Practical Guides
Essential Reading
The Complete Cybersecurity Guide for UK Financial Services Firms
UK financial services is the most targeted sector for cyber attacks in the UK — and faces the highest regulatory consequences for inadequate controls.
FCA Operational Resilience
FCA PS21/3 full compliance deadline: March 2025. Firms that cannot evidence a completed self-assessment face supervisory action.
APP Fraud Prevention Guide for Financial Services
£459M lost to APP fraud in the first half of 2023 (UK Finance) — the majority enabled by business email compromise and payment instruction hijacking.
Cyber Incident Response for Financial Services
FCA expects notification of material cyber incidents within 72 hours — the same window as ICO GDPR breach reporting. Both clocks start from awareness, not from the incident itself.
Cybersecurity for IFAs and Wealth Managers
FCA SMCR makes the Senior Manager personally accountable for cybersecurity controls — not just the firm. At an IFA, that is typically the principal.