UK SMCR: A Paradigm Shift to GRC Accountability
The UK Senior Manager’s Regime and Certification Regime (UK SMCR) is a paradigm shift in regulation and accountability. In one context, I have used the analogy that it is the “One Ring” in Tolkien’s Lord of the Rings. Instead of a ring, it is the:
One [REGULATION] to rule them all, One [REGULATION] to find them [RISK, COMPLIANCE, CONTROL], One [REGULATION] to bring them all, and in the [ENFORCEMENT] bind them.
UK SMCR is a significant challenge for financial services firms. This year, the Financial Conduct Authority (FCA) is applying the regulation to all firms governed by the FCA: over 58,000 organizations. This is the governing regulation of all regulation and risk as it enforces senior manager/executive accountability for all aspects of risk and compliance. It puts personal accountability on senior directors and executives if there is negligence or lack of due diligence in managing risk, conduct, compliance, and controls. These senior managers could go to jail or be personally fined (and their organization cannot reimburse them). It is the UK SMCR regulation that sees that other risk and compliance is properly managed across the organization. For example, Barclay’s CEO was recently fined £640,000personally under UK SMR/CR.
This is a significant shift from responsibility to accountability. The difference may seem subtle, but it is real. Accountability means . . .
[The rest of this blog is continued as a guest blog by GRC 20/20 on the SureCloud site]