Who Is a Senior Manager Under Section 250?

The statutory test: s.250(3) verbatim

Section 250(3) of the Crime and Policing Act 2026 (c.20) defines "senior manager" as follows:

In this section, "senior manager", in relation to a body corporate or a partnership, means an individual who plays a significant role in— (a) the making of decisions about how the whole or a substantial part of the activities of the body corporate or partnership are to be managed or organised, or (b) the managing or organising of the whole or a substantial part of those activities.

That is the complete statutory definition. Nothing in s.250(3) refers to the FCA, an approved-person designation, a Senior Management Function, or any sector-specific role. The test is generic, functional, and applies to all UK bodies corporate and partnerships — not only FCA-authorised firms.

The attribution mechanism that makes this definition consequential is in s.250(1): where a senior manager (as defined above) of a body corporate or partnership commits a criminal offence under the law of England and Wales, Scotland or Northern Ireland, acting within the actual or apparent scope of their authority, the body corporate or partnership is also treated as having committed that offence. The organisation then faces the criminal consequences of the underlying offence — not a new penalty created by s.250, which sets no penalty of its own, but the penalty that attaches to whatever offence was committed. For offences tried on indictment, that typically means an unlimited fine.

Section 250 comes into force on 29 June 2026, two months after Royal Assent on 29 April 2026, by virtue of the Act's commencement provisions (s.255(3)). That date is fixed in primary legislation.

What "significant role" means: advisory consensus

The statute does not define "significant role" with enumerated criteria, so its content has been worked out through legal analysis of the provision since enactment.

Slaughter and May (analysis, May 2026) identified three markers that point toward a significant role: decision-making authority over budget and headcount for a substantial part of the business; operational responsibility for delivering a product, service or business line that represents a material fraction of the organisation's activities; and the power to commit the organisation to material contracts, risk positions or counterparty obligations. The lawyers' note emphasises that formal job titles are unreliable proxies — what matters is what the individual actually does.

Ashurst (briefing note, May 2026) draws attention to the two limbs of s.250(3) and how they operate differently in practice. Limb (a) — "the making of decisions about how" activities "are to be managed or organised" — catches strategic decision-making: setting policy, approving plans, determining structure. Limb (b) — "the managing or organising of... those activities" — catches executive implementation: running operations day to day, directing how work is carried out. A single individual can engage both limbs simultaneously, and many senior executives do.

Skadden (client alert, May 2026) highlights that the wording deliberately echoes the "senior manager" test in the Corporate Manslaughter and Corporate Homicide Act 2007, where courts developed a body of case law treating the question as one of substance rather than form. Formal delegation paperwork is useful evidence but is not required; an individual who observably exercises real authority is within scope whether or not that authority is written down. The reverse also holds: a senior title held by someone with no real operating authority is not sufficient.

None of these analyses should be read as legal advice for any specific firm or individual. The consensus they represent is a starting point for assessment, not a substitute for advice from qualified solicitors about your firm's specific facts.

"Substantial part of the activities" — the scope threshold

The "substantial part" qualifier is the test's quantitative dimension. It prevents every supervisor with any management responsibility from falling within s.250 scope while still capturing those whose authority genuinely shapes how the organisation operates.

The wording refers to "the whole or a substantial part of the activities of the body corporate or partnership" — all of an organisation's activities, not only its regulated or financial ones. A head of technology who controls the firm's systems and data infrastructure; a head of operations who determines how client servicing is organised; a general counsel who shapes the firm's legal risk strategy across the whole business — each potentially engages this limb through authority over activities the FCA has no direct interest in but which represent a substantial share of what the organisation does.

There is no percentage threshold in the statute, and no regulatory guidance has specified one. The relevant question is whether the individual's remit constitutes a meaningful fraction of the organisation's operations by reference to headcount, revenue, risk, or business criticality — one or more of these dimensions may be sufficient. For a large firm, a divisional head running 15% of the firm's AUM is a stronger case than a team leader managing 0.5%. For a small firm, the threshold clears earlier. The assessment is proportionate to the organisation's size and structure.

Where an individual's remit is clearly bounded and limited in scope — running a single administrative team, for example — the "substantial part" test may not be met even if the person is described as a "senior manager" in their employment contract. The label does not settle the question; the functional analysis does.

