Helping firms manage regulatory priorities and meet FCA expectations

2,240

The number of alerts issued about unauthorised firms and individuals who undermine market integrity*.

*FCA Annual Report and Accounts

1.87m

The number of complaints financial services companies received in the second half of 2025**.

**Financial Reporter

10.1%

The increase in complaints from the first to the second half of 2025 for the Insurance and pure protection product group***.

***FCA Compliants Data

Common questions on FCA Handbook compliance training

Bribery Prevention

FCA Handbook

Financial Crime

Fraud Prevention

Common FAQs

Bribery Prevention FCA Handbook Financial Crime Fraud Prevention Common FAQs

How can I monitor and manage anti-bribery compliance in my organisation?

Implementing a gifts and hospitality register enables you to monitor and manage anti-bribery compliance effectively. Employees can log gifts, entertainment, and hospitality, providing a transparent overview of potential risks.

How can I effectively distribute my anti-bribery policy to employees?

Our Policy Hub allows you to upload and distribute your anti-bribery policy seamlessly to all employees. This centralised platform simplifies policy distribution and includes an attestation feature, ensuring employees acknowledge and commit to complying with the policy.

Which principle is most important in an insurance contract?

Utmost good faith is the most critical, requiring both parties to disclose all material facts. Without it, contracts risk being invalidated under UK insurance law.

What is proximate cause in insurance?

It is the dominant, effective cause of loss, not merely the last or nearest event. Courts use proximate cause to determine whether a peril covered by the policy actually triggered the claim.

How does the principle of indemnity work in real-life claims?

The principle of indemnity ensures you’re restored to your pre-loss financial state, not profiting from claims. For example, if your insured car repair costs £9,000, the insurer pays that amount, not the full policy limit.

What types of firms are regulated under CONC?

Under the Consumer Credit sourcebook (CONC), firms engaged in consumer credit activities, including lenders, credit brokers, debt management firms, and credit information services, are regulated by the Financial Conduct Authority (FCA). This encompasses a broad spectrum of consumer finance services, such as personal loans, hire purchase agreements, and credit broking.

How often should firms review their CONC compliance policies?

Firms are required to review their CONC compliance policies regularly to ensure they remain effective and up to date. While the FCA does not prescribe a specific review frequency, it is generally expected that firms assess their compliance arrangements periodically, taking into account changes in business operations, regulatory updates, and market conditions. 

What triggers an FCA investigation into CONC breaches?

The FCA may initiate an investigation into potential breaches of CONC if there is evidence of widespread or repeated failures that could harm consumers. Triggers include patterns of non-compliance, consumer complaints, or findings from supervisory activities that suggest systemic issues.

What kind of staff training is required to meet CONC standards?

To meet CONC standards, firms must ensure that their staff receive appropriate training and supervision. This includes providing relevant training before employees work with reduced supervision and ensuring supervisors have the necessary technical knowledge and coaching skills.

How does insider trading affect businesses and investors?

Insider trading damages market fairness, giving some investors an unfair advantage and undermining trust. For businesses, it risks reputational harm and FCA penalties, even without personal gain. Investors face distorted prices and reduced confidence, with the FCA finding signs of insider dealing in nearly a third of UK takeovers.

What tools are used to detect insider trading?

The FCA relies on surveillance systems, transaction data, and Suspicious Transaction and Order Reports (STORs). Firms must keep insider lists and use internal trade monitoring, pre-clearance systems, and staff training.

How does the FCA regulate insider trading?

The FCA regulates insider trading under the Financial Services and Markets Act 2000, the Criminal Justice Act 1993, and UK MAR, reinforced by the Financial Services Act 2021. Sanctions include unlimited fines, injunctions, public censures, and up to 10 years’ imprisonment.

What is a Recognised Investment Exchange (RIE) and how is it regulated?

A Recognised Investment Exchange (RIE) is a UK exchange authorised by the FCA to trade securities or derivatives. RIEs must maintain orderly markets, monitor for abuse, and ensure member compliance, with the FCA supervising their operations and enforcing rules as needed.

What steps can firms take to avoid FCA penalties?

Firms can mitigate the risk of FCA penalties by establishing comprehensive compliance frameworks. This includes implementing clear policies on market abuse, conducting regular staff training, maintaining accurate insider lists, and ensuring timely submission of Suspicious Transaction and Order Reports (STORs). Additionally, firms should regularly audit their surveillance systems to detect and address any potential issues promptly.

