Book a Consultation
SUP 12 — APPOINTED REPRESENTATIVES OVERSIGHT · ANNA AI POWERED · FCA SUP 12.4–12.9 + FIT 1.3

The Appointed Representatives oversight operating system
your principal firm needs.

A complete, self-contained oversight record for every appointed representative. The 25-item SUP 12 compliance checklist. The per-AR onboarding and due-diligence pack. The 20-item SUP 12.9 records-retention pack. Otto's 5 report formats — including the FCA Dry-Run mock supervisory interview — drafted from your live data in 60 seconds.

Built for the post-Dec 2022 enhanced regime · The module the 2024 FCA Multi-Firm Review of principal firms made unavoidable.

Book a Consultation
25-Item SUP 12 Checklist
Per-AR Oversight Records
Board Sign-Off (SUP 12.6A.1R)
20-Item Records Retention Pack
5 Otto Report Formats
FCA Dry-Run Interview
The Post-Dec 2022 Problem

When the FCA reviews your AR oversight, an Excel sheet of AR contacts won't pass.

PS22/11 raised the bar substantially. The 2024 Multi-Firm Review of principal firms identified seven recurring weaknesses — most of them traceable to one root cause: principals tracking ARs in spreadsheets, drives and consultant decks rather than as living, evidenced supervisory records. The regime now expects active oversight, not appointment paperwork.

No Board Sign-Off. No SUP 12.6A.1R Artefact.

The post-Dec 2022 regime requires the governing body to sign off the annual SUP 12 self-assessment. The FCA explicitly looks for this artefact. Most principals can show the assessment was done — far fewer can produce a dated Board minute reference, named SMF signatory and supporting evidence file.

AR_Register_2023.xlsx
SUP12_self_assess_DRAFT.docx
Board_minutes_v3_FINAL_v2.pdf

Risk-Based Supervision Nobody Documents

SUP 12.6.13R says ARs flagged Red or Amber must receive intensified supervision — visit-cadence increases, file-review percentages raised, fin-prom approval shortened. The 2019 + 2024 Multi-Firm Reviews flagged this as the single most common gap: principals show RAG ratings but cannot show what changed when the colour did.

Acme — Red since Q3 No plan
Apex — Amber since Q1 No plan
Atlas — Red since Q2 No plan

Fin-Prom Approvals That Slip

SUP 12.6.10G + COBS 4 require the principal to approve every AR financial promotion before issue. The 2024 Multi-Firm Review specifically called out principals who couldn't show pre-issue approval evidence per fin-prom — let alone show their turnaround time when the FCA asked.

14 days
Average turnaround on AR fin-prom approvals.

"Where's the Evidence Pack for Acme?"

SUP 12.9 requires per-AR records for at least 5 years post-termination. Annual reviews, F&P assessments, agreement amendments, monitoring visits, customer-outcome tests, complaints, fin-proms approved, training records, breach notifications. Producing one AR's pack on FCA request, in one sitting, is the test most principals fail.

AR signed agreement · ?
Last annual review · ?
F&P + DBS + references · ?

If your AR oversight lives in spreadsheets, your Board hasn't dated a SUP 12.6A.1R sign-off, and you can't produce a single AR's evidence pack in 30 minutes, the operating system below is for you.

Features

The AR oversight operating system your firm needs.

Three things make it the OS, not a spreadsheet. Nine capabilities turn it into the system your SMF runs AR oversight from — day to day, and when the FCA calls. One module covering every SUP 12 obligation — live, scored, evidenced, year-locked.

Three ideas no spreadsheet SUP 12 can match.

Most principals run AR oversight from an Excel register and a folder of PDFs — until the FCA asks for one AR's evidence pack. The operating system below is built on three principles that change what the SMF can put in front of a supervisor — and what survives an AR's termination.

A living record for every AR. Not a row in a spreadsheet.

Each appointed representative gets its own workspace — onboarding, due diligence, APER people, oversight visits, issues, attestations and gap analysis — isolated and evidenced. When an AR is terminated the record stays intact for the SUP 12.9 five-year horizon. Produce one AR's full pack in a single click.

Excel + PDFs: one row, no evidence trail
RegTechPRO: a complete per-AR file, year-locked
SUP 12.9 · Per-AR · Evidenced

The FCA Dry-Run your supervisor will run anyway.

