IMG_5660.jpeg
IMG_5661.jpeg
IMG_5663.jpeg
IMG_5662.jpeg
IMG_5664.jpeg
IMG_5665.jpeg
IMG_5667.jpeg
IMG_5666.jpeg
IMG_5668.jpeg
IMG_5669.jpeg
IMG_5660.jpeg
IMG_5661.jpeg
IMG_5663.jpeg
IMG_5662.jpeg
IMG_5664.jpeg
IMG_5665.jpeg
IMG_5667.jpeg
IMG_5666.jpeg
IMG_5668.jpeg
IMG_5669.jpeg

Due Diligence Policy Template

£79.00

Due diligence isn't one thing — it's everything you do before you trust someone with your business. Customer verification, supplier vetting, employee screening, product assessment. Every FCA-regulated firm has due diligence obligations across all four, but most have policies covering only one or two, leaving dangerous gaps that regulators find quickly. One policy. Every relationship. No gaps.

What's included:

  • Full regulatory mapping: MLR 2017 Regulations 27–30/28/40, FCA SYSC, SM&CR, Consumer Duty, and UK GDPR/DPA 2018 — across Consumer Credit, Insurance, Investment, Payment Services, and Cryptoassets

  • Multi-tiered assessment methodology: standard, enhanced, and simplified due diligence — with individual CDD (documentary evidence hierarchy, PEP and FATF triggers) and corporate CDD (beneficial ownership to 25% threshold, complex structure mapping, and ownership chain analysis)

  • Supplier and third-party due diligence: three-tier risk categorisation (High/Medium/Low), mandatory contractual requirements, and ongoing monitoring matrix

  • Employee due diligence: pre-employment standard and enhanced checks, 5-year employment history verification, SYSC 22 regulatory reference requirements covering 6 years, and FIT 2 fitness and propriety assessment framework for SMF holders

  • Product due diligence: pre-launch regulatory impact analysis, Consumer Duty fair value assessment, target market assessment under MiFID II and IDD, and post-implementation monitoring

  • Enhanced Due Diligence: mandatory triggers across customer, transaction, and jurisdictional dimensions — with source of funds and wealth documentation and senior management approval process

  • Six ready-to-use assessment templates: individual CDD questionnaire, corporate CDD assessment form, supplier and third-party checklist, product due diligence review, employee recruitment checklist, and product approval assessment form with RAG rating guide

  • + much more

Who is this for?

Compliance Officers, risk functions, HR leads, and senior managers at FCA-regulated firms who need a complete, board-approved cross-functional Due Diligence framework covering every relationship type the business enters.

How it works

  • Step 1 — Read it. Every section exists for a reason, grounded in a specific regulatory obligation.

  • Step 2 — Understand it. Map the content against your current practices. Identify where you're strong and where gaps exist.

  • Step 3 — Make it yours. Tailor the language to reflect how your organisation actually operates. A policy that sounds like your firm is a policy your people will follow.

  • Step 4 — Take ownership. Assign clear accountability — Board approval, named SMF holder, designated policy owner. A policy without an owner is a liability, not an asset.

  • Step 5 — Operationalise it. Embed the policy into your governance calendar, training programme, and annual review cycle. This is where compliance becomes culture.

Or, get this free with RegTechPRO

Access this alongside the full compliance policy library — SM&CR, COBS, AML, Consumer Duty, GDPR, and more — for a fraction of the cost of consultancy.

View RegTechPRO pricing and packages →

Due diligence isn't one thing — it's everything you do before you trust someone with your business. Customer verification, supplier vetting, employee screening, product assessment. Every FCA-regulated firm has due diligence obligations across all four, but most have policies covering only one or two, leaving dangerous gaps that regulators find quickly. One policy. Every relationship. No gaps.

What's included:

  • Full regulatory mapping: MLR 2017 Regulations 27–30/28/40, FCA SYSC, SM&CR, Consumer Duty, and UK GDPR/DPA 2018 — across Consumer Credit, Insurance, Investment, Payment Services, and Cryptoassets

  • Multi-tiered assessment methodology: standard, enhanced, and simplified due diligence — with individual CDD (documentary evidence hierarchy, PEP and FATF triggers) and corporate CDD (beneficial ownership to 25% threshold, complex structure mapping, and ownership chain analysis)

  • Supplier and third-party due diligence: three-tier risk categorisation (High/Medium/Low), mandatory contractual requirements, and ongoing monitoring matrix

  • Employee due diligence: pre-employment standard and enhanced checks, 5-year employment history verification, SYSC 22 regulatory reference requirements covering 6 years, and FIT 2 fitness and propriety assessment framework for SMF holders

  • Product due diligence: pre-launch regulatory impact analysis, Consumer Duty fair value assessment, target market assessment under MiFID II and IDD, and post-implementation monitoring

  • Enhanced Due Diligence: mandatory triggers across customer, transaction, and jurisdictional dimensions — with source of funds and wealth documentation and senior management approval process

  • Six ready-to-use assessment templates: individual CDD questionnaire, corporate CDD assessment form, supplier and third-party checklist, product due diligence review, employee recruitment checklist, and product approval assessment form with RAG rating guide

  • + much more

Who is this for?

Compliance Officers, risk functions, HR leads, and senior managers at FCA-regulated firms who need a complete, board-approved cross-functional Due Diligence framework covering every relationship type the business enters.

How it works

  • Step 1 — Read it. Every section exists for a reason, grounded in a specific regulatory obligation.

  • Step 2 — Understand it. Map the content against your current practices. Identify where you're strong and where gaps exist.

  • Step 3 — Make it yours. Tailor the language to reflect how your organisation actually operates. A policy that sounds like your firm is a policy your people will follow.

  • Step 4 — Take ownership. Assign clear accountability — Board approval, named SMF holder, designated policy owner. A policy without an owner is a liability, not an asset.

  • Step 5 — Operationalise it. Embed the policy into your governance calendar, training programme, and annual review cycle. This is where compliance becomes culture.

Or, get this free with RegTechPRO

Access this alongside the full compliance policy library — SM&CR, COBS, AML, Consumer Duty, GDPR, and more — for a fraction of the cost of consultancy.

View RegTechPRO pricing and packages →