Skip to main content

Written by Matt Raver
Managing Director

Written by Catherine Ruberry
Regulatory Policy and Development Manager

The murky domain of “Non-Financial Misconduct” moves inexorably into ever sharper focus. A significant milestone was the Senior Managers & Certification Regime (“SMCR”), rolled out from 2016 through 2019 until the whole financial services sector was caught within its net. Its tripartite structure addresses all levels of staff, from Senior Managers through Certification Scheme employees and middle managers, down to the universal “Conduct Rules”. In the interval while the UK Regulators review industry responses from their Call for evidence on SMCR, they have further refined their expectations of industry conduct in a Consultation on Diversity & Inclusion requirements which, if adopted, will add new elements to the SMCR regime (see our article, The FCA’s diversity and inclusion requirements-conduct-and-culture-re-visited).

With this initiative, the Regulators are proposing explicit guidelines for what may constitute Non-Financial Misconduct. In the past, other than for banks, “Non-Financial Misconduct” did not feature in the Conduct Rules (applied universally to all staff), but now these principles cut across both Senior Managers and Conduct Rules Regimes – extending also to more junior staff. In the past, some individuals may have exhibited a significant behavioural issue but without a criminal conviction or a regulatory enforcement, the salient facts remained outside the public domain and such conduct was difficult to address. This initiative, therefore, sheds welcome light on a previous grey area and should bring cultural shifts within organisations while all levels of staff adjust to the new standards.

A stated purpose of SMCR was to bolster market integrity by enabling firms and regulators to hold individuals to account. This meant requiring staff to take personal responsibility for their actions, improving conduct at all levels, and ensuring all parties clearly understand, and can demonstrate, who does what.

Now, with the Economic Crime and Corporate Transparency Act (“ECCTA”), Regulators have turned a welcome spotlight on corporate financial crime which includes bribery, tax evasion and fraud. SMCR principles are being shown to extend beyond the baseline rules to dovetail with broader initiatives. The common factor is “accountability” – Regulators are determined to strip away the loopholes and disguises used by financial malefactors, holding corporations liable for the actions of individual managers and sometimes other staff as well.

Among other significant initiatives, “Failure to prevent fraud”, a new criminal offence, makes “large organisations” – (any two of:  turnover > £36 million, total assets >£18 million, or > 250 staff, including international groups and subsidiaries) – criminally liable for a fraud committed by any associated person – whether employee, agent or subsidiary – with intent to benefit the organisation. This encompasses all sectors and corporate bodies, including charities, certain acts committed abroad, and companies incorporated in any jurisdiction.

In the wider sense, ECCTA updates a legal principle known as the ‘identification doctrine’. This renders businesses criminally liable for the actions of their senior managers who commit or encourage an economic crime, in the “actual or apparent” course of their duties. Under the existing common law principle, for many offences, this applied only to individual(s) whose conduct, and state of mind, represented the company’s “directing mind and will”. Especially in large organisations, senior staff with substantial decision-making powers over large areas of business were often not considered sufficiently controlling to hold the company liable. Now, interestingly, this will be extended to anyone who organises, managers or decides matters for the “whole or a substantial part” of the business, and is not restricted by job title, nor by the definition of “Senior Manager” in other regulatory initiatives.

The identification doctrine applies to all organisations, with respect to specified economic crimes. However, the government has stated its aim to extend this to all criminal offences in future.

The change removes the ability for a company to hide behind complex management structures and so to evade scrutiny.

The onus, therefore, falls on companies to ensure the propriety and integrity of all with management responsibilities and on larger companies, of all associated staff and agents.

On the application of SMCR, we may recall the very first case brought by the joint regulators under the regime. James Staley, erstwhile Chief Executive of Barclays, was fined £642,430 and found to be in breach of individual Conduct Rule 2, “You must act with due skill, care and diligence”, when instead of maintaining an appropriate distance, he attempted to identify the author of an anonymous letter, of which he was the subject of certain allegations (a more likely choice might seem to have been Rule 1, the requirement to act “with integrity”).

And Mr Staley is in the news again, this time for unsavoury associations less close to his financial role at Barclays. The FCA has fined him £1.8 million and banned him from holding senior management or significant influence functions in the financial services industry. Its findings are provisional, as Mr Staley has referred his Decision Notice to the Upper Tribunal.

