Published August 2025

The SM&CR was originally introduced to improve accountability and culture in financial services. It applied to thousands of firms across banking insurance, and financial markets, requiring clear designation of responsibilities for senior managers, certification of certain staff for their fitness and propriety, and conduct rules applicable to nearly all employees.

However, since its extension across the industry in 2019, stakeholders, including firms, industry bodies and governance, have raised concerns about is complexity, cost and administrative burden, particularly for smaller and midsized firms.

Phases:	Timelines:
Phase 1:	Rules are expected around early to mid-2026
Phase 2:	Precise details to be confirmed as they’re dependent upon legislative amendments.

Figure 1: Phased timeframes

In response, the FCA and HM Treasury have initiated a two-phased reform process:

• Phase 1: (now out for consultation) Covers FCA handbook changes that do not require legislation.
• Phase 2: (legislation changes) Will follow in partnership with the Treasury and be subject to future consultation.

Key proposals in CP25/21

The consultation includes several important reforms aimed at simplifying and compliance, improving efficiency, and reducing regulatory burden while maintaining high standards of governance and accountability.

1. Improved approval and notification process

The FCA proposes to streamline and digitise the senior manager approval process, reduce unnecessary paperwork, and make it easier for firms to navigate the application pipeline.

2. Extended certification and notification deadlines

Firms will be given more flexibility and time to certify staff, notify the regulator of changes, and make internal governance updates, reducing the pressure to act within short deadlines and allowing better planning.

3. Higher thresholds for enhanced regime

The FCA suggests raising the criteria for firms to fall within the “Enhanced” SM&CR regime, meaning fewer mid-sized firms would face the additional responsibilities such as maintaining responsibilities maps or handover procedures.

4. Clarifying conduct rule breach reporting

Proposals include simplifying how firms report breaches of Conduct Rules, focusing on materiality and consistency, and avoiding unnecessary duplication or over-reporting.

5. Preparation for phase 2 legislative reforms

Although not part of the current consultation, the FCA outlines potential future legislative changes including:

• Abolishing the Certification Regime
• Reducing the number of approved roles
• Simplifying responsibilities maps
• Removing the Directory of certified staff

Benefits for Firms

The proposed reforms could deliver tangible benefits for regulated firms, especially in areas that have become resource-intensive under the current regime.

Figure 2: Envisaged benefits of SM&CR reforms

Reduced administrative burden

By extending deadlines and simplifying processes, firms will likely spend less time managing SM&CR documentation, recordkeeping, and back-and-forth communication with the regulator

Proportionality for smaller firms

Many firms currently subject to the Enhanced regime may be reclassified, which could significantly reduce compliance obligations, saving time and cost, particularly for HR, compliance and legal teams

Better clarity and focus

Streamlining breach reporting and reducing unnecessary approval requirements may allow compliance teams to focus on higher-risk areas, improving outcomes for both firms and regulators.

Smoother talent management

Simplifying the Certification Regime could also make it easier for firms to hire, certify and onboard staff without excessive regulatory delays, which has been a growing friction point in talent-constrained markets.

Challenges for Firms

Despite the positive direction of reform, there will be short- and medium-term challenges for firms must proactively manage.

Transitional Complexity

Reforms may temporarily increase complexity as firms will need to run dual processes, manage SM&CR under the current framework, and prepare for changes expected in 2026 and beyond.

Governance Gaps during Transition

Simplification doesn’t mean lower expectations. the FA has reiterate that governance and individual accountability remain core principles. If firms misinterpret the reforms as a relaxation of standards, they risk supervisory scrutiny or enforcement.

Resource constraints

Smaller firms, in particular, may lack the internal capacity to revised governance frameworks, update policies, and retain staff on new SM&CR processes whilst continuing business as usual.

How RegTech can Help?

In this landscape of reform and transition, Regulatory Technology can play a transformative role. Let’s consider the following aspects:

1. Digital Responsibilities mapping

RegTech platforms can dynamically create and update responsibility maps as roles change. With potential simplifications coming, these platforms can automate responsibilities allocation, reducing risk of omissions or duplications.

2. Workflow Automation for approval and certification

Automated workflow tools can streamline internal approval changes, reminders and signoffs, related to senior manager appointment and certifications. This becomes even more powerful as deadlines are extended, firms can build compliance into HR systems rather than relying on spreadsheets or ad hoc processes.

3. Breach reporting and conduct rule monitoring

RegTech solutions with built-in conduct rule libraries and breach logging workflows can help firms respond to the new, clearer reporting standards. With integrations to case management or whistleblowing systems, firms can create a full audit trail and reduce manual error.

