Hire an FD/CFO contactus
HIRE AN FD/CFO CONTACT US

Statement of Responsibilities & Management Responsibilities Map: A Practical Guide

  • Home
  • Statement of Responsibilities & Management Responsibilities Map: A Practical Guide

The Two Documents That Define SMF Accountability — and How to Get Them Right

The Statement of Responsibilities (SoR) and the Management Responsibilities Map (MRM) are the two documents that translate the abstract framework of the Senior Managers Regime into specific, accountable, regulatorily-significant statements about who is responsible for what in an FCA-regulated firm. The SoR is required for every Senior Management Function holder. The MRM is required for every Enhanced-tier solo-regulated firm. Together they are the documentary evidence that the firm has thought carefully about senior management accountability and allocated it appropriately.

This guide explains how to draft, maintain and use these documents effectively. It covers what an SoR should contain, how the MRM should be structured, where boundary issues commonly arise, and the documentation discipline that distinguishes well-governed firms from those running into difficulty when SMF transitions or regulatory inquiries occur. It also covers what FD Capital sees during SMF placements — how candidates evaluate SoRs during recruitment, and what the documents reveal about firm governance maturity.

What’s missing from most online guidance on SoRs and MRMs is the practical detail. The FCA Handbook describes the requirements in regulatory language; the practitioner literature focuses on legal compliance. What this guide adds is the practical drafting approach — how to write SoRs that are specific without being inflexible, how to design MRMs that capture the firm’s reality without becoming bureaucratic, and how to manage the documents through change.

What the Statement of Responsibilities Is

The Statement of Responsibilities is a document that sets out, for each individual SMF, exactly what they are responsible for. It is filed with the FCA at the point of approval (with the Form A application) and updated whenever responsibilities change.

The SoR is the foundation of personal regulatory liability under SMCR. The Duty of Responsibility under section 66B FSMA applies where a contravention occurs in an area for which the SMF was responsible — and “the area for which the SMF was responsible” is, in practice, defined by the SoR. The Senior Manager Conduct Rules apply to the SMF in respect of “the business of the firm for which you are responsible” — again, defined by the SoR.

The SoR is therefore both:

  • A regulatory document — required by the FCA, filed with the FCA, scrutinised during approval and during any subsequent enforcement examination
  • A governance document — used internally to clarify accountability, support delegation, and align the SMF’s role with the firm’s structure

What an SoR Must Contain

SUP 10C.11 sets out the content requirements for an SoR. The mandatory elements include:

  • Identification of the SMF — the named individual and the SMF function they hold
  • Description of the role — the corporate title and brief description of the function
  • Areas of responsibility — the specific aspects of the firm’s business or activities for which the SMF is responsible
  • Prescribed responsibilities (Enhanced firms) — any of the prescribed responsibilities specifically allocated to the SMF
  • Reporting lines — to whom the SMF reports and who reports to them
  • Governance committees — committees the SMF is a member of or chairs
  • Exclusions — areas explicitly outside the SMF’s responsibility (where this is needed to clarify boundaries)

The required form is reasonably standardised but the substance of what’s included varies substantially by SMF type and firm structure.

The Three Tests of a Well-Drafted SoR

Drawing on FD Capital’s experience reviewing SoRs during SMF placements and on the practitioner literature, three tests distinguish well-drafted SoRs:

1. The “specificity test”

The SoR should be specific enough that an outside reader can identify exactly what the SMF is and is not responsible for. Vague phrasing like “responsible for the finance function” is insufficient — what does that include and exclude? Does it cover regulatory reporting? Tax compliance? Financial systems? Treasury?

A specific SoR for an SMF2 in an investment firm might list: “Statutory accounts; financial reporting; regulatory reporting (specifically: MIFIDPRU returns, FIN-A, FIN-B); regulatory capital management including ICARA process; treasury and liquidity management; tax compliance; finance function leadership including senior finance hires; financial controls framework; external auditor relationship; CASS oversight (Prescribed Responsibility CC).”

That level of specificity gives the SMF, the firm, and the regulator clarity about exactly what the SMF is accountable for.

