Management Function under the FCA’s Senior Managers and Certification Regime (SM&CR) that applies to the senior individual responsible for a regulated firm’s finances. In most firms, this is the person carrying the CFO or Finance Director title — but the SMF2 designation is not the same as the corporate title, and the distinction matters more than most boards realise. SMF2 is a personal regulatory approval. The individual holding it is named on the FCA Register, has signed a Statement of Responsibilities, and carries personal liability for the firm’s financial reporting, capital adequacy, and the conduct of the finance function.

This guide covers what SMF2 actually means in practice — what the FCA expects, what the role requires day-to-day, what the personal liability position looks like, and how the role differs across firm types and SM&CR tiers. It also covers what FD Capital looks for when placing SMF2-approved candidates, how compensation benchmarks compare to non-regulated CFO roles, and what a senior finance hire into an FCA-regulated firm should be evaluated on beyond the standard finance leadership criteria.

The angle that’s missing from most online explanations of SMF2 is the recruitment one — what the FCA approval process actually requires, why the qualified candidate pool is much smaller than the broader CFO market, and what hiring firms get wrong when they treat SMF2 like an ordinary CFO search. That’s the gap this guide fills.

What SMF2 Means and Where It Sits in the SMF Framework

SMF2 is one of approximately 20 Senior Management Functions defined by the FCA under SM&CR. Each SMF designates a specific area of senior management responsibility within an FCA-authorised firm. The full list is set out in the FCA’s Supervision Manual (SUP 10C), with different SMFs applying to different firm types and tiers within the regime.

For solo-regulated firms — investment firms, asset managers, wealth managers, payments firms, e-money institutions, consumer credit firms and most other non-bank, non-insurer firms — SMF2 is the Chief Finance Function. The individual holding SMF2 is the senior person responsible for the firm’s financial position, capital adequacy, financial reporting and finance function management. In dual-regulated firms (banks, building societies, larger investment firms and insurers under joint FCA/PRA supervision), SMF2 carries similar responsibilities but is approved jointly by both regulators.

Which firms are required to have an SMF2

SM&CR applies to all FCA-authorised firms and divides them into three tiers based on size, complexity and activity profile:

Tier	Typical firms	SMF2 requirement
Limited Scope	Sole traders, smaller consumer credit firms, limited permission firms	Not formally required (smaller scope of SMF list applies)
Core	The majority of FCA-authorised firms — investment firms, wealth managers, smaller fund managers, payments firms, brokers	Required where the firm has a senior individual responsible for finance — almost universal in practice
Enhanced	Larger firms meeting specific size or activity thresholds (£35bn AUM, significant IFPRU firms, large CASS firms, significant CASS firms)	Required — formal SMF2 approval is mandatory

Most firms that recruit through specialist channels are Core tier or Enhanced tier — the SMF2 designation will apply, the FCA approval process will be required, and the candidate pool is correspondingly limited.

SMF2 vs Corporate CFO Title — The Critical Distinction

Many UK firms use the corporate title “CFO” or “Finance Director” without registering the holder as SMF2 — sometimes because they have not yet been required to under SM&CR, sometimes because the senior person responsible for finance reports into another SMF rather than holding the function themselves. This distinction matters when recruiting:

Corporate CFO with no SMF approval: A senior finance leader in a non-regulated capacity. Skills and remuneration market is the broader UK CFO market.
Corporate CFO who is also SMF2-approved: A senior finance leader who has passed the FCA’s Fit & Proper Test, is named on the FCA Register, has personal regulatory liability, and operates within the SM&CR framework. The candidate pool is materially smaller and remuneration carries a regulated-firm premium (typically 20-30% above the non-regulated equivalent).
SMF2 with corporate title other than CFO: Less common but possible — e.g., a “Head of Finance” in a firm that has consciously kept the senior commercial title separate from the regulatory function. The regulatory accountability still rests with the SMF2 holder.

The practical implication: when a firm advertises a “CFO” role without specifying SMF2 approval requirements, candidates and recruiters cannot tell which population the firm is recruiting from. We see this misalignment regularly — firms expecting to attract regulated-firm experience at non-regulated salary levels, and being surprised that the qualified candidates do not engage. The SMF2 dimension needs to be explicit in the job specification from day one.

The Three Pillars of SM&CR and Where SMF2 Sits

SM&CR has three components, each of which affects an SMF2 holder differently:

1. The Senior Managers Regime

SMF2 is a Senior Management Function — meaning the holder is subject to the most demanding tier of accountability under SM&CR. They must be pre-approved by the FCA before taking up the role (via Form A application), they must have a written Statement of Responsibilities that is filed with the FCA, and they are subject to the “Duty of Responsibility” — meaning the FCA can take enforcement action against them personally if a breach occurs in their area of responsibility and they did not take reasonable steps to prevent it.

