2017 New Client Questionnaire – Compliance, Risk management & Governance

Now It’s Getting Personal


In UK Financial Services regulatory tumult, the recent years have been a tipping point for the UK regulator the Financial Conduct Authority (FCA), because the very first time it pursued more civil and criminal enforcement action against individuals than firms.

An important change, that lots of senior managers and directors still need to grasp because of this emerging regime that’s being built worldwide post-crisis, is definitely the growing requirement for these people to have the capacity to manage their own individual regulatory risk. Although it may look like to be an additional and unnecessary burden which adds another worry bead for already stretched senior executives however, the growing practical truth is that this active acknowledgement and managing personal regulatory risks is the most suitable possible insurance coverage for an individual whenever regulatory issues arise.

The Senior Managers and Certification Regime is set to be rolled out across the industry in 2018, so 2017 will provide interesting times, especially with the Brexit Agenda formulating in the annals of power.

Banks and the very large institutions have already implemented the SMR and SMIR (Senior Managers and Senior Managers Insurance Regimes) along woth the Certification Regime for certified persons of significant influence within the business.

To assist firms, Compliance Consultant have a number of solutions and products to assist in planning for the SM&CR as well as Strategy Planning (our “Pathfinder” program).

strategy-map-risk-mitigationObviously senior managers have got a duty to help with their firm being compliant and similarly must be expected to demonstrate execution of their personal regulatory obligations and accountabilities. Contained in the new individual’s core competency being able to manage their own individual regulatory risk brings into play several elements for consideration:

  • Clear illustration showing effective performance of responsibilities could be a unique and different angle for the use of job descriptions as part of the internal environment. It really is clear the companies producing the job description into the future will need to make them somewhat more detailed than those currently used, as well as the protection of both individual additionally, the firm it is critical that all regulatory criteria, degrees of and matrix of responsibilities, including company expectations are included. Sooner or later, becoming a daily part of the handling of the firm, senior managers will routinely need to gather and store evidence to show how they individually discharged all their obligations and responsibilities. When their role changes they’ll need to perform a precise documented hand-over and acceptance by the incoming manager to ensure that all concerned have managed their personal regulatory risk adequately. It could possibly easily be viewed as a cottage industry but the increased level of documentation regarding job descriptions is set to become an essential part of enabling senior managers to signify the correct performance of their responsibilities.
  • Increasing and developing knowledge and awareness not simply with the changing regulatory environment but also with the implications of the changes. Engaging in a constantly evolving and rolling regulatory training programme or undertaking a structured institute led CPD course may very well be another. Failure to remain “on the ball” will lead to a significantly increased chance of enforcement action for virtually every unprepared or unaware individual and they are generally very likely to have the full brunt of supervisory enforcement. In such a circumstance and a senior manager ends up not being banned as part of any enforcement action, it’s highly likely the fact that this individual that has “only” been fined is ever going to work again within a senior capacity in virtually any financial services firm.
  • In establishing and developing any individual personal vault or store of evidence brings with it IT security, access and usage issues, that firms ought to identify and form policy. All senior managers really should build and keep their very own individual evidence to demonstrate the whole and complete discharge of their regulatory obligations, and this should be portable to allow them to have the ability to call upon the details at any stage of litigation in the coming years. With the quantitative elements this is certainly going to be a comparatively simple process but there can be often challenges when culture is added into the mix. One quick win could possibly be to assemble all board as well as other meeting minutes that provide verification of the process and engagement because of the individual. For an appreciation of the scope of the evidence that should be gathered, senior managers could check out the Financial Stability Board’s consultation paper “Increasing the Intensity and Effectiveness of Supervision”, which put together a list of “indicators” for senior managers that they might demonstrate compliance along with a good culture inside the firm.

There are numerous indicators of a typical sound risk culture that must be considered collectively as well as mutually reinforcing; considering each indicator in isolation will ignore the multi-faceted nature of risk culture.

