Senior practitioners, and industry experts, embedded inside financial services firms worldwide. We don't just advise. We deliver.
of all CBI MiCAR CASP authorisations in 2025 supported by Finvisor
of all FCA EMI authorisations in 2025 guided by our team
authorisation success rate across all engagements to date
Benchmark your firm's governance, risk, and compliance framework against global financial services standards. Understand your strengths, identify gaps, and get a tailored roadmap.
Our team brings deep, domain-specific expertise across the sectors we serve. Where others bring general financial services advice, we bring sector-specific insight built from decades of in-the-room experience.
Authorisation, ongoing compliance, and supervisory engagement for payment institutions and e-money firms across multiple regulatory regimes. PSD2/3, safeguarding, REQ submissions, and PCF governance.
MiCAR authorisation and ongoing supervision, custody frameworks, AML/CFT for crypto-asset service providers, DORA compliance, and private key governance. One of the leading CASP authorisation practices globally.
Risk and compliance frameworks for banks and complex financial groups. AML/CFT programmes, operational resilience, governance design, prudential oversight, and regulatory engagement under time pressure.
IFPR, ICARA, wind-down planning, SM&CR implementation, and operational resilience for investment managers, hedge funds, and financial intermediaries across major jurisdictions.
Strategic regulatory support for growth-stage fintechs navigating complex multi-jurisdictional frameworks. Regulatory strategy, business model assessment, and licence pathway design.
Regulatory due diligence, change of control applications, and post-acquisition integration for private equity, strategic acquirers, and merging regulated entities. We identify regulatory risks before they become liabilities.
Brought in at critical moments when outcomes must be delivered under regulatory scrutiny and time pressure. We operate under Board accountability throughout every engagement.
Full project management of regulatory licence applications from scoping to grant. We draft the programme of operations, build governance frameworks, respond to requisitions, and manage the regulator relationship directly under Board accountability.
Responding to supervisory engagement, thematic reviews, skilled person appointments, and enforcement instructions. We produce independent assessments, draft remediation responses, and manage regulator communications under time pressure. Fast.
Rapid deployment of senior practitioners to stabilise control environments, execute remediation programmes, and restore supervisory confidence. We operate in enforcement and post-enforcement environments with full Board and regulator transparency.
Supporting firms through expansion, restructuring, or product change requiring regulatory approval, including M&A due diligence, change of control applications, and post-acquisition compliance integration. New service launches, passporting, and group restructuring.
Finvisor delivers bespoke risk and compliance training tailored to your business, regulatory environment, and operating model. Our programmes are practical, decision-focused, and grounded in real-world experience—equipping Boards, senior management, and operational teams to manage risk effectively and meet regulatory expectations with confidence. No generic content. Just training that is relevant, targeted, and impactful.
We transform compliance and risk programmes from regulatory obligations into strategic assets. By strengthening governance, controls, and operational design, we help firms build trust with regulators, partners, and customers—unlocking growth, accelerating approvals, and enabling confident scaling. From targeted gap analysis to full programme redesign, we ensure your framework is not just compliant, but differentiated, efficient, and built to support your commercial ambitions.
Our delivery framework spans every dimension of regulatory compliance, risk management, and operational resilience, each pillar led by specialists who have held senior accountability roles in that domain.
Strategic guidance on regulatory frameworks, authorisations, and compliance architecture, building proactive compliance strategies aligned with business objectives and supervisory expectations.
Fractional and interim leadership providing hands-on expertise when you need it most, integrating seamlessly with your team to deliver operational compliance capabilities without the overhead of permanent hire.
DORA readiness, ICT risk management, cyber governance, and business continuity planning. Ensuring technology and operational infrastructure meets evolving global resilience standards.
Independent third-line assurance through comprehensive audits, control effectiveness testing, and remediation support. We identify control gaps before they become regulatory findings, and implement sustainable solutions that hold up under examination.
We have built deep working relationships with Regulators around the world. When they see our team of experts working closely with your organisation, they recognize credibility.
Finvisor guided the first Electronic Money Institution through the FCA's regulatory sandbox.
This engagement established our working relationship with the FCA at the highest level and gave us direct insight into how the regulator assesses emerging business models, technology risk, and governance standards. That knowledge informs every authorisation application we run today.
Every application we have managed has received regulatory approval. No failed applications across all jurisdictions and regimes.
Finvisor supported three in ten of all CBI MiCAR CASP authorisations in 2025, making us one of the leading CASP authorisation practices in Europe.
Approximately one in nine FCA EMI licences granted in 2025 was prepared and managed by Finvisor, reflecting the depth and scale of our FCA authorisation practice.
Regulator relationships. Built through repeated, high-quality engagements. Regulators know what to expect from a Finvisor-managed application.
Both sides of the table. Our team has held senior accountability roles inside regulated firms. We know what regulators look for because we have been the ones answering the questions.
Full project ownership. We draft, manage, track, and respond. Applications are not handed back with comments , they are delivered completed and submission-ready.
Sandbox experience. Having guided the first EMI through the FCA sandbox, we understand how regulators evaluate novel business models and emerging technology risk.
