People Compliance | Streamline Compliance Today — RegTechPRO

The Governance Problem

SM&CR is per-person regulation. Word docs don’t scale to people.

SM&CR is the regime where the workload scales with headcount. Word documents, SharePoint folders and inbox threads cannot evidence it at regulator grade.

The Annual SM&CR Scramble

Statements of Responsibilities re-drafted in Word every year. Prescribed Responsibilities allocated by email. SMF16 sign-offs chased by text. A fresh consultant invoice arriving every spring. The FCA expects structured, queryable evidence. You have file names.

SoR_SMF16_FINAL_v7.docx

PR_allocation_2026.xlsx

SMF_picks_latest.docx

F&P Renewals Every March

Every Approved Person gets annually re-assessed as Fit & Proper. A 55-question FCA Form A Section 5 questionnaire (criminal, civil, business, regulatory, other matters) re-authored from scratch every year in Word, printed, signed, scanned, filed. Certificate of Competence? A countersigned Word doc in a shared drive.

SoR drafting (per SMF) Re-authored in Word

SM&CR consultancy Annual retainer

Per-person tracker Spreadsheet

No Conduct Rules Breach Register

COCON requires breaches of the Individual Conduct Rules to be logged, investigated, and notified to the FCA. Most firms log them in an inbox. Annual Certification refreshes without a Conduct Training record. The FCA asks "show me your Conduct Rules breach register". A Slack thread isn't an answer.

0 logged

Conduct Rule breaches on file.

CPD Tracked in Someone's Inbox

The FCA recommends 35 CPD hours per regulated individual per year: structured and unstructured, with dated evidence. Most firms track it in an Excel sheet someone updates in December. No live totals, no donut, no year-end export, no anniversary alert.

Total CPD hours: ?

Structured / Unstructured: ?

Target: 35 hours (FCA), tracked ?

If SM&CR currently lives in Word docs, consultant invoices and anniversary-date panic, People Compliance is for you.

The People Compliance Edge

Three ideas that separate a regime-native people record
from a generic HR tracker.

Most SM&CR tools bolt a “regime” dropdown onto a person record. People Compliance models the UK regulated-persons regime correctly: six distinct editor shapes, the FCA’s own Form A as live data, and per-person access control across 1,102 Hub templates.

Step 1

Onboard

Add each person, assign their regime type, capture SMF codes or CF functions

Step 2

Certify

Run the 55-question F&P assessment, issue the annual Certificate of Competence PDF

Step 3

Review

Annual CPD review vs FCA 35-hour benchmark, Statement of Responsibilities updated

Six distinct editor shapes, not a generic person record with a regime dropdown bolted on. No other UK compliance platform models the full regulated-persons framework as discrete record types at this price point.

Six regime-native record shapes.

SMF, Certification Regime, Non-Exec Director, APER Approved Person, IDD Staff and Other Staff. Each with the structured fields its regime demands and nothing more. A 6-tab SMF editor with a 4-sub-tab Statement of Responsibilities. A 6-tab CR editor that swaps SoR for an annual Certificate of Competence. A 5-tab APER with Controlled Functions register. The platform’s deepest record-type discrimination, because SMF and CF really are different regimes. Part of a three-module triangle: Firm Compliance models what the firm is authorised to do, People Compliance models who does it under which regime, CMP models the work they perform. The CMP Form Access Control tab is the seam.

SUP 10C · SYSC 4.5 · Three-module triangle

The FCA’s Form A, as live data.

A 55-question FCA Form A Section 5 Fitness & Propriety capture, modelled as a 5-node wizard with a live RAG disclosure summary: Green (all ‘No’), Amber (has ‘Yes’ requiring review), Red (incomplete). Assessment Schedule, Next Assessment Due, Create Reminder Task, Export F&P Certificate. A regulator form rendered as structured state, not a Word template.

FIT 2.1 · 2.2 · 2.3 · 55 questions live

Annual certificate. Per-form access.