Otto sits as an FCA Skilled Person and runs the SUP 12 supervisory interview on your live oversight data — RAG-graded answers, examiner observations, signable PDF. Plus four more formats from the same data: the 14-chapter SUP 12 report, Board Quarterly, Executive Summary and a one-page Snapshot.

Other tools: one generic report, prose
RegTechPRO: 5 formats, supervisor-rehearsed
5 formats · FCA dry-run

A SUP 12 Health score out of 100 that can't be gamed.

The score is computed from your live data — section completion weighted across onboarding, oversight, records and attestations, plus the 25-item compliance checklist. Self-certification without evidence is impossible by design; every point traces back to a register row. RAG-rated green, amber or red.

Other tools: tag complete, move on
RegTechPRO: re-derived from data, defensible
Out of 100 · RAG-rated

Nine capabilities turn this into the system your firm runs AR oversight from.

Built for the supervisor visit you haven't had yet, the AR that just went Red, and the board paper due Friday. Every capability ships in the module. No tier gate, no add-ons.

1 Onboard Vet, appoint and scope every AR to the SUP 12 standard.
Onboarding & permissions map

Capture appointment dates, contacts and regulated activities, then build a per-AR permissions & scope map — activity, customer types, geographic reach and restrictions, row by row. The record the FCA expects in place before an AR takes on business.

SUP 12.4 · Per-AR
Due-diligence pack

FCA Register check, business plan, accounts, PI insurance, references and beneficial-owner screening — each item tracked Not Requested / Requested / Received, with the evidence file attached. Pre-appointment and ongoing diligence you can prove, not just claim.

SUP 12.4 · Evidenced
APER / Fit & Proper register

Every Approved Person at the AR with controlled functions, F&P assessment and renewal dates, FIT 2.1 disclosures, conduct training and CPD logs — mirrored from People Compliance so the AR's senior people are evidenced to your own standard.

FIT 1.3 · APER · Conduct
2 Oversee Active, risk-based supervision — and the evidence you did it.
Supervisory meetings & audits

On-site audits and supervisory meetings logged with RAG ratings, findings and linked remediation actions, plus second-line file reviews — financial promotions, customer outcomes, complaints sampling and T&C. Proof you supervised, not just appointed.

SUP 12.6.10G · RAG
Risk-based intensified monitoring

When an AR is rated Red or Amber, the platform drives the intensified plan SUP 12.6.13R requires — raised cadence, named owner, outcome and next review date. The exact gap the FCA Multi-Firm Review flagged: showing what changed when the colour did.

SUP 12.6.13R · Risk-based
Issues, breaches & SUP 15

A per-AR register of issues, breaches and complaints — severity, SUP 15 notification status, owner and remediation due date. Anomaly flags auto-suggest issues before they escalate; closed items keep their root-cause analysis and lessons learned.

SUP 15 · Severity-rated
3 Prove From live data to signable, board-ready PDF in 60 seconds.
AR attestations

Push periodic attestations to every AR and track them coming back — each submission lands with the AR's self-reported RAG and a full set of answers, then an approve / reject workflow. Network approval rate at a glance; every submission exportable to CSV.

Network-wide · CSV
Gap analysis & Health score

A structured self-assessment across all 14 SUP 12 chapters — Met / Partial / Not Met per question, with notes and attached evidence. It feeds the SUP 12 Health score out of 100; click the score to see exactly why you're at 1 point instead of 2.

SUP 12.6A · Out of 100
5 Otto report formats & export

Full SUP 12 (14 chapters) · FCA Dry-Run mock interview · Board Quarterly · Executive Summary · Snapshot. Same data, five audiences, with the pre-calculated score injected so there's no LLM arithmetic drift. Export to PDF, Word or CSV.

5 formats · PDF/Word/CSV

Every SUP 12 sub-rule. One module.

25 checklist controls cited to specific sub-rules. Eight live AR-oversight surfaces feeding a SUP 12 Health score out of 100. 5 Otto formats drafted from your live data — including the FCA Dry-Run mock supervisory interview.

25
SUP 12 checklist items
8
AR oversight surfaces
100
Health-score points
5
Otto report formats
14
Gap-analysis chapters
Appointment & due diligence SUP 12.4
AR / IAR agreement contents SUP 12.5
Ongoing oversight & responsibilities SUP 12.6
Risk-based intensified monitoring SUP 12.6.13R
Self-assessment & board sign-off SUP 12.6A
FCA notifications SUP 12.7
Termination & wind-down SUP 12.8
Records retention (5 years) SUP 12.9
Approved Persons fitness & conduct FIT 1.3 / APER
Plus: the post-Dec 2022 enhanced AR regime (PS22/11) · pre-issue financial-promotion approval (COBS 4 / SUP 12.6.10G) · SUP 15 breach & complaint notifications · the 25-item SUP 12 checklist with statute-cited tooltips · multi-year persistence with records that survive AR termination.

