Services

We support three profiles: Pre-licence, Recently Licensed & Scaling, and RegTech Vendors.
Expand the sections below to see what’s included and how we deliver.

Pre-licence — Regulatory Licensing & Compliance Setup

Everything a new or pivoting firm needs to obtain and keep its licence, focused on the FinCrime track.

Learn More

Licensing & Market Entry (FinCrime Track)

What we solve
We fix what stalls applications - financial crime systems and controls that are weak, poorly tied to your business model, or not aligned with UK AML expectations - often triggering additional queries and delaying authorisation.
Who it’s for
Fintech, PSP, EMI, VASP founders and compliance leads preparing an FCA licence application or dealing with follow-up questions.
What you'll get
Coherent FinCrime narrative that fits your business model
Submission materials aligned to UK AML and FCA expectations
Structured preparation for FCA queries and interviews, plus follow-up support
What we build
FinCrime readiness check and application plan
Firm-wide financial crime risk assessment aligned to your business model and products
FinCrime sections of business plan & submission pack
Baseline FinCrime policies, procedures and controls for day one
Governance, roles and lines (3LoD)
How we deliver
We deliver in fixed-scope assembly sprints on an authorisation timeline, with a short weekly working session and partner coordination where needed
Book a call

Custom FinCrime Framework Build & Implementation

What we solve
We tackle a recurring criticism that financial crime frameworks are generic and not operationalised, by turning them into joined-up, risk-based programmes that are custom, comprehensive and coherent, with strong governance and controls, designed to run at scale and be auditable and explainable to regulators and stakeholders.
Who it's for
Firms whose founders or FinCrime leads recognise a baseline or inherited framework is not sufficient, and want to build or fully rebuild a complete, custom programme with an experienced partner rather than designing it from scratch in-house.
What you'll get
A complete FinCrime framework pack – risk assessments, policies, standards and playbooks aligned to your products, customers and geographies, ready for scrutiny.
Embedded controls and workflows across onboarding, monitoring, sanctions and reporting, with clear owners and escalation paths.
Governance and evidence you can rely on – a clear story for boards and regulators that shows how the framework works in practice and who is accountable.
What we build
FinCrime governance structure and risk appetite
Customer lifecycle controls from onboarding to refresh and exit
Firm-wide and supporting financial crime risk assessments
SAR framework, procedures and MI/KRI reporting
Full suite of policies and procedures aligned with business operations
Sanctions and screening programmes with escalations and QA
Transaction monitoring scenarios, procedures and data requirements
Training and assurance plan with control testing approach
How we deliver
We deliver in fixed-scope implementation sprints with a short weekly working session. Everything is built in your environment with clear deliverables for each sprint and a structured handover so ownership sits with your team.
Book a call

Crypto & Digital-Asset Compliance

What we solve
Crypto firms are often judged against expectations that go beyond a generic fintech AML setup: regulators expect a clear view of on-chain risk, Travel Rule execution, and how wallets, venues and counterparties fit into your overall financial crime programme. We close the gap between a “standard” framework and a crypto-specific one that stands up to licensing and ongoing supervision.
Who it's for
Crypto exchanges, brokers, custodians and fintechs adding digital-asset products whose founders or FinCrime leads want a purpose-built crypto AML framework for licensing or product expansion, rather than stretching an e-money or payments design to fit.
What you'll get
A crypto-specific AML framework that plugs into your wider FinCrime programme
A clear picture of your blockchain risk profile, flows and counterparties
A workable Travel Rule model (people, data, vendors and procedures)
A cooherent FinCrime story that works for both FCA AML expectations and MiCA
What we build
Crypto business risk map - products, services, flows and counterparties
Wallet and counterparty risk controls combining KYC and on-chain signals
Blockchain risk assessment - typologies for your assets, flows and geographies
Crypto monitoring - alert scenarios and standards
Travel Rule operating model – data standards, partners, flows and SLAs
Sanctions and screening approach for addresses, VASPs and high-risk venues
Dual AML policy pack covering UK AML requirements and MiCA expectations
Regulator-ready narrative and evidence for the crypto part of your application
How we deliver
We work in fixed-scope implementation sprints with a short weekly working session, coordinating with your legal advisers, Travel Rule and blockchain-analytics vendors where needed, so the crypto framework fits both your licensing strategy and how your product actually operates.
Book a consult