These indicators include:

  • Tone from the top: The board of directors and senior management would be the starting position for setting the financial institution’s core values and risk culture, together with behaviour must reflect the values being espoused. This will require the leadership systematically developing, monitoring, analysing and assessing the culture inside the financial institution through effective governance measures that include policies, procedures, internal attestations and under-managers performing their own personal assessments.
  • Accountability: Successful risk management requires employees at all levels to understand the main values of the institutions’ risk culture together with its approach to risk, be capable of performing their prescribed roles, and be mindful that they will be held accountable with regard to their actions pertaining to the institution’s risk-taking behaviour. Staff acceptance of risk-related goals and related values is essential.
  • Effective challenge: A great risk culture promotes a surrounding of effective challenge by which decision-making processes promote many different views, allow for testing of current practices, and stimulate a confident, critical attitude among employees along with an environment of open and constructive engagement.
  • Incentives: Performance and talent management should encourage and reinforce maintenance of the financial institution’s desired risk management behaviour. Financial and non-financial incentives should secure the core values and risk culture at all levels of the financial institution.

overall-strategy-fig-1These are generally further enhanced by other messages for senior management conduct including; 

  • Being focused on establishing, monitoring and adhering to a highly effective risk appetite statement that underpins the financial institution’s risk management strategy and is integrated with the overall business strategy.
  • Possessing a clear view of the risk culture in which they aspire for the financial institution, systematically monitor and measure the prevailing risk culture and proactively address any identified aspects of weakness or concern.
  • Promote through actions and words a risk culture that expects integrity and a sound strategy for risk. The board and senior management promote an open exchange of views, challenge and debate, including making certain all directors possess the tools, resources and data to execute their roles effectively, particularly their challenge function.
  • Engage mechanisms such as talent development and succession planning, that will help to reduce the influence of dominant personalities and behaviours.
    Systematically assess whether the espoused values are communicated and followed by management and staff at all levels to ensure that the “tone at the middle” and throughout the institution is the same as the “tone at the top”.
  • Employing adequate mechanisms positioned to assess whether the risk appetite statement, risk management strategy and overall business strategy are clearly understood and embraced by management and staff at all levels, and effectively a part of the decision-making and operations of the business.
  • Establishing a compensation structure that supports the institution’s espoused core values and promotes prudent risk-taking behaviour.
    Create a clear knowledge of the standard and consistency of decision-making throughout the business, including how decision-making is in conjunction with the financial institution’s risk appetite and the business strategy.
  • Provide and analyse clear opinion of the business lines believed to pose the most significant challenges to risk management, such as unusually profitable elements of the business, which are subjected to constructive and credible challenge in regards to the risk-return balance.
  • Monitor how quickly issues raised by way of the board, supervisors, internal audit as well as other control functions are addressed by management.
    Implement and embed clear approaches to be certain that any failures or near-failures in risk culture, (internally or externally), are reviewed regularly (at least annually) at all levels of the organisation and they are seen as an possible opportunity to strengthen the financial institution’s risk culture and also make it more effective.
  • Analyse and articulate lessons learned from recent in addition to past errors which are seen as an possible opportunity to strengthen the firm’s risk culture and to produce a catalyst for real changes in the future.

One final point about the maintenance of personal evidence to show the compliant discharge of regulatory obligations concerns intellectual property. Any time a senior manager changes firms it is actually entirely reasonable that he or she should be able to maintain the suite of documents to support their compliant behaviour, but due to the fact at least several of the documents could be business-sensitive, and the intellectual property of the firm, sensible arrangements needs to be manufactured to help the senior manager gain access to the documents under certain situations whenever they may be no longer working for the firm.

Governance packs can be found at http://fcaapplicationgovernance.com

Resources Box:
Compliance Consultant is regarded as the most flexible of UK Regulatory Consultancies, providing fast responsive solutions for the financial services industry. With experienced and qualified staff from complaints handlers to Chartered Fellows of city of London institutions, you’ll find we have the expert understanding and experience to answer your challenges today!

Compliance Consultant has experience in implementing new banks from the Governance, Risk and Compliance aspects and would welcome early discussions with new start-up banks (Challenger Banks). Contact us on +44 (0) 20 7097 1434 or email info@complianceconsultant.org.

For full details see www.complianceconsultant.org

Finally, A Regulatory Compliance Solution That Can Help Grow Your Business


Businesses making an application for regulatory authorisation can often face an uphill struggle, insomuch as it is a process which complex and sometimes tedious. In many cases, when it comes to compliance, business face the challenge of not understanding a number of the terminologies which are used, or the interpretation the regulator adopts for specific parts of their business.

A number of the requirements may not be easily understood as they are written in the regulator’s technical jargon. The permissions for operating your business in the UK are not strictly clear or mapped to the firm’s operations, making it seem a little tenuous or even unnecessary. Without the right guidance and advice, the application can falter, stumble and also tip off the track; in extreme circumstances delaying the application time.

To assist firm’s obtain a number of regulatory issues on this path, Compliance Consultant have generated a solution that will solve this problem and make things easier for the applicant’s to comply with all the regulations and also project how they are planning to conduct their business adhering to their own unique and comprehensive, policies and procedures. The hub of this solution is the Template Regulatory Compliance Manual, aligned with the Financial Conduct Authority (FCA) expectations, which helps businesses to adhere to the necessary rules and procedures.