Enterprise quality. SME pricing.

Affordable, modular monthly pricing · No tier gate. No add-ons. No setup fee.

See it in your firm
The Solution

Every SUP 12 obligation. In one place.

Eight working surfaces — onboarding, due diligence, APER, oversight, issues, breaches, attestations and gap analysis — feeding a transparent SUP 12 Health score out of 100, every point auditable back to its evidence source (auto vs user-attested). A 25-item SUP 12 compliance checklist covers items a–y, and risk-based monitoring surfaces a drifting AR before a supervisor does. Every record feeds Otto’s 14-chapter board-ready SUP 12 report.

SUP 12 AR Oversight Dashboard — SUP 12 Health score out of 100, Active ARs, Approved Persons, Issues and Attestation KPIs, section heatmap

The principal's 30-second view of the whole network. A SUP 12 Health score out of 100, RAG-rated, with four live KPI tiles — Active ARs, Approved Persons, open Issues and Attestation status — a section-by-section heatmap and an AR risk-distribution bar. Every appointed-representative obligation on one screen.

AR onboarding — appointment details, contact information, regulated activities and permissions & scope map

Appoint a new AR properly from day one. Capture appointment dates, contacts and regulated activities, then build a full permissions & scope map — activity, customer types, geographic reach and restrictions, row by row. The record the FCA expects in place before an AR ever takes on business.

AR due diligence register — FCA Register check, business plan, accounts, PI insurance, references and beneficial-owner screening

Pre-appointment and ongoing due diligence in one register. FCA Register check, business plan, accounts, PI insurance, references and beneficial-owner screening — each item tracked Not Requested / Requested / Received, with the evidence attached. SUP 12.4 diligence you can prove, not just claim.

APER record — Approved Persons at each AR with controlled functions, fitness & propriety assessments, conduct training and CPD

Every Approved Person across the network, fit-and-proper and on file. Controlled functions, F&P assessment and renewal dates, FIT 2.1 disclosures, conduct training and CPD logs — mirrored from People Compliance so the AR's senior people are evidenced to the same standard as your own.

Ongoing AR oversight — supervisory meetings, intensified monitoring plans, second-line audits and conflicts of interest

Ongoing oversight, evidenced. Supervisory meetings and on-site audits (SUP 12.6.10G) with RAG ratings and linked remediation actions, intensified monitoring plans for higher-risk ARs (SUP 12.6.13R), second-line file reviews and a conflicts-of-interest register. Proof you actually supervised — not just appointed.

AR issues and breaches register — severity, SUP 15 notification status, remediation owners and root-cause analysis

Every AR issue, breach and complaint in one register. Severity, SUP 15 notification status, owner and remediation due date — with anomaly flags auto-suggesting issues before they escalate. Closed items keep their root-cause analysis and lessons learned for the next supervisor who asks.

AR attestation register — periodic sign-offs from each appointed representative with RAG, approval workflow and CSV export

Push periodic attestations to every AR and track them coming back. Each submission lands with the AR's self-reported RAG, the full question-by-question answers and an approve / reject workflow — network-wide approval rate at a glance, every submission exportable to CSV.

SUP 12 gap analysis — 14-chapter self-assessment with Met / Partial / Not Met toggles and evidence per question

A structured self-assessment across all 14 SUP 12 chapters — onboarding, monitoring, conflicts, terminations, FCA notifications, records and board sign-off. Every question gets a Met / Partial / Not Met toggle, notes and attached evidence, so "where exactly are the gaps?" has an answer before the FCA asks.

The Otto Report Engine

The SUP 12 you can rely on.

Five board-ready report formats from one data set — including the FCA Dry-Run mock supervisory interview Otto runs on your own live AR oversight data. Built from your onboarding, due-diligence, oversight, issues and attestation records, scored out of 100, signable as a PDF. Rehearse the supervisor's questions before the supervisor does.

