""

Financial Regulation Compliance & Investigations

Financial Regulation Compliance & Investigations

Financial Regulation Compliance & Investigations

Download PDFDownload PDF
Print
Share

Overview

We work with the full spectrum of financial institutions to support them and provide pragmatic and commercially astute guidance to ensure they meet their vast global and local financial regulatory requirements. We help our clients ensure they are prepared for changes in regulations, that they are operating within the relevant legal framework, and that their staff are trained in and confident with their local regulatory requirements and expectations. If they become subject to an investigation by a regulator or government agency, or need to conduct an internal investigation, we advise on the investigation and dealings with external agencies. 

Across our global network of offices we work with a wide range of financial institutions in the retail and wholesale sectors, including banks, asset managers, broker-dealers, commodity traders, corporate financiers, custodians, insurance/reinsurance firms and intermediaries, life and general insurers and payment services and currency exchange platforms 

We immerse ourselves in the financial services industry, ensuring we fully understand the world our clients operate in. We combine this with an in-depth knowledge of the relevant regulators and how their authorisation, supervision and enforcement divisions operate in practice, together with technical excellence in the relevant law and regulations. A number of our team have gained direct experience from working at the regulators (including the FCA, PRA, SFO, CMA, OCC, SEC, CFTC, FINRA, CFPB and NY DFS) as well as a wide range of global financial institutions and investment exchanges. 

As well as representing financial institutions, we also advise members of senior management on their personal regulatory responsibilities, and listed companies on their regulatory requirements 

We recognize that, as much as the regulators expect a culture of compliance to pervade, in the current regulatory climate regulatory compliance advice cannot exist in a bubble. Our approach to providing regulatory compliance counsel recognizes that any compliance solution or enforcement resolution must be considered in the context of its practical impacts on our clients business. We work with our clients to develop practical, workable solutions that allow their businesses to move forward and to thrive. And when issues are identified, we conduct efficient, legally privileged investigations to obtain the factual basis to provide the best legal advice to the institution.

Experience with over 10 global regulators & agencies

  • the UK Financial Conduct Authority (FCA)
  • the UK Prudential Regulation Authority (PRA)
  • the UK Serious Fraud Office (SFO)
  • European Commission (EC)
  • the UK National Crime Agency (NCA)
  • US Department of Justice (DoJ)
  • Securities & Exchange Commission (SEC)
  • New York Department of Financial Services (DFS)
  • Commodity Futures Trading Commission (CFTC)
  • US Federal Bureau of Investigations (FBI)

Experience with over 10 global regulators & agencies

  • the UK Financial Conduct Authority (FCA)
  • the UK Prudential Regulation Authority (PRA)
  • the UK Serious Fraud Office (SFO)
  • European Commission (EC)
  • the UK National Crime Agency (NCA)
  • US Department of Justice (DoJ)
  • Securities & Exchange Commission (SEC)
  • New York Department of Financial Services (DFS)
  • Commodity Futures Trading Commission (CFTC)
  • US Federal Bureau of Investigations (FBI)
Emerging Themes in Financial Regulation & Disputes

We anticipate a pivotal year for investigations and enforcement 

Our 2026 forecastIcon: arrow

Christine Cesare
Christine Cesare
+1 212 541 1228
Polly James
Polly James
+44 (0) 20 3400 3158

Kenneth M. Achenbach

Kenneth M. Achenbach
+1 404 572 6808
Christine Cesare
Christine Cesare
+1 212 541 1228
Polly James
Polly James
+44 (0) 20 3400 3158

Kenneth M. Achenbach

Kenneth M. Achenbach
+1 404 572 6808

Meet The Team

Christine Cesare
Christine Cesare
+1 212 541 1228
Polly James
Polly James
+44 (0) 20 3400 3158

