CoverProof is the only compliance platform purpose-built for FCA-regulated UK firms that need to manage their Section 250 exposure under the Crime and Policing Act 2026. It automates three steps: (1) SM&CR gap analysis — AI-powered identification of every individual meeting the s.250(3) functional test but not covered by existing SM&CR designations, completed in under 10 minutes; (2) zero-login declaration cycles — recipients complete their declaration without creating an account; (3) litigation-grade board evidence packs — PDF/A-3B documents with SHA-256 cryptographic hashes and immutable audit trails, generated in seconds. From sign-up to first evidence pack takes under one hour.
Today — before June 29
You have a compliance gap.
Individuals outside your SM&CR perimeter are in significant roles. Exposure exists — but it is fixable. CoverProof closes the gap today.
After June 29 — Section 250 live
The gap is criminal liability.
The same individuals are now criminally exposed. Your board has no documented evidence of identification or action. There is no fix after this date.
The Maths
One enforcement case costs more than 40 years of CoverProof.
The average FCA enforcement investigation costs £150,000+ in external legal fees alone — before any fine.
Without CoverProof
FCA investigation legal fees
external counsel alone
£150,000+
Organisational criminal conviction
no cap — organisation is convicted
Unlimited fine
Reputational damage
for the organisation, not just regulatory censure
Criminal record
No adequate-procedures defence
unlike Bribery Act or ECCTA provisions
No safe harbour
Total exposure
Unlimited
With CoverProof
SM&CR gap analysis
AI-powered, FCA register cross-referenced
5 min
Declarations sent
zero-login, trackable in real time
Same day
Board evidence pack
PDF/A-3B, SHA-256 signed
Immediate
Your board's liability
evidence of identification and action
Documented
Starting from
£149/month
Section 250 doesn't add to your regulatory obligations.
It creates criminal ones.
This is not a regulatory fine with an FCA enforcement cap. It is a criminal liability statute. The distinction is material.
Crime and Policing Act 2026 — Section 250 (verbatim enacted text)
“Where a senior manager of a body corporate or partnership (“the organisation”) acting within the actual or apparent scope of their authority commits an offence under the law of England and Wales, Scotland or Northern Ireland, the organisation also commits the offence.”
s.250(1), Crime and Policing Act 2026 (c.20) — the organisation faces an unlimited fine on conviction.
s.250(3) defines “senior manager” as an individual who plays a significant role in the making of decisions about how the whole or a substantial part of the activities of the organisation are to be managed or organised, or in managing or organising those activities. The test is functional — it covers all activities, not only financial ones, and applies regardless of FCA approval status.
Unlimited fine
Corporate criminal conviction
Section 250 imposes criminal liability on the organisation — not a regulatory fine with a cap. When a senior manager commits any offence within their authority, the organisation commits it too.
No statutory safe harbour
No adequate-procedures defence
Unlike the Bribery Act or ECCTA failure-to-prevent provisions, Section 250 contains no adequate-procedures defence. Documented governance does not create a statutory shield — but it is material to prosecutorial discretion.
Your current register misses them
Outside SM&CR perimeter
SM&CR covers FCA-approved persons. Section 250 uses a separate functional test — it reaches anyone playing a significant role in managing or organising a substantial part of the firm's activities, regardless of FCA approval status.
June 29 is statutory
The FCA cannot extend it
This is not a regulatory deadline that can be pushed. The date is written into primary legislation. It does not move.
Three steps. Under an hour. Done.
From your current SM&CR register to a court-ready evidence pack — without building anything, without chasing anyone for logins.
Import your SM&CR register
Upload your FCA register extract. CoverProof maps every approved person against the Section 250 criteria — flagging individuals in significant roles who fall outside your SM&CR perimeter.
~5 minutesAI identifies your Section 250 gap
Claude analyses each individual's role and responsibilities against the statutory criteria. You get a prioritised exposure report — who is uncovered, why, and exactly what's required.
~2 minutesSend declarations. Download your pack.
CoverProof sends zero-login declaration requests to every uncovered individual. As declarations come in, your board evidence pack builds automatically — PDF/A-3B compliant, timestamped, cryptographically signed.
Same dayBuilt for FCA-regulated firms that need to show their working
A declaration is only as good as the evidence trail behind it.
Litigation-grade evidence packs
PDF/A-3B documents (ISO 19005-3) with embedded XMP metadata, SHA-256 tamper-detection hash recorded in the audit database at generation, and immutable audit log. Designed to meet court documentation standards. Generated server-side.
Zero-login declarations
Recipients complete their declaration without creating an account. No friction, no IT overhead, no excuse not to respond. Completion rates are higher when the barrier is a URL, not a signup form.
