Compliance Hiring During an FCA Investigation or Enforcement

Compliance Hiring During an FCA Investigation or Enforcement

When the FCA’s attention moves beyond routine supervision into an investigation, a skilled-person review, or formal enforcement, the demands on a firm’s compliance and financial-crime function change sharply. The work intensifies, the scrutiny is personal, individuals leave or are prohibited, and the firm has to demonstrate — visibly and at pace — that it has the people to put things right. This guide is about the senior-hiring and resourcing decisions that arise across that part of the spectrum: during an investigation, through a skilled-person-driven remediation, when a senior manager departs or is banned, and in the rebuild after a Final Notice.

It is the more advanced companion to our guide on interim SMF16/SMF17 cover during an FCA VREQ, which deals with the earlier, supervisory stage. If your situation is a voluntary requirement and an SMF resignation, start there; this guide picks up where matters are more serious or further along. For the terminology and the shape of the whole spectrum, see FCA Supervisory and Enforcement Action Explained. It is written for boards, owners and controllers, general counsel and chief operating officers of FCA-regulated firms, and is general guidance on the hiring decision rather than legal or regulatory advice — your counsel and any skilled person should lead the regulatory strategy itself.

Why FCA scrutiny drives an urgent hiring need

Three things happen at once when a firm comes under serious regulatory attention, and each creates a resourcing need. First, the workload jumps: investigations and reviews demand evidence, file reviews, data, remediation plans and regular engagement, on top of business as usual. Second, the standard rises: the regulator expects the second line to be led and staffed by people who can credibly grip the issues, and a thin or junior function becomes a finding in its own right. Third, people leave: the personal accountability that comes with senior compliance roles, and with the Senior Managers and Certification Regime generally, means resignations cluster around exactly these moments. A firm that does not move quickly to fill the gap and add capacity can find the regulatory position deteriorating for reasons that have nothing to do with the original concern.

Hiring at the investigation stage

An investigation does not mean wrongdoing has been established — a large share of investigations close with no further action — but it does mean the firm needs to respond thoroughly and look credible doing so. The resourcing need here is usually twofold. The firm needs senior compliance and, often, financial-crime leadership with the seniority and composure to manage the regulator relationship and the internal response; and it needs hands to do the work — file reviews, data gathering, lookbacks, remediation scoping — without paralysing the day-to-day business. Bringing in experienced interim resource at this stage is frequently the difference between a controlled, well-evidenced response and a scramble. It also signals to the regulator that the firm is taking the matter seriously and resourcing it properly, which itself shapes the supervisory relationship.

Resourcing a skilled-person review and the remediation that follows

A section 166 skilled-person review is one of the most resource-intensive things a firm can go through. The skilled person is independent and reports to the regulator, so the firm cannot lean on them to do its work; the firm needs its own experienced people to engage with the review, provide evidence, and — almost always — deliver a substantial remediation programme afterwards. The remediation is where the bulk of the hiring need sits: file remediation teams, customer due diligence and enhanced due diligence reviewers, transaction-monitoring specialists, framework and policy rewrites, and senior oversight to own the plan and report progress to the regulator. Firms routinely need to scale this capacity quickly and then scale it back down once the programme is delivered, which makes interim and contract resource the natural model. FD Capital sets out the mechanics of the review itself in its Section 166 Skilled Person Reviews guide; the hiring point is that a review almost always converts into a remediation programme that needs people, fast.

Replacing a departed or prohibited senior manager

Two distinct situations arise here, and both are urgent. The first is a resignation — a compliance officer or MLRO who steps away under the pressure of a live matter, leaving a function that must be covered immediately. The second, more serious, is where an individual becomes subject to a prohibition order or leaves under a cloud, meaning they cannot continue and the firm must replace them with someone whose fitness and propriety is unimpeachable. In both cases the firm needs credible, regulator-acceptable cover quickly — usually an interim to bridge while a permanent appointment and any required approval are arranged. The bar is high: the regulator will look closely at whoever steps into a role vacated under these circumstances, so the replacement’s track record, sector fit, UK presence and clean fit-and-proper position all matter. This is the same urgent-cover discipline set out in our VREQ guide, applied at a more serious stage.