Kenneth M. Achenbach

Kenneth M. Achenbach
+1 404 572 6808

Experience

  • We advised a major US investment bank on the global FX investigation. This has involved parallel investigations by regulators in the US, UK, EU, Hong Kong SAR, Singapore, Korea and Brazil.  We have advised on strategy and substance in the UK, EU and Hong Kong SAR, and have managed outside counsel in all other jurisdictions. No action was taken against our client. 
  • We are advising a leading intermediary in an FCA investigation into the implementation of the Market Abuse Regulation and systems for automated surveillance of trading. 
  • We advised a major UK listed company on an FCA investigation into alleged failure to obtain prior shareholder approval in relation to a significant acquisition. No action was taken against our client. 
  • We are regularly instructed by leading financial institutions to act as independent legal advisers (“ILAs”) for their senior management and other employees on threatened enforcement action by the FCA, PRA and overseas regulators and agencies. Our substantial experience includes acting for individuals who are asked to attend regulatory interviews as witnesses, as well as individuals who are themselves the subject of a formal investigation. 
  • We advised a leading global insurer on an FCA (and subsequent European Commission) investigation into suspected information sharing and other anti-competitive conduct in relation to the aviation insurance market. No action was taken against our client. 
  • We advised a range of financial institutions, including non-EEA banks, in relation to their implementation of MiFID II, the largest and most onerous regulatory reform package to affect the European financial services sector in recent years

Related Insights

Insights
Jul 01, 2026

The FCA's Final Crypto Regime: What Firms Need to Know and Do Next

The FCA has now published the final UK cryptoasset regime, completing its Crypto Roadmap and confirming that crypto activities will be brought fully within the existing FSMA framework from 25 October 2027. The headline messages are contained in the accompanying FCA press release and new overview webpage, which together provide a useful guide through what is a substantial package of policy statements, guidance and consultations. While much of the architecture was already visible through earlier consultations, firms now have something they have lacked throughout much of the process: certainty. The significance of today's package is not that it changes the direction of travel, but that it finalises the framework and provides a clear route to implementation. Firms have three months until the authorisation gateway opens and less than sixteen months until the regime comes into force. That is a comparatively short implementation period given the governance, operational, and prudential changes many firms will need to make. The challenge is no longer understanding what regulation might look like. It is demonstrating readiness to operate within it. The FCA has also used the final package to reinforce a broader message running through much of its recent work: the UK's crypto regime is intended to support innovation, growth and competitiveness while maintaining high standards of consumer protection and market integrity. The final framework reflects a regulator that has listened to industry feedback in several key areas, while remaining firmly committed to bringing crypto firms within mainstream financial services regulation.
Insights
Jun 04, 2026

Cyber Litigation in Financial Services: managing the evolving risk

Cyber incidents are increasingly giving rise to complex, long‑tail litigation risk, particularly for financial services firms. As regulators place growing emphasis on operational resilience, outsourcing governance and accountability, the same regulatory findings may be repurposed to support civil follow‑on claims long after incidents occur. Regulatory investigations are taking longer to conclude and, alongside damages claims, courts are showing an increased willingness to grant urgent injunctive relief to prevent data misuse. As a result, firms should approach cyber preparedness not only as a regulatory or operational issue, but as a litigation risk mitigation exercise – aligning regulatory engagement, disclosure decisions and contractual liability planning from the outset. This article is the second in our three‑part Emerging Themes in Financial Regulation & Disputes 2026 series and follows our earlier analysis of cyber resilience and the 2026 regulatory shift. It examines the evolving litigation and regulatory landscape shaping cyber and operational resilience expectations for the year ahead and identifies practical priorities for financial services firms seeking to respond proactively. Our accompanying articles consider (i) cyber resilience and the 2026 regulatory shift; and (ii) operational resilience and the growing influence of critical third‑party designations.
Insights
May 27, 2026

UK financial services reform 2026: from growth agenda to regulatory execution

The UK’s financial services reform programme has reached a decisive inflection point, with the publication of the Financial Services & Markets Bill 2026 and the May 2026 Regulatory Initiatives Grid marking a clear shift from policy development to implementation and execution. As a mid‑year update to our Emerging Themes in Financial Regulation & Disputes 2026 outlook, these developments confirm – and refine – the trajectory identified at the start of the year: a move towards a more flexible, growth‑oriented and regulator‑led framework, driven by the interplay of politics, people and technology. This should not be understood as deregulation. Rather, the direction of travel is one of recalibration, with reduced legislative prescription offset by increased supervisory discretion, a broader regulatory perimeter and heightened expectations of accountability – particularly in relation to senior individuals, consumer outcomes and technology‑driven risks. The latest reforms also signal a decisive transition from consultation to delivery, with clearer timelines, more proactive supervisory engagement and a growing emphasis on outcomes‑based regulation. For firms, the message is clear: 2026 is already shaping up to be a busy and consequential year. The pace of change is accelerating, and the regulatory environment is becoming more dynamic, judgement‑based and interventionist, requiring a strategic approach to managing both regulatory risk and opportunity.
Insights
Apr 21, 2026