Every certified person gets a 12-month-validity Certificate of Competence PDF: dated, expiry-tracked, regulator-ready, auto-driving the next-assessment reminder. Every person carries a per-template ACL across the full CMP library of 1,102 templates. Enterprise-grade access governance, shipped as standard. Every SMF, every CF, on the record.

12-month validity · 62-form ACL

What's Included

Every UK regulated-persons regime. One flat price.

SMF, Certification, NED, APER, IDD, Other Staff. SoRs with 31 firm-type-banded Prescribed Responsibilities. 55-question FCA Form A Section 5 F&P wizard. 9-document DD pack with SYSC 22 Regulatory References. Annual Certificate of Competence PDF. CPD tracked against the FCA’s 35-hour benchmark. Per-person access control across all 1,102 CMP templates. Concierge 24-hour user provisioning. Unlimited headcount, with no per-seat meter as the firm grows.

Flagship

Six person editors. Not one form with a dropdown.

One person record, regime-shaped. Each person type carries only the structured fields its regime demands. Nothing extra. Nothing generic. This is the structural discipline that separates regime-native software from a person database with "SM&CR" pasted on top. Every SMF, every CF, on the record.

Person editor shapes6 types

✓ SM&CR – Senior Manager (SMF) · 6-tab

✓ SM&CR – Certification Regime · 6-tab

✓ SM&CR – Non-Exec Director · 6-tab

✓ APER – Approved Person · 5-tab

✓ IDD Staff Member · 3-tab

✓ Other Staff Member · 3-tab

222 structured fields per SMF record

Structured

222 fields

Anna pre-allocated 6 PRs

SMF Register

8 Senior Management Functions. UK Core & Enhanced banded.

SMF1, SMF2, SMF3, SMF9, SMF16, SMF17, SMF27, SMF29. Each selectable with inline UK Core and Enhanced overlay, effective date per function, linked to Statement of Responsibilities. Show SMF evidence in seconds, not weeks.

SMF registerUK Core

Code	Function	Core
SMF1	Chief executive	✓
SMF2	Chief finance	✓
SMF3	Executive director	✓
SMF9	Chair of governing body	−
SMF16	Compliance oversight	✓
SMF17	MLRO	✓
SMF27	Partner	−
SMF29	Limited scope	✓

SMFs

Prescribed Responsibilities

SoR sub-tabs

Structural faithfulness: the SMF editor gives SMFs what SMFs need. UK Core and Enhanced overlay, per-function effective dates, linked SoR with sub-tabs. Certification Persons don’t see SMF fields. APER doesn’t get a SoR (it predates SoR). Each regime gets its own shape.

✓ Per-SMF effective dates with joiner and leaver timeline intact

✓ SoR auto-composes from Prescribed Responsibilities + Other

✓ 7 pre-populated Other Responsibilities, encoding 25 years of FCA experience as defaults

✓ Annual F&P reassessment scheduled as a CMP task

Linked to SoR

Prescribed Responsibilities

31 PRs. Firm-type-banded.

The FCA's flat lettered list (a)–(z), (aa)–(dd) re-organised into four firm-type applicability bands. A small firm holder sees (a)–(e) plus (aa)–(dd), not (f)–(u). Sharing, Applies? and Shared-With columns sit inline with SYSC refs. The structural choice most SM&CR tools miss.

PR applicability bands31 total

All firms

Non-small

Small only

Specific

Applies? Y/N Shared? Y/N Shared with SYSC refs inline

Small firm: (a)–(e) + (aa)–(dd)

Fit & Proper Assessment

FCA Form A Section 5. Live-captured.

A 5-node wizard across Criminal, Civil, Business, Regulatory and Other Matters. 54 structured Y/N questions plus Date of CRC equals 55 completion items. Each section's Yes answers raise an Amber disclosure into the RAG summary. The FCA expects annual fit-and-proper. We've got you covered.