How does the FCA monitor and detect market abuse?

The FCA employs advanced surveillance tools to monitor trading activities, including the analysis of transaction reports and order books. Firms are required to submit STORs when they suspect market abuse, and issuers must maintain insider lists. The FCA also collaborates with other regulators and uses data analytics to identify and investigate potential instances of market abuse, ensuring the integrity of UK financial markets.

What does FCA COBS stand for?

FCA COBS stands for the Financial Conduct Authority’s Conduct of Business Sourcebook, which sets out rules and guidance for how regulated firms must interact with clients, market products, and provide advice.

What is the main purpose of COBS?

Its goal is to ensure firms act honestly, fairly, and professionally in the best interests of clients, with clear, fair, and not misleading communications.

Where can I find the full COBS rules?

The complete COBS section is available in the FCA Handbook, which is updated frequently.

Who needs to comply with COBS rules?

Any FCA‑regulated firm carrying out designated investment business, ancillary services, or insurance‑related activities in the UK, including advisers, brokers, wealth managers, and investment platforms must comply.

Who do the FCA Principles apply to?

They apply to all FCA‑regulated firms and individuals performing controlled functions, regardless of size or sector.

How are the FCA Principles enforced?

The FCA enforces the Principles through regulatory, civil, and criminal powers, including fines, public censures, and prohibitions. Their approach is detailed in the FCA Enforcement Guide.

What happens if a firm fails to notify the FCA of an issue?

Firms are required to notify the FCA promptly of any matters that could have a significant adverse impact on their ability to meet regulatory requirements. Failure to do so can result in enforcement action, including fines or other sanctions.

How can firms ensure compliance with the FCA Principles?

Firms can ensure compliance with the FCA Principles by implementing robust governance frameworks, conducting regular risk assessments, and maintaining effective internal controls. This includes establishing clear policies and procedures, providing ongoing staff training, and fostering a culture of compliance throughout the organisation.

How often should FCA Code of Conduct training be refreshed to remain effective?

Firms should refresh Code of Conduct training at least annually, or more frequently if there are significant regulatory updates, changes in business processes, or lessons learned from compliance breaches. Regular refreshers help maintain awareness and reinforce the expected behaviours across the organisation.

How can firms tailor Code of Conduct training for high‑risk business areas?

Training should be customised to reflect the specific risks and responsibilities of high-risk areas, such as trading desks or advisory teams. This can include scenario-based exercises, role-specific guidance, and practical examples relevant to the department’s day-to-day activities, ensuring staff understand the real-world implications of the Conduct Rules.

What tools or technology can support ongoing compliance monitoring?

Firms can leverage compliance monitoring software to track employee behaviour, trade activity, and adherence to policies. This includes workflow tracking, automated alerts, data analytics, and communication surveillance systems to identify potential breaches quickly and efficiently.

What steps can be taken to rebuild trust after a breach of the Conduct Rules?

Rebuilding trust requires transparency, accountability, and proactive remediation. Firms should promptly investigate the breach, implement corrective measures, communicate clearly with stakeholders, and enhance training and oversight to prevent recurrence. Demonstrating a strong culture of compliance and ethical behaviour is key to restoring confidence among clients, staff, and regulators.

Who needs to comply with CASS rules?

Any firm regulated by the FCA that holds or controls client money or assets must comply with CASS rules. This includes investment firms, asset managers, and certain insurance intermediaries.

How often should firms review their CASS compliance procedures?

Firms should review their procedures at least annually, or whenever there are changes in regulation, business structure, or risk exposure. Regular internal audits and gap analyses are recommended.

What role does staff training play in CASS compliance?

Training is critical. Staff must understand their responsibilities under CASS, know how to handle client money and assets correctly, and be able to identify and escalate potential breaches.

How can I log and track incidents of financial crime in my organisation?

Our Compliance Breach Register allows you to securely log and monitor incidents of financial crime, such as bribery or money laundering. The tool enables you to track resolution progress and maintain a clear audit trail, ensuring accountability and compliance with regulatory requirements.

How can I ensure my employees understand and comply with our internal policies in relation to financial crime?

Our Policy Hub enables you to distribute policies such as your Anti-Money Laundering (AML) policy to employees, track acknowledgements, and send automated reminders. This ensures everyone understands their obligations and helps you maintain compliance with financial crime regulations.
.

