Compliance monitoring is a key tool for understanding where the risks are within your business. It can help you pinpoint weaknesses in controls and provide comfort that your firm is meeting its regulatory obligations.
We regularly help clients with compliance monitoring activities such as:
- Reviewing your existing compliance framework to ensure its robust, up to date and relevant to your business;
- Helping you build an effective monitoring plan from scratch;
- Providing advice on the areas we think you should be focused on;
- Undertaking both on-site and/or desk-based testing to provide you with independent challenge and assurance.
Compliance Monitoring Toolkit
We’ve developed a tool-kit to help firms with both the planning and implementation of their compliance monitoring. Most firms ask us to do the monitoring for them – for independent assurance whilst others prefer to conduct their own monitoring using our toolkit, but with advice and support from us instead.
We’ve built a Toolkit that covers all the rules in the FCA handbook relevant to our clients. For each rule we have suggested a methodology for a high level test and, where appropriate, a compliance ‘deep dive’ test. We can then work with you to develop a bespoke plan which is relevant and proportionate for your business and scope of activity.
Who do we help?
- Newly authorised firms who need to create their first Compliance Monitoring Programme (CMP) tailored specifically to their activities;
- Firms that have a CMP which is obsolete or not fit for purpose – we can create a new CMP;
- Firms that want us to review their existing CMP and assess whether it’s fit for purpose, or maybe improve the way they test compliance against particular rules;
- Firms who want a one-off health check of the effectiveness of their current control framework – for example, a review of compliance against senior management arrangements, systems and controls, or to test the appropriateness of their current monitoring of a particular area of detail, such as, best execution;
- Firms who don’t have the necessary resource in-house or who want an independent to test their plan.
What we’ll do
We’ll undertake an initial high-level assessment of your business, so we understand the scope of your activities and can form an initial view on the key areas of risk.
We’ll design firm-specific annual compliance monitoring schedules, taking a risk-based approach.
We’ll carry out quarterly, bi-annual or annual compliance monitoring visits – prioritising those areas considered to pose the highest risk.
Finally, we’ll provide you with details of our findings, including a RAG rated report setting out any gaps you’ve got in your compliance framework. We can also help you fix any issues we’ve found and provide guidance on how to mitigate any gaps or weaknesses.