Rebuilding a compliance function after a Final Notice

Once an enforcement matter concludes — typically with a published Final Notice and often a remediation requirement — the firm faces a rebuild. The objective shifts from defending the matter to demonstrating durable change: a strengthened second line, refreshed governance, credible permanent leadership, and a culture the regulator can have confidence in. This is where permanent appointments come to the fore. A firm emerging from enforcement often needs a new, senior, demonstrably independent head of compliance or MLRO, sometimes supported by a strengthened risk function and board-level change. The hiring brief at this stage is as much about signalling and credibility as capability — the right permanent appointment is part of how a firm shows the regulator, its clients and its counterparties that it has turned the corner. Done well, the rebuild is also the bridge back to growth.

What “credible to the regulator” means at this stage

The bar for senior compliance hires rises with the seriousness of the situation. At the investigation and enforcement end, credibility typically means some combination of: a strong, recent record in the relevant function and sector; direct experience of operating under regulatory scrutiny — investigations, skilled-person reviews, remediation programmes; for some roles, an ex-regulator background that brings an understanding of how the FCA thinks; demonstrable hands-on remediation capability rather than purely advisory experience; a clear UK presence and the availability to engage at pace; and an unimpeachable fitness-and-propriety position. Candidates who have themselves taken a firm from enforcement or a skilled-person review back to a clean supervisory footing are particularly valuable, because they have done precisely what the firm now needs to do.

Interim, contract or permanent — matching the model to the stage

Different stages call for different engagement models, and most firms use a mix. Interim senior leaders — an interim head of compliance, MLRO, or chief risk officer — are the standard answer for the acute phase, when the firm needs credible, accountable leadership immediately and for a defined period. Contract specialists — financial-crime analysts, CDD/EDD reviewers, file-remediation teams — provide the surge capacity a skilled-person remediation demands, scaling up and then down with the programme. Permanent appointments are the destination, especially for the post-enforcement rebuild, where continuity, independence and credibility matter most. The art is sequencing: interim leadership and contract capacity to grip and remediate, then permanent appointments to embed the change and signal durability.

What it costs

Cost depends on seniority, scarcity and the intensity of the situation, but indicative UK ranges help with planning. Senior interim compliance or MLRO leadership in a live regulatory matter typically sits in the region of £1,200–£2,000 a day, with the upper end for ex-regulator backgrounds or proven enforcement and skilled-person remediation track records. Experienced financial-crime and remediation contractors — the people who staff a file-remediation or lookback programme — typically range more broadly depending on level, from day rates in the few-hundreds for analysts up to senior remediation leads. A permanent head of compliance or MLRO at a smaller regulated firm commonly falls in the region of £130,000–£200,000 base, with the upper end reflecting a post-enforcement rebuild and the seniority and scarcity of credible candidates. These are planning ranges only; we are happy to calibrate against the specifics.

How quickly can you put people in place?

For a routine senior hire, a shortlist within three to seven working days is typical. For urgent cover — a resignation mid-investigation, or a prohibited individual who must be replaced — credible names can usually be in front of a board faster, because they come from an existing, pre-qualified network rather than a cold search. Remediation teams can be stood up at pace where the requirement is clear. Where formal regulatory approval is needed for a Senior Manager Function, the timeline is governed by the regulatory process rather than the search; an interim can often bridge in the meantime. The practical point is that the search itself need not be the constraint.

How Exec Capital sources the right people at short notice

Speed comes from already knowing the people. Exec Capital maintains a live, curated network of FCA-experienced compliance, MLRO, financial-crime and risk professionals — including approved SMF holders, former regulators, skilled-person-experienced specialists, and remediation leads — many of whom are between mandates and immediately available. When a firm calls with an urgent need, the work is matching and verifying rather than starting cold. In practice that means we can:

• Shortlist from a known pool of people with the right approvals, sector background and regulatory-scrutiny experience, available now.
• Verify FCA Register status and history before a candidate reaches you, so the fitness-and-propriety story is sound from the outset — particularly important when replacing someone who has left under a cloud.
• Pre-check conflicts, independence and availability up front, so the names you see are genuinely deployable into a sensitive matter.
• Provide leadership and capacity together — an interim to lead, plus the contract remediation resource the programme needs.
• Run interim and permanent in parallel, bridging the immediate gap while building the permanent rebuild.
• Move at founder speed, with every mandate led personally by Adrian Lawrence FCA.

Representative examples

The following are representative of the kinds of mandates we handle, and are illustrative composites rather than identifiable clients.

