The Certification Regime is the second pillar of the Senior Managers and Certification Regime (SM&CR). It applies to employees who are not senior managers but whose roles could cause significant harm to the firm or its customers, for example traders, customer-dealing staff and material risk takers. The FCA does not pre-approve these individuals; instead, the firm must assess and certify their fitness, shifting the gatekeeping responsibility onto the firm itself.
How certification works
Section 63E of FSMA 2000 requires a firm to issue a certificate to each person performing a certification function, confirming that the firm is satisfied the individual is fit and proper. The certificate must state the function the person performs and is valid for a maximum of 12 months, so firms must reassess and recertify annually. The fitness assessment applies the criteria in the FIT sourcebook (honesty and integrity, competence and capability, and financial soundness) and is supported by regulatory references obtained under SYSC 22.
Which functions are caught
The significant-harm functions are set out in SYSC 27 of the FCA Handbook. They include the CASS oversight function, proprietary and algorithmic traders, client-dealing functions, material risk takers, and managers who supervise certification staff, among others. The exact set depends on a firm’s regulated activities and permissions, so firms must map their roles carefully to identify everyone who requires certification.
Why it matters
Because the firm carries the certification responsibility, weaknesses in assessment or recordkeeping expose it to FCA criticism and enforcement. Firms must operate a robust annual cycle, retain evidence of each assessment, and train managers on how to evaluate and recertify their staff.