Assurance & Benchmarking

What we solve
Lack of an independent view on whether your FinCrime framework and licence application are truly ready - how they compare with FCA expectations and good practice, and what matters most before you file, face follow-up queries or go through a supervisory review.
Who it's for
Firms preparing or planning an FCA licence application whose founders, MLROs or compliance leads want an external, FinCrime-specific view of their framework and draft pack before submission or responding to a follow-up.
What you'll get
Independent assessment of your FinCrime framework against regulatory expectations
Concise maturity view across key areas: governance, TM monitoring, sanctions and SARs
A prioritised remediation roadmap, separating quick wins from structural fixes
What we build
Licence-readiness gap review of your FinCrime framework and draft pack
“Paper vs day-one” check on how the framework would actually operate
FinCrime maturity snapshot across governance, risk and monitoring
Benchmark note vs similar applicants and current FCA focus areas
Light file review on key KYC samples, alerts and any draft SARs
Board/SMF summary and 3–6 month FinCrime action plan
How we deliver
We work in a fixed-scope review sprint with document and data analysis, targeted interviews and sample testing, then walk you through findings and a proposed roadmap in a debrief session. Any remediation support is scoped separately so assurance stays independent.
Book a call

Leadership & Outsourced Roles

What we solve
The leadership gap when you’re seeking a licence but don’t yet have a seasoned FinCrime or compliance head to own the framework, face the regulator and steer day-to-day decisions through the application and early live.
Who it's for
Fintech, PSP, EMI, VASP and brokerage firms preparing for, or just through, UK authorisation whose founders don’t yet have an experienced MLRO, Head of Compliance or Head of Financial Crime in post, and want interim or fractional leadership cover while they recruit and bed in the permanent team.
What you'll get
A named senior lead (MLRO, Head of Compliance or Head of Financial Crime) with a defined remit and reporting line
Day-to-day leadership on FinCrime decisions, governance and regulator contact through the licence process
Structured exit and handover so your permanent hire inherits a running set-up, context and clear priorities
What we build
Interim cover for MLRO (SMF17), Head of Compliance (SMF16) or equivalent roles
Regulator-facing narrative and support for interviews, queries and meetings
Role charters with mandate, responsibilities and reporting lines
Coaching for deputies or future permanent MLRO / Head of Compliance
Board and committee setup for FinCrime and compliance with TORs
Handover pack for the permanent hire with key risks, actions and context
How we deliver
We work on a fractional, fixed-scope basis with agreed days, duties and escalation routes, attend key boards and regulator meetings, and step back once your permanent hire is in place and fully handed over.
Book a call

Recently Licensed & Scaling

Services you need once live — operationalising controls, maintaining quality and scaling safely.

Learn More

Continuous Advisory & Horizon Scanning

What we solve
The constant “how do we actually do this in practice?” question after authorisation – interpreting evolving AML/CTF and supervisory expectations, deciding what they mean for your products and framework, and preparing for inspections or reviews when you don’t yet have enough senior FinCrime and compliance capacity in-house.
Who it's for
Firms whose founders, MLROs or compliance leads want ongoing, senior FinCrime advice and regulatory horizon scanning without adding another full-time headcount.
What you'll get
Faster answers to FinCrime questions that stand up to regulatory scrutiny, instead of internal debate and drift
Early warning on regulatory changes that actually affect your products, customers and controls
Board and regulator conversations that feel prepared and consistent, not reactive or improvised
What we build
Compliance advisory channel with agreed response times
Fractional compliance leadership support without extra headcount
Regulatory horizon scanning with short impact notes for your firm
Board and founder check-ins ahead of inspections, audits or key decisions
On-demand reviews of key policies, board packs and regulator responses
Simple record of questions, advice and decisions you can refer back to
How we deliver
We work on a scoped retainer with agreed response times for questions, planned advisory sessions and founder/board check-ins, plus a defined level of senior leadership support each month. You get on-tap access when issues arise, regular reviews of key materials, and a simple record of what was asked, advised and agreed.
Book a call