• Interim leadership during an investigation. A firm under investigation lost its head of compliance and needed credible senior cover while it responded to the regulator. We introduced an interim with direct experience of managing firms through FCA investigations, available immediately and able to lead the response and the regulator relationship while a permanent search ran in parallel.
• Surge resource for a skilled-person remediation. Following a section 166 review, a firm needed to remediate a large book of customer files at speed. We provided a senior remediation lead and a team of CDD/EDD reviewers to deliver the programme to the regulator’s timetable, then scaled the team down as the work completed.
• Post-Final-Notice rebuild. A firm emerging from enforcement needed to rebuild credibility with the regulator and its clients. We placed a senior, demonstrably independent permanent head of compliance with a track record of strengthening functions post-action, as part of a broader governance refresh that helped the firm move back towards growth.

Frequently asked questions

Can you provide interim compliance cover during an FCA investigation?

Yes. Interim heads of compliance, MLROs and chief risk officers experienced in managing firms through investigations are a core part of our network, and credible names can usually be in front of a board within days.

Does an FCA investigation mean our firm is in serious trouble?

Not necessarily. Opening an investigation is not a finding of wrongdoing, and a large proportion close with no further action. But the firm does need to respond thoroughly and look credible doing so, which usually means resourcing the response properly.

What resource do we need for a section 166 skilled-person review?

The skilled person is independent and works for the regulator, so the firm needs its own people to engage with the review and deliver the remediation that typically follows — senior oversight plus a remediation team. The mechanics of the review itself are covered in FD Capital’s section 166 guide.

Our MLRO has been prohibited — how quickly can we replace them?

This is an urgent cover situation. We can usually put credible interim cover in front of you within days while a permanent appointment and any required approval are arranged. Because the replacement will be scrutinised closely, we verify FCA Register history and fit-and-proper position up front.

What is a prohibited person?

An individual subject to an FCA prohibition order, banning them from performing specified functions in financial services in part or in full. A firm cannot retain a prohibited individual in a banned role and must replace them.

What is a remediation hire?

A specialist — often interim or contract — brought in to deliver a defined programme of corrective work, such as reviewing and remediating customer files, fixing a transaction-monitoring framework, or rebuilding policies, usually following a review or a regulatory finding.

How much do financial-crime and remediation contractors cost?

It varies widely by level, from day rates in the few hundreds for analysts up to senior remediation leads. Senior interim compliance or MLRO leadership in a live matter typically sits around £1,200–£2,000 a day. We can give precise ranges against your requirement.

Can you build a whole remediation team quickly?

Yes. We can provide a senior lead plus a team of reviewers and specialists to deliver a remediation programme to a regulator’s timetable, and scale the team down as the work completes.

What does rebuilding a compliance function after enforcement involve?

Typically a strengthened, demonstrably independent permanent head of compliance or MLRO, a refreshed second line, and sometimes board-level change — all aimed at showing the regulator, clients and counterparties that the firm has made durable change. It is the bridge from enforcement back to growth.

Should we use interim or permanent hires?

Usually both, in sequence: interim leadership and contract capacity to grip and remediate the immediate situation, then permanent appointments to embed the change. We commonly run both tracks in parallel.

How is this different from interim SMF cover during a VREQ?

The VREQ situation is the earlier, supervisory stage and is covered in our dedicated VREQ guide. This guide deals with the more serious investigation, enforcement and post-enforcement stages, including replacing prohibited individuals and rebuilding a function after a Final Notice.

Will you keep this confidential?

Yes. These are sensitive situations, and we handle them discreetly, including running confidential searches where required.

Related Exec Capital resources

• FCA Supervisory and Enforcement Action Explained
• Interim SMF16/SMF17 Cover During an FCA VREQ
• What Is an FCA VREQ? Voluntary Requirements Explained
• Head of Compliance (SMF16) Recruitment
• MLRO (SMF17) Recruitment
• Interim Executive Recruitment
• FD Capital: Section 166 Skilled Person Reviews
• FCA-Regulated Firm Recruitment Hub

This guide is general information about the senior-recruitment and resourcing decision and does not constitute legal, compliance or regulatory advice. Decisions about an FCA investigation, a skilled-person review, enforcement and any regulatory notifications should be taken with your own legal counsel, compliance consultancy and skilled person.