Trusted CASS and internal controls expertise that empowers financial services firms to meet FCA obligations with confidence.

What we do

CASS . Safeguarding . Digital Assets . Regulatory Reporting . FSCS SCV . Readiness Assessments and Health Checks . SME Advisory Support . Rules to Controls Mapping . Front to Back Controls Assessment . Target Operating Model . Training .

Schedule a Meeting

CASS compliance

Market leading subject matter expertise in the Financial Conduct Authority (‘FCA’)’s Client Assets (‘CASS’) regulations (CASS 1, 1A, 3, 5, 6, 7, 8, 9, 10, and 12) for a wide range of investment firms, products and services:

  • Broker-dealers and flow trading across all asset classes.
  • Exchange-traded and listed derivatives.
  • OTC derivatives.
  • Prime brokerage and financing.
  • Securities borrowing/lending and repos.
  • Collateral and tri-party arrangements
  • Wealth and stockbroking.
  • Custodians.
  • Corporate Trust, Global Notes and GDRs.
  • CFDs and FX.
  • Investment management and ACDs.
  • Insurance Brokers (CASS 5)

CASS 15 – E-money and Payment safeguarding

In-depth subject matter expertise in the E-money and Payment firm’s CASS 15 safeguarding requirements for a wide range of payments business models where we are able to assist in the following areas:

  • FCA licensing and authorisation .
  • Readiness and high-level health check.
  • Business processes, controls design and implementation.
  • FCA safeguarding review and recommend.
  • Internal / external reconciliations methodology and appropriateness review.
  • Safeguarding policy.
  • Governance, risks and controls framework.

Visit our dedicated CASS 15 site

– back to top

Digital assets and custody

The FCA has turned its attention to regulate cryptoassets (digital assets) on a more holistic basis beyond financial promotions and MLR. Following Royal Assent of the FSML Bill on 29 June 2023 which enabled the regulation of cryptoassets, it is currently shaping its approach to deliver the future of digital assets policy in the retail and wholesale market, and a consultation on rules for a new stablecoin regime was published in FCA CP25/14.

The FCA consulted on new CASS rules, namely CASS 16 (Stablecoin Backing Assets) and CASS 17 (Qualifying Cryptoasset Safeguarding).

We can utilise our knowledge and experience from adjacent “traditional” asset classes, as well as bringing to the table crypto-specific nuances which will need to be considered in order to mitigate the full set of risks arising from this new asset class.

Regulatory reporting

We utilise our expert internal controls knowledge to evaluate the design and effectiveness of your regulatory reporting controls. This may relate to FCA regulatory returns such as your CMAR.

All regulatory reporting processes have the same theme – regulatory interpretation and its application to the firm, coupled with effective controls to ensure completeness and accuracy of data inputs from upstream systems into your regulatory reporting package system (or Excel). It is the adage expression of “garbage-in – garbage-out” situation which we are trying to resolve, and can get very complex when both quantitative and qualitative inputs are submitted from various departments ranging from finance, operations, risks and front office.

– back to top

FSCS Single Customer View – SCV

The FSCS is the statutory UK compensation scheme to protect consumers of financial services, and it takes effect when a regulated firm, such as a deposit-taking bank, is unable to meet its customers’ claims.

FSCS protects depositors by compensating, or paying out, depositors and aims to do so in seven days, which helps to reduce the systemic risk that the failure of a bank might trigger a wider loss of confidence in the UK financial system.

The FSCS relies on complete and accurate information provided directly to it by deposit-taking institutions to be able to make quick and accurate pay outs to eligible deposits.

FSCS and / or the PRA carries out periodic “invoke” to evaluate a bank’s ability to provide complete and accurate SCV files within 24 hours. Failure in this regard or related deposit protection requirements may attract regulatory scrutiny and penalty, such as the recent £57 million fine imposed on a UK bank (Jan 2024).

We can assist and support with your deposit protection compliance journey in the following areas:

  • SCV processes and controls health check.
  • End-to-end SCV systems and controls evaluation to support your annual SCV Effectiveness Report.
  • Governance and oversight arrangements review to ensure compliance with the Depositor Protection Regime.
  • FSCS SCV and Eligibility training.
  • Test “invoke” to evaluate your capability to provide compliant SCV files within 24 hours.

– back to top

Schedule a Meeting

Readiness assessment and health checks

We utilise our experience dealing with regulatory investigations (e.g. Section 166) and audit visits to help firms put their best foot forward. Our approach to readiness assessment and health checks typically covers the following areas:

  • Understanding the objectives of the investigation and desired outcomes
  • High-level evaluation of current state
  • Identification of ‘red flags’ which requires immediate attention by the firm
  • Adequacy of evidence to support the firm’s attestation of compliance (or not)
  • High-level remediation plan, actions and next steps

SME advisory support

We can work with you on a short to medium term advisory basis to provide full time advisory and SME subject matter support.

The need for external expert support may be required in certain circumstances, for example:

  • Increase SME capacity and coverage
  • Interim and fractional regulatory SME coverage
  • Support on Section 166 review
  • FCA licensing and authorisation
  • Pre-IPO / Acquisition diligence
  • Regulatory change and implementation
  • System change and migration
  • In-sourcing and out-sourcing
  • New products and services
  • Compliance and Internal Audit SME support

– back to top

Rules to operational processes and controls mapping

Gladius’ approach is grounded on sound Risk and Control Framework knowledge and experience. We assist firms in identifying and mapping regulatory requirements to key risks and controls that are proportionate to the size, nature and risk appetite of your business and organisation. 

Front to back controls design and effectiveness testing

We utilise our expert internal controls knowledge to test the design and effectiveness of your controls to evaluate whether it meets regulatory requirements.

We adopt a front to back approach to evaluate completeness and accuracy of upstream data and input, reliability of control design and evidence of its operation in order to meet regulatory objectives.

– back to top

Schedule a Meeting

Target operating model

We bring to life a business proposition or customer journey by putting together a blueprint of business processes, people, infrastructure and technology. Our approach with Target Operating Model (‘TOM’) is to collaborate with all the relevant functional teams at your organisation to design and “fine-tune” a TOM that sets out the high-level requirements for each of the component parts. We then work alongside your change/project management office in readiness for the execution phase of testing, implementation and operationalisation into BAU. 

– back to top

Training

We provide training in various formats ranging from 1-hour board and executive management sessions to half-day practical courses which covers case studies, and practical applications of key concepts using real life examples. The range of topics we cover include:

  • Introduction to Assurance
  • Introduction to risks and internal controls
  • Client Assets – CASS
  • Safeguarding of relevant funds – E-Money and Payment Firms
  • FSCS SCV and Eligibility Marking
  • Board and executive committee training
  • Departmental case studies
  • Internal audit and compliance training

– back to top

Contact us and make the change today

Schedule a Meeting