Full SUP 12
14 chapters
The full oversight report
FCA Dry-Run
12 Q&A · RAG-graded
Mock supervisory interview
Board Quarterly
5 sections
Board oversight pack
Executive Summary
3 sections
C-suite briefing
SUP 12 Snapshot
4 sections
Compliance gap analysis
Live sample · Otto-drafted from real firm data

Otto sits as the FCA Skilled Person.
Your SUP 12 answers in its own voice.

12 set SUP 12 questions. Each answered from your live AR records — onboarding, due diligence, APER, monitoring visits, issues and attestations. RAG-graded. Examiner observation noted. Signable PDF in 60 seconds.

1
FCA Examiner How do you satisfy yourself an appointed representative is fit and proper before you appoint them?
Otto Green · Met

Every appointment runs through a standard due-diligence pack before the agreement is signed, evidenced per AR under SUP 12.4: FCA Register check, business plan, two years' accounts, PI insurance certificate, two references and beneficial-owner / UBO screening. Each item is tracked Not Requested / Requested / Received with the source document attached. Approved Persons at the AR are assessed against FIT 1.3 with DBS, credit and reference checks held on file. For the most recent appointment (Acme Wealth Ltd, 12 Feb 2026) all eleven diligence items were Received and the agreement scope was mapped to the AR's permitted activities before go-live.

Examiner Observation Pre-appointment due diligence is standardised, evidenced and complete, with fitness assessed on the AR's approved persons. Demonstrates the SUP 12.4 appointment expectation. No follow-up action required at this stage.
2
FCA Examiner Who in the firm has named accountability for AR oversight? Show me the SM&CR mapping.
Otto Amber · Partial

AR oversight accountability sits with the Compliance Oversight function (Ines Kowalski, SMF16), evidenced in the firm's SM&CR Statements of Responsibilities and re-attested in the Q1 2026 review cycle. The governing body receives quarterly AR network MI and signs the annual self-assessment under SUP 12.6A.1R. The firm has not yet formally codified a deputy for the SMF16 in the event of incumbent absence; this is included in the Q2 2026 forward plan for resolution by 30 June 2026.

Examiner Observation Primary accountability is named and documented, with board-level sign-off in place. Continuity-of-accountability arrangements are an identified gap with a tracked remediation. The firm should expedite the deputy designation so AR oversight is covered under any plausible absence.
3
FCA Examiner Show me how you supervised a higher-risk AR this year and what changed when its rating did.
Otto Green · Met

Apex Mortgages Ltd was moved from Green to Amber on 17 March 2026 after a complaints cluster on suitability. An intensified monitoring plan was opened under SUP 12.6.13R, owned by the SMF16: file-review sampling raised from 5% to 20%, financial-promotion approval moved to monthly pre-issue review, and a supervisory visit was brought forward. Two remediation actions were tracked to named owners; following the June review the suitability sample passed clean and the AR returned to Green.

Examiner Observation Risk rating drove a documented change in supervisory intensity, with cadence, sampling and owners all evidenced and a clear outcome. Demonstrates the SUP 12.6.13R expectation the Multi-Firm Review tested. No follow-up action required.

Every chapter. Every SUP 12 anchor.

Otto drafts all 14 chapters of the Board-ready SUP 12 oversight report from your own live records — onboarding, due diligence, APER, agreements, monitoring visits, intensified plans, issues and attestations. Scored out of 100 so a firm cannot claim 100% without the evidence trail to back it up.

14
Chapters drafted
100
Health-score model
25
SUP 12 checklist items
~28s
To full draft
1
Introduction & AR Network Scope
SUP 12.2
2
Appointment & Due Diligence
SUP 12.4
3
AR / IAR Agreements
SUP 12.5
4
Permissions & Scope of Appointment
SUP 12.5
5
Approved Persons — Fitness & Conduct
FIT 1.3 / APER
6
Ongoing Oversight & Monitoring
SUP 12.6
7
Risk-Based Intensified Monitoring
SUP 12.6.13R
8
Financial Promotions Approval
COBS 4 / SUP 12.6.10G
9
Issues, Breaches & Complaints
SUP 15
10
Conflicts of Interest
SUP 12.4 / SYSC 10
11
FCA Notifications
SUP 12.7
12
Termination & Wind-Down
SUP 12.8
13
Records & Retention
SUP 12.9
14
Self-Assessment & Board Sign-Off
SUP 12.6A
SUP 12.6.10G · supervisory monitoring

Named ARs. Dated visits. Logged outcomes.