4. Compliance dashboards

With responsibilities, breaches, deadlines, and certifications spread across multiple functions, RegTech can centralise all key SM&CR indicators on real-time dashboards, helping senior managers and compliance officers monitor compliance health at a glance.

5. Training and attestations

RegTech tools can automate the delivery, tracking, and renewal of conduct rules training, certification attestations, and fit-and proper tests, ensuring firms stay on top of obligations with minimal overhead.

Looking ahead: Preparing for the next Phase

Firms should not adopt a ‘wait and see’ approach. The Phase 1 changes are likely to be implemented in mind-2026, and Phae 2 reforms may arrive soon after. Proactive firms should:

• Engage with the consultation before 7 October 2025
• Map their current SM&CR framework and identify inefficiencies
• Asses their technology slack and explore RegTech that can automate key processes
• Train senior managers and certification staff on anticipated changes

Figure 3: Key Dates

Next Steps

The SM&CR forms in CP25/21 signal a pragmatic shift in UK financial regulation, retaining accountability whilst reducing burdens that can hinder operational effectiveness. For firms, the key will be to embrace simplification without diluting governance, and to use technology to scale their compliance in a smarter, more agile way.

As RegTech solutions mature and regulatory expectations evolve, the future of individual accountability in financial services may become not just more manageable, but more strategic.

The SM&CR reforms in CP25/21 signal a pragmatic shift in UK financial regulation, retaining accountability whilst reducing burdens that can hinder operational effectiveness. For firms, the key will be to embrace simplification without diluting governance, and to use technology to scale their compliance in a smarter, more agile way.

As RegTech solutions mature and regulatory expectations evolve, the future of individual accountability in financial services may become not just more manageable, but more strategic.

How Ruleguard helps the Financial Sector

Ruleguard is an industry-leading GRC software platform designed to help regulated firms manage the burden of evidencing and monitoring compliance. It has a range of tools to help firms fulfil their obligations across the UK, Europe, N America, and APAC regions.

Transform the way your firm manages accountability and compliance.

Ruleguard's Accountability Regime Solution is designed to simplify compliance with various international accountability frameworks, including the UK’s SM&CR, Ireland’s SEAR, Singapore’s IAC, Hong Kong’s MIC, and Australia’s FAR. It supports key requirements like fitness and propriety assessments, certification, MRMs, SORs, and individual conduct breaches.

Ruleguard is a comprehensive solution that lets you protect and propel your business forward through the complex regulatory landscape.

Contact the author

Priscilla Gaudoin Head of Risk & Compliance | Ruleguard Email: priscilla.gaudoin@ruleguard.com Connect: https://www.linkedin.com/in/priscillagaudoin/

If you’d like to learn more, please contact us for further information on: Tel: 0800 408 3845 or hello@ruleguard.com.

Related Webinars, White Papers and Blogs

Ruleguard hosts regular events on various regulatory topics. You can watch our webinars on-demand at your convenience, or read our blogs, white papers and tune in to our podcasts.

Jade ThirdEye has released two new episodes of The FinCrime Connection podcast, covering the latest regulatory and compliance shifts across Australia, New Zealand, and the UK.

Australia & New Zealand

AUSTRAC has closed enforceable undertakings with NAB, PayPal, and Perth Mint, highlighting the heavy costs of remediation and the need for proactive compliance. At the same time, AUSTRAC is rolling out new educational resources for Tranche 2 entities, including webinars and sector-specific guidance. In New Zealand, the shift to a single supervisor under the Department of Internal Affairs is reshaping expectations, while the November 2025 SWIFT MX transition is fast approaching.

Listen to the ANZ episode here

United Kingdom

The UK’s 2025 National Risk Assessment estimates over £12 billion in criminal cash annually, with property and fintech at the centre of laundering risks. The FCA and NCA’s new System Priorities set out nine cross-sector areas of focus, including crypto resilience, international fraud, and sanctions evasion. Meanwhile, reforms to the Money Laundering Regulations aim to make compliance more targeted and practical.

Listen to the UK episode here

These updates underline a global trend: regulators are combining sharper enforcement with new frameworks and guidance, raising the bar for financial crime prevention.

Sydney, 25 August 2025 - FrankieOne, the global RegTech platform for identity verification, fraud prevention, and compliance, has been awarded “Data Initiative of the Year” at the 2025 Asia FinTech Awards, for its Advanced Analytics Dashboard, built in partnership with ThoughtSpot.

