Chair of Risk Committee (SMF10) Appointments at FCA Firms

Chair of Risk Committee (SMF10) Appointments at FCA Firms

The Chair of the Risk Committee role at FCA-regulated firms has become one of the most demanding senior NED appointments in the UK regulated landscape. The SMF10 designation gives the role personal accountability under the Senior Managers and Certification Regime for the board’s oversight of the firm’s risk management framework. The combination of technical depth required, regulator engagement involved, and time commitment expected makes this a particular kind of board appointment with a narrower candidate pool than general NED roles.

This guide sets out how SMF10 Risk Committee Chair recruitment works at FCA-regulated firms — the role’s responsibilities, the candidate profile, the brief construction, and the approval process.

The SMF10 Role and What It Covers

The Risk Committee Chair leads the board’s oversight of the firm’s risk management framework. The role’s specific responsibilities vary across firm types but consistently cover four dimensions.

Oversight of the firm’s risk appetite and risk strategy. The Risk Committee Chair leads the board’s annual review of the firm’s risk appetite, the firm’s strategic positioning against that appetite, and the board’s approval of any material changes to either. At PRA-regulated firms this dimension is particularly important and engages directly with the regulator’s prudential framework.

Oversight of the Chief Risk Officer and the second-line risk function. The Risk Committee Chair works closely with the Chief Risk Officer (SMF4) on the operation of the firm’s risk management framework. This includes the Chair’s view on the CRO’s performance, the resourcing and capability of the risk function, and the second-line’s effectiveness across the firm.

Oversight of risk reporting to the board. The Risk Committee Chair leads the board’s engagement with risk reporting — what risks are reported, at what frequency, with what level of detail. The Chair’s role includes ensuring that risk reporting provides the board with the information needed to discharge its risk oversight responsibilities effectively.

Engagement with regulators on risk matters. At larger and more closely supervised firms the Risk Committee Chair engages directly with the lead supervisory team on risk-related matters. The Chair is often the primary board-level interface with the regulator on specific risk issues.

The SMCR framework formalises these responsibilities through the SMF10 designation, giving the Chair personal accountability for the discharge of these duties.

Why the Role Is Increasingly Demanding

Several trends have raised the demands of the Risk Committee Chair role over recent years.

Greater technical complexity across risk categories. Risk categories at regulated firms have multiplied in depth and complexity — credit risk, market risk, operational risk, conduct risk, financial crime risk, climate risk, technology and cyber risk, model risk, third-party risk. The Risk Committee Chair needs sufficient technical understanding across all these categories to discharge oversight effectively, even if not detailed expertise in each.

Tighter regulatory expectations under SMCR maturity. The personal accountability framework under SMCR has matured. Risk Committee Chairs are now held to clearer personal accountability standards than they were five years ago. The FCA and PRA approach senior individual accountability with greater consistency than during the regime’s early years.

Greater regulator focus on board-level risk oversight. Supervisory engagement at regulated firms now routinely includes assessment of how the board exercises risk oversight. The Risk Committee Chair is the primary individual accountable for this dimension. Firms with weak board-level risk oversight face more supervisory attention than firms with strong arrangements.

Increased time commitment. The combination of technical complexity, regulator engagement, and increased meeting frequency has raised the time commitment for Risk Committee Chair roles at larger regulated firms. At the largest firms the role can run to ninety or a hundred days per year.

The SMF10 Candidate Profile

The Risk Committee Chair candidate pool is narrower than for general NED roles. Three dimensions define what makes a strong SMF10 candidate.

Technical depth in regulated financial services risk. Strong SMF10 candidates typically have prior senior executive experience in risk-relevant roles at regulated firms — Chief Risk Officer, Chief Financial Officer with risk-adjacent responsibilities, or senior supervisory roles at the FCA, PRA, or comparable regulators. Candidates whose experience is purely commercial without risk-focused depth typically struggle to demonstrate competence for the SMF10 designation.

Prior NED or committee experience at relevant scale. Strong SMF10 candidates typically have prior Risk Committee experience at another regulated firm — sometimes as Chair, more often as a Committee member. Candidates moving directly from executive roles to first Risk Committee Chair appointment are possible but typically face more scrutiny during Form A assessment.

Capacity to engage with both technical detail and board-level strategic implications. The Risk Committee Chair has to operate at two levels simultaneously — engaging with the technical detail of specific risk issues with the CRO and risk function, and translating those issues into board-level discussions about strategy and risk appetite. Candidates who can move between technical depth and strategic abstraction perform well; candidates who are strong at one level but weak at the other typically struggle.

Brief Construction for SMF10 Appointments

The brief for an SMF10 appointment differs from general NED briefs in several important ways.

The brief should articulate the firm’s specific risk profile and the kind of risk leadership the firm needs at board level. A challenger bank scaling rapidly needs different Risk Committee Chair characteristics from an established wealth manager managing client outflow. A specialist insurer faces different risk dimensions from a generalist asset manager. The brief should be specific about the firm’s situation rather than generic.