Role-by-role analysis

The following assessments apply the s.250(3) test to the roles most commonly encountered in a gap analysis for FCA-regulated firms. Each is a general analysis only; specific facts can change the outcome.

DIVISIONAL AND DEPARTMENT HEADS — when decision-making is real

A head of a significant business division — a trading desk, a fund family, a distribution channel — is a consistent candidate for s.250(3) inclusion. If the division represents a meaningful fraction of the firm's revenue, risk, or client base, the person who decides how it is managed plays a significant role in a substantial part of the firm's activities. Under SM&CR, these individuals are frequently certified rather than SMF-approved, unless the firm has designated the Head of Key Business Area function (SMF6). Certification is a firm-level determination that someone could cause significant harm. That is a different population from s.250(3). A divisional head who is certified but not SMF-approved is exactly the individual a register-only comparison misses.

COLP, COFA, AND MLRO

The Compliance Oversight function (SMF16), the Money Laundering Reporting Officer (SMF17), and the CF10 (Compliance Oversight) are nearly always SM&CR-approved at FCA-regulated firms, so they will typically appear on the register. Whether they also meet s.250(3) depends on the scope of their authority over the firm's activities. A compliance head who sets and runs the firm's control framework across the whole organisation plays a significant role in organising a substantial part of its activities and is comfortably within s.250(3) scope. The COFA's authority over financial resources may engage the test depending on the extent of that control. Running the functional assessment for these roles records that the firm applied s.250(3) deliberately rather than assuming SM&CR cover settled the question — it nearly always confirms inclusion, but the reasoning should still be on the record.

NON-EXECUTIVE DIRECTORS — generally advisory, not managing

NEDs present genuine difficulty. Section 250(3) asks about a "significant role in managing or organising", not a role in scrutinising, advising, or providing oversight. An NED who challenges management, challenges strategy, and votes on proposals is exercising governance oversight — which is not the same as managing or organising the activities themselves. Slaughter and May (May 2026) and Ashurst (May 2026) both treat the advisory-versus-executive distinction as the central question for NEDs: an NED who remains advisory is generally not within scope; an NED with real executive responsibilities — a casting vote on day-to-day operations, or de facto managerial authority — should be assessed more carefully.

That said, the analysis is fact-sensitive. A chair who is functionally driving strategy, or a senior independent director who has assumed executive responsibilities, may engage the test. The general proposition is that advisory non-executives fall outside s.250(3) as a class; specific NEDs with unusual authority profiles may not.

GROUP-ENTITY OFFICERS

Officers of a group parent, holding company, or overseas entity with real authority over the UK subsidiary's activities can fall within s.250 scope even if they hold no UK appointment. The test is about actual or apparent authority over the organisation's activities, not about formal position in the UK legal structure. A group chief executive whose decisions about staffing, capital allocation, and strategy demonstrably shape how the UK entity operates is a candidate for inclusion. Group-level assessments require particular care and legal advice.

INTERIM AND ACTING MANAGERS

Section 250(3) contains no employment-status condition. An interim COO, a contract CTO, or a consultant effectively running a transformation programme can each meet the functional test if they exercise real authority over a substantial part of the organisation's activities. This is the row most commonly missed by register-only gap analyses, for a structural reason: SM&CR approval lags operational reality. Someone steps into a role months before registration catches up and may leave before it ever does. FCA PS26/6 (22 April 2026) addresses temporary cover for SM&CR purposes; acting-while-pending under PS26/6 is at most partial cover, not full SM&CR coverage, and does not affect the s.250(3) analysis.

Actual authority vs title: the governing principle

The most important principle in applying s.250(3) is that substance prevails over form. The statutory wording asks what an individual does — whether they play a significant role in managing or organising a substantial part of the organisation's activities — not what they are called.

This creates two equal and opposite failure modes for a gap analysis.

The first failure mode is over-reliance on job titles: including everyone with "Director" or "Head of" in their title without asking whether they actually exercise the authority the title implies. A head of a single-person team with no budget authority and no operational remit almost certainly does not meet the test, even if their title sounds senior.