F&P wizard – Anna-drafted55 items

Section	Ref	Qs
Criminal Proceedings	5.01	6
Civil Proceedings	5.02	21
Business & Employment	5.03	7
Regulatory Matters	5.04	17
Other Matters	5.05	3 + CRC

✓ Clear ⚠ Review ✓ Clear ✓ Clear ✓ Clear

1 Amber disclosure

Certification Regime

8 Cert Functions. Per-function effective dates.

CASS Oversight, Proprietary Trader, Significant Management, Client Dealing, Qualification-required, Managers of Certification Employees, Material Risk Takers and Algorithmic Trading. Each with its own SYSC 27.8 anchor and per-function effective dates. SM&CR, proved.

SYSC 27.8 anchors8 CFs

SYSC 27.8.1R SYSC 27.8.3R SYSC 27.8.4R SYSC 27.8.18R +4 more

Per-function dates

Certificate of Competence

12-month validity. Regulator-ready PDF.

A data-driven one-page A4 Certificate with Issue Date + auto-calculated Expiry Date, Certification Functions bullet-listed, and the 12-month validity baked into the body. Pair with the F&P Assessment Schedule for annual-cycle autopilot.

CertificateAttested

Month validity

PDF

Auto-generated

Expiry auto-calculated

Conduct Rules Training

Pass / Fail. Dated. On the record.

The SM&CR Conduct Rules training obligation captured on the CR Certificate tab. Date of Training plus a binary Pass/Fail result, stamped against the person record. Structured for audit, not a Word doc attached to an email. Audit-ready the moment the regulator calls.

Training logAudit-ready

A. Brending · Mar 2026Pass

J. Okafor · Mar 2026Pass

R. Shah · Apr 2026Pass

CPD reminder queued

APER Approved Persons

16 Controlled Functions. Full legacy support.

CF1–CF6, CF8, CF10, CF10a, CF11, CF12, CF12a, CF12b, CF28, CF29, CF30, spanning Significant-Influence and Customer-Facing CFs. APER firms keep first-class support with no forced upgrade to SM&CR shape. Every legacy approval stays on the record.

Controlled function list16 CFs

CF1 Director CF10 Compliance Oversight CF11 MLRO CF30 Customer +12 more

No forced upgrade

CPD Tracking

35-hour FCA benchmark. Live donut.

Structured vs Unstructured hours live-driven from the Activities Log. Editable annual target with the FCA guidance anchor built in: "FCA typically recommends 35 hours annual CPD for regulated individuals."

CPD progress – annual93% of 35h

Structured 21h · Unstructured 11.5h

32.5

Total hrs

Structured

11.5

Unstructured

93%

Of target

Annual Target (FCA benchmark)

2.5h to target

Due Diligence Pack

9 canonical documents. 8 mandatory.

DBS, Employment References ×2, Regulatory References, Credit Check, CV, ID and Proof of Address. 3-state status (Received / Requested / Not Required) with file uploads and the DD Complete % rolling up to the module KPI tile.

DD pack – 9 documents89% complete

DD Complete

89%

8 of 9 received

Regulatory References

SYSC 22 ready. Evidenced.

Regulatory References captured inside the DD pack: structured, uploaded, status-tracked. The SYSC 22 six-year retention obligation stops being a filing task and becomes a queryable record. Prior-employer Known Concerns logged against the person, every time.

Reference trackerSYSC 22

Prior employer AReceived

Prior employer BRequested

6-year retention

Onboarding

Concierge provisioning. 24-hour SLA.

"User requires account access" opens a 4-step gated workflow with required-modules multi-select and a 24-hour account-creation SLA. Admin-reviewed, not self-service. The governance surface the FCA expects, priced flat.

Onboarding timeline4 steps

✓ Toggle: account access required

✓ Required-modules multi-select

✓ Admin review gate

○ Account creation within 24h SLA

Admin-reviewed

CMP Form Access Control

1,102 templates × every person. Individual-level ACL.

