Speaker

Stephen Fairclough
About The Speaker

Our trainer has over 30 years of experience within the financial services sector, specialising in regulatory and financial crime compliance. He previously served as the Head of Education for HSBC, covering the UK and Europe, where he was responsible for compliance learning during the bank’s Deferred Prosecution Agreement. His career includes tenures at Barclays within the Private Clients and Wealth functions, as well as a Senior Vice President role at a major US-based bank, leading Global Risk & Compliance training.

He brings significant technical expertise from his time at the Financial Conduct Authority (formerly the FSA) in the Insurance Firms division. During this period, he served as the divisional expert for the rules and outcomes required under the Training & Competence handbook. Additionally, his background in the second line of defence includes leading the Monitoring and Testing programme for a prominent UK Wealth Manager, providing him with a comprehensive view of the practical application of compliance frameworks.

Our trainer’s delivery style is informed by his extensive experience working across retail, commercial, wholesale, and private banking channels. He has a proven track record of collaborating with compliance, HR, and operational teams to enhance regulatory understanding across private equity firms, investment houses, and wealth managers. A former member of the Investment Management Association Training & Education Committee, he was also the recipient of the 2010 Thomson Reuters award for “Most Effective Compliance Training at a Regulated Firm.”

Upcoming Event

bUILDING A COMPLIANCE FRAMEWORK

Course Details
Course overview
  • Identify the core components required for a comprehensive and effective
    compliance framework
  • Evaluate the maturity of existing governance structures against industry
    best practices.
  • Apply risk assessment methodologies to prioritise compliance activities
    based on organisational impact.
  • Design preventative and detective controls that address specific regulatory obligations.
  • Demonstrate how to document and manage compliance breaches through a structured issue management process.
  • Navigate the complexities of training and communication to ensure framework 
    adoption across the business.
profile of participants
  • Directors and Senior Managers
  • Accountants & Audtiors
  • Auditors.
  • Executive Staff.
  • Compliance Officers
  • Money Laundering Reporting Officers
Course details

Module 1 - Statutory Framework

  • The Regulatory Landscape: Mapping the specific statutory requirements that
    necessitate a compliance function.
  • Independence and Authority: The evidentiary requirements for demonstrating functional independence from the front office or commercial operations.
  • The “Three Line of Defence” Model: Defining the compliance function as the
    second line of defence.

Module 2 - Risk Assessment & Methodology

A compliance function must be risk-based to be effective. This section covers the data-drive approach to identifying focus areas.

  • Establishing a Risk Universe: Identifying all regulatory risks applicable to the entity.
  • Risk Scoring (Impact vs. Probability): Utilising a quantitative matrix to prioritize resources.
  • Gap Analysis: Assessing the “As-Is” state against the “To-Be” regulatory requirement.
  • The Compliance Monitoring Plan (CMP): Designing a schedule based on the finding of the assessment.
  • Exercise-The “Risk Heat Map” Live Build
    Goal: Practice the quantitative assessment of risk.

Module 3 - Policy, Process, and Controls

This module addresses the “How” of compliance—turning legal requirements into repeatable business processes.

• Policy Hierarchy: Differentiating between high-level principles, detailed policies, and Standard Operating Procedures (SOPs).

• Designing Effective Controls:

o Preventative Controls: Automation or “hard” stops in a process.

o Detective Controls: Reconciliations and post-event reviews.

• Evidence of Compliance: Establishing the “audit trail” required to prove to regulators that controls are functioning as intended.

• Training & Culture: Methods for disseminating policy and measuring employee comprehension.

• EXERCISE – Reflection and Self-assessment – Where do you identify weaknesses – group-source three positive actions to strengthen your position.

Module 4: Monitoring, Reporting, and Remediation

The final module focuses on the feedback loop: finding issues and fixing them.

• The Monitoring Cycle:

o Sampling and Testing.

o Finding Identification.

o Management Response.

• Management Information (MI) & Reporting: Creating fact-based reports for the
   Board or Audit Committee. Key Performance Indicators (KPIs) vs. Key Risk
   Indicators (KRIs).

• Handling Breach Management: The evidentiary process for identifying, logging,
   and reporting regulatory breaches.

• Continuous Improvement: Using “Root Cause Analysis” to ensure remediation
   addresses the source of the failure, not just the symptom.