The second failure mode is under-reliance on reality: excluding people because they hold no formal SMF or senior title, when their actual role is to make decisions about how a substantial part of the organisation operates. The interim executive, the contractor embedded in senior operations, the adviser who has effectively taken over a function — these people carry real s.250 risk regardless of how they appear on the organisation chart.

A defensible gap analysis identifies the population by reference to what each individual actually does: who controls what budget, who makes what decisions, who has committed the organisation to material positions in the past year. That is a heavier analytical task than checking a register, but it is the task the statute requires.

SM&CR and s.250: why coverage does not map

SM&CR and Section 250 answer different questions. SM&CR asks: does this person hold a named FCA function at an FCA-authorised firm? If yes, they need pre-approval (Senior Managers) or annual firm certification (Certified Persons). The regime is designed to impose accountability for FCA-regulated activities.

Section 250 asks: does this person play a significant role in managing a substantial part of this organisation's activities? If yes, their criminal conduct within the scope of their authority is attributed to the organisation. The provision reaches all activities, all UK bodies corporate and partnerships, and all criminal offences under UK law — not just the regulated functions the FCA monitors.

The result is that the s.250(3) population is typically wider than the SM&CR population in three ways. First, people who exercise real authority in technology, operations, legal, or other non-regulated functions may meet s.250(3) while falling entirely outside SM&CR scope. Second, certified persons are identified by their potential to cause significant harm — a different standard from s.250(3)'s actual-authority functional test. Third, FCA PS26/6 (22 April 2026) simplified SM&CR by reducing the certified population; because the s.250(3) population is unchanged, the unmapped middle grows.

SM&CR compliance is still necessary and valuable. The FCA's accountability framework runs through it. What it does not do is close the s.250 question — a firm that treats its SM&CR register as its complete s.250 population has not run a Section 250 gap analysis; it has run an SM&CR population audit.

What to document for each assessment

For each individual in the assessment, the record should capture:

The specific authority that drove the inclusion decision: the budget they control, the operational function they direct, the power they have to commit the organisation to material positions. Vague references to "senior role" or "strategic responsibility" are inadequate — the record needs to identify what the individual actually does.

The s.250(3) limb engaged: limb (a) (decision-making about how activities are to be managed), limb (b) (managing or organising activities), or both. The distinction matters when explaining the reasoning to a board or, later, to a regulator.

The conclusion and confidence level. A High-confidence inclusion for a CEO is different from a Medium-confidence inclusion for a divisional head whose remit is less clearly delineated. Recording confidence acknowledges the genuine uncertainty in borderline cases rather than concealing it.

Whether the individual is already SM&CR-covered: an approved SMF holder should still be assessed under s.250(3) so the reasoning is visible. The record shows the firm applied the functional test to everyone in scope, not just the unregistered population.

Keep this reasoning in the board evidence pack alongside the declarations. Section 250 has no statutory defence based on documented diligence — documentation does not create a shield. But documented assessment is material to prosecutorial discretion under Joint SFO-CPS guidance and may be relevant at sentencing. There is currently no Sentencing Council guideline for s.250. The honest characterisation is that thorough documentation reduces attribution risk and informs prosecutorial judgment; it does not guarantee any particular outcome.

Related guides

Frequently asked questions

Primary sources

Statutory claims on this page trace to the following primary materials.

• Crime and Policing Act 2026, s.250 — legislation.gov.uk — verbatim enacted text of the senior-manager definition and attribution mechanism.
• Crime and Policing Act 2026, s.255 — commencement — source of the 29 June 2026 in-force date (two months after Royal Assent, 29 April 2026).
• FCA — Senior Managers and Certification Regime (SM&CR) — the regulatory baseline against which the s.250(3) gap is measured.
• FCA PS26/6 (22 April 2026) — SM&CR simplification — policy statement reducing the Certified Persons population; temporary cover provisions.
• Corporate Manslaughter and Corporate Homicide Act 2007, s.1 — precedent for the "significant role" functional test; s.250(3) uses equivalent wording.

Law-firm analyses referenced above (Slaughter and May, Ashurst, Skadden — published May 2026) are cited for the advisory consensus they represent. They are not primary legal authority and should not be treated as advice for any specific firm.