Historically, accessing insights on fraud, risk, and compliance required data scientists, SQL queries, or lengthy manual reporting processes. This not only slowed decision-making but also restricted usage to a small group of technical users. FrankieOne has broken that barrier with an AI-driven natural language interface, enabling enterprises to interact directly with their risk and compliance data.

The initiative is powered by large language models (LLMs) that mark a true AI transformation in how enterprises interact with compliance and fraud data. Instead of relying on data scientists or complex SQL queries, risk and compliance teams can now ask questions in natural language, surface insights instantly, and even trigger actions directly from the interface. This represents a material leap forward from legacy dashboards, moving beyond static reporting to deliver an AI assistant for compliance and fraud that makes intelligence faster, easier, and more accessible at global scale.

Since launch, FrankieOne’s AI-powered analytics has delivered measurable impact, including:

• Thousands of hours saved annually in reduced manual reporting, equating to over $500K in productivity gains.
  
  
• Power users contributing 232 hours per week in analytics-driven productivity - equivalent to 6.19 full-time employees annually.
  
  
• Proactive business alerts integrated with Slack and Teams, notifying users in real time when anomalies or threshold changes occur (e.g. pass rates or volumes), ensuring teams can quickly address potential issues and maintain account health.

Adopted by leading enterprises including Westpac, PointsBet, and Shopify, FrankieOne’s solution is helping organisations achieve faster time-to-value, enhance operational efficiency, and gain greater visibility into the health of their compliance frameworks. This award highlights FrankieOne’s differentiation in the RegTech market as one of the first to deliver true AI-driven analytics and assistance for compliance and fraud.

Simon Costello, Co-Founder and CEO of FrankieOne, said:

“This award reinforces FrankieOne’s position as an AI-first company. With our new LLM-powered interface, customers can now interact with their compliance and fraud data in natural language, asking questions, surfacing insights, and triggering actions that previously required data scientists or complex SQL queries. This represents a step-change from when insights that were historically under-used are now available instantly to risk and compliance teams, driving real business impact. We’re proud to be setting a new standard for how enterprises access and apply intelligence across onboarding, fraud, and compliance - faster, easier and at global scale.”

Stuart Rees, Country Manager ANZ at ThoughtSpot, said:

“We’re thrilled to see FrankieOne recognised for transforming how enterprises use data. By embedding ThoughtSpot’s AI-powered analytics directly into the FrankieOne platform, customers can now engage with their risk and compliance data in entirely new ways - from natural language queries to proactive alerts - unlocking faster, smarter decision-making worldwide. We can’t wait to continue the partnership with the FrankieOne team and the team here at ThoughtSpot.”

Looking Ahead

FrankieOne will continue to expand its AI-driven analytics capabilities in collaboration with ThoughtSpot, helping enterprises worldwide interact with their compliance and fraud data more intuitively, respond faster to regulatory change, and deliver trusted, transparent customer experiences at global scale.

Media Contacts
Jessica Turnbull
jessicaturnbull83@gmail.com
+61 457 513 105

AUSTRAC’s recent directive to Binance Australia has underlined the growing risks in the digital assets sector and the pressure on exchanges to maintain robust AML/CTF controls. With high transaction volumes linked to scams, rising bank de-risking, and increasing regulatory scrutiny, crypto companies are recognising that compliance is not just about ticking boxes — it’s about building trust, protecting customers, and securing long-term access to financial networks.

In Personr’s latest article, you’ll learn:

• Why regulators are intensifying their focus on crypto compliance, and what this means for exchanges

• How technology-driven, end-to-end solutions can strengthen oversight and improve operational efficiency

• Why adopting integrated compliance platforms can transform regulatory obligations into a competitive advantage
  
  

Read the full article from Personr here: Why Crypto Companies Are Turning to End-to-End Compliance Solutions

YORK, 5 AUGUST 2025 - Principality, Wales’ largest Building Society, has partnered with Jade ThirdEye to enhance its ability to detect and prevent money laundering and financial crime. This collaboration sees Principality join over a third of UK building societies using ThirdEye's Software as a Service (SaaS).

Principality Building Society has over 50 branches and 14 agencies across Wales and its border, offering savings accounts and mortgage solutions to over 500,000 members.

Kara Conlon, Head of Financial Crime at Principality Building Society, commented, “Jade ThirdEye will significantly enhance our Financial Crime Team's efficiency. By automating transaction monitoring, the team can dedicate more time to investigating suspicious activities and safeguarding our Members from financial crime - helping make more possible for them, and the communities we serve by ensuring a safer financial environment.

They offer the flexibility to create, adjust, and manage Anti-Money Laundering and Financial Crime rules, enabling quick responses to evolving risks.