2. The “boundary test”

Where the SMF’s responsibilities touch on areas owned by other SMFs, the boundary should be clear. For example, an SMF2 SoR might note: “Risk management framework — the SMF owns financial risk specifically (capital, liquidity, financial reporting risk); enterprise risk management framework rests with the SMF4 (CRO).”

Boundary clarity matters because contraventions in grey-zone areas can otherwise leave SMFs in dispute about who was actually responsible — exactly the situation that creates personal liability exposure for one or more of them. See the discussion of common pitfalls below.

3. The “consistency test”

The SoR must be consistent with other firm documentation — particularly the Management Responsibilities Map for Enhanced firms, but also corporate role descriptions, governance committee terms of reference, and delegation documents. Inconsistency between these documents creates regulatory exposure and signals weak governance.

What the Management Responsibilities Map Is

The Management Responsibilities Map is required for every Enhanced-tier solo-regulated firm. The MRM is a single document showing the firm’s overall senior management framework — every SMF, every prescribed responsibility, every senior management role, and how they all fit together.

The MRM serves several purposes:

  • Demonstrates comprehensive allocation — every prescribed responsibility and significant senior management responsibility is allocated to a named SMF
  • Identifies gaps and overlaps — areas that aren’t allocated, or where multiple SMFs claim responsibility, are surfaced
  • Supports SMF transitions — successor planning becomes clearer with the full picture visible
  • Provides regulator-facing visibility — the FCA can review the firm’s overall governance design in a single document

The MRM is filed with the FCA and updated whenever the senior management framework changes materially.

What the MRM Must Contain

SUP 10C.15 sets out the content requirements for the MRM. The required elements include:

  • The firm’s organisational structure showing the relationships between senior managers
  • Each SMF holder, their function, and the area of responsibility
  • Allocation of all prescribed responsibilities to named SMFs
  • Reporting lines
  • Governance committee structure including SMF chairs and members
  • Information about how the firm exercises its functions through the senior managers

The MRM is typically a structured document — sometimes an org chart with supporting tables, sometimes a more narrative document. The key feature is comprehensiveness — every senior responsibility should be visible, allocated, and traceable.

Prescribed Responsibilities

The FCA defines “prescribed responsibilities” — specific responsibilities that must be allocated to a named SMF in Enhanced firms. The full list is set out in SYSC 24. Common prescribed responsibilities include:

Code Prescribed Responsibility Typically allocated to
PR-A Performance of the firm’s obligations under the SMR SMF1 (CEO) typically
PR-B Performance of the firm’s obligations under the Certification Regime SMF16 (Compliance Oversight) typically
PR-C Performance of the firm’s obligations in respect of conduct rules training SMF16 typically
PR-D Compliance with the firm’s obligations to provide regulatory references SMF16 or HR-aligned SMF18 typically
PR-CC Compliance with the firm’s CASS obligations SMF2 or dedicated SMF18
PR-W Whistleblowing arrangements Designated whistleblowing champion (often SMF non-executive)
PR-Z Internal audit (where applicable) SMF5 or SMF18

(The specific code letters and full list are defined in SYSC 24 and may be updated by the FCA.)

Each prescribed responsibility must be allocated to a single SMF. Joint allocation is not permitted. The MRM should clearly show every prescribed responsibility and the named SMF holding it.

Common Drafting Pitfalls

Looking across SoRs and MRMs we encounter during placements, the most common drafting issues include:

Vagueness

SoRs that use abstract language (“responsible for ensuring effective oversight of…”) without specifying the actual activities, controls or outcomes. Vague SoRs are administratively easier to draft but provide less protection in regulatory examination because they don’t establish what the SMF actually did or didn’t do.

Overlap without clear boundaries

Where multiple SMFs have areas of responsibility that touch (e.g., SMF2 financial risk and SMF4 enterprise risk), the SoRs should explicitly delineate the boundary. SoRs that simply describe each SMF’s area without noting the boundary leave room for dispute about who was responsible for issues arising in the grey zone.

Gaps

Areas of senior responsibility that aren’t covered by any SoR. For Enhanced firms, the MRM should make gaps visible — but firms whose MRM is built bottom-up from individual SoRs frequently have gaps that wouldn’t be apparent in any single SoR. A top-down review of the firm’s complete activity set, comparing to allocated responsibility, identifies gaps.

