Our Works


  • 29th September 2020

QA and blurring the Lines of Defence – when 3 becomes 1?

You have to be very new to Financial Services and the regulatory regime to not have become acquainted with the concept of the Three/3 Lines of Defence (3LoD).  The 3LoD model for maintaining effective risk and compliance arrangements is something the regulators have been advocating for many years.    And you are probably familiar with Quality Assurance […]

  • 5th July 2020

Compliance: pandemic luxury or necessity?

At the time of writing this blog, the UK is struggling to recover from the Coronavirus pandemic.  It has just been confirmed that the UK economy contracted by an unprecedented 20.4% in the month of April 2020.   The country is anticipating further significant rises in unemployment and a prolonged and difficult journey back towards re-opening large swathes […]

  • 20th June 2020

Planning for the unforeseeable – is Business Continuity Planning dead?

Be honest – when Coronavirus hit, how many of you immediately reached out for your Business Continuity Plan (BCP) for advice and support on how to deal with a pandemic and protect your business?  Anyone?  And if you did, are you now feeling like life expects us to plan for the unforeseeable? Now we will apologise in […]

  • 12th June 2020

Does Coronavirus change regulation? How we can be ready

It’s been a while since our last Think post. And a lot has happened. Working with businesses in multiple sectors on a wide range of issues which were already challenging them, we can see potential further change that the impacts of the Coronavirus can bring to the regulatory and business environment. Here are our thoughts. […]

  • 20th September 2018

Equifax fined £150 mn and $billions to follow – how the story could play

A £150mn fine for Equifax could have been imposed, had their breaches been post May 2018 with the exposure of millions of consumers around the world.  Their £500,000 fine from the UK ICO is dwarfed by what it could have been. It’s small beer for a multinational. But everyone should be paying attention as GDPR […]

  • 31st May 2018

Sizing up the FCA’s Business Plan – Data, Culture, Outsourcing and Innovation

At the end of April 2018, the Financial Conduct Authority (FCA) released its 2018/19 Business Plan. The Business Plan is always the FCA’s Big Indicator of what it intends. But there’s always a risk only the compliance or regulatory affairs function in bigger firms will read it. So, while it may not be a masterclass […]

  • 23rd April 2018

Too small to matter? Too young to comply?

You’re a small or young business. You can’t have the compliance bureaucracy of a big firm? This must be correct but a recent bribery conviction has implications for all small and young firms on the importance of culture and what compliance arrangements they do put in place. At The Compliance Foundation we work with lots […]

  • 12th April 2018

MiFID II: Costs and Charges – 90 days and the spotlight sharpens

It’s over 90 days since MiFID II came into force.  And the FCA’s coming. Arming itself with a new requirement for asset managers to publish annual assessments relating to the costs and value for money of funds, the FCA makes clear in its 2018-19 Business Plan, it will ‘closely monitor’ compliance. Whatever you think of MiFID […]

  • 5th April 2018

Why culture should matter to Tech: why the new could learn from the “old”

  Events around Facebook and Cambridge Analytica have made us revisit what we wrote a year ago. We asked then why no one was talking about the culture of Tech.  Now we ask again, why culture should matter to Tech. Our article then, asked why we weren’t all talking about culture in FinTech, given what […]

  • 12th December 2017

GDPR – the real compliance deal or a load of old guff? Does it look different now?

Back in May 2017, TCF’s article ‘GDPR – hype or reality – a compliance revolution for data protection’ looked at the main features of GDPR and asked if GDPR is a real issue for organisations when approximately 50% of the organisations we were talking to were saying the hype was out of proportion. We thought […]

  • 24th November 2017

Public trust and GDPR – the virtuous circle of good data management

TCF’s key change and strategy associate looks at how personal trust is at the heart of our data expectations of businesses and the opportunities you can grasp in complying with GDPR. As 2017 closes it’s time to consider the roll call of organisations that have disclosed recent or historic data hacks during this year. Trusted […]

  • 29th July 2017

GDPR – are you ready?

Explore more: http://bit.ly/2tRtjN6  

  • 25th June 2017

The Practical Compliance Manager – Collected Wisdom for Compliance Managers

You may have already read our previous article – ‘What makes compliance so hard’ and if you have, you will be in no doubt that compliance can indeed be exceedingly challenging given the complex system of regulatory principles and rules that apply. So how, as a compliance manager, do you practically deal with the compliance […]

  • 18th June 2017

RegTech – Looking beyond the hype?

RegTech (the application of new technologies to deliver new solutions for regulatory activities) is now well and truly a thing.   It has its own conferences, its own growing list of celebrated RegTech entrepreneurs and is even acknowledged and supported by the regulators.  Many of the big banks and insurers are already trialling, prototyping and using new RegTech […]

  • 23rd May 2017

Sandra on GDPR

Watch the video here.

  • 26th April 2017

What makes compliance so hard?

Before you read through this article it’s important to set out a few markers.  Firstly if you are on the Board of a business, or a senior leader in a business and you are not finding compliance hard your business is probably not compliant and you might want to start asking some searching questions.   […]

  • 26th April 2017

Culture in FinTechs: why is no-one talking about this?

April 2017 has been a busy month in the world of FinTech. Innovate Finance’s Global Summit brought together a wide range of interests in FinTech. Mark Carney, Governor of the Bank of England, made a major speech on building infrastructure to realise FinTech’s promise and the FCA announced the second cohort that has been accepted […]

  • 1st September 2016

Post Brexit – Will there be a bonfire of the Regulations?

Why the result of the EU referendum won’t bring regulatory relief for firms

  • 28th June 2016

The challenges of managing FinTech compliance

As FinTechs seek to recruit and retain effective compliance managers, what they can learn from George Clooney and A Perfect Storm

  • 26th May 2016

Helping Start Ups understand – ‘big boys games, big boys rules’

As banks decline or terminate the accounts of smaller entrepreneurial businesses in order to reduce their risk, what smaller firms can do to reduce their risk profile