As a cloud-based managed service, it is particularly appealing due to its automatic and regular updates, ensuring the system remains current and effective - supporting our ability to adapt and innovate in ways that benefit our Members.”

Claire Rees, ThirdEye’s Financial Crime Regulatory Specialist, added, “We are delighted that Principality chose Jade ThirdEye to enhance their Anti-Money Laundering and Financial Crime compliance.  We look forward to supporting them in their fight against financial crime with a solution designed to scale with their needs over time.

About Jade ThirdEye

Jade ThirdEye is a SaaS anti-money laundering solution proudly brought to you by Jade Software, a Skipton Group company.  Jade Software brings over 40 years of experience to the table.

Assisting organisations in the UK fight financial crime since 2012: Jade ThirdEye is configurable according to each organisation's risk profile.  The solution is purpose-built to automate ongoing transaction monitoring, customer screening and case management. Jade ThirdEye reduces time spent on low-value tasks, freeing time to focus on investigating suspicious activity.

Press Contact:
Rebecca Green
Marketing Lead UK
M +44 (0) 7866 061 773
E rgreen@jadeworld.com
W www.jadethirdeye.com  

Onboarding in finance is a delicate balance: make it too complex, and customers drop off; make it too simple, and you risk compliance breaches and fraud.

With stricter regulations, rising identity threats, and pressure for seamless digital experiences, risk-based onboarding is becoming essential.

By tailoring verification steps to each customer’s risk level, you can:

• Streamline low-risk customer approvals

• Automate enhanced checks for high-risk profiles

• Stay compliant without adding friction

FrankieOne’s latest blog outlines how to map your process, align with compliance teams, and build agile onboarding flows that boost conversions while meeting evolving AML/CTF requirements.

Read more → https://frankieone.com/frankieone-blog/risk-based-onboarding-balancing-seamless-customer-experience-and-compliance

Jade ThirdEye published the latest version of the FinCrime Connection, discussing the latest news in Financial Crime

FinCrime Connection AU
Key story: AUSTRAC’s changing enforcement priorities
Video: https://youtu.be/ISizQzmMHBU
Article: https://www.jadethirdeye.com/resources/blog/the-fincrime-connection-au-july-2025

FinCrime Connection UK
Key stories: 1) NCA Celebrates 10 Years of Public Private Partnerships, 2) FCA Embraces AI Innovation Through “Supercharged Sandbox”, 3) Monzo’s AML Fine Highlights Familiar Patterns
Video: https://youtu.be/bec5uFoKW2A
Article: https://www.jadethirdeye.com/resources/blog/the-fincrime-connection-uk-july-2025

London, UK, 10th July 2025 – Engage Hub, the data-driven AI journey automation company, announced today that it has won the award for providing cutting-edge, AI-powered solutions at this year’s Sainsbury’s Tech Conference.

This is the third time Engage Hub has been recognised by Sainsbury’s, having previously won the award for best ‘Customer Experience’ at Sainsbury’s Tech Supplier Awards in 2024 and for best innovation delivered by a ‘Technology Supplier’ at their Tech Peak Performance Awards in 2022, recognising our contribution to the retailer’s digital transformation.

Delivering contextual intelligence to elevate the Argos’ customer experience

As part of Sainsbury’s ‘Continuous Improvement’ programme, Engage Hub’s AI-powered Contextual Routing solution was deployed across Argos customer contact channels – encompassing both voice and live chat. By dynamically routing customers based on intent, real‑time data and order details, Engage Hub’s intuitive technology empowered Argos to deliver a more seamless, personalised self‑serve journey for their customers.

The outcomes included:

• Reducing contact volumes and average handling time (AHT)
• Freeing up agent capacity to deal with more complex tasks
• Making customer journeys easy through intelligent personalisation

Measured impact:

• Over half a million customers were routed via Contextual Routing solution
• Sixty seconds saved per customer contact
• Average handling time (AHT) reduced by over 33% across channels

With a program of further automated journeys being deployed throughout 2025/26, Engage Hub expects the efficiency and experience results to grow even further.

“From supporting Sainsbury’s customer‑centric ambitions to transforming the Argos experience, this award reflects our joint commitment to innovation,” said Ray Tierney, CEO at Engage Hub. “Back in April 2024 we were honoured to win for best ‘Customer Experience’ – now we have extended that work, delivering tangible, scalable impact across multiple Argos channels.”

Simon Brennan, VP Sales Europe at Engage Hub, added: “This accolade recognises the agility and trust that defines our partnership and collaboration with Sainsbury’s. Together, we’re redefining how customers interact with Argos – making every journey faster, smarter, and more personalised.”