Can small businesses be held accountable under competition law?

Yes. Competition law applies to businesses of all sizes. Even small companies can face investigations and serious penalties for engaging in anti-competitive conduct.

Are informal conversations with competitors risky?

Absolutely. Informal chats, especially those involving prices, market plans, or customers, can constitute unlawful agreements and should be avoided.

What are the consequences of breaking competition law?

Violations can lead to heavy fines for companies, director disqualification, criminal prosecution, and reputational damage.

How can companies prevent anti-competitive behaviour?

By implementing regular compliance training, setting clear internal policies, encouraging reporting of concerns, and ensuring employees understand the legal risks.

Does the Criminal Finances Act 2017 apply to non-UK companies?

Yes. The Act can apply to overseas entities if any part of the tax evasion facilitation occurs within the UK or involves UK tax liabilities. Multinational firms with UK operations should take note.

What industries are most at risk under the Criminal Finances Act?

Industries with complex financial transactions, high-value assets, or extensive third-party relationships such as banking, legal services, real estate, and professional consulting are particularly exposed to conduct and facilitation risks.

How often should businesses review their tax evasion prevention procedures?

Best practice is to conduct reviews annually or whenever there are significant changes in business operations, regulatory guidance, or risk exposure. Regular audits help ensure ongoing compliance.

Can small businesses be prosecuted under the Criminal Finances Act 2017?

Yes. The Act applies to all organisations, regardless of size. However, the HMRC’s guiding principles allow for proportionality, meaning smaller firms are expected to implement controls that match their risk level and operational complexity.

What industries are most vulnerable to proliferation financing risks?

Industries dealing with dual-use goods, advanced technologies, chemicals, and logistics are particularly exposed. Financial institutions supporting international trade also face elevated risks.

How can small businesses ensure compliance with proliferation financing regulations?

Even SMEs should implement basic risk assessments, maintain up-to-date sanctions screening tools, and train staff on red flags related to trade-based money laundering and dual-use items.

Are there international standards for combating proliferation financing?

Yes. The Financial Action Task Force (FATF) provides global guidelines, including Recommendation 7, which focuses on targeted financial sanctions related to proliferation.

What are “dual-use goods” and why are they significant?

Dual-use goods are items that can serve both civilian and military purposes. Their trade is tightly regulated due to the potential for misuse in weapons development.

How often should proliferation financing risk assessments be updated?

Best practice suggests reviewing risk assessments annually or whenever there are significant changes in business operations, customer profiles, or geopolitical developments.

What is an anti-money laundering check?

As per Experian, AML checks “help prevent money laundering by confirming potential customers and businesses are who they say they are, and assessing how likely it is they’re involved in financial crime. For entities regulated by the Financial Conduct Authority (FCA), this due diligence is considered essential and is a legal requirement”.

What is anti-money laundering compliance?

Following AML laws, regulations and procedures to detect and stop suspicious and illicit money flows, including fraud and terrorist financing.

How can I ensure employees are aware of our Fraud Prevention policies and procedures? 

Our Policy Hub makes it easy to distribute your Fraud Prevention policies to all employees and track their acknowledgement. You can set up automated reminders to ensure that employees review and agree to comply with these policies, providing a clear record of engagement to support compliance.

How can employees report suspicions of fraud anonymously?

Our Whistleblowing Register provides a secure and anonymous platform for employees to report any suspicions of fraud. This tool ensures that employees can raise concerns without fear of retaliation, allowing your organisation to address potential issues promptly and transparently.

How can I make sure every employee has read and agreed to our anti-fraud and conduct policies?

Our Policy management ensures employees review and acknowledge key anti-fraud and conduct policies, creating a clear audit trail for regulators. You can manage policy updates, track completions, and demonstrate compliance—all from one place.

How can I measure my employees’ awareness of fraud risks and identify gaps in understanding?

Our Fraud Prevention Staff Survey helps you gauge staff awareness of fraud risks and pinpoint areas that need attention before issues arise. You can run periodic surveys to monitor culture, track improvements over time, and target further training.

How can I provide employees with a safe and anonymous way to report suspected fraud?

Our Whistleblowing Register gives employees a confidential channel to report potential fraud without fear of retaliation. This demonstrates to regulators that you take whistleblower protections seriously and encourages a culture of transparency.

What are the most common types of fraud in construction?

