Welcome to Think

The business landscape is changing all the time, shaped by new rules, commercial realities, ideas and events. We are dedicated to working with this to help firms operate healthily and successfully. This is a selection of some of our horizon scan findings and our thoughts and ideas. We like to keep our views practical and have shaped them to show how they will impact you and your businesses. If you come across anything interesting or would like to share something with our community, please get in touch. We love to hear from you.

Data: When adequacy isn’t an insult

Being told you are ‘adequate’ is hardly warm and fuzzy. But news from the European Commission is that an adequacy decision for the UK on personal data could be coming. We aren’t there yet but this is a good thing. So what is this ‘adequacy’ thing? And what should I do? Notwithstanding the UK having […]

Data: What the Brexit deal means

What will a Brexit deal mean for me on personal data and GDPR? There’s a short and a long answer to this. So, starting with the short answer. For four months, it doesn’t make much difference but don’t be complacent. The agreement is that essentially, we continue as we are for four months with an […]

Data, Brexit and the real challenge for 2021

2020 has been a difficult and challenging year for many on so many levels. 2021 brings more challenges. So where should you start on data privacy? Currently we have Brexit, real cyber threats, changing requirements and an increasingly informed and sensitised public. Let’s start with Brexit. By the time you read this we may have […]

QA and blurring the Lines of Defence – when 3 becomes 1?

You have to be very new to Financial Services and the regulatory regime to not have become acquainted with the concept of the Three/3 Lines of Defence (3LoD).  The 3LoD model for maintaining effective risk and compliance arrangements is something the regulators have been advocating for many years.    And you are probably familiar with Quality Assurance […]

Compliance: pandemic luxury or necessity?

At the time of writing this blog, the UK is struggling to recover from the Coronavirus pandemic.  It has just been confirmed that the UK economy contracted by an unprecedented 20.4% in the month of April 2020.   The country is anticipating further significant rises in unemployment and a prolonged and difficult journey back towards re-opening large swathes […]

Planning for the unforeseeable – is Business Continuity Planning dead?

Be honest – when Coronavirus hit, how many of you immediately reached out for your Business Continuity Plan (BCP) for advice and support on how to deal with a pandemic and protect your business?  Anyone?  And if you did, are you now feeling like life expects us to plan for the unforeseeable? Now we will apologise in […]

Does Coronavirus change regulation? How we can be ready

It’s been a while since our last Think post. And a lot has happened. Working with businesses in multiple sectors on a wide range of issues which were already challenging them, we can see potential further change that the impacts of the Coronavirus can bring to the regulatory and business environment. Here are our thoughts. […]

Equifax fined £150 mn and $billions to follow – how the story could play

A £150mn fine for Equifax could have been imposed, had their breaches been post May 2018 with the exposure of millions of consumers around the world.  Their £500,000 fine from the UK ICO is dwarfed by what it could have been. It’s small beer for a multinational. But everyone should be paying attention as GDPR […]

Sizing up the FCA’s Business Plan – Data, Culture, Outsourcing and Innovation

At the end of April 2018, the Financial Conduct Authority (FCA) released its 2018/19 Business Plan. The Business Plan is always the FCA’s Big Indicator of what it intends. But there’s always a risk only the compliance or regulatory affairs function in bigger firms will read it. So, while it may not be a masterclass […]

Too small to matter? Too young to comply?

You’re a small or young business. You can’t have the compliance bureaucracy of a big firm? This must be correct but a recent bribery conviction has implications for all small and young firms on the importance of culture and what compliance arrangements they do put in place. At The Compliance Foundation we work with lots […]

MiFID II: Costs and Charges – 90 days and the spotlight sharpens

It’s over 90 days since MiFID II came into force.  And the FCA’s coming. Arming itself with a new requirement for asset managers to publish annual assessments relating to the costs and value for money of funds, the FCA makes clear in its 2018-19 Business Plan, it will ‘closely monitor’ compliance. Whatever you think of MiFID […]

Why culture should matter to Tech: why the new could learn from the “old”

  Events around Facebook and Cambridge Analytica have made us revisit what we wrote a year ago. We asked then why no one was talking about the culture of Tech.  Now we ask again, why culture should matter to Tech. Our article then, asked why we weren’t all talking about culture in FinTech, given what […]

Data management and corporate reputation – not just the what – it’s about the how

In this second article on data management, our key change and strategy associate looks at the shift in public perceptions about corporate reputation and how the requirements of the GDPR offer a unique opportunity to enhance your business and your customer relationships. Many of us are starting 2018 with a clear focus on complying with […]

Is GDPR the new Y2K? Choosing your expert carefully

This is a question we are hearing more and more people ask. Is GDPR the latest bandwagon on which everyone’s jumping? Our answer is yes and no. No, because Y2K, which was all about supposed IT glitches when the clock turned midnight to start the new millennium turned out to be either illusory or, where […]

GDPR – the real compliance deal or a load of old guff? Does it look different now?

