| UK & Europe | Articles
The payments and e-money sector has evolved fast and the FCA has been working hard to keep up. Their latest portfolio letter makes it crystal clear – firms need to tighten their grip on governance, oversight, and risk management. An effective and proportionate Compliance Monitoring Programme (CMP) is the closest thing to a silver bullet for enabling firms use to get a handle on these obligations.
While the regulator hasn’t explicitly required a CMP within the rules, the direction of travel is clear. Whether it’s through authorisation, supervision, or thematic reviews, the FCA is increasingly expecting to see evidence that firms are comprehensively managing compliance risks – not just assuming they are.
A CMP isn’t just a box-ticking exercise, or a spreadsheet reserved only for the compliance team. When done properly, a CMP becomes a value-adding strategic tool. It gives your board the clarity it needs, your investors the confidence they want, and your teams the structure to stay on top of things.
The FCA want evidence, not assurances
Weaknesses in oversight, governance gaps, or unclear ownership of risks – all of these are red flags for the FCA. And they’re increasingly asking firms to show, not tell, how they’re managing these issues on an ongoing basis.
A well-structured CMP that is designed around your firm’s specific activities gives you that clarity. It shows how you’re monitoring compliance risks, what controls are in place, what’s being tested, who’s accountable, and what’s being done when something doesn’t stack up.
Firms with effectively embedded compliance monitoring programmes swiftly move from being reactive, to proactively managing risk, and avoid nasty surprises during engagement with the regulator.
It’s not just about the regulator
Whilst compliance monitoring is certainly important for the regulators, it offers a lot of value for other stakeholders too.
For the board:
A CMP provides a clear, consolidated view of your compliance activity. It helps them move beyond broad assurances to data-driven oversight – critical when they’re ultimately accountable.
For investors:
Institutional investors clearly want growth – yet they this growth to be safe, stable and well-managed. A CMP is evidence that you’ve got the controls, the systems, and the culture to scale sustainably whilst also keeping their risks in check.
For your teams:
Successful compliance monitoring is not a siloed activity. An effective CMP pulls the right people into the process, makes accountability visible, and stops everything from relying on one or two overworked individuals.
Ultimately, a CMP removes ambiguity, creates efficiency, and helps you get the most out of limited resources. It’s also a major tool in futureproofing your risk management because the FCA has been clear: if your business grows, your controls need to grow with it.
We can help
We’ve been supporting firms in the payments and e-money space to build effective and proportionate CMPs, ensuring firms are equipped to monitor and manage risk, use resources effectively to drive growth and demonstrate their approach and commitment to the regulator.
If you need some guidance and support to build or enhance your compliance monitoring programme, get in touch.
Get in touch
