End Personal Liability for Compliance Chiefs and MLROs

THIS BRIEFING NOTE IS BASED ON

• Title: UK Urged to Reform Senior Managers and Certification Regime (SM&CR) – End Personal Liability for Compliance Chiefs and MLROs
• Source: The Banker (Lucy McNulty) – “Following the Rules” podcast interview with Mark Taylor, former Goldman Sachs EMEA Head of Financial Crime Compliance and Founder/Partner of Ibex Compliance.

Executive Summary

• Former Goldman Sachs executive Mark Taylor has called on UK regulators (FCA and PRA) to scrap individual personal liability for compliance chiefs and Money Laundering Reporting Officers (MLROs) under the Senior Managers and Certification Regime.
• He argues the current framework places unrealistic responsibility on control functions, creates “brittle” decision-making, and fails to drive genuine cultural change.
• Taylor recommends shifting accountability squarely to CEOs and business leaders, as the commercial tension belongs to the business, not the compliance officer.
• His comments coincide with today’s announcement of initial SM&CR reforms aimed at streamlining rules and reducing regulatory burden to support UK growth, with wider changes expected to be consulted on later this year.
• Taylor acknowledges that the regime “focuses the mind” but warns there is still “work to do” to make it effective and realistic.

Key Recommendations from Mark Taylor

• Remove senior management accountability for compliance roles and MLROs; place it with the CEO and business management.
• Recognise that it is unrealistic for one MLRO at a major bank (“Mega Bank”) to be personally liable for everything that falls under the role.
• For smaller firms and hedge funds: significantly increase pay for compliance professionals bearing these responsibilities (e.g. £90,000 is not enough).
• Address bureaucracy and lack of nuance in the regime that can hinder balanced decision-making and lasting cultural improvements.

Persistent Industry Challenges Highlighted

• Data Quality & Governance:
• Firms continue to struggle with basic data management despite years of regulatory focus. Issues are common in legacy systems, post-merger environments, and inconsistent client data (names, records, etc.).
• Poor data directly leads to sanctions breaches, financial crime failures and client issues.
• Taylor’s solution: “It needs elbow grease” – robust controls on data input, continuous maintenance, and periodic reviews.
• The work is “dull” and therefore often neglected until something goes wrong.
• Compliance Team Resourcing & Culture:
• Teams are inadequately resourced, lack diversity of thought, and often suffer from weak management skills.
• Taylor advises: “You should always recruit people who are better than you.”
• Regulatory Pace vs Innovation:
• Rapid developments in AI and crypto make it difficult for regulators to keep up.
• Taylor emphasises the need for active engagement among regulators, firms, and new technologies to avoid missing opportunities.

What Good Compliance Looks Like (Taylor’s View)

• Foster an open environment where staff can raise concerns without fear (“every conversation is important”).
• Build diverse teams with multiple perspectives.
• Ask probing questions (the “third, fourth and fifth” questions) rather than accepting surface-level answers.
• Ensure strong information sharing across the business.

Implications for Firms

• The upcoming wider SM&CR consultation represents an opportunity to push for more balanced accountability.
• Firms should proactively review data governance maturity, invest in remediation where needed, and assess compensation and resourcing for compliance roles.
• Emphasis on foundational “boring” issues (data quality) remains critical even as attention shifts to emerging technologies.

Selected Quotes

• “When you are making a difficult decision, that tension isn’t the compliance officer’s tension, it’s tension put on them by the business. The CEO and management should bear that.”
• “If you’re the MLRO of Mega Bank, are you really responsible for all the things that sit under that role? It’s not realistic.”
• “Firms still struggle with very basic things. Lots of firms can’t get their data right… That’s why you get sanctions breaches, financial crime and client problems.”
• “It needs elbow grease.”

Suggested Next Steps

1. Monitor FCA/PRA consultations on wider SM&CR changes later in 2026.
2. Conduct internal gap analysis on data quality and compliance resourcing/diversity.
3. Consider briefing senior executives on the potential shift in accountability and compensation implications.

Sources  

• Full article/podcast summary: https://www.thebanker.com/content/8d7e1237-9f7c-486f-9341-2736186b2132?utm_medium=social&utm_source=linkedin
• This briefing is based on the abridged version of Lucy McNulty’s “Following the Rules” podcast interview published by The Banker. No additional external web sources were referenced in the provided article text.
• Date: 22 April 2026 Prepared for: Senior Leadership, Compliance & Regulatory Affairs Teams