Azure Optimisation Over Time

The Edinburgh Reforms – SM & CR

Posted on February 24, 2023

Estimated reading time 1 minutes

The Senior Managers & Certification Regime

The SM&CR was created to reduce harm to consumers and strengthen market integrity by making individuals within regulated entities more accountable for entities conduct and competence. The SM&CR has proven to be a real catalyst for change, and provided an opportunity for firms to establish healthy cultures and effective governance by encouraging greater individual accountability and setting a new standard of personal conduct. This continues in firms in 2023 with focus on ESG guidelines within funds.

The SM&CR aims to encourage a culture whereby staff at all levels can take personal responsibility for their actions and to ensure that firms and staff clearly understand and can demonstrate where responsibility lies. The Edinburgh Reforms announced that in Q1 2023, the Government will launch a Call for Evidence to look at the current legislative framework of the SM&CR to garner views on its effectiveness, scope and proportionality, and on potential improvements and reforms.

The regime and operational resilience

The FCA reviewed their SM&CR regime in 2019 and the PRA in 2020, so while sweeping changes aren’t expected, individuals who are responsible under the regime will be aware the regime has been embedded in other areas of regulation over time, including operational resilience. The role of boards and senior managers is central to operational resilience of a firm, particularly during times of implementing change. This includes firms roadmaps for continued digitisation and automation, which is part of the wider technology initiatives most firms should be well on the way to setting out as part of their scope for future proofing frameworks for new regulatory challenges.

Setting impact tolerances and the role of service providers

Part of the role of boards and senior management is to set impact tolerances that are appropriate for their organisation as they move towards a more digitised operational model, under FCA guidance. Further, board chairs are to ensure that the board has adequate knowledge, skills and experience to provide constructive challenge in relation to the choice of important business services, including articulating and maintaining a culture of risk awareness and ethical behaviour which helps drive operational resilience. The role of the outsourced service provider sits firmly in this category, and firms should look to partner with firms whose credentials are such that risk awareness and ethical and cultural ideals align.

How to align technology ideals for business flow

There is no question that the regulator is moving to a more digitised model and firms that haven’t done the same will find themselves in less competitive position. Individuals within firms who have regulatory responsibilities should now be looking at how to align technology ideals for future business flow: IT architecture, data strategy and cyber security being three main drivers as part of a clear governance and risk policy. SM&CR responsibilities will continue to align with internal ESG strategies as they are developed, providing accountability to the regulator, investors and partners alike.

How can we help?

As Microsoft accredited cloud service providers we’ve got the tools and talent to put the incredible potential of cloud technology at the heart of your operation.

Fill in the form to speak to one of our cloud consultants about your cloud project. Let’s get the conversation started.


    First name
    Last name