2. The Certification Regime

Below the SMF tier, the Certification Regime applies to other employees who hold “significant harm functions” — including material risk takers, client-dealing roles, and managers of certified staff. The SMF2 typically has Certification Regime employees within the finance function (senior reporting accountants, regulatory reporting leads, finance business partners working with material risk areas). The SMF2 is responsible for ensuring those individuals are certified as fit and proper at least annually.

3. The Conduct Rules

All SMFs are subject to both Tier 1 (Individual) Conduct Rules and Tier 2 (Senior Manager) Conduct Rules. The Senior Manager Conduct Rules are particularly stringent — they include obligations to take reasonable steps to ensure the business is controlled effectively, to comply with the relevant requirements of the regulatory system, and to disclose appropriately any information of which the FCA would reasonably expect notice. Breaches of the Senior Manager Conduct Rules are themselves enforceable.

Personal Liability and the Duty of Responsibility

The single most important feature of SMF2 — and the SMF regime more broadly — is personal liability. This is what differentiates the role from a non-regulated CFO position, and it is what drives both the higher compensation and the smaller candidate pool.

The Duty of Responsibility, set out in section 66B of FSMA 2000, provides that where a contravention of a relevant requirement occurs in an area for which an SMF holder is responsible, the FCA may take action against that SMF personally if they did not take reasonable steps to prevent the breach. The standard is “reasonable steps” — not absolute prevention — but the burden of demonstrating reasonable steps falls on the SMF.

For SMF2 specifically, the most common areas of personal liability exposure are:

Capital adequacy breaches: Failures to maintain regulatory capital above thresholds, errors in capital calculations, late notification of capital concerns to the FCA.
Regulatory reporting failures: Late, inaccurate or omitted regulatory returns. The FCA has been increasingly active on enforcement around regulatory reporting since 2020.
Financial controls failures: Material misstatements in regulatory returns, control failures resulting in regulatory breaches, inadequate financial systems and controls.
CASS reporting (where applicable): If the firm holds client money or assets and the SMF2 has CASS oversight responsibilities, errors in CASS reporting carry significant personal exposure.
Failure to escalate: Becoming aware of a financial concern and failing to escalate it to the board, the regulator, or both within an appropriate timeframe.

The practical implication for recruitment is that experienced SMF2 candidates — those who have held the function before — are particularly cautious about the firms they join. They want to see strong governance, appropriate board engagement on financial matters, and a culture where finance concerns can be raised without consequence. Firms with weaker governance histories find it materially harder to recruit experienced SMF2 candidates than firms with strong governance reputations, regardless of the salary offered.

Statement of Responsibilities and Allocation

Every SMF2 must have a written Statement of Responsibilities (SoR) that is submitted to the FCA at the point of approval and updated whenever responsibilities change. The SoR sets out exactly what the SMF2 is accountable for — and equally importantly, what they are not accountable for, to ensure clear delineation between SMFs.

For SMF2, the SoR will typically cover responsibility for:

Financial position, financial reporting and statutory accounts
Regulatory capital and prudential reporting
Treasury, liquidity and funding
Tax compliance and tax planning
Finance function leadership, including senior finance hires
Financial systems, controls and the financial control framework
Budget, forecasting and management information
External auditor relationships
Where applicable, CASS oversight (this can sit with SMF2, SMF18 or another designated SMF depending on firm structure)

For Enhanced firms, an additional document — the Management Responsibilities Map (MRM) — is required, showing how all the firm’s prescribed responsibilities and SMF roles fit together. The MRM provides the full picture of senior management accountability and is filed with the FCA. The SMF2’s responsibilities must be consistent across both documents.

One specific allocation question that comes up regularly in our SMF2 mandates is whether CASS oversight (Prescribed Responsibility CC) sits with the SMF2 or with a separate SMF18 holder. In firms holding client money or assets, this prescribed responsibility cannot be unallocated — it must rest with one specific senior manager. Where it sits with the SMF2, the role takes on a meaningful additional personal liability dimension and the candidate’s CASS experience becomes a key recruitment criterion.

The Fit & Proper Test for SMF2

Before an individual can be approved as SMF2, the firm must assess them as fit and proper, and the FCA conducts its own assessment as part of the application process. The FIT module of the FCA Handbook sets out the criteria, which fall into three categories:

Honesty, integrity and reputation

The FCA examines the candidate’s history for matters that could affect their suitability — convictions, civil judgments, regulatory action against them or firms they have led, contentious involvement in insolvencies, and similar. Most established candidates have clean records, but older matters can surface during the application process and need to be disclosed proactively rather than discovered by the FCA.

