CEO of a Cryptoasset Firm: SMF1, Personal Accountability and the New Leadership Profile

Under the incoming FSMA regime, the chief executive of a UK cryptoasset firm holds office by individual FCA approval as SMF1 — personally accountable, individually assessed, and interviewed on the business they lead. For a sector of founder-CEOs who have never faced an approved persons regime, this is the most personal change authorisation brings. This guide covers the SMF1 role at a crypto firm, the founder-or-hire decision, the approval process, and what the market now pays for approvable chief executives.

Every regulatory regime has a point of maximum concentration — the place where the whole framework converges on a single individual. In the Senior Managers and Certification Regime, that point is SMF1. The chief executive function is defined as the person with responsibility, under the immediate authority of the governing body, for the conduct of the whole of the business. When UK cryptoasset firms come within SMCR at authorisation — applications from 30 September 2026, regime start expected 25 October 2027 — the sector’s chief executives will, for the first time, hold their roles by individual FCA approval, carry a Statement of Responsibilities covering the entire firm, and stand personally behind the business when the regulator has questions.

For most of the sector’s current leaders, nothing in their careers has prepared them for this specific scrutiny. Crypto CEOs are predominantly founders: technically brilliant, commercially proven, and entirely unassessed by any regulator beyond, at most, an MLR registration in which the FCA examined their MLRO rather than them. The FSMA gateway reverses the exposure. This guide is written for those founders, for the boards deciding who should lead the firm through authorisation, and for the executives from regulated finance now weighing a move into the sector.

What SMF1 actually means

Three features define the function, and each lands with particular force in a crypto context.

Whole-firm accountability

The SMF1’s Statement of Responsibilities is the broadest in the firm: overall responsibility for the conduct of the business, plus whatever prescribed responsibilities the firm allocates to the chief executive. Under the duty of responsibility, where the firm breaches a regulatory requirement, the FCA can act against the senior manager responsible for the relevant area unless they can show they took reasonable steps — and for the chief executive, the “relevant area” defence narrows, because so much of the firm is their area. The practical consequence is evidential: an SMF1 protects themselves through documented governance — minuted decisions, management information genuinely reviewed, escalations acted on, resources allocated when the control functions asked. The informal operating style of a typical crypto scale-up is, from an SMF1’s perspective, an unhedged personal exposure.

Individual approval

The FCA assesses every SMF1 candidate for fitness and propriety across three limbs: honesty, integrity and reputation; competence and capability for this function at this firm; and financial soundness. The assessment draws on the application, regulatory references covering the previous six years, criminal and financial checks, and — for a first-time sector whose business models the FCA is still calibrating — very frequently an interview. Approval is specific to the function and the firm: an executive approved as SMF1 at a payments firm is not automatically approvable at a cryptoasset exchange, though the history helps considerably.

Conduct obligations

Beyond the general conduct rules, senior managers carry additional obligations — among them taking reasonable steps to ensure the business for which they are responsible is controlled effectively, complies with the regulatory system, and that any delegation is to an appropriate person with effective oversight. For a CEO, these rules convert delegation from a management preference into a regulated discipline: the SMF1 who hands custody operations to a lieutenant remains accountable for having chosen well and supervised properly.

The founder question: stand for approval, or hire

The defining leadership decision of the sector’s authorisation era, and the one we are asked about most. There is no universal answer, but there is a rigorous way to reach one.

The case for the founder standing

The FCA approves individuals for functions; it does not require a CV from regulated finance. A founder who deeply understands the business, has run it without regulatory incident, and can demonstrate competence for the function — including honest fluency about the regulatory framework the firm is entering — is approvable, and founders are approved across regulated financial services routinely. Continuity has real value: investors back founders, customers know them, and an application led by the person who built the business has an authenticity case officers recognise. The approvability gap, where it exists, is usually specific and addressable: governance experience, regulatory literacy, and the evidential habits described above — all buildable in twelve months with a strong chair, a serious SMF16/17 bench, and deliberate preparation.

The case for hiring

Some gaps are not buildable on the timeline. A founder whose history includes matters that fail the honesty-integrity-reputation limb; whose competence case rests entirely on technology rather than running a controlled business; or who — the common, quieter case — simply does not want the personal exposure, the documentation discipline and the regulator-facing role, is better served by a hired chief executive. The market pattern is now well established: sandbox-generation stablecoin issuers and authorisation-track firms are visibly led by executives from payments, banking and market infrastructure, because those profiles compress approval risk and read instantly to the FCA. The founder typically moves to an executive chair, president or chief product seat — retaining the vision role, shedding the SMF1 exposure — an arrangement that, structured well, strengthens rather than dilutes the application.

The middle paths

Two hybrid structures recur in our mandates. The interim authorisation CEO: an experienced regulated-firm chief executive engaged for the application period — the FCA process is a defined project with a defined end — handing to the founder or a permanent hire after the grant, having built the governance record on the way through; see our interim CEO practice. And the reinforced founder: the founder stands for SMF1, flanked deliberately — an independent chair with regulatory standing, experienced SMF3 executive directors, and a first-class compliance bench recruited early through our sister brand’s cryptoasset compliance practice — so the FCA assesses a credible individual within a credible structure rather than a founder alone.