The brief should describe the working relationship with the existing CRO and risk function. Strong Risk Committee Chairs work productively with the CRO; weak Chair-CRO relationships create dysfunction. The brief should describe the existing CRO’s working style and the Chair-CRO interaction the firm wants to build.

The brief should be realistic about regulatory engagement expectations. At larger firms the Risk Committee Chair is often the primary board-level contact for supervisory engagement on risk matters. Candidates who are willing and able to engage actively with supervisors typically perform better than candidates who prefer to delegate this dimension to the CRO.

The brief should address compensation and time commitment honestly. Risk Committee Chair fees at larger regulated firms now routinely command meaningful premium above standard NED fees, reflecting the time commitment and technical demands. Time commitment expectations should be clearly stated; misaligned expectations at the offer stage often produce difficult conversations later.

The Form A Application for SMF10

The Form A application for an SMF10 appointment requires particular attention to the technical competence dimension of the fitness and propriety assessment.

The application must demonstrate the candidate’s specific risk expertise. This typically includes prior CRO experience, prior CFO experience with risk-adjacent responsibilities, prior senior supervisory experience, or other evidence of meaningful engagement with the risk dimensions the role covers. The application should connect the candidate’s experience to the specific risk categories the firm faces.

The application must include the firm’s Statement of Responsibility for the SMF10 role, mapping the designation to the firm’s actual board structure and risk committee terms of reference. The Statement of Responsibility shapes the FCA’s view of what the candidate will be accountable for.

References should speak to the candidate’s specific capabilities in board-level risk oversight. Strong references typically come from former CEOs or Chairs at regulated firms, former regulators, and other figures with directly relevant senior governance experience.

At dual-regulated firms (banks and insurance firms with PRA authorisation alongside FCA authorisation), the application typically involves PRA engagement as well as FCA assessment. The dual-regulator process adds time and complexity to the approval timeline.

Compensation and Time Commitment

SMF10 compensation at FCA-regulated firms varies by firm size and complexity.

At large UK banks and major insurers, Risk Committee Chair fees typically run from £100,000 to £150,000 per annum on top of base NED fees. The largest dual-regulated firms pay at the upper end of this range, reflecting the technical demands and the regulator engagement involved.

At mid-sized regulated firms, Risk Committee Chair fees typically run from £50,000 to £100,000 per annum on top of base NED fees. The range depends on the firm’s complexity and the specific scope of the role.

At smaller FCA-authorised firms, Risk Committee Chair fees typically run from £25,000 to £60,000 per annum on top of base NED fees. Even at smaller firms the role is meaningful and commands clear premium above other NED roles.

Time commitment scales similarly. SMF10 roles at the largest dual-regulated firms can require ninety to a hundred days per year; at mid-sized firms typically sixty to ninety days; at smaller firms typically thirty to sixty days.

Common Patterns in Successful SMF10 Appointments

Several patterns recur in Risk Committee Chair appointments that deliver well over the medium term.

Strong working relationship with the CRO from the start. The most effective Risk Committee Chairs build productive working relationships with the firm’s CRO early in the appointment. They establish clear expectations about how the two roles will interact, what kinds of issues the Chair will escalate to board level, and what kinds of issues the CRO will handle within the executive line.

Active engagement with regulator expectations. The strongest Risk Committee Chairs stay actively engaged with the evolving regulatory framework — through professional development, peer networks with other senior risk leaders, and direct engagement with supervisory teams. Their understanding of regulator expectations remains current.

Investment in continuing technical development. Risk categories evolve rapidly. Climate risk, model risk, and cyber risk have all expanded their footprint in board-level risk oversight in recent years. The strongest Risk Committee Chairs continue investing in their own technical understanding across the evolving risk landscape.

Clear scope agreement with the Chair and CEO. The Risk Committee Chair operates within a wider board governance structure. Strong appointments involve early agreement with the Chair and CEO about how Risk Committee work integrates with broader board responsibilities and how risk issues that have strategic implications are managed across multiple committees.

What This Means for Boards and Candidates

Three implications follow for boards and candidates considering SMF10 appointments.

The Risk Committee Chair role at regulated firms is genuinely a senior technical NED appointment, not a structural board role. Boards that approach the appointment accordingly — with a properly constructed brief, careful candidate identification, and explicit attention to Chair-CRO matching — typically appoint stronger Risk Committee Chairs than boards that treat the appointment as routine NED hiring.

Candidates considering SMF10 roles should evaluate the firm’s risk profile and the existing CRO carefully. The role is materially different at different firms and under different CROs. Strong candidates typically do their own diligence on the firm’s risk landscape, the CRO’s working style, and the board’s current state before committing to the appointment.

The fee, time commitment, and technical demand combination is part of the conversation from the start. Candidates and firms that align expectations at the brief stage typically deliver better appointments than those that defer the conversation to the offer stage or after appointment.

Adrian Lawrence

Adrian Lawrence FCA is the founder of Exec Capital. He is a Chartered Accountant and holds an ICAEW practising certificate in his own name with over 25 years’ experience operating at C-suite level, Adrian brings direct executive experience to senior search. His background spans private equity-backed businesses, owner-managed companies, and listed environments, giving Exec Capital a practitioner’s understanding of what leadership hires actually require.