2016 Compliance Manual Open Box (22)

Lee Werrell, CEO of Compliance Consultant said that “The Template Compliance Manual solution helps businesses to grow, by ensuring that all staff are aware of, understand the firm’s responsibilities and will have allow them to adhere to the requirements. Ultimately this not only helps the firm work towards common goals, but also gains trust from the customers and reassures the stakeholders that a the firm is conducting the affairs ethically.”

Lee Werrell added that “Business has a lot to gain through conducting a regulatory compliance risk assessment and alignment exercises. If done properly will cost you money, if not done properly, will cost you a fortune“.

On launching the company’s “Pathfinder” program, a solution taking a firm from basic business idea, vision, values and strategy map construction through to strategy execution. This helps eliminate a considerable amount of disconnected elements, wrongly directed focus and errant assumptions in many firms operations, that currently curb their effective growth.pathfinder-strategy-risk-management-maps-framework

While the company offers its services to a series of different customers, it reiterates that confidentiality is something that they take into account at all times.

“Client Confidentiality is key to our success. Too often in the eateries and taverns in the city, you find consultants and contractors discussing who they are working with and worse still, what they are providing for those clients,” added Werrell stressing that Compliance Consultant treats the information obtained from the client with utmost confidentiality under a Non-Disclosure Agreement.

The company focuses on helping business increase their regulatory compliance by offering regulatory solutions which work now and in the future by applying a conduct risk overlay.

“Conduct risk is not about what you do, it is about WHY you do what you do,” Werrell, author of the book “Conduct Risk” added.

“We will help your business grow, evolve and sustainably build a strong future,” said Werrell while explaining that his company has helped a lot of the big players in the industry, and also their success was because of using only highly trained professional staff.

About Compliance Consultant

Compliance Consultant is among the UK’s leading Financial Services Regulatory Compliance, governance & Risk Consultancies. The consultancy operate across the UK, Europe and in the Middle East with growing connections in Africa and South America. It specialises in bank start-ups, risk management, remedial work (including S166 Assistance & Response), strategy planning and execution, providing governance and documentation alongside authorisation, and other advisory roles.

Contact: Lee Werrell info@complianceconsultant.org

Bank Builder Module – Regulatory Project

Are You Looking To “Build A Bank”?

The exterior facade of the Bank of England building in Central London
The exterior facade of the Bank of England building in Central London

Setting Up A New Bank May Have It Called A “Challenger Bank” ….

But It Is More Of A Challenge Than Many People Realise!

The process of setting up a bank has been made simpler in the past two years by the Financial Conduct Authority and the Prudential Regulatory Authority, after several government inquiries that criticised the lack of competition in retail banking.

Before the infamous “Metro Bank” launched in 2010, there had not been a single UK Based banking licence granted in 100 years.

While only a handful of new entrants have come through the new registration process, there are well over four dozen start-ups already in talks to gain banking licences. The fact is that many of these “talks” will fall into no action taken as;

  • The concepts are weak
  • there is insufficient regulatory experience
  • there is insufficient experience in major regulatory experiences
  • failure to understand the regulatory capital required
  • lack of funding in setting up a bank properly
  • in many cases, there is a poor understanding of the risks and risk mitigation required.

After 2008, the regulators appeared to be overly cautious and thoroughly scrutinised any plan put before them. The FCA reduced the barriers to becoming a bank and have seen enormous activity in this area, however one major shortfall has been the cost of consultancies to help set up the startup. Most of the Big 5 accountancy firms will cost upwards of £2 Million to provide even the most basic of services.

“Other consultancies may charge less, but are strictly limited to what they know”

Can you do it alone?
Well, the Prudential Regulation Authority (PRA) and Financial Conduct Authority (FCA) have launched the New Bank Start-up Unit. The Unit is a joint initiative from the UK’s financial regulators giving information and support to newly authorised banks and those thinking of becoming a new bank in the United Kingdom.

The joint New Bank Start-up Unit will assist new banks to enter the market and through the early days of authorisation. The new unit has a standalone website, telephone number and email address. It will provide new banks with the information and materials they need to navigate the process to become a new bank, as well as with focused supervisory resource during the early years of authorisation.

The New Bank Start-up Unit will provide named case officers for firms during the authorisation process at both the PRA and the FCA and a greater level of supervisory support during the new bank’s early years after they have been authorised.