Surviving the assessment: how SMF1 candidates prepare

From our placement debriefs across regulated gateways, SMF1 preparation divides into the file and the interview.

The file. Candour governs everything. The application discloses employment history, directorships, and anything adverse — regulatory, criminal, civil, financial. The FCA’s tolerance for disclosed-and-explained history is far higher than for discovered omission, and its verification is thorough: companies dissolved with debts, historical litigation, and previous regulatory interactions all surface. Crypto founders should audit their own history early — including the corporate archaeology of earlier ventures — so the narrative is theirs to tell. Regulatory references need lead time; founders whose six-year history sits in unregulated firms will have thin reference files, which shifts weight onto the interview.

The interview. The FCA interviews SMF1 candidates on the firm as filed: its business model, its money flows, its highest risks, its financial position, its governance. Three failure modes dominate. Delegating the answers — the CEO who defers regulatory questions to “my compliance team” fails the competence limb in real time; the SMF1 need not be a compliance technician, but must own the framework’s substance. Underweighting accountability — a crisp, unflinching answer to “what happens to you personally if this fails” reassures, because it shows the candidate understands the regime they are entering. And overselling — claimed resources, headcount and controls are cross-checked against the application, and inflation is corrosive. Preparation that works: full command of the application as submitted, mock interviews with someone who has sat these sessions, and scenario rehearsal on the firm’s three ugliest risks. We build this into SMF-carrying placements as standard.

The new CEO profile: what firms are hiring for

Where the decision is to hire, the specification has converged across our digital asset mandates into a recognisable profile. Regulated-firm leadership — payments, e-money, banking, market infrastructure — sits at the core, ideally including a gateway: executives who have taken a firm through FCA authorisation carry pattern recognition nothing else replaces. Digital asset credibility comes next, and it must be real: candidates face technically fluent founders, boards and customers, and tourist-grade crypto knowledge is exposed quickly. Capital markets standing matters for the funded firms — the CEO fronts institutional investors for whom regulated-calibre leadership is now a condition of the cheque. And the personal disposition matters most of all: the appetite to hold SMF1 exposure at a firm whose sector the regulator watches hardest, priced honestly rather than discovered late.

Compensation reflects the convergence of scarcity and risk. In our current London placement work, chief executives at authorisation-stage cryptoasset firms typically command £180,000–£300,000 base plus meaningful equity, with scaled exchanges and established issuers well above that range; interim authorisation-CEO day rates carry a regulated-sector premium; and the negotiation now routinely covers deed-of-indemnity terms, directors’ and officers’ cover limits, and the resourcing commitments — particularly the SMF16/17 bench — the candidate requires as a condition of standing. Candidates conduct reverse due diligence on the firm’s supervisory history and governance record before accepting; the strongest treat the quality of the compliance function as a personal risk decision, which it is.

The SMF1’s first hundred days

For an executive taking the chief executive seat at an authorisation-track crypto firm — and for the board inducting them — the opening quarter has a recognisable best-practice shape, whether the individual is a hired CEO or a founder formalising into the role.

Weeks one to four: establish the accountability baseline. A personal review of everything the SMF1 will be answerable for: the draft Statement of Responsibilities against operational reality; the firm’s regulatory history — every FCA interaction, registration correspondence and near-miss — read in full; the financial position and runway against the authorisation project cost; and a first-hand assessment of the control functions, because the SMF16/17 bench is the CEO’s own risk mitigation. Incoming CEOs who skip this archaeology inherit surprises at interview; the FCA will know the firm’s history whether or not its new chief executive does.

Weeks five to eight: install the reasonable-steps machinery. The governance disciplines the duty of responsibility assumes, built deliberately: a board and executive meeting rhythm that minutes decisions and dissent; a management information pack the CEO genuinely interrogates monthly; delegation documented with named owners and reporting lines; escalation routes that leave a trail. This is the period in which an informal scale-up becomes an evidentially defensible firm — and it cannot be retrofitted later.

Weeks nine to fourteen: own the application narrative. The regulatory business plan reviewed line by line until the CEO can defend every claim in it; the perimeter analysis and financial projections understood rather than delegated; the firm’s three ugliest risks rehearsed to interview standard; and the external relationships — auditors, banking partners, key counterparties — met personally, because case officers triangulate. By day one hundred the SMF1 should be the application’s most fluent advocate, which is precisely what the FCA interview tests.

Founder-to-chair transitions that work

Where the decision is to hire a chief executive, the founder’s own landing determines whether the structure succeeds — and the failure mode is well known across regulated and non-regulated businesses alike: the founder who nominally steps up to chair while continuing to run the firm through back channels, leaving an approved SMF1 accountable for decisions they do not control. The FCA tests where authority actually sits, the conduct rules make the pretence dangerous for the hired CEO personally, and strong candidates walk away from structures that smell of it during diligence.

