Achieving Financial Conduct Authority (FCA) authorisation is a major milestone for every financial services business. You’ve completed what can be a draining and resource-consuming process to meet the Regulator’s exacting standards.

But for ambitious firms, this is just the start. Now you’re up and running, it’s also likely that your team is working on a roadmap to grow your business. Yet while an upward sales trajectory might be your central focus, it’s vital not to lose sight of the need to scale your compliance capabilities too.

To help you with this essential endeavour, here’s what you need to know.

In practice, scaling compliance typically means three things: handling more volume, producing better evidence and keeping the Board comfortable. Crucially, this needs to be done while decoupling business growth from compliance costs. In short, you need to do more with less.

However, the cost of not preparing for this can lead to what we call “compliance debt”. This is where you rely on manual systems (spreadsheets and emails) until they become unwieldy and unmanageable – leading to risks you would not willingly tolerate. 

If you find yourself having to fix these systems while already under pressure, there’s a significant risk that important issues sit unnoticed in email inboxes, quietly evolving into major problems from the FCA’s point of view.

Why trying to scale everything is dangerous

But while the risk posed by manual processes is significant, so too is the task of trying to automate all aspects of compliance at once. The solution to this dilemma is to carefully address the most pressing areas, such as horizon scanning, internal advice management and marketing approvals, within a realistic timeframe. 

In other words, you need a ruthless prioritisation framework. At My Compliance Centre, we use a scaling decision matrix that separates the decision into two fundamental questions: Should we scale this? and Can we scale this?

Part 1: “SHOULD this scale?”

First, assess which processes are crying out for systemisation. Score your processes (0–2) against these four criteria:

1. Risk impact: If this process fails at higher volumes, what is the fallout? Is it a minor admin error, or a material regulatory breach?
2. Growth pressure: Does the workload grow linearly with the business, or faster? Some processes compound, and these become unmanageable very quickly without systemisation.
3. Evidence and traceability: How high is the scrutiny? If the Board or Regulator asks for proof, do you need a clean audit trail by default, or is informal proof acceptable?
4. Compliance debt: If you defer fixing this, how painful is the catch-up? Will it require expensive remediation and retrospective evidence creation later?

Part 2: “CAN we scale this now?”

Just because something should be scaled doesn’t mean it can be immediately. This is where many compliance teams can come unstuck – by trying to implement changes without organisational support. Score against:

1. Feasibility: Is there a quick win? Can you use an off-the-shelf solution or piggyback on an existing initiative (e.g., a wider IT upgrade)?
2. Mandate: This is critical. Do you have a sponsor? Is there a decision forum that can approve the change? Scaling usually requires cross-functional alignment. In essence, without a mandate, even the best ideas stall.

The strategy: decide your priority sequence

By plotting your processes on this matrix, your scaling roadmap becomes clear:

• High SHOULD / High CAN: Start now. These are your immediate priorities. The risk is high and the barriers to execution are low.
• High SHOULD / Low CAN: Build mandate. This is a strategic insight. The process is critical, but you lack the internal support or budget. Your immediate task isn’t to build the process but to build the business case to get the sponsor you need.
• Low SHOULD / High CAN: Only if piggybacking. If a solution comes for free as part of another project, take it. Otherwise, don’t distract yourself.
• Low SHOULD / Low CAN: Defer consciously. Document the decision and review it later.

Moving from manual to scalable

At scale, manual spreadsheets are inefficient and create jeopardy. As part of your business growth plans, it’s vital to adopt technology that makes processes repeatable (workflows, not memory), provable (evidence is captured by default) and visible (Board-ready reporting without time-consuming manual collation).

By using a matrix like the one above, it becomes possible to shift from a reactive culture to a proactive, machine-building state, which grows rather than slows your business.

Would you like to apply this to your firm? If you’d value a worked example and the full scoring sheet to help you map your own processes, please email Ben at ben.mason@mycompliancecentre.com.