An enterprise-grade access-control grid over the full CMP template library: Register Modules, Data Protection, Financial Crime, FCA General, FCA Specialist and Compliance Reports. Grant All, Revoke All, per-template toggle. The FCA-expected governance surface for regulated-people access to compliance records.

ACL grid, 6 categories1,098/1,102

Templates enabled

1,098 / 1,102

Per-form toggle

Conduct Rule Breaches

COCON-ready breach register.

Conduct Rule breaches logged, investigated and notified to the FCA through the CMP's Breach Register. Cross-linked to the person record, auditable by date, status and outcome. Weak-challenge findings caught before the regulator does.

Breach registerCOCON

B. Hartman · 08 FebUnder review

C. Norris · 21 MarClosed

Cross-linked to person

Cross-module Triangle

Firm Compliance models what. People Compliance models who. CMP models the work.

The three modules form a people-organisation-and-work operating system for regulated firms. The CMP Form Access Control tab is the architectural seam tying every person to the specific templates they're allowed to operate: the access-control surface the FCA expects to see in a mid-sized regulated firm. Your annual SM&CR cycle stops being a scramble and becomes a sign-off.

Operating triangle3 modules

What

Firm Compliance

Who

People Compliance

Work

CMP

Annual cycle

Sign-off, not scramble

Architectural seam

See People Compliance in your firm

From £500/month

Anna AI for People Compliance

Ask her SM&CR questions. Let her run the annual people-compliance cycle.

Anna is trained on SUP 10C, SYSC 4.5/4.7, FIT 2.1–2.3, FCA Form A Section 5, SYSC 6.1/6.2/7.1/19D, SYSC 27.8 Certification rules, APER Principles and COCON. She answers any SM&CR, APER, F&P, CPD or Conduct Rules question your team throws at her, cited and handbook-grounded — and orchestrates the workflow underneath: whose Fit & Proper is due, who’s short of the 35-hour CPD benchmark, which Certified Person needs an annual Certificate signed, what the next action is.

SM&CR EXPERT · ANNUAL-CYCLE WORKFLOW MANAGER

Your SM&CR regulatory research desk and annual-cycle workflow manager, in one.

Anna does two things for People Compliance. First, she's on call to answer any SM&CR, APER, F&P, CPD or Conduct Rules question your team asks, citing SUP 10C, SYSC, FIT, SYSC 27.8, COCON and the FCA Form A notes. Second, she runs the workflow underneath your regulated-people register — surfacing whose F&P is due, who's short of the 35-hour CPD benchmark, which Certified Person needs an annual Certificate signed and what the next action is, so the annual cycle never drifts.

Answers SM&CR, APER, FIT, COCON & SYSC 27.8 queries with rule-level citations
Surfaces F&P, Certification & CPD anniversaries before they slip
Flags every regulated person whose evidence is incomplete — with the next action
Never attests or certifies for you; human accountability stays on the SMF

Your SM&CR research desk

Ask Anna anything about SM&CR. Get a cited answer.

“Which Prescribed Responsibilities apply to a small UK Core firm?” “Does CF30 survive into SM&CR or is it legacy APER only?” “What has to go on the F&P Form A Section 5.05 Other Matters tab?” Anna answers from SUP 10C, SYSC, FIT, SYSC 27.8 Certification rules, COCON and the FCA Form A notes. In seconds, with citations.

SUP 10C, SYSC, FIT, SYSC 27.8 & COCON grounded
Cites rules, paragraphs & your own person records
Reads the 222-field SMF record live
Available across every People Compliance tab

Anna AI

Online · AI Compliance Advisor

Which Prescribed Responsibilities must my SMF16 hold in a UK Core small firm?