Training & Capability Building

What we solve
FinCrime frameworks that exist on paper but rely on a few people to interpret them – analysts, ops and product teams aren’t sure how to apply them, edge cases are handled inconsistently, and founders aren’t confident their people could explain decisions to regulators if asked.
Who it's for
Firms whose MLROs or compliance leads want teams, founders and boards to run the FinCrime framework confidently day to day, rather than depending on ad-hoc guidance or generic e-learning
What you'll get
Teams who can apply your FinCrime framework consistently in day-to-day work, not just recite policy
Fewer escalations and key-person risk, as analysts, ops and product can handle core scenarios with confidence
Founders and boards who can explain your FinCrime approach and decisions credibly to regulators and investors
What we build
Role-based FinCrime training plan for ops, product, support and leadership
Scenario exercises using your real flows, typologies and edge cases
Board and founder briefings on duties, risk and regulatory expectations
SAR and escalation practice on triggers, rationale and drafting
Analyst workshops on onboarding, risk rating, monitoring, sanctions and SARs
Train-the-trainer kit with slides, notes and simple knowledge checks
How we deliver
We design a programme around your framework and team structure, run live sessions in small groups (remote or on-site), and leave recordings and materials behind. Delivery is scoped as a defined series of workshops with clear objectives for each cohort and a straightforward handover so you can continue training in-house.
Book a call

Assurance & Benchmarking

What we solve
Uncertainty about how well your live FinCrime framework actually performs: you’re processing real volumes, the MLRO is close to the detail, but the board has no independent view of effectiveness, where controls are thin, or how the set-up would look under FCA, banking-partner or audit scrutiny.
Who it's for
Firms that want periodic, independent FinCrime assurance on their live operations, without a big-firm audit – especially ahead of supervisory visits, banking-partner reviews or internal audit.
What you'll get
An external view of how well your FinCrime framework works in practice, not just on paper
A clear view of strengths, gaps and priorities before regulators, banks or auditors review
A focused action plan that turns findings into a realistic 3–6 month remediation agenda
What we build
Periodic AML and FinCrime health-checks on live controls and processes
Covert onboarding and mystery shopping to test controls in real cases
Shadow MLRO effectiveness reviews against current regulatory expectations
Concise assurance reports with ratings, key findings and practical actions
Thematic deep-dives on KYC/CDD, monitoring, sanctions and SARs
Board-ready summary and follow-up session to agree owners and timelines
How we deliver
We run short, fixed-scope reviews using document analysis, interviews and sample testing, then debrief you on findings and a prioritised action plan. You can use this as a one-off exam-readiness check or put it on a recurring cycle (for example, annual or ahead of known supervisory touchpoints) to keep an independent lens on your FinCrime setup.
Book a call

FinCrime Technical SME Support & Controls Engineering

What we solve
Noisy, costly controls after go-live – transaction monitoring and screening that generate too many false positives, have opaque thresholds and alert flows, and a design that’s hard to explain as risk-based and proportionate to regulators, banking partners or your own board.
Who it's for
Firms running live TM and screening who see high false positives, uneven alert handling or unclear risk coverage and want specialist tuning and design support instead of adding more headcount or buying another tool.
What you'll get
Fewer, better-prioritised alerts so teams spend time on real risk, not noise, with clearer queues, less fatigue and lower cost per case
Documented TM, screening and alert designs you can explain and defend to regulators and banking partners
MI and KRIs that show how alerts, queues and outcomes align with your risk appetite and products
What we build
Transaction monitoring ruleset and threshold review, with tuning and back-testing on your data
SOPs and playbooks for alert review, disposition, escalation and documentation
Screening configuration review and optimisation for matching logic, lists and tolerances
MI and dashboard specifications linking alerts, queues and outcomes to KRIs
Alert lifecycle design with clear workflow, ownership, SLAs and escalation routes
Practical recommendations for any data, process or tooling changes needed
How we deliver
We run fixed-scope tuning sprints using data extracts, sample alert reviews and working sessions with your MLRO and operations teams. We then implement or specify the changes, walk you through the new set-up and leave you with clear documentation so you can operate and adjust controls confidently after we step back.
Book a call