• Bid rigging and collusion during tendering
• False invoicing and overbilling
• Theft or misuse of materials and equipment
• Manipulation of progress reports or timesheets
• Warranty or insurance fraud after project completion

Why is the construction industry especially vulnerable to fraud?

The industry’s structure makes it a target. Projects often involve multiple subcontractors, large sums of money, and tight deadlines, all of which create opportunities for misconduct. Oversight can be challenging, particularly when work happens across several sites, making fraudulent activities harder to detect.

How can companies detect fraud early?

Early detection is about combining good oversight with smart tools. For example:

• Monitoring financial records for irregular billing.
• Using data analytics to flag suspicious payment patterns.
• Carrying out site inspections and inventory checks.
• Providing safe, anonymous channels for employees to raise concerns.

These steps make it much harder for fraud to go unnoticed.

What role does leadership play in fraud prevention?

Leaders set the tone. If executives and managers demonstrate a strong commitment to integrity, employees are far more likely to follow suit. This means:

• Making anti-fraud policies clear and accessible.
• Enforcing rules consistently — no exceptions for "star performers."
• Rewarding ethical behaviour alongside project results.

Are Skillcast courses SCORM-compliant?

Yes. This means they can be delivered via the Skillcast Portal or any other SCORM-compliant Learning Management System.

What other tools are needed beyond training?

A comprehensive compliance solution often needs more than just training. Alongside e-learning, tools such as declarations, surveys and registers that track compliance tasks are usually essential. Skillcast provides full support to help you set up these additional tools.

Is our training content still compliant with the latest legislation?

• You can check the latest course content updates in our library updates page: https://www.skillcast.com/compliance-course-library-updates
• For major legislative changes, we:
  • Send you email alerts to ensure you are notified
  • Offer you a free trial of newly created or updated content
  • Host webinars with compliance experts to explain the changes and how our training supports your ongoing compliance

Can you translate our content into other languages?

Yes, we offer translations in a wide range of languages. Let us know your needs, and we’ll confirm availability or work with you to plan translations for your selected modules.

What file types are supported by the Skillcast system?

Features	Supported file types and details
File Exchange	File types: PDF, Excel spreadsheets, Word documents, SCORM and xAPI files, and compressed zip files. Max file size: Default is 1GB, can be increased to a max of 2GB
SCORM files	Versions: SCORM 1.2, SCORM 1.2 for Moodle, SCORM 2004 2nd, 3rd and 4th Edition. Max file size: 1024MB
xAPI file	Max file size: 2GB
Videos	File types: MP4 or MOV. Videos must be optimised, with a max file size of 100MB. If the file is bigger, our Design Team can help
Images	File types: jpg, png and gif. The file size should ideally be 100KB, but it can be up to 250KB
CPD evidence	File types: Word, PDF, Excel and CSV. File size: the limit should be whatever the portal config option is set to. Servers are set to max 2GB
Policy documents	PDF or Word File size: the limit should be whatever the portal config option is set to. Servers are set to max 2GB
Offline activities evidence	File types: PDF, DOC, DOCX, XLS, XLSX, CSV, PNG, GIF, JPEG, JPG, PPTX and MSG. File size: the limit should be whatever the portal config option is set to. Servers are set to max 2GB
Client logo files	File types provided by client: EPS, PDF, AI and SVG
Registers	PDF, DOC, DOCX, XLS, XLSX, CSV, PPT, PPTX, POT, PPA, PPS, JPG, JPEG, PJEPG, PNG, BMP, GIF, MP4, MOV, WMV, CPTX, CP, TXT, ZIP and MSG files
Declarations	JPG, JPEG, PNG, GIF, XLS and XLSX files

 

What is Aida and how does it ensure reliable answers?

 Aida is an AI tutor embedded in courses that allows learners to ask questions at any point during learning. It draws exclusively on content that has been vetted and curated by your organisation, including course materials, internal policies, approved web resources, and regulator sites. This curated approach ensures answers reflect accurate, organisation‑specific guidance. 

Can administrators see what questions are asked and how Aida responds?

Yes. Reporting includes both the questions asked and Aida’s responses. For meaningful insight, questions are also categorised by topic (e.g., records management, gifts and hospitality) to reveal trends. All reporting is anonymised by default to encourage open, non‑threatening inquiry. To protect assessment integrity, Aida is disabled during assessments and is only available during the learning components of a course.