The transitions that work share four features, visible across our mandate history. The division of authority is written down — a chair role specification and the CEO’s Statement of Responsibilities drafted together, so vision, external representation and board leadership sit clearly with the founder-chair while executive authority sits undivided with the SMF1. The reporting lines move on day one, not gradually: the executive team answers to the new CEO from appointment, with the founder’s involvement in operations routed through the board. The public narrative is managed — customers, investors and staff hear a deliberate story about why the structure strengthens the firm, framed around the regulatory era the business is entering. And the chair invests in the relationship: the founder-chair/hired-CEO pairing is the most consequential relationship in the firm, and the successful ones are built through structured time together before and after the appointment, often with the incoming chair of the audit or risk committee as a third stabilising voice. Where the founder cannot genuinely accept the division — an honest question worth pressure-testing before any search begins — the executive chair model with a strong COO, or the founder standing for SMF1 with reinforcement, are better answers than a hired CEO set up to fail.

What boards should ask CEO candidates

For boards and founders running an SMF1-carrying CEO search, the interview questions that separate genuinely approvable candidates from polished ones are specific, and worth setting out. Ask the candidate to walk a regulatory gateway they have personally carried — not whether they have “authorisation experience,” but which application, what went wrong in it, and what the case officer pushed hardest on; pattern recognition only exists in candidates who can answer at that resolution. Ask what they would need to see in the firm’s compliance function before agreeing to stand — strong candidates have a precise answer, because the SMF16/17 bench is their personal risk mitigation, and a candidate indifferent to it has not understood the role. Ask how they would evidence reasonable steps eighteen months from now — the answer reveals whether the governance disciplines in this guide are lived habits or interview vocabulary. Ask where the firm’s perimeter analysis is most fragile — technically fluent candidates will have formed a view during their own diligence, and the quality of that view is the best available proxy for how they will perform in front of the FCA. And ask, directly, what would make them withdraw — because candidates who have thought seriously about SMF1 exposure have conditions, and the ones who claim none are either inexperienced or not being candid. The pattern across all five: the strongest SMF1 candidates interview the firm as hard as the firm interviews them, and boards should treat the rigour of a candidate’s reverse diligence as evidence in itself.

Frequently asked questions

When does our CEO actually need SMF1 approval?

The candidate is named and assessed within the firm’s authorisation application — gateway open from 30 September 2026 — with approval taking effect at authorisation, ahead of the regime start expected 25 October 2027. The individual therefore needs to be identified, committed and shaping the application well before submission; a CEO question left open at filing is an application weakness the FCA will find.

Can a founder with no financial services background really be approved?

Yes — competence is assessed for the function at the specific firm, not against a CV template, and founders are approved across regulated sectors. The honest tests are whether the individual can demonstrate command of the regulatory framework, evidence of running a controlled business, and the governance habits the duty of responsibility assumes. Where those are buildable in the time available, build them; where they are not, the hire-or-hybrid routes exist for a reason.

Does the FCA prefer hired professional CEOs over founders?

The FCA has no stated preference — it assesses the individual before it. What it responds to is coherence: a credible SMF1 within a credible structure. A prepared founder flanked by strong independents and control functions reads better than an imported CEO bolted onto a firm that ignores them.

What does SMF1 accountability mean if the firm fails?

Failure alone is not enforcement — the regime targets misconduct and oversight failure, not commercial outcome. The SMF1’s protection is the reasonable-steps record: evidence of effective control, honest regulatory engagement and proper wind-down conduct. An orderly failure with a clean record ends careers less often than the sector fears; a disorderly one with a thin record is a different matter.

We need a CEO for the application period only — is that credible with the FCA?

Yes, if it is genuine: an interim SMF1 fully accountable for their tenure, with a considered succession plan, is an established structure. What fails is the nameplate version — an approved figurehead behind whom an unapproved founder actually runs the firm. The FCA tests where authority really sits, and the conduct rules on delegation make the pretence personally dangerous for the interim.

How long does SMF1 approval add to our timeline?

Approval is assessed within the authorisation application rather than as a separate sequential step, so a strong candidacy adds little — but a weak one dominates the critical path: requisitions about the CEO, a difficult interview, or a mid-application change of candidate can add months to the whole determination. The planning consequence is front-loading: resolve the SMF1 question, complete the candidate’s own disclosure audit and gather regulatory references before submission, so the individual enters the process as an asset to the application rather than its open risk. Firms that submit with the CEO question genuinely settled consistently move through the gateway faster than those that treat it as resolvable in flight.

Related guides and services

External resources

About the Founder — Adrian Lawrence FCA

Adrian Lawrence is a Fellow of the Institute of Chartered Accountants in England and Wales (ICAEW FCA verified) and the founder of Exec Capital. He has placed chief executives — permanent, interim and fractional — with UK businesses since 2018, and leads all SMF-carrying CEO mandates personally, supporting candidates through to FCA approval including interview preparation.

Exec Capital is registered at Companies House (no. 15037964) and operated alongside Adrian’s ICAEW-registered practice. Speak to Adrian: 020 3834 9616 · recruitment@execcapital.co.uk

Resolving the SMF1 question for your firm? Call Exec Capital on 020 3834 9616 or email recruitment@execcapital.co.uk for a confidential conversation — founder preparation, hired CEO search, or the interim authorisation model.