Risk and compliance

We supported a global Asset Manager to enhance their Enterprise Risk Management Framework (“ERM Framework”) in preparation for an independent review to be delivered to their regulator. This includes review and recommendations to support updates to all the supporting policies, procedures, management information reporting and KPIs, including risk appetite statements and risk governance.

This focused on the effectiveness of the second line of defence and included consideration of all operational risk. Through this review and enhancement of the ERM framework and the three lines of defence model, the value add was enhanced its risk awareness, accountability and governance and has improved its decision-making, performance and resilience.

We helped a global asset manager enhance its enterprise risk management framework in preparation for an independent review to be delivered to a regulator. This included recommendations to support updates to all the supporting policies, procedures, management information reporting and key performance indicators, including risk appetite statements and risk governance. This focused on the effectiveness of the second line of defence and included consideration of all operational risk.

Through this review and enhancement of the enterprise risk management framework and the three lines of defence model, the value add was enhanced its risk awareness, accountability and governance and has improved its decision-making, performance and resilience.

A regulatory inspection identified weaknesses in the AML and sanctions compliance framework of a large European asset manager. We were engaged to assist with the remediation of the issues and the transformation of their overall financial crime compliance function. We helped the client conduct a compliance assessment and root cause analysis, which led to us designing and implementing new financial crime compliance frameworks.

We helped them create a multi-year strategic plan, taking account of the responsibilities and risks relevant to their operation. We executed an update of their policies and procedures, conducted training and awareness sessions, reviewed their systems and controls and liaised with regulators on the progress and outcomes of the remediation.

We assisted a global asset manager with a large-scale regulatory obligations management programme, covering multiple jurisdictions and regulations. We provided technology advisory services to help them select and implement a regtech solution that covered obligations management, horizon scanning and compliance monitoring. We also helped the client develop and populate an obligations register, covering over 20 regulations across 10 jurisdictions.

We mapped the obligations to the client’s risk taxonomy, policies, processes and assigned owners. We did so with reference to regulatory requirements and industry best practice, identifying gaps and opportunities for improvement. We are supporting the client with ongoing compliance, assurance and monitoring activities and providing breach and remediation advice where needed.

We helped a leading financial services firm assess and enhance its cyber resilience capabilities, in line with regulatory expectations and industry best practices. We conducted a comprehensive review of the firm’s cyber risk governance, management and reporting processes, as well as its operational resilience arrangements and testing capabilities. We performed a qualitative scenario analysis to identify and quantify the potential impact of cyber incidents on the firm’s critical business services and customers. Based on our findings, we provided the firm with a prioritised roadmap of recommendations and actions to improve its cyber resilience posture and readiness.

We supported a global banking client in designing and implementing a comprehensive first line risk and control framework across its global markets business, covering all asset classes and regions. We engaged with senior stakeholders, conducted a gap analysis, developed policies and procedures, designed and delivered training and communication materials for employees and provided quality assurance and project management.

As a result of our work, the client enhanced its risk culture, improved its compliance with regulatory expectations and reduced its operational risk exposure. We are providing ongoing guidance in monitoring and evaluating the effectiveness of the framework and addressing any remediation required.