Inconsistency between SoRs and MRM

The MRM should be the consolidated picture of all SoRs. Where individual SoRs say one thing and the MRM says another, the regulatory position is unclear and the firm’s governance integrity is compromised. Strong firms maintain version control and review consistency before changes are filed.

Stale documents

Responsibilities change as firms evolve — new business lines are added, restructuring occurs, SMFs leave or join. SoRs and MRMs that aren’t refreshed accordingly drift away from the firm’s actual governance reality. The FCA expects updates within 7 business days of material changes (per SUP 15).

Generic templates without firm-specific tailoring

Some firms use generic SoR templates with limited firm-specific content. While templates can be useful starting points, an SoR that doesn’t reflect the firm’s actual structure, activities, and governance has limited value.

The Boundary Drafting Discipline

The single most important drafting discipline for SoRs in firms with multiple SMFs is explicit boundary definition. Where two SMFs have related areas of responsibility, both SoRs should reference the other and explicitly state where the boundary lies. For example, the SMF2 SoR might note: “Responsibility for risk does not include enterprise risk management framework, which is held by SMF4 (CRO).” The SMF4 SoR should mirror this: “Responsibility for risk does not include financial risk in the finance function (capital, liquidity, financial reporting risk), which is held by SMF2 (CFO).” Mirror-imaged boundary statements ensure both SMFs and the regulator have the same understanding of the boundary.

Updating SoRs and MRMs Through Change

The documents are living — they need to be refreshed as the firm and its senior management framework change. Common triggers for updates include:

  • SMF transitions — when an SMF leaves or joins, both their SoR and the MRM (for Enhanced firms) need updating
  • Reorganisation — material changes to the firm’s structure, business lines, or governance
  • Regulatory changes — new prescribed responsibilities, changes to SMF designations, regulatory framework changes
  • Significant role changes — material changes to what an existing SMF is responsible for

The notification timeline is typically seven business days from the change taking effect, per SUP 15. Firms with mature governance maintain a regular SoR/MRM review cycle (often annual) alongside change-driven updates.

The Recruitment Dimension — How SoRs Influence SMF Searches

From an SMF candidate’s perspective, the SoR is the most important document in the recruitment process. It defines exactly what the candidate is being asked to take personal regulatory liability for. Experienced candidates examine the draft SoR closely during the recruitment process, with particular attention to:

  • Specificity — is the scope clear enough for the candidate to know what they are accepting?
  • Boundary clarity — are there grey zones where the candidate might bear liability for matters they don’t actually control?
  • Resourcing implications — do the responsibilities listed match the resources the firm is committing?
  • Consistency with the corporate role — does the SoR match what the firm has described in the job specification?

Where these questions reveal issues, candidates frequently negotiate changes to the SoR before accepting appointment. Hiring boards that have done the SoR work properly — with clear specificity, boundary discipline, and consistency — find these conversations productive. Boards that haven’t typically encounter friction during recruitment that ends up either delaying placement or surfacing structural governance issues.

For first-time SMFs, the SoR examination is often less rigorous — but it should be more rigorous, because the candidate has less context for evaluating what they are taking on. Firms recruiting first-time SMFs benefit from supporting the candidate in understanding the SoR’s implications properly.

Best Practice for SoR and MRM Governance

Drawing on observed practice across well-governed firms:

Single source of truth. The MRM (for Enhanced firms) or a consolidated SoR register (for Core firms) should be the single source of truth, with individual SoRs derived from or consistent with the master document.

Annual review cycle. A formal annual review of all SoRs and the MRM, conducted by the company secretary, compliance function, or equivalent, with sign-off by the SMF1 and the board.

Change management process. A documented process for updating SoRs and the MRM when changes occur — including who has authority to authorise changes, how filings are made to the FCA, and how internal communication occurs.

Board oversight. The board (or a designated committee) should approve material SoR changes and the overall MRM structure. SMCR governance is a board-level matter, not a compliance function delegation.

Legal and compliance review. SoR drafts and material changes should be reviewed by legal and compliance before filing — both for regulatory compliance and for the substantive drafting quality.

