Analysing the business and then mapping onto the requirements will produce solutions that make sense for you and are efficient and effective.
Some challenging questions for you...
Q1 How do you know that you are satisfying ALL the requirements that apply to you?
The world is increasingly complex. It is hard to keep up with all the regulations and it is easy to unwittingly miss out some areas. I can review the arrangements that you have in place and will use a tool to demonstrate that you have appropriate records for each area.
Q2 Will your documentation seem convincing when subject to outside scrutiny?
Apart from the FCA you could also be subject to scrutiny from a client’s auditors, from ISO assessors or, heaven forbid, as a result of litigation. Your documentation needs to show that you understand the rules, have appropriate policies in place to satisfy them and have evidence that shows that those policies are implemented and working effectively. I have examples of documents that can be adapted for your business which will provide you with reassurance.
Q3 Are there things that you do just “because the regulations require it”?
You will be looking to run a business that provides good service, is profitable and sustainable and has satisfied clients. There should, therefore, be a high level of commonality between what you and the regulator worry about. If you find yourself with extra policies and procedures that don’t seem to make sense to your business then you are probably not being as clever about your arrangements as you could be. As far as possible you want to satisfy the requirements with your normal business processes. Key to success is understanding your business and then mapping what you do onto the requirements. And a test of how well you understand the requirements is whether you can express them simply.