Statement of Responsibilities: Drafting Tips for New SMFs

The Statement of Responsibilities is the document that defines what you are personally accountable for as a Senior Manager. Done well, it protects you and the firm. Done poorly, it creates ambiguity that the FCA will exploit if something goes wrong.

Every proposed SMF holder must have a Statement of Responsibilities — a written document that sets out clearly what each senior manager is responsible and accountable for at the firm. The FCA reviews it when assessing the Form A application, uses it to allocate accountability in enforcement proceedings, and expects it to be updated whenever the individual’s responsibilities change materially. Getting the SoR right from the start is one of the most practical steps a new SMF holder can take.

What the FCA Expects: Specificity

The single most important quality in a well-drafted SoR is specificity. The FCA’s guidance on Statements of Responsibilities is clear that they must describe actual responsibilities in terms specific enough to allow the FCA to determine which senior manager was accountable for a particular area at a particular time. A SoR that describes “oversight of the compliance function” without identifying what that oversight involves, what decisions the SMF holder takes and what information they receive does not meet this standard.

Specificity does not mean length. A focused SoR that clearly describes three or four genuinely distinct areas of accountability — with enough detail to make each area unambiguous — is better than a sprawling document that lists every conceivable business function without making clear what the individual actually does. The question to keep asking when drafting is: if the FCA were reading this to understand whether this individual was accountable for a specific decision, would it be able to answer that question from the SoR alone?

What to Include

Actual decision-making authority. The SoR should describe the decisions the individual actually makes — not just the areas they “oversee” or “have responsibility for” in a general sense. If the SMF16 compliance officer approves new product launches from a regulatory compliance perspective, that should appear. If the SMF2 CFO signs off on capital adequacy returns, that should appear. Decisions are the most concrete evidence of where accountability lies.

Reporting relationships that run through the individual. If the head of the AML team reports to the SMF17 MLRO, say so. If the risk function escalates to the SMF4 CRO, say so. These reporting lines establish the information flows that the reasonable steps obligation is built on — the SMF holder’s accountability is proportionate to the information they were or should have been receiving.

Specific regulatory functions. Where the SMF function has a direct regulatory dimension — the SMF16 is responsible for COBS compliance, the SMF17 is responsible for the DAML process, the SMF18 is responsible for CASS reconciliation — name the framework specifically. This allows the FCA to connect the individual’s accountability to a specific regulatory obligation.

What the individual is NOT responsible for. This sounds counterintuitive but is genuinely useful at boundaries. Where two SMF holders share oversight of an area — the SMF2 CFO and the SMF1 CEO both involved in capital management decisions, for example — the SoR should specify what each is responsible for rather than leaving the boundary ambiguous. Ambiguous boundaries between SMF holders are precisely where enforcement allocations become contested.

What to Avoid

Generic language that describes the function rather than the individual. “Responsible for regulatory compliance across the firm” is a description of what the compliance function does, not what this individual is accountable for. It does not tell the FCA anything about the specific decisions the individual takes, the information they receive, or the areas where their personal accountability lies.

Aspirational language. “Will ensure that the firm operates in accordance with FCA requirements” is a statement of intent, not an accountability. SoRs drafted in aspirational terms — describing what the individual will do — tend to be general because they are describing an objective rather than a role. The SoR should describe how the individual currently operates, not how they aspire to operate.

Copying a template without adapting it. Template SoRs circulate widely in the compliance community and there is nothing wrong with using one as a structural starting point. But a SoR submitted to the FCA that could apply to any compliance officer at any investment firm — because no firm-specific details have been added — will attract a query. The FCA is assessing whether the individual understands their specific role at this specific firm, and a generic SoR provides no evidence that they do.

Including responsibilities that are not yours. SMF holders sometimes include responsibilities in their SoRs that are actually held by colleagues, either to appear more senior or because the firm’s internal accountability map has not been clearly drawn. If something goes wrong in an area the individual listed as their responsibility but which was actually managed by someone else, the SoR becomes evidence against them.

Keeping the SoR Current

The firm must update a senior manager’s SoR whenever their responsibilities change materially. The obligation is ongoing — it does not apply only at the initial FCA approval stage. Common triggers for an SoR review include: the individual taking on additional responsibilities; the firm launching a new business line or regulated activity; restructuring that changes reporting relationships; a colleague’s departure that redistributes their responsibilities; and regulatory changes that create new accountability obligations.

Firms should build SoR review into their regular governance cycle — at least annually, and additionally as a prompt on significant organisational changes. Individual SMF holders should take ownership of their own SoR and flag to the compliance function when it needs updating, rather than waiting for the firm to initiate a review. The SoR is ultimately a document about the individual’s accountability, and the individual has the strongest incentive to keep it accurate.

The SoR and the Management Responsibilities Map

The SoR does not sit in isolation — it is one component of the firm’s SMCR governance framework alongside the Management Responsibilities Map (MRM). The MRM shows how responsibilities across all regulated activities are allocated among the firm’s SMF holders as a whole, and it should be consistent with each individual’s SoR. A compliance function that reviews SoRs and MRMs together — checking that the two are consistent and that no regulated activity falls through a gap — is operating the SMCR governance framework as the FCA intends.

Key References

• FCA Handbook SUP 10C — Senior Managers Regime (includes SoR requirements)
• FCA — Statements of Responsibilities guidance