Regulatory Preparedness
​
If your organisation provides or has aspirations to provision financial services of any kind in the UK, then you will be subject to the rules and regulations stipulated by either the Financial Conduct Authority (FCA) or Prudential Regulatory Authority (PRA).
Adherence to these regulatory requirements are mandatory and once authorised, failure to adhere to them could result in significant financial penalties and/or you and your organisation being blacklisted from providing such services, or even facing criminal prosecution.
Assessing your preparedness against the security requirements of these regulatory bodies provides comfort that you and your organisation are protected against enforcement action.
​
How we can help
​
We have developed a framework to assess whether your organisation meets regulatory security requirements. These assessments are led by a team of consultants who have worked directly for Regulators and also helped define the security requirements embedded in regulations. We will:
-
​Assess the maturity of your organisation’s cyber resilience capability by way of a current state assessment performed against FCA/PRA regulatory requirements, which can be defined by the following control areas: i.) governance, ii.) identification, iii.) protection, iv.) detection, response, resumption and recovery v.) testing and; vi.) situational awareness and learning and evolving;
-
The outcome of the assessment is reported with an easy to digest RAG status for each of the stipulated controls, allowing you to home in on the areas of concern quickly and easily;
-
Context is provided in non-technical language of the purpose and importance of each control, so that senior executives can understand their value;
-
The risks of not having any of the security controls in place are clearly articulated, providing you with the information needed, to allow you and your senior executives to make an informed decision on whether or not to support their implementation
​
​
​
​
​
​
​
​
​