If you work for an FCA-regulated financial institution, you’re probably pretty familiar with the Senior Managers and Certification Regime (SMCR).
But just in case you’re not, here’s a quick recap:
According to the Financial Conduct Authority (FCA), SMCR: “aims to reduce harm to consumers and strengthen market integrity by making individuals more accountable for their conduct and competence.”
In other words, it’s designed to make sure the people working at financial institutions are working in the best interests of consumers. The goal is to increase personal responsibility and conduct among managers in FCA regulated companies (of which there are over 50,000).
As part of this goal, SMCR requires companies to make sure their employees are “fit and proper” to undertake their job. This includes assessing their:
- Honesty, integrity and reputation
- Competence and capability
- Financial soundness
Remember: under SMCR, the FCA requires firms to assess fitness and propriety for all Conduct Rules staff, not just Senior Management Functions and Certified Persons.
Conduct Rules only do not apply to Ancillary staff, such as receptionists, security guards, cleaners, or catering staff. Background checks should be tailored to the role, and or to the risk level, to ensure that they are both proportionate and relevant.
The FCA largely avoids prescribing which background checks to include in making these assessments, so what do you need to do to achieve compliance?
Let’s dive in.
Employment credit checks
Let’s start with the most obvious one: credit checks are essential for assessing financial soundness, ensuring employees can responsibly manage their financial affairs. This is a critical requirement under SMCR.
Learn more about credit checks with Zinc.
Criminal record checks
Senior Managers (SMFs) must have Standard DBS checks because these are the roles which are regulated and approved by the FCA or PRA, and the guidance is explicit.
But firms themselves are responsible for oversight of their Certified Persons (CPs), so these roles are only eligible for Basic DBS checks. Incorrectly applying Standard DBS checks to CPs can lead to legal and compliance issues as well as unnecessary delays.
DBS checks are available at three levels: Basic, Standard, and Enhanced. It’s easy to get confused about who needs what.. Even though the FCA guidance states that Senior Managers must undergo the highest legally permissible criminal record check, this does not qualify them for an Enhanced DBS check.
To learn more about each level, and who does need an Enhanced DBS check, read our DBS guide.
Regulatory references
Regulatory references are a mandatory requirement, but you should only seek them for Senior Management Functions and Certified Persons. Requesting regulatory references for Conduct Rule roles outside these categories is mostly just a pain. It can delay background checks unnecessarily, cause frustration for firms receiving these requests, and potentially harm your organisation's reputation.
Remember, FCA-regulated firms have up to six weeks to respond to regulated reference requests and these cause more delays to SMCR screenings than any other background check (and we’ve done a lot of background checks).
Zinc’s Unified Referencing solution means that employment history can be verified using HMRC PAYE data to provide some degree of assurance while regulated references are still pending.
Important to know: the FCA doesn’t impose gap checks on firms as part of assessing fitness and propriety under SMCR. This used to be good practice for Approved Persons when financial services in the UK were regulated by the Financial Services Authority (FSA) until 2013. There’s still a bit of confusion, because some bank panels still insist on gap verification for firms they advise and for their supply chain.
The only regulatory requirement now is that firms must include explanations for any gaps in Senior Manager’s employment history when submitting to the FCA for approval. Good practice is always to seek explanations for gaps, and take additional measures to satisfy yourselves where appropriate.
Referencing is complicated, but it doesn’t have to be. Learn more about how Zinc makes references simple.
FCA Register check
A check of the FCA's Financial Services Register is an essential part of SMCR screening. The check will show the individual's current registration status, their current and previous firms, and any results relating to disciplinary history.
Learn more about FCA register checks with Zinc.
Many firms also include an SMCR self-declaration questionnaire for candidates as part of their pre-employment checks, and annual recertification process for relevant employees.
As part of their pre-employment screening and annual recertification, many firms also require candidates and relevant employees to complete a ‘Fit and Proper’ self-declaration questionnaire.
Directorship checks
Directorship checks are tied to the ‘honesty, integrity and reputation’ criteria of assessing fitness and propriety.
