Services

Our Governance, Risk, and Compliance (GRC) services ensure that your organization is well managed and it is in line with the required enterprise risks We offer tailored regulatory risk and compliance advisory services which are in line with Prudential Regulation Authority as well as Financial Regulation Authority. Our services cover the full compliance cycle which help clients to identify whether their activities are regulated through developing compliance procedures, compliance monitoring and training to help them respond to changes in the regulatory environment. Here is a list of risk based regulatory compliance professional service we provide;
Compliance Monitoring Reviews – Monthly, quarterly or biannual compliance audits; Annual health-checks; Compliance Training programme; TCF Reviews;
Compliance Procedures – Compliance Manuals, Monitoring Programs, Business Continuity Plans etc.;
Licences Authorisation Application ; Supervisory Processes (Waivers, Variations of Permission, Change in Control applications etc.);
Change Management ; Operations Management / Business Improvement Techniques; Appointed Representative Agreements / Investment Management Agreements; Reviews of outsourced functions e.g. Administrators; Submission of financial returns; Advice on Enforcement Actions; Ad-Hoc Advice; Financial Crime Compliance , Remediation Projects , Policies / Procedures Documentation, Risk Management e.t.c.

Our Governance, Risk, and Compliance (GRC) services ensure that your organization is well managed and it is in line with the required enterprise risks and compliance regulations. Our GRC is well structured to help you align IT systems with your company’s objectives while effectively managing risks and meeting compliance requirements. Our GRC strategy is well planned and comes with lots of benefits which include; more optimal IT investments, improved decision making, elimination of silos and reduced fragmentation among departments and divisions. Below is an overview of the main components of our GRC strategy:
Governance – We ensure that organizational activities like managing IT operations are aligned in a way that supports the business goals of your organization.
• Risk – We ensure that any risk which is associated with organizational activities is identified and addressed in a way that supports the organization’s business goals.
• Compliance – We make sure that organizational activities are operated in a way that meets the law and regulations impacting those systems..

Under the Financial Services and Markets Act 2000 (‘FSMA’) which regulates financial services, it is an offence to provide such services without the appropriate authorization from the UK regulator. However, applying for this authorization is always a complex and time- consuming process. In order to get it right for the first time, we provide you with the right guidance and support with a minimum fuss. We pride in having managed review numbers authorizations and we are well versed in CBN, FIRS, FCA assessment for approval or authorization. We begin the process by establishing if you need to be regulated and authorized by the CBN , FCA and determine the exact permissions which are required in your application process. Afterwards, we help you navigate through the whole authorization process providing you with all the information or documentation that might be needed. To aid in the process and make it successful, we assign you a senior consultant who tailors our services to meet your specific needs and objectives. We provide guidance and advice before, after and during the authorization process. We overview and manage the whole process while preparing any documents which might be needed in the process. As a result of our excellent performance and impressive track record TMC will ensure your authorization process goes smoothly.

One of the key services we provide at TMC is compliance health check which involves a higher-levelfocus review of the overall suitability and effectiveness of the existing compliance arrangements. This helps the firm to establish any existing gap in their compliance and assess whether their compliance arrangements are adequate. This helps us in providing the best recommendations to seal the existing gaps and address any inadequacy which might be present. In order to carry out this process effectively, we review several documents such as compliance documentation, compliance policies and compliance corporate governance reporting. We conduct health checks depending on your requirements which might include focused or full health checks. Contact us today and we will help in reviewing your current compliance arrangements and improve on the effectiveness and suitability of your existing arrangements while sealing any gaps that might be present..

As a firm, being compliant is not enough but monitoring of compliance issues is very vital. Any firm should have a comprehensive risk-based monitoring plan which will help in identifying possible regulatory risks and a measure of the likelihood of impacts it might have on the business. Compliance monitoring helps in developing risk mitigation actions which helps a firm to manage its risks. A good compliance plan will identify the areas to be tested, how they will be tested and how frequent the tests will be done. The plan requires regular reviews by a senior management to ensure it is proactive and flexible to adapt to new and unanticipated changes and risks. TMC is well versed in compliance monitoring and our extensive experience will help us in: Carrying out a daily compliance monitoring for a firm • Developing new compliance monitoring plans which are tailor made to meet the target company regulatory requirements • Carrying out regular reviews of the current compliance plans to ensure they are up to date and remain effective and complete to meet the business needs • Going through the outcome of the monitoring process to ensure that suitable remedial actions have been implemented. At TMC we offer compliance monitoring services on an hourly rate or we can agree on a monthly, quarterly, half yearly, or annual cost charge to cover for regular monitoring and implementation of remedial actions.

One of the crucial elements when interacting with customers in the financial industry is due diligence. TMC provides Customer Due Diligence (CDD) and Enhanced Due Diligence (EDD) reports. We help you save on time, cost and improve customer experience with an interactive platform which provides you with deeper risk insights and business intelligence. This will help you in making effective compliance business decisions. TMC provides you with an innovative e-audit which offers efficient risk compliance data collection and helps in streamlining an onsite review. Questions arising from due diligence and risk scoring system are analysed by AML experts which helps us in providing you with quality and consistent methods of assessing risks.

