Consumer Duty – an update

Key Consumer Duty developments and recent communications issued by both AMI and the FCA, with commentary on implications for mortgage intermediary firms…

AR regime – updated AMI Q&A and deadline reminder

Having heard back from the FCA, we have updated AMI’s Q&A documenton the AR regime. We also wanted to remind firms of the upcoming 30 November 2023 deadline…

FCA application window open for firms approving promotions for unauthorised persons

Firms that approve financial promotions for unauthorised persons have until 6th February 2024 to apply for approver permission from the FCA…

FSCS levy and compensation figures update

The FSCS has released an update on its levy and compensation figures for 2023/24, as well as anticipated levy figures for 2024/25…

AMI unveils The Perception Gap, the fourth annual Protection Viewpoint

This Viewpoint features hot topics facing the industry, including value of advice, building trust, consumer buying habits and generational views & attitudes…

Your October update from AMI Chief Executive Robert Sinclair

AMI Chief Executive Robert Sinclair gives his October update, focusing on AMI’s Protection Viewpoint, new build and Consumer Duty…

Edit Content

Log in here for full access to all our great content


Please log in below with your username (which is your email address), using all lower-case letters.


Forgotten your password?
No problem, simply tell us you have forgotten your password to receive instructions instantly via email.

Having problems logging in?
If you are a current member but are unable to login, please first make sure you are using all lower-case letters for your username/email address. If you still have difficulties, please contact us via email at so we can rectify your problem.

Not a member?
Learn more about the benefits of becoming a member or apply online and we will be in touch.

The global spread of the WannaCry ransomware last month should be a wake-up call for businesses to review their cyber security infrastructure, as no sector or type of firm is immune from attacks.  This is particularly relevant considering the implementation of the General Data Protection Regulation next May which requires firms to understand how they hold and process their data, with significant fines for any breaches.  Failure to notify a major breach when required to do so will result in a fine up to the higher of €20 million or 4% of total global annual turnover.

It is important for firms to first get the basics right, such as malware protection and patch management.  This applies to firms of all sizes and a risk management approach should be taken in order to understand the operational and strategic risks specific to their business.  As attacks are designed to exploit human behaviour, all individuals are targets.  Therefore mitigating cyber risks needs to be done at all levels in a firm with sufficient staff education.  All of these risks also apply to any third party providers, for which firms are responsible.  We will be providing guidance to firms in the coming weeks.

The FCA set out in its business plan an intention to focus on cyber risk over the next year.  It is not unreasonable to expect that this may include how firms mitigate these risks as part of the authorisations process, particularly the ‘innovative’ firms in the regulatory sandbox.  Although its due diligence of some of the business models that have emerged recently doesn’t demonstrate proper controls.

Aileen Lees
Senior Policy Adviser

June 2017


Forgot Password?

Join Us