For a UK Core small firm (≤£250m gross assets), SMF16 typically carries:

(b) Compliance: responsibility for the firm's performance of its obligations under the Compliance Sourcebook (SYSC 6.1)
(b-1) Conduct Rules training: SYSC 4.2.1R training & reporting
(k) Independence of compliance function: SYSC 6.1 safeguards
(cc) Small-firm PR: only applies to firms ≤£250m gross assets

On Ali Brending's record I've pre-ticked (b), (b-1) and (cc); (k) is marked Shared with SMF1 as per your current SoR. Review the four highlighted rows on the Prescribed Responsibilities tab.

Drawn from: SYSC 6.1 · SUP 10C · Ali Brending's person record

Ask Anna anything about SM&CR, APER or F&P…

→

Your SM&CR expert, on-screen. Backed by 1,500+ expert documents.

She drafts F&P questionnaire narratives and SoR text from the live person record, suggests Prescribed Responsibility allocations by firm-type band, and answers any SM&CR, APER, FIT, COCON or SYSC 27.8 question your team asks. See her work on a live SMF record.

Book a live demo See everything Anna produces

FAQs

People Compliance. Questions Answered.

Everything you need to know about SM&CR, APER, Fit & Proper, Certification, CPD and how Anna sits inside your annual people-compliance cycle.

How does the Statement of Responsibilities tab work?

The SoR tab opens a 4-sub-tab strip matching the FCA's SoR template. Details captures Sections 1, 2 and 3.1 (IRN, NI number, FRN, contact details, effective date and the per-SMF register, pulled automatically from the Details tab, never re-typed). Prescribed Responsibilities presents all 31 PRs organised by firm-type applicability band: (a)–(e) for all firms, (f)–(u) for non-small, (aa)–(dd) small-only, (v)–(z) for specific firm types, with Applies?, Shared? and Shared With columns. Overall Responsibility ships 8 pre-populated example rows (Payments, Investment Mgmt, Wholesale, Retail, Compliance, Risk, IT, HR). Other Responsibilities ships 7 pre-populated default rows that a Head of Compliance can tick Apply/Shared against rather than drafting from blank.

Is the Fit & Proper assessment really FCA Form A Section 5?

Yes, verbatim. The assessment captures FCA Form A Section 5 across five sub-sections: 5.01 Criminal Proceedings (6 Qs), 5.02 Civil Proceedings (21 Qs including 5.02.6a–f, 5.02.10a–c sub-question chains), 5.03 Business & Employment (7 Qs), 5.04 Regulatory Matters (17 Qs), and 5.05 Other Matters (3 Qs + Date of Criminal Records Check per SUP 10C.10). 54 structured Y/N questions plus the CRC date equals 55 completion items. Each Yes answer raises a disclosure that flows to the 5-box RAG Declaration Summary and the Assessment Schedule, with a one-click Export F&P Certificate PDF at the foot of the tab.

Can I edit the Statement of Responsibilities before the FCA sees it?

Yes. Every field is editable, and the 7 pre-populated Other Responsibilities plus 8 Overall Responsibility examples are intended as starting rows, not fixed. Tick Apply/Shared/Shared-With against the ones that match, edit the text where you need to, add your own bespoke rows (up to 10 per register). When you save, the SoR dataset powers both the platform record and any FCA submission. The platform never submits to Connect on your behalf; accountability stays with the named SMF.

How often does F&P need refreshing?

Annually, as FIT 2.1–2.3 expects for Approved Persons, plus on any material change (new role, significant life event, new Yes disclosure). The F&P Assessment Schedule on the tab captures Date of Assessment, Next Assessment Due and a one-click Create Reminder Task that chains forward into CMP, so the anniversary becomes a tracked task, not a diary note. The 55 answers persist year-on-year, so a refresh is a review of the previous year's answers, not a blank-page re-author.

Which regimes does People Compliance cover?

