Resources
Post a Job
 Special offer 

Jumpstart your hiring with a £100 credit to sponsor your first job.*

Sponsored Jobs posted directly on Indeed are 65% more likely to report a hire than non-sponsored jobs**
  • Visibility for hard-to-fill roles through branding and urgently hiring
  • Instantly source candidates through matching to expedite your hiring
  • Access skilled candidates to cut down on mismatched hires
*The £100 Sponsored Job credit offer is only available for new accounts in the UK that post a job and expires one year after account creation. Upon expiration of the credit, users are charged based on Sponsored Job budget. Terms, conditions and quality standards apply **Indeed data, United Kingdom, Q2 2024

A guide to SMCR conduct rules

Edited by Indeed Employer Content Team
Last updated 26 November 2025

Your next read

How to write an employee code of conduct
What are codes of conduct and how to establish one
Everything you need to know about the IR35 rules
How to write an employee code of conduct
What are codes of conduct and how to establish one
Everything you need to know about the IR35 rules
Records retention in the UK
Compliance management systems: an introduction
Data protection and HR GDPR for employers
Our mission

Indeed’s Employer Resource Library helps businesses grow and manage their workforce. With over 15,000 articles in 6 languages, we offer tactical advice, how-tos and best practices to help businesses hire and retain great employees.

Read our editorial guidelines
6 min read

SMCR stands for the Senior Managers and Certification Regime… This guide outlines publicly available information on the SMCR conduct rules and describes common approaches organisations may use when interpreting or implementing them.

Ready to get started?

Post a job

Ready to get started?

Post a job

What is the SMCR?

Public FCA sources outline the purpose and scope of the SMCR. Many organisations review these resources to understand how the regime may relate to their activities. According to the FCA, the legislation is in place to ‘reduce harm to consumers and strengthen market integrity by creating a system that enables firms and regulators to hold individuals to account’. Although it originally only applied to banks, it now applies to all FCA-regulated companies.

Background checks for senior management

Under the SMCR framework, senior management roles are subject to approval by the FCA or the PRA. Regulators may require background checks—such as criminal record, directorship, or credit checks—as part of their assessment. Specific requirements depend on the role and current regulatory guidance. Public FCA and PRA sources describe the types of assessments regulators may use when reviewing senior management applications.

Certification for employees

Public FCA sources outline fit-and-proper considerations for certain roles. Organisations often review these alongside their internal policies. Some organisations choose to use background checks as part of their assessment process, depending on the role and their internal policies. Unlike senior management, however, they do not need to be approved by the FCA or PRA.

Helping your employees follow the SMCR’s conduct rules

SMCR conduct rules ensure that your employees are following the best practices for a FCA-regulated business. All employees must follow these basic principles and the FCA can assess your business’ compliance according to them. Many FCA-regulated organisations aim to support employee awareness of these conduct rules as part of their compliance frameworks. 

What are the SMCR conduct rules?

Public FCA resources outline the conduct rules, including how they are categorised. Refer directly to FCA sources for the current wording. Below are the different conduct rules for each tier:

First tier

The first tier applies to individuals in your organisation. The rules in this tier are:

  • You must act with integrity.
  • You must act with due care, skill and diligence.
  • You must be open and cooperative with the FCA, PRA and other regulators.
  • You must pay due regard to the interests of customers and treat them fairly.
  • You must observe proper standards of market conduct.

Second tier

Second tier applies to senior managers in your organisation. The rules in this tier are:

  • SC1 – You must take reasonable steps to ensure that the business of the firm for which you are responsible is controlled effectively.
  • SC2 – You must take reasonable steps to ensure that the business of the firm for which you are responsible complies with the relevant requirements and standards of the regulatory system.
  • SC3 – You must take reasonable steps to ensure that any delegation of your responsibilities is to an appropriate person and that you oversee the discharge of the delegated responsibility effectively.
  • SC4 – You must disclose appropriately any information of which the FCA or PRA would reasonably expect notice.