New banks will benefit from:

  • access to the New Bank Start-up Unit helpline
  • access to supervisors at both the PRA and the FCA via the helpline
  • regular capital and liquidity reviews, if appropriate
  • monthly regulatory update emails
  • invitations to seminars targeted at new and prospective banks and separately banks’ senior management and NEDs
  • invitations to events, alongside other firms, on key regulatory topics.
The Regulators document can be accessed HERE

bank setup,new bank, set up, setup,fca bank, pra bank,new banking

Does This Make It Any Easier?
The simple answer is no. The regulators word their letters and instructions in such a way that even £200 per hour Law firms often disagree with the interpretations. Take a look at the FCA’s Handbook to see for yourself. The handbook is rife with definitions (click on the hyper-linked word for the glossary definition) and you will find that in many cases, the definition is one thing in one part of the handbook and something else in another part – without telling you which part actually applies.

If you take the simple example of “Outsourcing” the glossary definition is;
“(1) (except in SYSC 8, COBS 11.7, SYSC 3 and SYSC 13 to the extent applicable to a Solvency II firm, and the definition of relevant person) the use of a person to provide customised services to a firm other than:
(a) a member of the firm’s governing body acting in his capacity as such; or
(b) an individual employed by a firm under a contract of service.
(2) (in SYSC 8, COBS 11.7, SYSC 3 and SYSC 13 to the extent applicable to a Solvency II firm, and the definition of relevant person) an arrangement of any form between a firm and a service provider by which that service provider performs a process, a service or an activity which would otherwise be undertaken by the firm itself.
[Note: article 2(6) of the MiFID implementing Directive and article 13(28) of the Solvency II Directive]”

So we hope that is clear for you.


So What Is Bank Builder?
Bank Builder is available to anyone who is serious about setting up a bank, but wants value in their regulatory compliance project work, not just pay for a big name.

Bank Builder is both a Regulatory Based Product and Service provided together to give the structure of a project plan, with all the involved disciplines, but with an advice and information element and project leadership to take you along the journey to full authorisation and launch.

Bank Builder is a key element to anyone’s planning if they are looking to start up a bank and need regulatory compliance detail.

“Having spent nearly 20 years in the Compliance arena, and after setting my first bank up in 2008, the ground rules have been relaxed, but the requirements have become more complex. Risk management has developed and increased in its relevance and prominence. Compliance, and even more so with ‘Conduct Risk’ focus, reaches across all departments and all sectors of the banking operation today”

Lee Werrell, Chartered FCSI FISMM, Owner Compliance Consultant

We have the professional, qualified help that you need to make your banking project work.


You don’t need Regulatory Compliance Academics, nor do you need consultants that are too vaguely experienced. At Compliance Consultant we have qualified staff all with many years of experience in Banking, Stock-broking, Fund Management and other firms who can act on their own initiative, add value at every stage and make the right decisions for you at the right time.

We provide;

  • Regulatory Requirement Project Management
  • Strategy Map Creation
  • Regulatory Business Plan Drafting Advice and Assistance
  • Customer Experience Creation (including regulated complaints system)
  • Regulatory Requirement Governance (The policies, TOR’s, key Manuals etc)
  • We arrange and cover the costs of the ICAAP (the internal capital adequacy assessment process)
  • We arrange and cover the costs of the ILAA (the Individual Liquidity Adequacy Assessment)
  • We arrange and cover the costs of the RRP (Recovery and Resolution Plans)
  • Required Regulatory Specialists for Compliance, Risk Management and Governance
  • Rigour of Project Management
  • Risk Management Framework
  • Interface with IT, HR, Marketing/Branding, and any Outsourced Facilities
  • Assistance and Advice regarding the Business Continuity Planning
  • Treating Customers Fairly (TCF) and “Conduct Risk” Assessments
  • Committee and Board representation advice
  • Director Training in Regulatory Issues
  • And much more …

Our Project Plan (High Level) can be accessed HERE

For a fixed cost – starting from £500,000 for the above project work (including the ICAAP, ILAAP and RRP) of just over a year in total from Pre-Preparation through to the Mobilisation Phase and Risk Rating Assessments (ratings agencies independent assessment) from the big agencies. Obviously your specific timings will vary depending on the bank type and the type of banking, CRM, HR or any other software you buy, but we can work with most external elements quite easily. If you compare rough costings, we can save you hundreds of thousands of pounds.

So if you are considering setting up a new bank, and all the others suck their lips and say “You can’t put a price on it.” Tell them that Compliance Consultant do.

We can work on a fixed basis or time allocation, or a mixture of both depending on the phase and level of involvement needed.

Contact us on 0207 097 1434 or email bankbuilder@complianceconsultant.org