Breach Management, Checklists and Control Testing


A London-based asset management firm with £631 Billion assets under management (AUM); the firm is classified as a large CASS firm as per the FCA’s classifications and is the asset management arm of a large Japanese banking group, servicing both retail and institutional investors.

The Challenge

Using spreadsheets and other disparate resources to record incidents and breaches and to manage the firm’s risk control matrix

The firm had previously implemented Ruleguard’s CASS regulatory platform (as described above) to replace its Excel-based approach to compliance. On realising the efficiency savings offered by the CASS solution, the firm opted to rollout elements of Ruleguard’s core governance and risk platform to manage its risk control matrix and to record and manage operational issues and breaches.

Prior to implementing Ruleguard, the firm relied on spreadsheets across multiple lines of business and departments. The firm is regulated by the FCA (and other regulatory bodies) and is therefore subject to, and must evidence compliance with, various regulatory handbooks (including SYSC, COBS, DISP, COLL, GDPR, JMLSG, & AML).

The firm had several key requirements, some of which are listed:

  • An incident management solution with fully configurable data fields to support multiple regulations and rule types
  • User-configured workflows to support different breach investigation and remediation protocols
  • A multi-dimensional mapping feature to enable users to link related artefacts to each other i.e. rules to controls, processes to risks, and controls to risks
  • Access to a library of rules and regulatory handbooks, and industry standards,
  • Functionality to manage firm-wide controls and testing, confirgurable management information dashboards

    Download the full case study to hear more!