CP26/13: The FCA sharpens the cryptoasset regulatory perimeter

As crypto moves from the margins to the mainstream of the UK financial system, regulatory uncertainty is giving way to structured supervision, authorisation and enforcement. BCLP’s Emerging Themes 2026 crypto series tracks this transition in real time — from the expansion of the regulatory perimeter, through new conduct and market integrity regimes, to the operational and governance expectations that will define participation in regulated crypto markets. This article focuses on the latest step in that progression: the FCA’s publication of its perimeter guidance in Consultation Paper CP26/13, a critical development in translating legislative intent into practical compliance obligations as the UK’s new crypto regime takes shape.
Insights
Apr 07, 2026

Cyber Resilience in Financial Services: Navigating Rising Risks and the 2026 Regulatory Shift

UK regulators have not yet fully exercised the breadth of their powers to address shortcomings in organisational cyber‑security measures—but that restraint is unlikely to continue. The policy statements published on 18 March 2026 by the FCA, PRA and Bank of England, introducing a new single regime for operational incident and third‑party reporting, signal the direction of travel. The framework—under which firms must report serious cyber and operational incidents through a unified portal and provide structured information on their critical third party (CTP) dependencies—reflects the UK regulators’ sharpened focus on digital risk, system resilience, and their recognition of the vulnerabilities inherent in  complex technological supply chains. This shift sits alongside the UK government’s broader agenda. As the Cyber Security and Resilience (Network and Information Systems) Bill (NIS Bill) progresses and HM Treasury (HMT) prepares to designate major technology providers as CTPs using its FSMA powers, firms can expect a step‑change in supervisory expectations. Cyber‑security, data protection and operational resilience disciplines must now operate as a single, evidence‑based ecosystem capable of withstanding assertive regulatory challenge. The coming year will require firms not only to demonstrate alignment on paper, but to evidence—consistently and credibly—that controls work in practice. This article is the first in our three part Emerging Themes in Financial Regulation & Disputes 2026 series. We examine the evolving regulatory and risk landscape shaping cyber and operational resilience expectations for the year ahead—and set out practical priorities for financial services firms seeking to respond proactively. Our accompanying articles will examine (i) the evolving cyber litigation risks facing financial services firms and (ii) operational resilience and the growing influence of CTP designations.