An AR register that records appointments but no supervision is the gap the FCA quotes back at every Multi-Firm Review. Every visit, audit and file review here is dated, RAG-rated and remediated; findings become tracked actions with a named owner and due date.

Owner AR & scope Date Outcome
Ines Kowalski
SMF16 · Compliance Oversight
 Annual oversight visit: Acme Wealth Ltd (AR). Full file review, financial-promotion sample and complaints check against the agreed scope of appointment. Mar 17, 2026 Green · Pass
Clara Montalvo
Compliance Monitoring · 2LoD
 Customer-outcome file review: Apex Mortgages Ltd (AR). 12-file suitability sample under Consumer Duty; one unsuitable recommendation identified. Feb 24, 2026 Amber · 2 actions
Daniel Ofori
Financial Promotions · 1LoD
 Financial-promotion approval audit: Atlas Protection Ltd (AR). 20 fin-proms sampled for pre-issue approval evidence under COBS 4 / SUP 12.6.10G. Feb 06, 2026 Green · Pass
Ines Kowalski
SMF16 · Compliance Oversight
 Intensified monitoring review: Borealis Capital Ltd (AR, Red). Monthly cadence under SUP 12.6.13R after a SUP 15 breach; PI cover lapse identified. Jan 22, 2026 Red · remediation Q2

Three named attestors. One oversight lifecycle.

SM&CR, proved. The Compliance Oversight function owns the AR oversight programme, the executive operates it, and the Board Chair attests under SUP 12.6A.1R. Once locked, the report stays traceable to the underlying AR records and reproducible for every review the FCA runs across the SUP 12.9 five-year retention period.

SMF16 · Compliance Oversight
Ines Kowalski
Compliance Oversight · AR Oversight Programme Owner
Signed Mar 26, 2026
SMF3 · Executive Director
Nadia Bergström
Executive Director · AR Network Oversight
Signed Mar 27, 2026
Chair · Board Oversight
Reginald Bartholomew
Board Chair · SUP 12 Board Sponsor
Signed Mar 28, 2026
Report locked · Mar 28, 2026 · 18:17 GMT Read-only. Traceable to every AR record. Reproducible across the SUP 12.9 five-year record-retention period.
Otto AI for SUP 12 Oversight

Your full SUP 12 — and the FCA Dry-Run — in 60 seconds.

Otto is trained on SUP 12.2 through 12.9, FIT 1.3 and APER, the post-Dec 2022 enhanced AR regime (PS22/11), SM&CR accountability and the FCA's Multi-Firm Reviews of principal firms. It answers your AR oversight queries in seconds, and drafts your choice of Full SUP 12, FCA Dry-Run, Board Quarterly Pack, Executive Summary or SUP 12 Snapshot — all from the live AR records your firm has actually populated.

SUP 12 EXPERT · SUP 12 AUTHOR

Your SUP 12 Oversight regulatory research desk and multi-format report author, in one.

Otto does two things for AR oversight. First, it answers any SUP 12 query your team throws at it; rule-cited, handbook-grounded, with the specific figure from your own records where relevant. Second, it drafts five different report formats from the same data, sized for the audience: a 14-chapter Full SUP 12 for the regulator, a Board Quarterly Pack for governance, a 1–2 page Executive Summary for the CEO, a SUP 12 Snapshot for the Compliance Officer, and a 12-question FCA Dry-Run mock supervisory interview that RAG-rates each answer in your firm's own voice. Speed via Otto AI, underpinned by 1,500+ expert documents.

  • Answers SUP 12.2–12.9, FIT 1.3 and APER queries with rule-level citations
  • Drafts 5 report formats from one data set — pick from a radio-card selector, Generate, done
  • FCA Dry-Run rehearses the supervisory interview with green/amber/red answers and an examiner observation per question
  • Synthesises from your onboarding, due-diligence, APER, monitoring, issues and attestation records. Never invents defaults
  • Never attests for you. Self-assessment answers and Board sign-off stay with the firm
Your AR oversight research desk

Ask Otto anything about SUP 12. Get a cited answer.

“What due diligence must we hold before appointing an AR?” “When does SUP 12.7 require us to notify the FCA?” “What does intensified monitoring under SUP 12.6.13R actually require?” Otto answers from the handbook, SUP 12, the AR policy statements and your live AR records in seconds, with citations.