Competence and capability

For SMF2, the FCA expects demonstrable senior finance experience — typically at least 10 years of progressively senior finance roles, with prior experience either as a CFO or as a senior finance leader in another regulated firm. Professional qualifications matter (ICAEW, ACCA, CIMA), and many SMF2 candidates also hold sector-specific certifications. The FCA looks for evidence that the individual has the technical knowledge to fulfil the SMF2 responsibilities and the leadership capability to manage a finance function in a regulated context.

Financial soundness

The FCA assesses whether the individual is in a sound financial position — typically through credit checks, bankruptcy searches and review of any historic financial difficulties. The threshold is reasonable not perfect, but historical issues need to be disclosed and explained.

The Fit & Proper assessment is repeated annually internally by the firm under the Certification Regime requirements (which apply by extension to SMFs). The firm must satisfy itself each year that the SMF2 remains fit and proper. Material adverse changes — a personal bankruptcy, a regulatory finding against the SMF2, conduct issues — must be reported to the FCA promptly.

Day-to-Day Responsibilities of an SMF2

The day-to-day responsibilities of an SMF2 vary by firm type and size, but a typical Core or Enhanced tier solo-regulated firm SMF2 will cover the following responsibilities:

Financial leadership: Strategic finance input to the board, capital planning, M&A and corporate finance oversight, investor relations (where applicable)
Regulatory capital management: Maintaining capital above regulatory thresholds, monitoring capital ratios, ICAAP (Internal Capital Adequacy Assessment Process), capital planning under stress scenarios
Regulatory reporting: Submission of FSA, FIN, REP, COREP and other returns through GABRIEL/RegData. For investment firms, MIFIDPRU returns. For payments firms, e-money returns. For consumer credit firms, CCR returns.
Financial controls and reporting: Statutory accounts, board reporting, management accounts, monthly reporting packs, annual audit
Treasury and liquidity: Cash management, short-term funding, banking relationships, FX management where applicable
Tax: Corporation tax, VAT, partnership tax in LLP structures, transfer pricing for international groups, R&D claims and similar
Finance function leadership: Recruiting and managing the finance team, including Certification Regime employees in finance roles
External relationships: External auditors, tax advisers, the FCA supervisory team where the firm has a named supervisor

The proportion of time spent on regulatory matters versus general finance leadership varies by firm. In a Core-tier wealth manager with straightforward regulatory reporting, regulatory matters might absorb 20-30% of the SMF2’s time. In a complex Enhanced-tier firm with active capital management requirements and ongoing FCA supervisory dialogue, that can rise to 50% or more. The job specification needs to be honest about this split — candidates with a strong regulatory background often do not enjoy roles where regulatory matters are an afterthought, and conversely, candidates from non-regulated backgrounds can underestimate what the regulatory dimension actually entails.

Sector-Specific SMF2 Variations

The core SMF2 framework applies consistently across firm types, but the sector-specific dimension matters significantly when matching candidates to roles. Different sectors carry different regulatory regimes, capital frameworks, and operational characteristics — and SMF2 candidates with experience in one sector are not always credible candidates for a role in another.

SMF2 in investment firms (MIFIDPRU regime)

Investment firms — wealth managers, asset managers, brokers, private banks operating under MiFID — are subject to the MIFIDPRU prudential regime that came into force in January 2022 (replacing CRD IV for non-bank investment firms). MIFIDPRU SMF2 candidates need detailed knowledge of K-factor capital calculations, the ICARA (Internal Capital Adequacy and Risk Assessment) process, MIFIDPRU returns submission, and the regulatory reporting framework specific to the regime. See our Investment Firm CFO Recruitment page for more on this niche specifically.

SMF2 in AIFM and fund management firms

Authorised Investment Fund Managers (AIFMs) and other fund management firms are subject to the AIFMD regulatory framework alongside MIFIDPRU. SMF2 candidates here typically have specific experience of fund accounting, NAV oversight, depositary relationships and the prudential framework for fund managers. See our AIFM CFO Recruitment page for further detail.

SMF2 in payments and e-money firms

Payment Services Regulations and Electronic Money Regulations create a different regulatory framework with its own capital, safeguarding and reporting requirements. SMF2 candidates in this sector need to understand client money safeguarding under the PSRs/EMRs (which is different from CASS), the prudential requirements for payment institutions and EMIs, and the specific reporting obligations. See our Payments Firm CFO Recruitment page.