Version control and audit trail. All versions of SoRs and the MRM should be retained, with the change history visible. This supports regulatory inquiries and internal continuity.

A Note from Our Founder — Adrian Lawrence FCA

The Statement of Responsibilities is the document that translates the abstract framework of SMCR into specific, accountable, regulatorily-significant statements about who is responsible for what. For SMF candidates, the SoR is the most important document in the recruitment process — it defines exactly what they are being asked to take personal regulatory liability for. For firms, the SoR is the foundation of effective senior management governance — and SoRs that are vague, inconsistent, or stale signal weak governance to candidates and to regulators alike.

The conversation I have with candidates approaching SMF appointments is usually about SoR specificity. Experienced candidates examine the draft SoR carefully — looking for clarity about scope, boundary discipline with adjacent SMFs, and consistency with the corporate role description and the resourcing the firm is committing. Where they find issues, they negotiate. Firms that have done the SoR work properly find these conversations productive; firms that haven’t usually find that the recruitment stalls until the document is properly addressed.

The conversation I have with hiring boards is sometimes about treating the SoR as a substantive governance document rather than as a regulatory filing requirement. Boards that approach the document as a substantive accountability statement — using it to clarify roles, support delegation, and align the firm’s structure with senior management responsibility — typically have better governance overall. Boards that treat it as administrative compliance produce documents that don’t reflect the firm’s reality and that surface as issues during regulatory dialogue or SMF transitions.

For Enhanced firms, the same principle applies to the MRM. The map should be a genuine articulation of the firm’s senior management framework — not a templated document derived from individual SoRs. Top-down MRM design typically produces better governance than bottom-up consolidation of pre-existing SoRs.

At FD Capital we work on SMF mandates regularly across the FCA-regulated population. If you are recruiting an SMF and want to discuss SoR drafting, MRM design, or how candidates evaluate these documents during placement, I’m happy to have a direct conversation.

Speak to Adrian about a Senior Manager appointment →

Adrian Lawrence FCA | Founder, FD Capital | ICAEW Verified Fellow | ICAEW-Registered Practice | Companies House no. 13329383

Hire Senior Management Function Approved Persons

SMF placements require well-drafted Statements of Responsibilities, clear governance structures and the candidate matching to support effective discharge of the SMCR framework. FD Capital places SMF candidates across all named functions, with attention to the documentation discipline that supports successful placements.

020 3287 9501

FCA Regulated Firm Recruitment › | Contact Us

Further Reading and Authoritative Sources

For the FCA’s authoritative guidance on SoRs and MRMs, see SUP 10C, particularly SUP 10C.11 (SoR requirements) and SUP 10C.15 (MRM requirements). For prescribed responsibilities, see SYSC 24. For the broader SMCR framework, see the FCA’s SMCR pages.

Related Guides: SMCR and SMF Functions

Part of FD Capital’s series of practical guides for FCA-regulated firms: SMCR — The Complete UK Guide | The Senior Managers Regime | The Certification Regime | Individual Conduct Rules (Tier 1) | Senior Manager Conduct Rules (Tier 2) | ‘Reasonable Steps’ Under SMCR | SMF2 Guide | SMF4 Guide | SMF16 Guide | SMF17 Guide | SMF18 Guide | SMF24 Guide

FCA Regulated Firms

Specialist Recruitment for FCA Regulated Businesses

FD Capital places CFOs, Finance Directors, MLROs, Compliance Officers and senior risk professionals in FCA and PRA-regulated firms. Every mandate is led personally by Adrian Lawrence FCA — an ICAEW Fellow with an FCA practising certificate.

By Role
By Firm Type
SMF & Regulatory Guides

Led personally by Adrian Lawrence FCA — ICAEW Fellow & FCA practising certificate holder.

All FCA regulated firm services →

FD Capital
FD Capital
FD Capital

FD Capital Recruitment Ltd is registered at Companies House (no. 13329383) and has been providing CFOs and Finance Directors since 2018 and is operated by an ICAEW-registered practice. Our founder Adrian Lawrence FCA holds an ICAEW practising certificate.