Complex FinCrime Advisory & Remediation

What we solve
Serious FinCrime issues once you’re live – critical findings, major fraud or AML incidents, supervisory letters, s166 attention or early enforcement signals, including emerging threats that demand fast, credible remediation – where you need experienced FinCrime support to triage the situation, shape the regulatory response and build a defensible remediation plan.
Who it's for
Firms facing, or expecting, heightened scrutiny on financial crime – serious audit or review findings, counterparty or FCA concerns, incidents that could threaten the licence, or cross-border moves with material FinCrime impact – and who want specialist support alongside internal teams and legal counsel.
What you'll get
Clear diagnosis of what has gone wrong, how serious it is, and the realistic options open to you
A regulator and audit ready response and remediation plan that is risk-based, owned in the business and sequenced over time
Structured crisis support so founders, MLROs and boards stay aligned on actions, messaging and engagement with key stakeholders
What we build
Rapid situation assessment of issues, findings or incidents, including immediate containment options
Support through s166 and other deep-dive reviews, covering scope, evidence and FinCrime controls
Regulatory engagement strategy and draft responses for FCA or counterparty enquiries and findings
Crisis and incident playbooks for AML, fraud and sanctions events, including escalation and communication lines
FinCrime remediation roadmap with owners, milestones and evidence requirements across key controls
Cross-border FinCrime and licensing impact assessment for new and existing markets, feeding into your strategy
How we deliver
We work in short, intensive advisory sprints alongside your MLRO, founders, senior management and legal advisers to stabilise the situation, frame the regulatory narrative and lock in a practical remediation plan, then step down to lighter-touch support once immediate risk is under control.
Book a call

Sanctions & High-Risk Jurisdictions

What we solve
Sanctions and high-risk jurisdiction risk that looks covered on paper but isn’t really understood in practice. Screening is switched on and generic restrictions are in place, but there is no structured view of where exposure actually arises across customers, flows, operations, partners and ownership. In-house expertise is limited, so decisions default to blanket bans or ad-hoc exceptions rather than a risk-based approach, and the firm struggles to explain or evidence its sanctions framework when asked detailed questions.
Who it's for
Firms with sanctions exposure via higher-risk countries, complex ownership or cross-border flows, and who need a sanctions setup they can confidently stand behind with supervisors, sanctions authorities, auditors or banking partners.
What you'll get
An expert sanctions posture that gives clear options and boundaries for handling higher-risk countries, customers and ownership in line with UK, EU, US and UN regimes
Sanctions governance and controls that are properly embedded in your onboarding, monitoring and operational flows, rather than sitting only in policy
Teams who handle sanctions and high-risk scenarios consistently, in line with regulatory expectations, with clear steps for escalation, freezing and reporting
What we build
Sanctions and high-risk-jurisdiction risk assessment across core customers, products and flows
Sanctions controls in key flows, with clear steps for handling alerts and other high-risk situations
Sanctions policy and rule set that defines permitted, restricted and prohibited activity in practice
Asset-freeze and breach-response playbooks with defined actions, records and regulator/law-enforcement liaison
Ownership and control procedures with 50% rule and look-through steps for complex structures
Governance and training pack for sanctions roles, oversight and core MI
How we deliver
We run short, fixed-scope sprints based on your products, flows and exposure profile, review your current screening and controls, then design or refine the sanctions and high-risk framework and walk your team through how to operate it and evidence it to supervisors, sanctions authorities, auditors and banking partners.
Book a call