SMF2 in firms with active CASS exposure

Firms holding client money or custody assets under CASS rules have a specific additional set of responsibilities, often allocated to the SMF2 (though sometimes to an SMF18 holder). CASS is one of the most heavily enforced areas of FCA regulation, and CASS-experienced SMF2 candidates command a premium in the market. The FCA’s CASS audit framework and the CMAR returns are core features of the role.

SMF2 Compensation Benchmarks (UK 2026)

Compensation for SMF2 roles carries a regulated-firm premium over equivalent non-regulated CFO positions. The premium reflects three things: the personal regulatory liability, the smaller qualified candidate pool, and the more demanding regulatory and reporting workload. Indicative ranges based on FD Capital’s 2026 placements:

Firm size / type	Base salary range	Total package range (with bonus, LTIP, benefits)
Small Core firm (<£10m revenue)	£100k-£140k	£120k-£170k
Mid-size Core firm (£10m-£30m revenue)	£140k-£200k	£170k-£280k
Larger Core / smaller Enhanced (£30m-£100m)	£180k-£280k	£220k-£420k
Enhanced tier (£100m+ revenue)	£250k-£400k+	£350k-£700k+ (with material LTIP/equity)
PE-backed Enhanced firm with exit thesis	£250k-£350k	£500k-£1.5m+ (with sweet equity)

The PE-backed dimension is particularly relevant for SMF2 roles in firms with private equity ownership. The combination of an SMF2 mandate, MIFIDPRU/AIFMD knowledge and a meaningful equity package can make these roles compelling to the right candidate — but the qualified candidate pool is genuinely small (typically 15-30 named individuals nationally for any specific sector), and search timelines reflect this. See our guide to sweet equity in PE-backed appointments for more on the equity component.

Fractional and interim SMF2 engagements have become more common in firms below the Enhanced threshold, particularly during transitions, exit preparation, or post-authorisation buildout. Day rates typically run £1,200-£1,800 for established SMF2-experienced candidates. This is a meaningful opportunity for firms that need senior regulatory finance leadership but cannot justify a full-time appointment — see our FCA Authorisation CFO Recruitment page for more.

Hiring an SMF2 — What FD Capital Looks For

Placing an SMF2 candidate is materially different from placing a generalist CFO. The qualifying criteria narrow the field rapidly. We typically work through the following filter when sourcing for an SMF2 mandate:

Prior SMF2 approval (or equivalent regulated firm experience)

Candidates who have previously held SMF2 approval — or equivalent regulated-firm senior finance roles under prior regimes — are the strongest candidates because the FCA approval process is materially faster. Candidates approaching SMF2 for the first time can still be approved, but the application process takes longer and the firm needs to make a compelling case for the candidate’s suitability.

Sector match

An SMF2 with deep wealth management experience is rarely a strong candidate for a payments firm SMF2 role, and vice versa. Sector-specific regulatory knowledge — MIFIDPRU vs PSR/EMR vs AIFMD — is rarely transferable in the timeframe most hiring firms expect. We screen heavily on sector match.

Relevant regulatory framework experience

For investment firms, ICARA experience is now the practical minimum (the ICAAP equivalent under MIFIDPRU). For firms holding client money, CASS experience is critical. For firms with significant remediation history or skilled person reviews, candidates need experience operating under regulatory pressure. The match here needs to be specific.

Cultural fit with regulated environment

An experienced SMF2 expects the board to take regulatory matters seriously, expects governance processes to be respected, and expects to be involved in significant business decisions where the regulatory implications matter. Firms that treat regulatory matters as an afterthought, or expect the SMF2 to act as a transactional finance leader without the strategic input, often struggle to retain the calibre of SMF2 they need.

Candidate due diligence and reference quality

Because of the personal liability dimension, reference checking is more thorough for SMF2 placements than for non-regulated CFOs. We typically take detailed references from previous board members, prior auditors and (where appropriate) prior FCA supervisory contacts. The Regulatory References regime under SM&CR creates a mandatory reference exchange between regulated firms — but commercial reference work goes meaningfully beyond this.

SMF2 Approval Timeline — Plan Around 12-16 WeeksThe FCA’s stated service standard for Senior Manager applications is 90 working days. In practice, complex SMF2 applications — particularly first-time SMF candidates, candidates with any historical issues, or applications submitted to a firm under FCA supervisory pressure — can take 12-16 weeks from submission to approval. The hiring firm needs to plan for this timeline and accommodate it in transition planning.