Regulators globally expect firms to demonstrate, not just document, their operational resilience. Our maturity assessment benchmarks your firm against regulatory expectations, identifies critical gaps, and delivers a prioritised remediation roadmap your board can act on.
Suitable for payment firms, e-money institutions, CASPs, and any regulated entity facing supervisory scrutiny of their operational resilience programme.
Regulators globally are intensifying AML supervision. The firms ahead are not those with the longest policies. The ones who succeed are with the most accurately calibrated risk assessments, sharpest transaction monitoring, and strongest escalation culture. Our assessment tells you exactly where you stand.
Completed by Qualified Internal Auditor Povilas Randis. 30+ AML/CTF audits delivered across payment firms, e-money institutions, and crypto-asset service providers globally.
A selection of engagements illustrating the outcomes we deliver. References available on request.
Full project management of a MiCAR CASP authorisation for a retail-focused crypto exchange. Drafted programme of operations, AML/CFT framework, custody governance, and managed CBI requisitions through to licence grant.
Deployed senior AML practitioners to stabilise a payment institution's financial crime control environment following supervisory engagement. Rebuilt the BWRA, transaction monitoring framework, and MLRO function within 90 days.
Provided an embedded ICT risk specialist to lead DORA implementation for an EMI. Delivered Register of Information, ICT incident classification framework, third-party risk assessments, and Board-level reporting within the compliance deadline.
Led by Simon McFeely, former Global CCO at TransferGo and TransferMate and previously Western Union and PwC, the Finvisor team brings direct experience of the regulatory relationship from both sides of the table.
Simon is a Chartered Accountant with 20 years of experience across financial services risk, compliance, and regulatory strategy. He has held Global CCO, CRO, and Head of Compliance Risk Assessment roles at major international payment firms and fintechs, giving him direct experience of the regulatory relationship from both sides of the table.
A recognised expert in the payments and fintech sector, Simon advises firms globally on governance, regulatory strategy, and risk management. He is a member of the Compliance Institute's Payments & Fintech Working Group and the Dublin Business School Innovation Steering Committee, and formerly served as the appointed e-money industry representative at the CBI's Financial Services Forum.
Led by Simon, every Finvisor engagement benefits from direct leadership involvement , from initial scoping through to regulatory approval and ongoing supervision. References available on request.
15+ years in risk and compliance leadership across banking, fund administration, and fintech. ISO 27001 programme lead. Enterprise risk management specialist with deep experience of regulatory engagement across multiple jurisdictions.
15+ years in compliance and risk advisory. 30+ AML/CTF audits completed. Qualified Internal Auditor. Specialist in EMI/MiCAR licensing, PSD2 compliance, and enterprise risk assessments across European and Baltic jurisdictions.
15+ years in compliance, risk advisory, and transformation. Specialist in Consumer Duty, data management, fitness & probity, and operational risk, with senior advisory experience across global financial institutions.
15+ years in IT security and regulatory compliance. DORA implementation specialist. ISO 27001:2022 audit and remediation. Embedded ICT risk leadership for regulated firms navigating the shift from operational resilience to mandatory DORA compliance.
"We sit alongside your team. We don't just tell you what to do. We do it."
Drafting. We write the policies, frameworks, risk assessments, requisition responses, and board papers, not just the outline.
Project management. We own the timeline, track deliverables, and manage regulator deadlines throughout every engagement.
Regulator engagement. We prepare for and attend supervisory meetings, respond to regulatory requisitions, and manage the ongoing supervisory relationship on your behalf.
Board-ready outputs. Every deliverable is formatted and written to be placed in front of a board or regulator without further editing. Frameworks that scale with your ambitions.
Original analysis produced by the Finvisor team.
What the CBI's RSO means for PI and EMI firms. Covers all five focus areas, Finvisor's view, and the questions your Board, CEO, and Head of Compliance should be asking now.
The CBI's first dedicated CASP chapter: what it signals for firms authorised under MiCAR. Six focus areas, key messages, and questions for Board, CEO, and Head of Compliance mapped to MiCAR obligations.
MiCAR is now fully applicable. But for firms operating globally, the regulatory picture is more complex. US state and federal frameworks, APAC licensing routes, and multiple EU gateway strategies each carry different implications for business model design and regulatory risk.
DORA has been applicable since January 2025. Supervisors are moving from implementation guidance to active assessment. Key gaps we are identifying across client portfolios: incomplete Registers of Information, weak ICT incident classification, and insufficient third-party concentration analysis.
Regulatory risk is consistently underweighted in financial services M&A. We have seen transactions derailed by undisclosed regulatory conditions, poor compliance infrastructure, and licence perimeter mismatches. What to look for, and how to price it, before you sign.
Regulators globally are intensifying AML supervision for payment firms. The firms that are ahead are not those with the longest policies, they are the ones with the most accurately calibrated risk assessments, the sharpest transaction monitoring tuning, and the strongest escalation culture.
Regulatory briefings and horizon scanning across payments, digital assets, and global financial services.
Whether you're preparing an authorisation application, navigating supervisory scrutiny, exploring an acquisition, or building a compliance programme from scratch. We'd like to hear about it. Strictly confidential.
Enter your details and we'll send this briefing directly to you.