Regulatory Reporting & Data Returns

What we solve
Your first regulatory reporting cycles arriving before you have a proper reporting setup in place – RegData and Connect returns pulled from scattered data, SARs and OFSI reports handled ad hoc, creating a real risk of errors and inconsistencies between what you file and what is actually happening in your books, flows and controls.
Who it's for
Firms in their first 6–12 months live that are beginning to submit RegData and Connect returns and, where relevant, OFSI frozen-asset reports, and want structured support with early filings and SAR drafting before a dedicated reporting team is in place.
What you'll get
First RegData, Connect and OFSI filings that are complete, consistent and coherent
A clear filing calendar and data map so you know what is due, when, by whom and from which systems
Event-driven financial crime reports that are drafted and filed on time, to the right standard and in line with regulatory obligations, rather than improvised under pressure
What we build
Reporting obligations inventory and filing calendar for RegData, Connect and any OFSI frozen-asset returns
RegData “starter pack” for early crime-related returns, with templates, field definitions and sanity-check rules
Reporting data map linking key fields to finance, ledger, product and screening systems
Event-driven reporting pack: triggers, sign-off flow, templates and e-filing checklist for SARs and OFSI reports
Drafting and light QA for early Connect submissions (notifications, significant events, SMF changes)
Coach-through of the first reporting cycle, with review notes your team can follow for future filings
How we deliver
We run this as a fixed-fee project across your first reporting cycles: map obligations and data, build the calendar and templates, then co-pilot your initial filings and the first SARs/OFSI reports you choose to run past us. After that, your team owns a documented process, and we’re available for ad-hoc checks when you want a second pair of eyes.
Book a call

RegTech Vendors

Regulatory domain expertise for compliance tech providers, product developers and implementations.

Learn More

RegTech Product Advisory & Regulatory Domain Review

What we solve
RegTech products that are strong technically but not fully convincing to regulated buyers: smart engineering and promising MVPs, but rule logic, evidence and workflows that don’t quite match regulatory requirements and how MLROs, supervisors and auditors think. That slows due diligence, weakens PoC results and makes it harder to win as the credible choice rather than “just another tool”.
Who it's for
RegTech vendors building AML, KYC, onboarding, screening, transaction monitoring or case management products for UK/EU regulated firms who want their product logic, audit trails and workflows to stand up to scrutiny from MLROs, compliance leads, buyers’ risk teams and, where relevant, sandbox or innovation units.
What you'll get
A candid practitioner view of how your product actually fits into regulated compliance and FinCrime workflows and obligations
Specific changes to logic, evidence and UX so buyers can see how it would work in their environment and stand up to review
A sharper story for PoCs, client pilots and sandbox runs, with clear use-cases, success metrics and risk–control positioning
What we build
MVP and roadmap review against typical AML, sanctions and KYC expectations in your target markets
PoC and pilot designs with success criteria, sample scenarios, data needs and evidence capture
Compliance logic and evidence model review, tracing data, rules, decisions and audit trail end to end
Support for FCA Digital Sandbox and similar programmes, including use case framing and risk/control descriptions
Product and UX walkthroughs in realistic regulated workflows, with clear findings for buyers and MLROs
Product notes and configuration guidance on scope, limits and how clients should evidence use
How we deliver
We work in short, fixed-scope review sprints using your documentation, demo and sandbox environments, then run feedback sessions with product and go-to-market teams. You get written findings, a prioritised improvement list, and language you can reuse in PoCs, RFPs, sandbox submissions and buyer materials.
Book a call

