A director at a professional services firm asks the owner what would happen if she needed to take extended leave. The owner laughs it off. She knows the answer and doesn’t want to say it. Three months later, an unexpected illness keeps her away for six weeks. Two retainer clients pause their contracts while the team scrambles. Nobody else knows the passwords to the client portal. Nobody knows which invoices are overdue. Nobody knows the scope of the project she was managing alone.
That is a planning problem, and a succession plan would have changed the outcome entirely.
What is a succession plan for an owner-managed business?
A succession plan maps which roles are genuinely critical to the business, who could step into each of them, and what knowledge needs to be captured so operations continue without any one person. For an owner-managed services firm, it also covers the founder’s own exit, whether that is a planned handover, a trade sale, a management buy-out, or a phased step back over several years.
The Sage guidance on succession planning frames it well: a strong framework should be “repeatable, adaptable, and scalable” as the business evolves, and it should not be limited to the top of the org chart. Saffery Champness, the UK accountancy firm, puts it more specifically for the owner-managed context: it is the strategic process of identifying and developing internal or external successors to take over leadership and ownership when current owners or managers leave or are unable to continue.
The distinction between a leadership succession plan and an ownership exit plan matters in practice. For a 5-50 person services firm, a lean document of three to five pages can cover both. The two are connected, but they answer different questions.
Why does this need to be on your agenda now?
Owner-managed businesses carry a concentration risk that many larger organisations have already designed out. A single person often controls client relationships, critical system access, and institutional knowledge at the same time. Hanover Search, writing for the Association of Financial Mutuals, identifies this as the starting point for succession practice: map who holds critical knowledge and what happens if they leave.
The NCSC makes a parallel point in its small business guidance, specifically on security: business resilience should not rely on one individual. If the person responsible for system access, backups, or account management leaves unexpectedly, the business is exposed. That principle applies across every critical function, not just IT.
For firms operating under FCA oversight, there is also a formal expectation. The Senior Managers and Certification Regime requires named senior managers with documented responsibilities, and the FCA expects firms to plan for succession to those roles as part of board governance. A key person leaving without a documented plan creates operational disruption; in financial services, it can also attract supervisory attention.
For owner-managed firms outside regulated sectors, the pressure is more immediate. Without a plan, the founder is the plan.
Where do you actually start?
The core work breaks into six steps. You do not need a dedicated HR team or a consultant on retainer to complete them. The steps work in order: identify critical roles, map the risk and time horizon for each, decide internal versus external options in advance, define readiness criteria, build targeted development for one or two named successors, and capture what your key people know before they leave.
First, identify which roles are genuinely critical. In a 5-50 person firm, that usually means the founder or MD, anyone who owns the primary client relationships, and anyone who is the sole person able to deliver a regulated or technically specialised service. Moss Adams recommends classifying positions where a departure would create significant operational disruption.
Next, map the risk and time horizon for each critical role. A one-page table is enough: likely departure window (under 12 months, 12-36 months, or unknown) and the operational impact if the role goes vacant. Keep the planning view at 12-36 months. Hanover Search’s good practice elements include rating each role on retirement risk, expected rotation, and whether retention is realistic.
Then decide the internal versus external option in advance. For each critical role, set a default Plan A and a fallback Plan B. Internal promotion with a development period is often the better route. Relying exclusively on external hiring lengthens vacancies and, according to ADP’s guidance, can damage morale.
Define what “ready” looks like for each successor. A one-page role profile covering purpose, key outcomes, must-have competencies, and key relationships is enough for a small firm. Sage recommends 360-degree feedback and leadership assessments to evaluate readiness; for a small firm, a direct conversation with a potential successor and an honest review of skill gaps achieves the same result with less overhead.
Build targeted development for one or two named successors per critical role. ADP’s practical toolkit includes job shadowing, cross-training, and mentoring. For each named successor, identify two or three specific experiences they need in the next six to eighteen months, and a clear time horizon for when they could step up with support.
Finally, capture the critical knowledge. Moss Adams notes that departing employees often take “huge amounts of institutional knowledge” with them. A lightweight document or short video covering how a major process actually works, plus someone shadowing key tasks at least once a year, is enough to close the most dangerous gaps.
When is a simple plan good enough, and when do you need professional advice?
A lean three-to-five page plan, a role-risk table, and a handful of named successors cover the operational needs of an owner-managed services firm with fewer than fifty people. Professional advice becomes important when ownership transfer enters the picture, when the business is FCA-regulated, or when the numbers are large enough that the tax treatment of an exit materially changes the outcome.
On tax: Saffery Champness notes that the April 2025-26 changes to Capital Gains Tax and Business Asset Disposal Relief can materially affect the net proceeds of a sale or succession. The right time to speak to a specialist accountant is two to three years before your intended exit, not the month before you want to complete. HMRC’s Business Asset Disposal Relief guidance sets out what the relief requires and which exit structures qualify.
For FCA-regulated firms, the SM&CR documentation expectation goes beyond an internal planning document. A two-page note naming successors will not satisfy a supervisory review.
For businesses with multiple shareholders, Evelyn Partners notes that ownership and family dynamics can require shareholder agreements and legal structuring that simple planning templates cannot address. Independent professional advice is worth the cost.
What else does succession planning connect to?
Succession planning overlaps with three areas that owner-managed businesses often treat as separate: ownership exit planning, operational resilience, and data governance. Improving the succession plan tends to improve all three at once because the same gaps that make succession planning difficult, undocumented processes and single-person dependencies, are the same ones that create risk in the other areas.
On ownership exit: GOV.UK’s guidance on selling a business outlines the planning steps for a trade sale or ownership transfer. The ICAEW publishes practical guidance on business continuity and succession for UK owner-managed firms. Both are worth reading if your exit timeline is under five years.
On operational resilience: the NCSC specifically flags single-person dependencies on IT systems and critical processes as a resilience risk. At least two people should be able to access and manage every system that controls client data or service delivery. That requirement fits naturally inside the succession planning process.
On data governance: the ICO’s UK GDPR guidance states that organisations must have appropriate organisational measures to ensure security and continuity of personal data processing. In practice, your CRM, payroll system, and case management tools should never be controlled by one person alone. Writing down who has access is both a data protection obligation and a succession planning best practice.
If you have not started a succession plan yet, start small. Pick the three roles where an unexpected vacancy would hurt you most. Name one potential successor for each. Write one paragraph on what that person would need to be ready within twelve months. That is your first draft, and a lean plan reviewed once a year will serve a 5-50 person firm far better than a comprehensive one that never gets written.