Six person-type editor shapes modelling the full UK regulated-persons framework: (1) SM&CR Senior Manager (SMF), a 6-tab editor with full SoR; (2) SM&CR Certification Regime (CR), 6 tabs with Certificate of Competence replacing SoR; (3) SM&CR Non-Exec Director, 6 tabs; (4) APER Approved Person, 5 tabs with 16-CF register, no SoR (APER predates SM&CR); (5) IDD Staff Member, 3 tabs, no F&P, no CPD; (6) Other Staff Member, 3 tabs for conduct-rules-only individuals. Each record type carries only the structured fields its regime demands, not one generic form with a regime dropdown.

What's on the Certification Regime tab?

Two panels. Certificate of Competence with Issue Date, auto-calculated +12-month Expiry Date and Generate Certificate PDF. The PDF is a one-page A4 regulator-ready artefact built with PDFLib: blue header banner, person name at 28pt, job title in italic, certification statement, bullet-listed Certification Functions with SYSC 27.8 references (CASS Oversight, Proprietary Trader, Significant Management, Client Dealing, Functions requiring qualifications, Managers of certification employees, Material risk takers, Algorithmic trading), and the 12-month validity baked into the body. Conduct Risk Training panel captures Date of Training and Pass/Fail result: the SM&CR Conduct Rules training obligation, structured for audit.

How are Prescribed Responsibilities categorised?

This is the module's reference-worthy structural choice. The FCA's flat lettered list of 31 Prescribed Responsibilities is re-organised into four firm-type applicability bands: Applicable to all firms (6 items: a, b, b-1, c, d, e); Applicable to all firms except small firms (16 items: f–u); Applicable to small firms only ≤£250m gross assets (4 items: aa–dd); Applicable to specific types of firm (5 items: v–z, each with a conditional trigger clause like "If the firm carries out proprietary trading..."). A UK Core small firm holder sees (a)–(e) + (aa)–(dd); a larger firm sees (a)–(u); a ring-fenced body or CASS firm additionally sees the relevant specifics. Per-row columns: Applies? Y/N, Shared? Y/N, Shared With.

What does the Due Diligence tab capture?

A 9-document canonical people-DD pack (8 mandatory, 1 optional): DBS/Criminal Records Check, Employment Reference 1, Employment Reference 2, Regulatory References, Credit Check, CV / Employment History, ID Verification, Proof of Address, and Form A (FCA Application with SoR). Each row has a 3-state Status dropdown (Received / Requested / Not Required), file upload, filename chip + download/delete icons. Completion percentage rolls up to the module-level DD Complete KPI tile. Files are stored via a dedicated Google Drive upload endpoint and cross-posted to the firm's Document Library, so one DD upload surfaces in two places without re-uploading.

How does the CMP Form Access Control work?

Per-person, per-template ACL over the full CMP library. 1,102 expert review templates organised into the same 6 categories CMP uses (Register Modules, Data Protection, Financial Crime, FCA General, FCA Specialist, Compliance Reports). Each template is a toggle; top-right actions are Grant All, Revoke All, Refresh. A Compliance Administrator can be granted Register and Data Protection templates but denied MLRO Report. A SMF16 can be granted all 1,102. The individual-level permission model is what the FCA expects to see governing regulated-people access to compliance records, and one of the module's strongest enterprise features.

How much does People Compliance cost?

From £500/month. Unlimited people. One flat line for the full SM&CR regulated-persons framework, no per-seat meter. See regtechpro.co.uk/pricing for the modular calculator.

Do I need other RegTechPRO modules to use this?

People Compliance is an add-on to a RegTechPRO subscription. It sits inside the platform so the CMP Form Access Control tab can operate over the CMP's template library, DD documents auto-cross-post to Document Library, F&P Create Reminder Task chains into CMP tasks and CPD data writes to Google Sheets for year-end export. The base subscription includes the Core modules you need to make People Compliance function end-to-end.

How long does setup take?