Implementation SME & Controls Engineering for RegTech Deployments

What we solve
RegTech projects where the contract is signed but implementation drags: the client has limited FinCrime depth, your team is strong technically, and data mapping, rule design and alert workflows get improvised. The result is noisy or weak configurations, long projects and your product being blamed for what is really a set-up and tuning problem.
Who it's for
RegTech vendors building AML, KYC, screening, transaction-monitoring or case-management tools who want external FinCrime SME and controls engineering specifically for client implementations and roll-outs, so deployments land faster and perform credibly across multiple regulated clients and jurisdictions.
What you'll get
Client implementations that move faster and land with cleaner monitoring and screening configurations instead of noisy defaults
Reference configurations and tuning patterns by client type and jurisdiction, so new projects start from a proven baseline, not a blank page
A senior FinCrime SME who can join key client sessions to shape and explain configurations alongside your product and engineering teams
What we build
Client implementation plan with phases, owners and sign-off points
Integration review notes for live projects, capturing gaps, tuning changes and residual risks
Data-mapping guide from client systems into your platform with key fields and basic checks
Jurisdiction configuration notes for UK, EU and other markets so local setups aren’t guesswork
Baseline configuration for rules, thresholds and screening for a target client profile, with rationale
Short summary your client can reuse to explain the setup to their MLRO, board or auditors
How we deliver
We act as a specialist alongside your implementation team, often on a whitelabel basis. For selected client projects we join key workshops, review data and configurations, propose changes and leave behind playbooks, reference settings and documentation. You keep the client relationship, whilst we bring the FinCrime depth that makes deployments faster, cleaner and straightforward to explain and evidence.
Book a call

Training & Capability Building

What we solve
RegTech teams who know the product well but lack consistent financial crime domain depth, so sales and customer success struggle to link features to real regulatory pain, product decisions are taken without a clear view of supervisory expectations, and clients feel they’re buying software without the human expertise needed to get full compliance value from it.
Who it's for
RegTech vendors whose sales, customer success, product and engineering teams work on AML, KYC, screening, transaction monitoring or case management tools and want a shared, practical grasp of FinCrime expectations in their target markets.
What you'll get
A shared, product specific understanding of key FinCrime concepts, tied to your features and target clients
Sales and customer success teams who can handle typical MLRO and compliance questions in real time, not “we’ll get back to you”
Product and engineering teams that understand regulatory context and can reflect it in roadmap, design and documentation
What we build
Role based training outline for sales, customer success, product, engineering and leadership
Scenario library and demo storylines that link real typologies and problems to your features
Core workshops on AML, sanctions, KYC, monitoring and governance, tied directly to your product
Question-handling sheet and quick reference materials your teams and new joiners can rely on
How we deliver
We run small-group workshops and clinics (usually remote) using your own screens and target-client profiles, and record them for reuse. Sessions come with concise handouts and exercises, and can be refreshed when you add new hires, enter a new market or ship major FinCrime features.
Book a call

FAQs

Can you handle end-to-end licensing?

We can. Our key focus is on the financial crime, risk and governance track - areas regulators scrutinise most and where applicants are frequently challenged. We make this part of the application clear, defensible, and well-evidenced. If you require full end-to-end licensing, we can coordinate fully in-house or plug into your existing application process and work alongside your current advisors.

What makes you different?

We are a small, senior team that works with a limited number of clients at a time. We design right-sized, audit-ready controls and deliver them in scoped sprints - not paper compliance, not a conveyor belt. You get clear ownership, evidence you can stand behind, and guidance aligned to regulatory expectations and how supervisors assess quality. Our aim is simple - deliver outcomes, provide practical solutions, transfer know-how, and earn the status of a trusted advisor.

How do you prevent templated work?

We learn your products, customers, markets and risks first, then design frameworks and controls to fit them. Templates are used only where standard forms are expected. Each deliverable states its purpose, where the supporting evidence lives, who owns it, and when it will be reviewed. We build alongside your team and leave working controls and reporting in your environment with a clean handover.

How do you price the work?

We price by scope. Projects run as fixed-scope sprints with defined deliverables, timelines and acceptance criteria agreed up front. For ongoing needs, we offer retainer or on-demand support with clear estimates and pre-approval before work begins.