AI gap classification
Claude maps each individual against the Section 250 statutory criteria — not a generic questionnaire. Structured output, auditable classification logic, human review step before sending.
Row-level data isolation
Multi-tenant architecture with Row Level Security at the database layer. Your firm's data is isolated by design — not by configuration or trust.
Audit-grade timestamps
Every declaration send, every download, every status change — timestamped in UTC and recorded to an immutable log. You can prove exactly what happened and when.
FCA Register sync
Weekly import from FCA's Register Extract Service keeps your approved persons baseline current. No manual CSV exports, no stale data on your gap analysis.
Compliance directors who didn't wait until June
Names and firm identifiers are anonymised. Job titles and firm types are real.
I uploaded our SM&CR extract on a Monday morning. By lunch I had declarations sent and an evidence pack in my inbox. Sent it to the board that afternoon. The whole thing took about 45 minutes.
Head of Compliance
Mid-size Wealth Management Firm
The FCA register cross-referencing caught two senior managers we'd completely missed in our manual review. Those gaps would have been live on June 29. That's the scenario that keeps me up at night.
Chief Compliance Officer
Asset Manager, £2bn AUM
What used to take our compliance team a week of spreadsheet work now takes under an hour. And we have a PDF/A-3B document with a cryptographic hash that our legal team can verify was unmodified since generation. That's the bit our lawyers actually cared about.
Compliance Director
Consumer Credit Lender
Trusted by compliance teams at FCA-regulated firms across —
Section 250 compliance resources
Industry guides, role-specific checklists, and plain-English explainers.
Complete Section 250 Guide
Scope, obligations, gap analysis, evidence standard. Start here.
Read →
Asset Managers
Portfolio managers, fund directors, sub-advisers — typical gap 12–35.
Read →
Banks
Trading desks, risk leads, multi-entity groups — typical gap 50–200+.
Read →
Compliance Directors
Your pre-June 29 checklist. 9 steps from import to board sign-off.
Read →
CCOs
Own the obligation end-to-end. What board presentation requires.
Read →
Spreadsheet vs Software
Why a spreadsheet lacks the integrity properties required for litigation-grade evidence.
Read →
What Is Section 250?
Plain-English explanation of the law, scope, and criminal liability.
Read →
5-Week Action Plan
Week-by-week plan to reach June 29 covered. Start today.
Read →
Less than a compliance consultant's day rate.
More than a year of criminal protection.
One FCA enforcement investigation costs £75,000–£250,000 in legal fees alone. CoverProof's annual Professional plan costs £2,990 — 4% of the low estimate.
See full pricing, ROI calculator and comparison table →Professional
SME compliance officers
or £2,990/year — save £598
- ✓SM&CR gap analysis — AI-powered
- ✓Unlimited declarations
- ✓Unlimited evidence packs
- ✓Counterparty compliance cycles
- ✓Up to 3 team members
- ✓Single FRN
Firm
Compliance teams, multi-site firms
or £6,990/year — save £1,398
- ✓Everything in Professional
- ✓Up to 3 FRNs
- ✓Unlimited team members
- ✓Priority 4-hour support
- ✓Bulk re-declaration workflows
Enterprise
Banking groups, 3+ FRNs
- ✓Everything in Firm
- ✓Unlimited FRNs
- ✓Dedicated compliance manager
- ✓Custom SLA and MSA
- ✓API access
No long-term contract · Cancel any time · Data export available · UK infrastructure
Questions from Compliance Directors
Straight answers. No sales language.
Does CoverProof provide legal advice?
No. CoverProof is a compliance workflow tool. It automates the gap analysis and declaration process. Your compliance team retains full responsibility for reviewing AI classifications and confirming your Section 250 coverage strategy.
Are Evidence Packs suitable for use in legal proceedings?
Evidence Packs are generated as PDF/A-3B documents (ISO 19005-3) with embedded XMP metadata, SHA-256 tamper-detection hashes recorded in the audit database at generation, and immutable timestamped audit trails. These properties are designed to meet the documentation standards required in legal and regulatory proceedings. Courts ultimately determine admissibility — no document format can guarantee that outcome.
What if we have more than 50 individuals on our register?
Our Professional plan (£299/month) supports unlimited declarations and is designed for compliance officers at FCA-regulated firms. Firm and Enterprise pricing is available for multi-entity groups and larger firms.
How long does the gap analysis take?
Import your SM&CR register CSV, click 'Run Gap Analysis', and the AI classification runs as a background job — typically completing in under 5 minutes for registers up to 500 individuals. Total time to first evidence pack: under an hour.
What happens if someone doesn't respond?
CoverProof tracks declaration status in real time with RAG indicators. Amber alerts trigger when declarations approach expiry. You can re-trigger declarations to non-responders in one click and download an evidence pack showing your attempts — which itself is legally significant documentation.