SMCR: What background checks should finance companies be running?

If you work for an FCA-regulated financial institution,  you’re probably pretty familiar with the SMCR, or the Senior Managers and Certification Regime.

But just in case you’re not, here’s a quick recap:

According to the Financial Conduct Authority (FCA), the SMCR: “aims to reduce harm to consumers and strengthen market integrity by making individuals more accountable for their conduct and competence.”

In other words, it’s designed to make sure the people working at financial institutions are working in the best interests of consumers. The goal is to increase personal responsibility and conduct among managers in FCA regulated companies— of which there are over 50,000.  

As part of this goal, the SMRC requires companies to make sure their employees are “Fit and Proper” to undertake their job. This includes assessing whether they possess the following attributes:

1. Honesty, integrity and reputation 
2. Competence and capability
3. Financial soundness

But what exactly do you need to do to prove that? Let’s dive in. 

‍

What does the SMCR have to do with background checks?

If you’re looking to increase the personal responsibility of senior managers in your organisation, you have to start from the beginning of the process: hiring. 

In an effort to get more of your business, background checking companies try to make this process as complicated as possible, with a long list of ‘required’ checks you simply must have. 

At Zinc, we’re all about simplicity. So we’ll tell it to you straight:

The SMCR requires you to demonstrate that your employees are fit and proper: that they act honestly, demonstrate integrity, and are financially sound. 

The supplemental guidance offers lots of options for proving these qualities, but no hard-and-fast rules (which, if you’re a fan of clarity, can be confusing). 

‍

Background checks essential for the SMCR

A Standard DBS check and regulatory references are the minimum requirements for employees working in senior management or certified roles. But they’re not the only ones you need to meet SMCR standards. 

Standard DBS

A Standard Disclosure and Barring Service (DBS) check is a criminal records check that shows all non-spent convictions and some spent convictions. 

DBS checks come in three levels: Basic, Standard, and Enhanced. To learn more about each level, and when you might use them, read our DBS guide. 

Regulatory references

Regulatory references are a form of employment references that check details around, obviously, regulation. The FCA provides a template for regulatory references, but Zinc helps you automate the process (and chases referees for you). Learn more about references with Zinc here. 

You’re required to collect references going back six years, and questions typically include information around a candidate’s suitability for the role, as well as any breaches of conduct. If you’re asked for a regulatory reference, you need to provide it as soon as reasonably possible. 

‍

Other essential checks for SMCR compliance

A Standard DBS check and regulatory references are the absolute minimum requirements for SMCR compliance. But in order to assess your employees in line with SMCR requirements, you probably need to go a little further. 

FCA register check

An FCA register check is essential for assessing if an employee lines up with the “fit and proper” requirements of the SMCR. 

FCA register checks include verifying identity, employment history, checking criminal records, and running a credit check. It makes sure that an individual doesn’t have any disciplinary issues and there is nothing in their background that disqualifies them from meeting the SMCR requirements. 

Directorship check

Directorship checks are tied to the ‘honesty and integrity’ requirements in the SMCR.

They offer peace of mind for legal compliance, risk mitigation, and conflict of interest identification. They help you meet regulatory requirements, check that the candidate isn’t a disqualified director in certain countries, and doesn’t have any conflicts of interest.

Directorship checks assess whether the candidate holds any current or previous directorship positions, which could affect their ability to fulfil their new role effectively. This helps ensure transparency, avoid potential legal or ethical issues, and safeguard the company's reputation and business interests.

Learn more about Directorship checks with Zinc. 

Credit check

A credit check is recommended by the supplemental guidance as a way to assess financial soundness. 

Credit checks run through the TransUnion Credit Bureau search the candidate's name and address for any CCJs (County Court Judgments), IVAs (Individual Voluntary Arrangements), or bankruptcies. Credit checks will also flag if they have any unpaid debt that requires them to be in court. 

‍A credit check indicates financial stability and can identify any potential risk for positions involving financial management or access to sensitive information. If you’re looking to assess financial soundness, this is a solid requirement to have. 

Learn more about credit checks with Zinc.

Qualification check

Having the relevant qualifications for the job is a simple way to assess competence under the SMCR’s “fit and proper” guidelines.

Verifying education credentials or professional certifications directly with institutions is the best way to make sure your candidate has the education they claim to have.

Learn more about education and qualification checks with Zinc. 

What about rechecks?

You can’t just assess if an employee is “fit and proper” when they’re first hired. To comply with the SMCR, you need to assess them on an annual basis. 

That means rechecks. 

Although most employees are trustworthy and honest, continuous post-hire background checks provide a safety net against potential risks by identifying changes in behaviour or circumstances that could compromise security. 

For more information about the role of periodic re-checks in FCA-regulated companies, check out our blog. 

‍

What checks do the rest of employees need?

There’s no requirement under SMCR to conduct background checks on employees not in senior management positions or certified functions. 

But that doesn’t mean you shouldn’t run checks. 

It’s common practice for firms to conduct employment background checks on all staff since, believe it or not, there are benefits to background checks outside of meeting SMCR requirements. Plus, SMCR outlines a firm’s culture of good practice, which can be reflected in your background checking process. 

Background checks are a globally recognised form of due diligence required for international quality standards like ISO 27001 and SOC 2. It’s good, and  responsible practice to take compliance and security seriously everywhere — but especially in FCA regulated companies. 

In order to make sure that you’re doing your due diligence, there are other common checks you can run to stay confident in your hiring decisions:

• Adverse financial history checks
• Adverse media checks
• Employment credit checks
• Identity checks

It’s not advisable to run regulatory references on all employees, since they take longer for firms to return. Plus, many of the questions on the regulatory template will be irrelevant to non-certified or senior roles. 

However, you may choose to bring some of the FCA’s preferred questions into your regular employment background checks, mainly the ones around disciplinary action and fitness for all roles. 

‍

How do I run SMCR checks efficiently?

We’re going to be honest: If you’re a small team (as in, less than 30) and not hiring regularly, you probably don’t need a background checking provider to help you. The process is time-intensive, but be sure to make the decision based on the cost savings of not having an external provider. 

For everyone else, though, SMCR references are too heavy a lift to handle on your own if you don’t have a dedicated in-house solution. Regulatory references can take weeks to return, and it’s time-consuming (not to mention annoying) to have to keep chasing. 

Plus, if you have tight timelines for your onboarding, that just adds more pressure. 

External background checking providers (like Zinc!) can help automate the process and save you time — whether it’s taking the admin off your plate or simply returning checks faster. Especially if you’re running more than just regulatory references and Standard DBS, a background checking provider keeps it all organised and in one place. 

‍

How do I choose a background checking provider?

Lucky for you, we’ve written an entire guide to choosing a background checking provider versus keeping your checks in-house. 

The essential questions to ask include:

• Are they secure and compliant?
• Will it level up our candidate experience?
• Do they offer all the checks we need, not just some?
• Does it integrate with the platforms we’re already using?
• What’s the initial investment, and what are the ongoing costs?
• How much time will I save? (Check out Zinc’s turnaround times here)

At Zinc, we’re proud to say we stand up pretty well to all those questions, with lightning-fast turnaround times, a stellar candidate experience, and a secure and compliant platform. 

‍

Whether you’ve been cycling through the same mediocre background checking providers with little success, or you’re looking to bring one onboard for the first time, we’d love to have a chat with you.

Learn more about Zinc’s work in the financial services, or book a demo with us today and we’ll be in touch. 

‍