These checks identify conflicts of interest or barring decisions and are now frequently extended beyond Senior Managers and Certified Persons to include other Conduct Rules staff.
Traditionally reserved for the most senior of hires, directorship checks are now crucial for a wide variety of roles, particularly with the rise in individuals establishing sole trader or limited companies as side hustles for secondary revenue streams (thanks, cost-of-living crisis).
Learn more about directorship checks with Zinc.
Qualifications and professional membership checks
Verifying academic qualifications and professional licences/memberships is essential to accurately assess competence and capability.
Checking these credentials, alongside employment history, confirms that individuals genuinely possess the skills and qualifications claimed.
Learn more about education and qualification checks with Zinc.
Other strongly recommended checks
When it comes to SMCR, you can’t be too careful. In order to robustly assess the mandatory honesty, integrity, and reputation criteria firms should conduct some, if not all, of the following:
- PEPs checks: Identify politically exposed persons to mitigate risks linked to bribery or corruption.
- Sanctions checks: Essential for ensuring employees have no restrictions linked to international sanctions regimes.
- Social media checks: Offer insights into online conduct, and potential risks associated with individuals from both operational and reputational perspectives.
- Adverse media checks: Identify negative press or media coverage that could affect an individual's integrity or reputation.
- Cifas checks: For firms who are members, undertaking Cifas checks is a powerful tool in identifying fraud risk before onboarding staff.
Annual fitness assessments and re-certification
If you think checks are done once new hire background checks clear, we hate to break it to you but you’re not finished.
Annual fitness and propriety reassessments are mandatory for Senior Managers and Certified Persons. And even though it’s not explicitly required by FCA regulations, many firms also proactively conduct annual re-checks on Conduct Rules staff.
Background checks only offer a snapshot at the point of completion. An individual’s circumstances, personality, and wellbeing can change over time or in an instant. Any changing situation can create risks to employers, and regular vetting presents opportunities to support staff as well as identifying risks.
Cifas’ Fraudscape 2025 report cited that the majority of internal staff filed for fraud had been in employment between one and three years (41%), highlighting the need for regular re-checks.
Regular re-checks ensure ongoing compliance and proactive risk management, keeping your firm ahead of potential threats.
Specific re-checks are not set out by the FCA, however self-declaration aren’t enough. The FCA’s Guidance on Financial Crime Systems and Controls (FG 18/5) cited conducting annual credit checks, criminal record checks, and open-source internet searches (social media and adverse media checks) on all employees as good practice to prevent insider dealing and market manipulation. Directorship checks, PEPs, sanctions checks, and even Cifas checks should also be considered on an ongoing basis.
Learn more about why periodic re-checks are essential for FCA-regulated companies.
Partnering with a background checking provider
If you use this guidance effectively, you’ll be able to meet your SMCR obligations, mitigate risks, and ensure compliance with FCA guidelines.
Plus, working with a background checking partner like Zinc significantly reduces administrative burden, streamlines processes, and mitigates compliance risks.
But how do you choose a background checking provider?
We think we do a pretty good job over here at Zinc. But we’ve also written an entire guide to choosing a background checking provider versus keeping your checks in-house.
Essential questions to ask include:
- Are they secure and compliant?
- Will it level up our candidate experience?
- Do they offer all the checks we need, not just some?
- Does it integrate with the platforms we’re already using?
- What’s the initial investment, and what are the ongoing costs?
- Is there an efficient re-checking module?
- Will I get a dedicated Account Manager?
- How much time will I save? (Check out Zinc’s turnaround times here)
At Zinc, we’re proud to offer lightning-fast turnaround times, a stellar candidate experience, top notch customer support, and a secure and compliant platform.
Whether you’ve been cycling through the same mediocre background checking providers with little success, or you’re looking to bring one onboard for the first time, we’d love to have a chat with you.
At Zinc, we’re different by design. Don’t just take our word for it, though. Read our customer case studies to see what they have to say about their experiences with Zinc.
When you’re ready to see what the hype is about, be sure to book a demo with our team. We’ll be very happy to show you how you can completely transform the screening experience for you and for your candidates.