Under a day for a small firm. The module ships pre-seeded with the full 31-item Prescribed Responsibility taxonomy (firm-type banded), the 8 SMF codes with UK Core/Enhanced overlay, the 8 Certification Functions with SYSC 27.8 references, the 16 APER Controlled Function codes, the 7 pre-populated Other Responsibilities and 8 Overall Responsibility examples, the 55-item FCA Form A Section 5 F&P schema and the 9-document DD pack. You add your people, pick their regime, tick the applicable SMFs/CFs, and you're live. No migration project, no "framework design" consultancy.

We still have legacy APER-approved individuals. Are they supported?

Yes. That's explicit design. APER was replaced by SM&CR on 9 December 2019 for solo-regulated firms, but legacy APER approvals continue on the record for individuals who held them. The APER editor is a 5-tab shape (no SoR, because APER predates it) with a Controlled Functions register covering the full 16-CF taxonomy (CF1–CF6, CF8, CF10, CF10a, CF11, CF12, CF12a, CF12b, CF28, CF29, CF30), spanning Significant-Influence and Customer-Facing CFs. No forced upgrade to an SM&CR shape: APER stays APER, SM&CR stays SM&CR. Both sit on the same person register.

Does Anna ever attest or certify on my behalf?

No. Anna synthesises and drafts; she never attests and never certifies. The design principle is deliberate: human accountability stays with the named SMF. She'll draft F&P narrative text, suggest PR allocations by firm-type band, and pre-fill SoR Sections 3.1 from your SMF picks, but the Yes/No on a F&P disclosure, the Applies? on a Prescribed Responsibility, and the signature on a Certificate of Competence remain yours. This is the supervisory-grade division of labour the FCA expects, aligned with the SM&CR reasonable-steps and Duty of Responsibility framework.

What does Anna actually quote when she cites?

SUP 10C (notification & SoR rules), SYSC 4.5 / 4.7 (SoR requirements), SYSC 6.1 (compliance function), SYSC 6.2 (internal audit), SYSC 7.1.21R / 7.1.22R (risk function), SYSC 19D (remuneration), SYSC 27.8 (Certification Regime rules, individual clauses 27.8.1R, 27.8.3R, 27.8.4R, 27.8.10, 27.8.13, 27.8.14, 27.8.18R, 27.8.23), FIT 2.1/2.2/2.3 (fitness & propriety tests), COCON (Conduct Rules), FCA Form A notes, SUP 10C.10 & Police Act 1997 Part V (CRC requirements) and APER Principles for legacy records. She also cites the person record: "on Ali Brending's record, (k) is currently ticked Shared with SMF1". Every claim is grounded in the handbook and in your data.

What audit trail does the FCA actually see?

Every one of the 222 fields per SMF record is individually stored and queryable. So the register answers cross-person questions like "show me every person holding PR (k) Shared With [Name]" directly. F&P answers carry timestamps; the 5-box RAG Declaration Summary rolls them into a single-view summary; the Assessment Schedule has Date, Next Due and Reminder Task. DD documents have dated Received/Requested status and stored filenames. Certificates of Competence carry Issue and Expiry dates baked into the PDF body. The unsaved-changes guard prevents accidental data loss mid-edit. A supervisor asking "show me the complete regulatory history for this SMF" gets a structured answer from one record.

How does CPD tracking work and can it be exported for year-end returns?

The CPD tab carries a 4-tile bento (Total CPD Hours with % of target donut, Structured, Unstructured, Activities count), an editable Annual Target (defaulted to 35, matching the FCA's guidance "FCA typically recommends 35 hours annual CPD for regulated individuals"), a CPD Hours Breakdown donut split Structured/Unstructured, and an inline-editable Activities Log (Activity Name, Type, Hours, Date, Comments). Data is written to a dedicated Google Sheets endpoint via Apps Script, so year-end CPD returns export cleanly to Excel. The donut is live-driven; drop a row in the Activities Log and the donut updates.

Annual SM&CR certification,in an afternoon.