There have been rampant cases of cyber related crimes which hugely target the financial businesses. Ignorance of cyber risks can greatly inhibit the growth of the business. Board members, stakeholders which include investors, customers, partners among other people are always asking to know the cyber awareness and risk reduction measures which are in place before they invest or transact business. Regulators are always issuing guidance notes, circulars and standards and reports on regulatory measures to be adhered to by financial institutions. These documents contain messages advising firms on the need to know their cyber security risks and strengthen their cyber security measures by developing a formal cyber security response and recovery plan. It also requires firms to conduct regular penetration tests to ensure earlier mitigation of impending risks. Is your company able to offer credible assurance about its measures against cybercrime activities? Don’t worry because here at TMC we offer solutions that will help you to reduce and manage cyber security risks. Our action plan includes the following: Reviewing the security of the organizations that provide services to your firm. This includes the IT suppliers, system administrators and those who perform due diligence. Safeguarding confidential data and review the policies for adding and removing staff who handle sensitive data Carrying out a cyber risk assessment to detect impeding risks and provide suitable recommendations Implementation of mitigation measures to avert cyber risks Carrying out implementation of compliance policies and information security Analysing cyber risks and developing suitable cyber response and recovery plans Conducting bespoke training to create cybercrime awareness and mitigative measures Cyber risks cannot be overlooked and you need to earn trust from your clients and investors. Talk to us today. Treating Customers Fairly Regulators are keen on observance of the Treating Customers Fairly (‘TCF’) principle that is well reflected in firms PRA and FCA principles. This principle requires each firm to pay due regard to the interests of its customers and treat all of them fairly. The regulators expect firms to be keen on delivering the following outcomes on TCF: Corporate culture is characterized by fair treatment of all customers which boosts the confidence of the customers when interacting with the firms. Services and products which are marketed in the retail market are designed to meet the needs of the target group. Clear information to the clients about products and services is availed before, during and after the point of sale. Where advice is provided to the consumers, it should be suitable and take account of the consumers’ circumstances. Consumers are provided with products or services which perform as the firms have led the consumers to expect and meet the expected standards. Consumers should not face any barriers from the firms in case they want to switch providers, change products, submit claim or make a complaint. The regulator terms observance and adherence to the TCF as the overall culture of the firm that should be considered on a regular basis. Firms are tasked with creating awareness about TCF and developing strategies and plans which relate the outlined TCF principles to their business activities. Additionally, they are supposed to carry out an implementation which mainly involves provision of solutions to areas where gaps have been identified. The last task involves embedding which creates awareness to the staff on the firm’s approach to TCF. TMC can help in the above processes in the following ways: Help in conducting an independent TCF gap analysis Assist in development of remedial actions as required under the firm’s TCF Help in carrying out training on TCF principles Provide guidance on TCF assessment process

Firms which are regulated by PRA or FCA are required to have the appropriate controls and systems which help them in identification, assessment, monitoring and management of financial crime risks of the firm. Since the implementation of MLR 2007 in June 2017, regulatory compliance has proved to be more challenging as a result of the new changes and requirements to existing obligations. In order to ensure compliance with the EU, UK and global requirements, firms are encouraged to have the following guidance: Ensuring they have financial crime procedures which are well documented. Allocating a senior manager who is tasked with the managerial responsibility for anti-money laundering requirements Develop a financial crime policy Conducting CDD and EDD on new clients Ensuring regular staff training on matters pertaining to anti money laundering requirements and ensuring that the staff play their personal obligations in deterring financial crime risks. A failure to comply or not having the appropriate financial crime systems and controls leads to disciplinary actions against the company. This might lead to regulatory sanctions for firms which do not provide regular trainings on financial crime prevention to its staff members.

Change is a feature which is frequently witnessed in any business. This might be as a result of growth of a business or introduction of new products or services. Additionally, the rules and regulations which govern and regulate a business also undergoes changes. As a result of these changes, there is the need to adapt and adjust accordingly to ensure the business remains compliant. This is usually a complex process but TMC makes it easier by walking with you through the whole transition and adjustment process. In the case of new business developments, we help in identifying the required adjustments and change to ensure your firm remains compliant. When carrying out these changes we ensure that these developments consider all underlying policies such as Treating Customers Fairly (TCF) principles.

The General Data Protection Regulation (GDPR) is a mandatory requirement which might land you into hefty penalties when breaches occur. Have you it done it? Are you sure you did it in the right way? If you still feel some doubts kindly contact us today and we will take you through the whole process. As a result of significant advancements in technology use of personal data has become a common phenomenon and it helps firms to run their activities in a better way. This has led to global and public sharing of personal data which has increased the ease at which data can be transmitted, collected, manipulated, stored, and disseminated. These developments and the increased awareness of fundamental rights more particularly the right to privacy have led to the emergence of new data protection regime. The implementation of GDPR has moved the compliance to become a board level responsibility. Firms are tasked with producing evidence and steps that demonstrate total compliance to the GDPR policies.

If you are having challenges in GDPR compliance we offer bespoke solutions which include: Analysis of regulation gap– We conduct a step by step analysis of the regulatory requirements in order to establish existing gaps. Data protection policy– we help you in developing a tailor-made data protection policy for your business Data protection procedures– help you in implementing procedures aimed at providing data protection. These include, tailor-made data subject rights, breach notifications among others. Assessments of data protection impacts– we help in identification of high-risk processes and develop controls and recommendations which are aimed at mitigating impending risks. We offer training on GDPR practices We help in conducting GDPR health checks in order to improve their effectiveness for successful GDPR implementation.