SMF2 and the Senior Managers Regime in Practice

SMF2 is part of the broader SM&CR framework that applies to FCA-regulated firms. Understanding how SMF2 interacts with the other key SMFs is essential for board structure and governance design:

SMF16 (Compliance Oversight): The compliance counterpart to SMF2. SMF2 and SMF16 must work closely together on regulatory reporting, regulatory capital and the firm’s relationship with the FCA. Many regulatory issues require joint SMF2/SMF16 ownership.
SMF17 (MLRO): The Money Laundering Reporting Officer. SMF2 typically has finance-function-level AML responsibilities (e.g., transaction monitoring oversight in some structures), but the MLRO function rests with SMF17.
SMF4 (Chief Risk Function): Where the firm has a designated CRO, SMF4 holds enterprise risk responsibility. SMF2 owns financial risk specifically (capital, liquidity, financial reporting risk), with SMF4 owning the broader risk framework.
SMF18 (Other Overall Responsibility): Used for senior managers responsible for areas not covered by another SMF — including, in some firm structures, CASS oversight that is allocated separately from SMF2.
SMF24 (Chief Operations Function): Required for Enhanced firms. The Chief Operations Function holds responsibility for operational resilience, technology, and the operational backbone of the firm. SMF2 and SMF24 typically work closely on financial systems, regulatory reporting infrastructure and operational risk.

For the broader regulatory framework these functions all sit within, see our complete SMCR guide.

Common SMF2 Recruitment Pitfalls

Drawing on our SMF2 mandates over the past several years, the most common reasons SMF2 searches go wrong are:

Underestimating the timeline. Hiring firms often plan for 8-10 weeks from offer to start. The realistic timeline including notice period, FCA approval and onboarding is 16-26 weeks. Firms that try to compress this timeline either accept candidates with weaker FCA approval prospects or settle for candidates outside the qualified pool.

Pricing the role at non-regulated CFO market rates. The 20-30% regulated-firm premium is real, and qualified candidates know it. Firms benchmarking against generalist CFO salary surveys consistently find their searches stalling.

Sector mismatch. Trying to recruit an SMF2 from outside the firm’s specific sector — moving someone from wealth management into a payments firm, for instance — frequently fails. The regulatory frameworks are different enough that the candidate needs to learn substantially on the job, which most firms cannot accommodate.

Inadequate appreciation of personal liability. Firms that have had governance issues, regulatory findings or skilled person reviews need to be honest with candidates about the historic position. Experienced SMF2 candidates conduct their own due diligence on hiring firms — and discover undisclosed history quickly.

Treating SMF2 as a tactical hire rather than a board-level appointment. SMF2 is fundamentally a board-level role with regulatory accountability. Firms that try to recruit at the operational level, with limited board engagement, tend to struggle to retain the calibre they need.

A Note from Our Founder — Adrian Lawrence FCA

The conversation I have most often with founders and CEOs of FCA-regulated firms recruiting an SMF2 for the first time is about timeline and quality. They start the search expecting it to behave like a normal CFO recruitment — three months end-to-end, broad candidate field, clear competitive process. That isn’t how SMF2 placements work. The qualified pool is much smaller, the FCA approval process adds 12-16 weeks at the back end, and the candidates know their market value to the firm.

What I tell them, repeatedly, is that the right SMF2 candidate is an investment, not a hire. The personal regulatory liability they carry on the firm’s behalf, the FCA relationship they manage, and the strategic finance input they provide to the board are different in kind to a non-regulated CFO role. The firms that get the best SMF2 candidates are the ones that approach the recruitment as a senior strategic appointment, build the role specification around the regulatory dimension explicitly, and run a process that respects the candidate’s market position.

The practical advice I give boards starting an SMF2 search: be honest about your regulatory history, be realistic about timeline, price the role at the regulated-firm benchmark not the generalist benchmark, and build a Statement of Responsibilities that is specific enough to give candidates confidence about scope. The candidates who matter — the experienced SMF2 holders with real sector specialism — engage with firms that have done this preparation. They walk away from firms that haven’t.

At FD Capital we work on SMF2 mandates regularly across the wealth, asset, payments, and FCA-authorisation sectors. If you are recruiting an SMF2 — for a first-time appointment, a transition, an exit-preparation engagement, or a fractional/interim placement — I am happy to have a direct conversation about what your specific market looks like and how to approach the search.

Speak to Adrian about an SMF2 appointment →

Hire an SMF2-Approved Chief Finance Function

SMF2 placements require specialist understanding of the FCA approval process, the sector-specific regulatory framework, and the candidate market for senior finance leaders in regulated firms. FD Capital places SMF2 candidates across investment firms, AIFM firms, payments and e-money firms, wealth managers and FCA-authorisation candidates, on permanent, interim and fractional engagements.

020 3287 9501

SMF2 Regulated CFO Recruitment › | Contact Us