Back in May 2017, TCF’s article ‘GDPR – hype or reality – a compliance revolution for data protection’ looked at the main features of GDPR and asked if GDPR is a real issue for organisations when approximately 50% of the organisations we were talking to were saying the hype was out of proportion. We thought […]

Public trust and GDPR – the virtuous circle of good data management

TCF’s key change and strategy associate looks at how personal trust is at the heart of our data expectations of businesses and the opportunities you can grasp in complying with GDPR. As 2017 closes it’s time to consider the roll call of organisations that have disclosed recent or historic data hacks during this year. Trusted […]

GDPR – are you ready?

Explore more: http://bit.ly/2tRtjN6  

A 360 approach to GDPR

Watch the video here.

Organisational Change – Harder than a Hard Thing?

At TCF we spend much of our time working with businesses who need to make changes.  Sometimes they need to change something relatively simple like following a new procedure in relation to data protection or restructuring a compliance team to work more effectively and sometimes they need to change something fundamental like their attitude to […]

The Practical Compliance Manager – Collected Wisdom for Compliance Managers

You may have already read our previous article – ‘What makes compliance so hard’ and if you have, you will be in no doubt that compliance can indeed be exceedingly challenging given the complex system of regulatory principles and rules that apply. So how, as a compliance manager, do you practically deal with the compliance […]

Rick on the rise of regtech

Watch the video here.

RegTech – Looking beyond the hype?

RegTech (the application of new technologies to deliver new solutions for regulatory activities) is now well and truly a thing.   It has its own conferences, its own growing list of celebrated RegTech entrepreneurs and is even acknowledged and supported by the regulators.  Many of the big banks and insurers are already trialling, prototyping and using new RegTech […]

Extending the SMCR to non banks – friend or foe?

Are you ready for SMR or SMCR as it is also known? Regulatory change never stops. Alongside the countdown to GDPR in 2018, runs the countdown to  SMCR or the Senior Managers and Certification Regime. This will replace the Approved Persons regime in much of financial services regulated by the FCA – or at least […]

The future of Compliance – computer says ‘no’?

Much has been written lately about the future of compliance, particularly in the light of the potential from Regtech and increased automation. But what does TCF see as the future based on what we see happening in the businesses around us? Compliance has undoubtedly been a growth industry across sectors responding both to the increased […]

Cyber Security Meltdown – What are the lessons for Compliance from the latest global attacks?

Unless you have been “off grid” for the last few weeks you will be very aware that this month saw a significant cyber attack on vulnerable organisations around the globe including, in the UK, our very own NHS.   Unsurprisingly many of the more sensationalist of the media and commentators have heralded this event as […]

The Future Of Compliance

Watch the video here.

Sandra on GDPR

Watch the video here.

GDPR – hype or reality? A compliance revolution for data protection

When it comes to GDPR, what TCF is hearing from our clients and contacts falls into two categories: “Help, GDPR is a huge challenge – what am I going to do about it on top of everything else?” “The GDPR threat is completely out of proportion, I don’t know what the fuss is about.” At […]

TCF on process engineering

Watch the video here.

Compliance Led Change – A fresh approach to business process reengineering

Ask most senior business executives what their experience of Compliance is and they’ll probably provide you with what is more or less the following answer – “a necessary but costly imposition”.    No-one tells you that they are strategically using compliance to support their process reengineering and to drive their business change programmes. And yet… […]

What makes compliance so hard?

Watch the video here.

What makes compliance so hard?

Before you read through this article it’s important to set out a few markers.  Firstly if you are on the Board of a business, or a senior leader in a business and you are not finding compliance hard your business is probably not compliant and you might want to start asking some searching questions.   […]

Top tips for fintech

Watch the video here.

How do I know if I’m compliant?

Watch the video here.

Culture in FinTechs: why is no-one talking about this?

April 2017 has been a busy month in the world of FinTech. Innovate Finance’s Global Summit brought together a wide range of interests in FinTech. Mark Carney, Governor of the Bank of England, made a major speech on building infrastructure to realise FinTech’s promise and the FCA announced the second cohort that has been accepted […]

The Top Seven Authorisation Tips for FinTech Entrepreneurs

Whilst the FCA move to meet the demand for authorisation support from the rapidly expanding FinTech community, here are our top seven authorisation tips for FinTech Entrepreneurs

Is being an Appointed Representative a compliance easy rider?

Why firms looking to undertake regulated business shouldn’t assume becoming an Appointed Representative will mean easy compliance. We discuss why it is not failsafe and can still lead firms into hot water with the FCA

Post Brexit – Will there be a bonfire of the Regulations?

Why the result of the EU referendum won’t bring regulatory relief for firms

Culture, compliance and the weather – lessons from meteorology

How firms can get better at predicting outcomes by learning lessons from predictive meteorology

The challenges of managing FinTech compliance

As FinTechs seek to recruit and retain effective compliance managers, what they can learn from George Clooney and A Perfect Storm

Legal & professional privilege – a tricky relationship issue

The impact of asserting legal and professional privilege in a regulatory relationship and why it needs careful handling

Helping Start Ups understand – ‘big boys games, big boys rules’

As banks decline or terminate the accounts of smaller entrepreneurial businesses in order to reduce their risk, what smaller firms can do to reduce their risk profile