The FCA found that Staley recklessly approved a letter from Barclays to the FCA which contained two misleading statements, about the nature of his relationship with Jeffrey Epstein, and the point of their last contact.

In August 2019, the FCA asked Barclays to explain how it had established that there was nothing improper in the relationship between Staley and Epstein. Barclays’ response relied on information supplied by Mr Staley, who confirmed the letter was fair and accurate. It claimed that they did not have a close relationship, when in emails, Staley described Epstein as one of his “deepest” and “most cherished” friends.

Barclays’ letter to the FCA also claimed Staley ceased contact with Epstein long before joining Barclays, when they were in contact in the days leading up to this appointment as CEO, announced October 2015. Staley did not draft the letter, but the FCA considered there was no excuse for failing to correct the misleading statements when he alone at Barclays could have known the extent of the personal relationship with Epstein, or the specific timings of their contact. The FCA found Staley was aware of the risk to his career posed by association with Epstein.

The FCA concluded that, by not correcting the misleading statements in Barclays’ letter, Staley recklessly misled the FCA and acted with a lack of integrity.

Therese Chambers, the FCA’s joint Executive Director of Enforcement and Market Oversight, said: “We consider that he misled both the FCA and the Barclays Board about the nature of his relationship with Mr Epstein…. It is right to prevent him from holding a senior position in the financial services industry if we cannot rely on him to act with integrity by disclosing uncomfortable truths about his close personal relationship with Mr Epstein.”

As this case clearly demonstrates, a Senior Manager’s personal life and behaviour outside the workplace, when juxtaposed with their business life, may be relevant when determining their fitness for a career in the financial industry. The issue was not so much Staley’s association with Epstein, but his lack of full disclosure when his employer was questioned by the Regulator. As we have seen, the Diversity and Inclusion initiatives propose to extend some of these principles to more junior staff; for economic crime, ECCTA’s revised identification doctrine now draws in many senior staff previously beyond its reach. The legal and regulatory initiatives and the Staley enforcement action all tend towards raising baseline standards for conduct in the industry – Non-financial, and otherwise!

Click here for our extensive suite of CPD-certified online SMCR training courses, bespoke to a variety of firm-types (Core, Enhanced and Limited Scope Firms, Banks, Building Societies and Credit Unions).


All courses are accessible on our bespoke web or app platforms immediately upon purchase.



All courses are delivered through fully-automated, interactive online visual solutions.



Courses cost from as little as £20 per Learner per Course, or £6 per Learner on Subscription.



A certificate is issued on successful completion of all courses for compliance-filing and all UK courses are CPD-certified.



All courses include regular ‘Check Your Knowledge’ sections throughout and an end-of-course Quiz.



Courses take from 30 to 90 minutes to complete and can be viewed and completed in multiple sittings.


Purchasing, Onboarding & Volume Discounts

You can purchase any combination of our broad range of e-Learning courses and onboard multiple users in your Firm, in just four quick and easy online steps:

  1. Select the courses and add them to your Basket
  2. Checkout and purchase your course(s)
  3. Sign In and Register your relevant employees/Users
  4. Allocate all your registered employees/Users to their course(s)

We’ll help you connect the dots with clear prompts and assistance throughout this quick and easy four-step process, which includes applying automated Volume Discounts depending on the number of courses you purchase, as follows:

Number of courses Volume Discount
10 – 24 Courses 2.5% Discount
25 – 49 Courses 5% Discount
50 – 99 Courses 7.5% Discount
100 – 149 Courses 10% Discount
150 – 199 Courses 12.5% Discount
200 – 249 Courses 15% Discount
250 – 299 Courses 17.5% Discount
>300 Courses 20% Discount

You will receive an enrolment email for each Course you sign Users up to.

Once registered and enrolled onto their course(s), your employees/Users will each receive a welcome email inclusive of their login credentials/instructions together with a separate enrolment confirmation for each of their courses.

All Clients have access to a centralised User Dashboard with Live Reporting on the progress of all your enrolled employees/Users and from where you can download all your employees/Users Course Certificates once they have successfully completed their courses. This is clearly explained in our Power User Guide, downloadable from your Account.