Now that you have an understanding of the rules you and your employees must follow, you may be wondering how to implement these effectively. Below, we will provide some suggestions for implementing the SMCR conduct rules into your business practice.

How to make sure that your employees follow the SMCR rules

To make sure that employees at any level comply with the SMCR rules, it is important to provide training in the Conduct Code. Being able to prove that you have trained your employees in the Code may help you to prove that you have been diligent about this if the issue is raised by a regulator. Ways to train your employees include:

Creating a training programme

Organisations often use internal training programmes—such as e-learning, scenario-based modules or quizzes—to help employees understand how the SMCR may relate to their roles. Approaches vary depending on company size, industry and internal policy. You might create quizzes or use e-learning to help set individualised learning goals for your employees. Showing them how the SMCR applies to real-world scenarios during their training can also help them to learn faster, as well as help them to implement rules relevant to them.

Helping employees to feel comfortable with reporting any breaches of the rules

Employees who haven’t been adequately trained in the SMCR rules may not feel comfortable with reporting misconduct, particularly if they are not sure if there has been a breach or not. By empowering them to feel confident about the rules, they are more likely to be able to spot instances of misconduct in real-world scenarios.

According to the FCA, breaches made by most employees need to be reported through the annual reporting process. For more information on this, please visit the FCA website. Official FCA materials outline the categories of information firms may be required to report. Refer to FCA guidance for current specifications:

  • Details about the individual who has committed the breach;
  • Details about what Conduct Rules have been breached;
  • Details about the disciplinary action taken.

If a breach occurs, organisations often keep records of any internal steps they take to address the issue. FCA guidance notes that firms generally report information such as:

  • Whether any disciplinary action was taken;
  • The nature of the action, where applicable;
  • How the firm responded to the breach overall.

Official FCA resources provide the most up-to-date information on what firms may need to include in their reports.

According to FCA guidance, firms typically submit an annual report (known as a REP008), even where no breaches have occurred. The FCA also outlines specific timelines for reporting certain breaches involving senior managers. For the most up-to-date requirements, refer directly to FCA resources. This is known as a REP008. However, senior managers breaching these rules will have to be reported by your company within at least seven working days. Therefore, it is worth familiarising yourself with the differences. 

What happens if your business doesn’t follow the SMCR conduct rules?

FCA guidance notes that firms may face regulatory consequences—including potential fines—if they do not meet applicable SMCR requirements. The nature of any consequences depends on the circumstances and current regulatory expectations. Remaining compliant is central for FCA-regulated firms, as noted in official FCA guidance. Not only can remaining compliant help you to avoid criminal charges and fines, it can also make sure that your business’ reputation stays intact.

FCA-regulated companies have to stay compliant with the SMCR conduct rules, otherwise they might risk fines or criminal charges. Many organisations use training, internal policies and reporting processes to support their SMCR-related responsibilities. For detailed requirements, it’s best to refer to the FCA’s official guidance or seek qualified professional advice. FCA guidance notes that firms typically submit an annual report (REP008). Requirements can vary, so refer to official FCA resources for current rules. 

Recent Accountancy Articles

See all articles in this category
Create a culture of innovation
Download our free step-by-step guide on encouraging healthy risk-taking
Get the guide

Three individuals are sitting at a table with a laptop, a disposable coffee cup, notebooks, and a phone visible. Two are facing each other, while the third’s back is to the camera. The setting appears to be a bright room with large windows.

Ready to get started?

Post a job

Related articles

Mileage rates and allowances: What UK employers should know
Read article
What is people analytics?
Read article
Records retention in the UK
Read article

Indeed’s Employer Resource Library helps businesses grow and manage their workforce. With over 15,000 articles in 6 languages, we offer tactical advice, how-tos and best practices to help businesses hire and retain great employees.

Read our editorial guidelines