– ENDS –

Engage Hub’s AI-driven contact centre automation solutions provided Sainsbury’s with the flexibility they required to deliver services that meet evolving customer needs, behaviours, and expectations. Get in touch to find out more.

Recent years have provided sobering reminders of what happens when transaction monitoring goes wrong. TD Bank's staggering $3 billion penalty for leaving 92% of transactions unmonitored and NatWest's £265 million fine for systematic failures in monitoring suspicious cash deposits demonstrate that even established institutions can make fundamental errors in their approach to transaction monitoring.

For mid-sized financial institutions across Australia, New Zealand, and the UK, these high-profile failures offer crucial lessons. The stakes are high – compliance costs continue to rise across the industry, yet an estimated $2 trillion in illicit transactions still flow through the global financial system annually.

We've identified five critical mistakes that continue to trip up financial institutions when implementing transaction monitoring systems. Here's what to watch out for – and how to avoid becoming the next cautionary tale.

Read the full post on Jade ThirdEye's blog.

AUSTRALIA'S LEADING REGTECH HELPS BANKS, FINTECHS, AND DIGITAL ASSET PROVIDERS ADAPT TO AUSTRAC’S 2026 AML/CTF CHANGES

Melbourne, Australia, 24 June 2025 – FrankieOne, the unified compliance platform trusted by global banks and fintechs, today announced the launch of its future-ready identity and fraud orchestration solution, just as sweeping changes to Australia’s anti-money laundering (AML) regime approach.

With AUSTRAC’s updated AML/CTF obligations taking effect from March 2026, including new customer due diligence (CDD), monitoring, and governance requirements, FrankieOne offers regulated businesses a powerful way to adapt at speed without rebuilding from scratch. This includes the ability to seamlessly conduct Enhanced Customer Due Diligence (ECDD) processes as compulsory for high-risk scenarios, ensuring businesses can gather additional information, verify or re-verify customer details, and perform more detailed transaction analysis to effectively manage complex ML/TF risks.

“The pace of regulatory change is accelerating, and patchwork systems won’t keep up,” said Simon Costello, CEO of FrankieOne. “FrankieOne offers a scalable foundation, not just a tool, enabling compliance teams to simplify operations, reduce risk, and future-proof their stack.”

One API. 350+ Vendors. Global Compliance Simplified.

FrankieOne’s platform connects to over 350+ trusted identity, fraud, and AML data sources across 190+ countries, all through a single API - eliminating the need to have multiple contracts and integrations with multiple vendors. Unlike siloed tools, the orchestration layer provides a single customer view of all identity and fraud decisions and signals with customisation across risk, region, and customer type, giving businesses a unified real-time view of onboarding, fraud signals, and ongoing monitoring.

This makes FrankieOne especially suited to meet AUSTRAC’s latest reforms, which call for:

• Risk-based CDD processes, with a clear mandate for robust Enhanced Customer Due Diligence (ECDD) to address higher-risk customer profiles and activities
  
• Enhanced oversight and governance
  
• Structured ongoing monitoring
  
• Improved reporting and auditability
  

Trusted by Industry Leaders

Leading organisations including Westpac, Shopify, and PointsBet are already leveraging FrankieOne to scale faster while ensuring robust compliance.

• Westpac partnered with FrankieOne to streamline customer verification, improving onboarding speed and pass rates across siloed, fragmented business units.
• Shopify deployed automated global KYB to meet local obligations across multiple jurisdictions.
• PointsBet implemented real-time fraud detection using device signals and behavioural analytics at onboarding.

“We experienced a substantial uplift in pass rates when we first went live, and the ease of integration has made FrankieOne our go to platform across the Westpac Group,” said Hayden Johnson, Westpac.

Key Platform Benefits

• Unified orchestration layer across identity, fraud, AML
• Vendor-agnostic architecture for flexibility and cost control
• Configurable workflows by region, product, or risk
• ISO 27001 & SOC 2 Type II certified infrastructure
• Built-in analytics and structured audit trails for local and global reporting (AUSTRAC, FATF, MAS, FINTRAC, FCA)

About FrankieOne

FrankieOne is a global RegTech platform providing a single API for identity verification, fraud prevention, and AML compliance. By connecting to over 350+ vendors and data sources through one orchestration layer, FrankieOne helps regulated businesses onboard customers faster, reduce fraud, and meet complex compliance obligations across jurisdictions.

Learn more at frankieone
Follow FrankieOne on LinkedIn