Study fca and pra supervisory objectives, principles, and processes for CISI UK Regulation and Professional Integrity, with a UK-specific reading frame built around the official chapter structure and exam weighting.
This chapter moves from institutional map to supervisory method. It asks what regulators are trying to achieve, how they form views about firms, and how those views translate into supervision, intervention, or enforcement. A common mistake is to think supervision is only about punishment. In practice it includes ongoing information use, publications, prudential expectations, governance assessment, and early response to risks before they become formal breaches.
| Check | What matters |
|---|---|
| Official topic weighting | 7% |
| Core distinction under pressure | recognise how supervision actually works in practice: information gathering, judgement, enforcement, prudential standards, and governance expectations. |
| Strongest use of this page | read it before timed sets so you can recognise the real route, rule, or conduct problem being tested |
| UK note | Keep UK framing active: FCA, PRA, Bank of England, HM Treasury, FOS, FSCS, FSMA, SM&CR, COBS, CASS, DISP, COMP, JMLSG, UK MAR, and GBP where a sterling amount matters. |
The exam often tests what kind of supervisory tool or expectation fits the problem described. If the stem is about information gathering, governance weakness, remuneration incentives, or business-model risk, it is testing how regulators assess and respond to risk in the ordinary supervisory cycle.
It also tests whether you can separate high-level prudential or governance expectations from direct customer-facing conduct rules. Both matter, but they are not the same lane.
| Section | Main exam angle |
|---|---|
| Approach to regulation | If the stem is about risk-based oversight, think supervisory approach rather than enforcement only |
| Supervisory information and publications | If the issue is what regulators use to assess a firm, think supervisory information, returns, publications, and ongoing dialogue |
| Disciplinary and enforcement powers | If there is sustained misconduct or serious non-compliance, enforcement becomes more plausible |
| Handbook provisions and prudential standards | If the issue is capital, resilience, or systems of control, prudential and handbook language may be central |
| Fair and ethical outcomes for customers | If the stem links governance weakness to poor customer treatment, both supervisory and conduct logic are relevant |
| Remuneration, governance, and business risk | If pay structures reward volume without control, think business risk and supervisory concern |
Supervision is not a single event. The exam may ask what response fits the seriousness and stage of the problem.
| Stage | Typical clue | Better answer direction |
|---|---|---|
| Routine monitoring | Regular returns, business plans, meetings, or sector analysis | Information gathering and supervisory dialogue |
| Emerging concern | Thematic findings, weak controls, poor incentives, or repeated near misses | Supervisory attention, remediation, governance challenge |
| Serious risk | Customer harm, unauthorised activity, misleading conduct, or persistent failure | Intervention, investigation, or stronger supervisory action |
| Proven misconduct | Evidence of breach, dishonesty, or serious non-compliance | Enforcement, disciplinary powers, sanctions, or restrictions |
Questions sometimes ask where a firm would look to understand regulatory expectations. Match the source to the purpose.
| Source | What it is useful for |
|---|---|
| Business plan | Current regulatory priorities and planned focus areas |
| Annual report | What the regulator did, outcomes, and accountability reporting |
| Dear CEO letter | Sector-specific warning or expectation directed to senior management |
| Thematic review | Cross-firm findings on a recurring risk or practice |
| Policy statement | Finalised policy position after consultation |
| Supervisory statement | PRA-style supervisory expectations and interpretation |
| Speech or regulator webpage | Current emphasis, explanation, or messaging, but not a substitute for rules |
| PERG | Perimeter guidance: whether activity may require authorisation |
| DEPP | Decision procedure and penalties guidance |
| Stem language | Likely concept |
|---|---|
| “The regulator wants documents, explanations, or interviews” | Information-gathering or investigation power |
| “The firm may be carrying on regulated activity without permission” | Perimeter and authorisation issue; PERG may be relevant |
| “Formal sanction or penalty is being considered” | Enforcement and DEPP-style process |
| “The firm needs to understand whether its business model falls inside regulation” | Perimeter guidance, permissions, and authorisation scope |
| “The issue is capital, liquidity, or resilience” | Prudential standards rather than customer-facing disclosure |
Customer-outcome questions in this chapter often start with governance or incentive design rather than a direct client complaint.
| Weakness | Why supervisors care |
|---|---|
| Sales bonuses reward volume but not suitability or quality | Incentives can drive conduct risk before complaints appear |
| Senior managers do not own control failures | Accountability and governance are weak |
| Vulnerable clients are handled through the same script as sophisticated clients | Formal process may exist, but fair outcomes may still fail |
| Control reports are ignored | Information exists but is not being used to manage risk |
| Product profitability is reviewed but customer harm indicators are not | Business risk is being assessed too narrowly |
| If the question is mainly about… | Start with… |
|---|---|
| Capital adequacy, liquidity, resilience, resolvability, safety and soundness | Prudential supervision |
| Fair communications, customer treatment, conflicts, advice quality, or market conduct | Conduct supervision |
| Incentive design that could harm customers | Conduct risk and governance |
| Incentive design that threatens firm safety or risk appetite | Governance and prudential risk |
| Both firm resilience and customer harm | A joined-up answer that recognises both lanes |
This section is about the philosophy of UK supervision: judgement, risk focus, proportionality, and the expectation that firms manage their own risks rather than waiting to be told every detail.
Regulators use reporting, returns, guidance, thematic work, and publications to understand and influence firms. Questions here often ask what kind of information or communication supports supervision.
Enforcement matters, but it is one part of the wider system. The exam usually tests when stronger intervention becomes relevant and what sorts of powers exist at a broad level.
This section links supervision to written standards and prudential expectations. The candidate needs to recognise that rules, prudential standards, and handbook structure support the supervisory process rather than sit separately from it.
Supervision is not only inward-looking. Regulators care about customer outcomes because poor culture, weak controls, and bad incentives often appear in the customer experience.
Incentives and governance shape behaviour. The exam expects you to see that poor remuneration structures or weak governance can create risks before any customer loss is visible.
A firm has not yet caused obvious client losses, but its remuneration structure heavily rewards rapid sales growth and gives little weight to control quality. What is the strongest regulatory concern at this stage?
Answer: B.
Supervisory concern arises before harm becomes obvious if incentives are likely to drive poor behaviour or weak control. That is exactly why remuneration and governance appear in this chapter.