Related Insights

Insights
Jul 01, 2026
The FCA's Final Crypto Regime: What Firms Need to Know and Do Next
The FCA has now published the final UK cryptoasset regime, completing its Crypto Roadmap and confirming that crypto activities will be brought fully within the existing FSMA framework from 25 October 2027. The headline messages are contained in the accompanying FCA press release and new overview webpage, which together provide a useful guide through what is a substantial package of policy statements, guidance and consultations. While much of the architecture was already visible through earlier consultations, firms now have something they have lacked throughout much of the process: certainty. The significance of today's package is not that it changes the direction of travel, but that it finalises the framework and provides a clear route to implementation. Firms have three months until the authorisation gateway opens and less than sixteen months until the regime comes into force. That is a comparatively short implementation period given the governance, operational, and prudential changes many firms will need to make. The challenge is no longer understanding what regulation might look like. It is demonstrating readiness to operate within it. The FCA has also used the final package to reinforce a broader message running through much of its recent work: the UK's crypto regime is intended to support innovation, growth and competitiveness while maintaining high standards of consumer protection and market integrity. The final framework reflects a regulator that has listened to industry feedback in several key areas, while remaining firmly committed to bringing crypto firms within mainstream financial services regulation.
Insights
Jun 04, 2026
Cyber Litigation in Financial Services: managing the evolving risk
Cyber incidents are increasingly giving rise to complex, long‑tail litigation risk, particularly for financial services firms. As regulators place growing emphasis on operational resilience, outsourcing governance and accountability, the same regulatory findings may be repurposed to support civil follow‑on claims long after incidents occur. Regulatory investigations are taking longer to conclude and, alongside damages claims, courts are showing an increased willingness to grant urgent injunctive relief to prevent data misuse. As a result, firms should approach cyber preparedness not only as a regulatory or operational issue, but as a litigation risk mitigation exercise – aligning regulatory engagement, disclosure decisions and contractual liability planning from the outset. This article is the second in our three‑part Emerging Themes in Financial Regulation & Disputes 2026 series and follows our earlier analysis of cyber resilience and the 2026 regulatory shift. It examines the evolving litigation and regulatory landscape shaping cyber and operational resilience expectations for the year ahead and identifies practical priorities for financial services firms seeking to respond proactively. Our accompanying articles consider (i) cyber resilience and the 2026 regulatory shift; and (ii) operational resilience and the growing influence of critical third‑party designations.
Insights
May 27, 2026
UK financial services reform 2026: from growth agenda to regulatory execution
The UK’s financial services reform programme has reached a decisive inflection point, with the publication of the Financial Services & Markets Bill 2026 and the May 2026 Regulatory Initiatives Grid marking a clear shift from policy development to implementation and execution. As a mid‑year update to our Emerging Themes in Financial Regulation & Disputes 2026 outlook, these developments confirm – and refine – the trajectory identified at the start of the year: a move towards a more flexible, growth‑oriented and regulator‑led framework, driven by the interplay of politics, people and technology. This should not be understood as deregulation. Rather, the direction of travel is one of recalibration, with reduced legislative prescription offset by increased supervisory discretion, a broader regulatory perimeter and heightened expectations of accountability – particularly in relation to senior individuals, consumer outcomes and technology‑driven risks. The latest reforms also signal a decisive transition from consultation to delivery, with clearer timelines, more proactive supervisory engagement and a growing emphasis on outcomes‑based regulation. For firms, the message is clear: 2026 is already shaping up to be a busy and consequential year. The pace of change is accelerating, and the regulatory environment is becoming more dynamic, judgement‑based and interventionist, requiring a strategic approach to managing both regulatory risk and opportunity.
Insights
Apr 21, 2026
CP26/13: The FCA sharpens the cryptoasset regulatory perimeter
As crypto moves from the margins to the mainstream of the UK financial system, regulatory uncertainty is giving way to structured supervision, authorisation and enforcement. BCLP’s Emerging Themes 2026 crypto series tracks this transition in real time — from the expansion of the regulatory perimeter, through new conduct and market integrity regimes, to the operational and governance expectations that will define participation in regulated crypto markets. This article focuses on the latest step in that progression: the FCA’s publication of its perimeter guidance in Consultation Paper CP26/13, a critical development in translating legislative intent into practical compliance obligations as the UK’s new crypto regime takes shape.
Insights
Apr 07, 2026
Cyber Resilience in Financial Services: Navigating Rising Risks and the 2026 Regulatory Shift
UK regulators have not yet fully exercised the breadth of their powers to address shortcomings in organisational cyber‑security measures—but that restraint is unlikely to continue. The policy statements published on 18 March 2026 by the FCA, PRA and Bank of England, introducing a new single regime for operational incident and third‑party reporting, signal the direction of travel. The framework—under which firms must report serious cyber and operational incidents through a unified portal and provide structured information on their critical third party (CTP) dependencies—reflects the UK regulators’ sharpened focus on digital risk, system resilience, and their recognition of the vulnerabilities inherent in  complex technological supply chains. This shift sits alongside the UK government’s broader agenda. As the Cyber Security and Resilience (Network and Information Systems) Bill (NIS Bill) progresses and HM Treasury (HMT) prepares to designate major technology providers as CTPs using its FSMA powers, firms can expect a step‑change in supervisory expectations. Cyber‑security, data protection and operational resilience disciplines must now operate as a single, evidence‑based ecosystem capable of withstanding assertive regulatory challenge. The coming year will require firms not only to demonstrate alignment on paper, but to evidence—consistently and credibly—that controls work in practice. This article is the first in our three part Emerging Themes in Financial Regulation & Disputes 2026 series. We examine the evolving regulatory and risk landscape shaping cyber and operational resilience expectations for the year ahead—and set out practical priorities for financial services firms seeking to respond proactively. Our accompanying articles will examine (i) the evolving cyber litigation risks facing financial services firms and (ii) operational resilience and the growing influence of CTP designations.
Insights
Mar 31, 2026
From Fraudulent Adverts to Corporate Offences: Navigating POCA, ECCTA and the OSA
Insights
Feb 26, 2026
The shift to enhanced supervision: what payments and e-money firms need to know
Insights
Feb 05, 2026
FCA Enforcement Watch and Beyond – Five Headline Trends for 2026
Insights
Jan 27, 2026
Rebalancing risk to unlock growth: How financial services regulation will shape the economy in 2026