  • SUP 12, FIT 1.3 & SM&CR grounded
  • Cites rules, paragraphs & your own data
  • Reads your AR records & 25-item checklist live
  • Available across every AR oversight tab
Otto AI
Online · AI Compliance Advisor
When does SUP 12.7 require us to notify the FCA about an AR, and what's a defensible process for our firm?

SUP 12.7 requires you to notify the FCA of specific AR events, within set time limits. The events most principals codify are:

  • Appointing or terminating an AR. Notify before appointment, and within 10 business days of termination
  • Any change to an AR's scope of appointment. SUP 12.7 alignment
  • Any matter affecting an AR's fitness — a SUP 15 reportable breach, complaints trend or PI lapse

Your AR register flags Borealis Capital with a lapsed PI certificate as of 15/03/2026 — that's a fitness matter you should notify. Acme Wealth's appointment on 12/02/2026 was notified before go-live, which is correct.

Drawn from: SUP 12.7 · SUP 15 · Your AR Register
Ask Otto anything about SUP 12 or AR oversight…

Audit-ready the moment the regulator calls.

Otto drafts your choice of 5 report formats from the same live data in seconds — the regulator gets the Full SUP 12, the Board gets the Quarterly Pack, the CEO gets the Executive Summary, the Compliance Officer gets the SUP 12 Snapshot, and you rehearse on the FCA Dry-Run. When an AR's rating changes, the platform opens the intensified-monitoring plan SUP 12.6.13R requires and tracks it to a named owner. See it all in a live demo.

Book a live demo See everything Otto produces
What Our Clients Say

When the FCA reviewed their AR network, they were ready.

From Compliance Officers to principals, firms are replacing a spreadsheet of AR contacts with a scored, evidenced, board-reportable oversight programme.

5.0

The SUP 12 Health score is the single most defensible number we've ever put in front of our board. Before, AR oversight lived in a spreadsheet nobody could evidence. Now every point breaks down into a scored section with the register data behind it. Our last Board paper ran to three pages — and they asked better questions because the score actually meant something.

Robert Thompson
Robert Thompson Compliance Director, Principal Firm
4.7

We got a SUP 12-cited, 14-chapter oversight report out of Otto in under a minute, built from our own onboarding, due-diligence and monitoring records. The risk-based monitoring flagged two ARs that had quietly drifted to Amber before anyone had written it down. A fraction of a consultant spend, doing the work of an annual review and a file-review exercise.

Priya Sharma
Priya Sharma Compliance Oversight (SMF16), Principal Firm
FAQs

SUP 12 Oversight, Questions Answered

Everything you need to know about SUP 12 coverage, the Health score out of 100, Otto's 5-format report engine, risk-based AR monitoring, and how it sits inside RegTechPRO.

What are the 5 Otto report formats and when would I use each?
Full SUP 12 (14 chapters) — the comprehensive oversight report, for the regulator and Board sign-off. FCA Dry-Run (12 questions) — a mock supervisory interview where Otto answers each set FCA question in your firm's voice from your data and RAG-rates each one; rehearse this before any FCA visit. Board Quarterly Pack (5 sections) — concise, decision-oriented governance pack; tone is “what does the Board need to know and approve?”. Executive Summary (3 sections) — 1–2 pages for the CEO / Exec Committee, plain English, lead with the bottom line. SUP 12 Snapshot (4 sections) — rule-by-rule compliance gap analysis for the Compliance Officer or any FCA Skilled Person. All five draw from the same data set; you pick the format with a radio card and hit Generate.
If I switch report formats do I lose the previous draft?
No. Each format keeps its own per-section content cache. The Board Quarterly you generated in March is preserved when you switch to the Full SUP 12 in April; switching back to Board Quarterly restores it exactly as it was. Per-section regeneration only refreshes the section you click; manual inline edits are preserved on save.
How does the SUP 12 Health score out of 100 work?
Composite, out of 100. Two components: your section statuses across the SUP 12 surfaces — onboarding, due diligence, APER, oversight, records, FCA notifications and issues — weighted by importance (about 60%), and the 25-item SUP 12 compliance checklist (about 40%). Each item scores 0 / 1 / 2 (Not Started / In Progress / Complete). Section scores are derived from your live records, so a firm cannot mark itself 100% without the register data behind it. RAG-rated: green ≥80, amber ≥50, red below. Click the ring for a full breakdown of where each point comes from, and rebalance the pillar weights if your firm's risk profile demands it.
Can we edit Otto's draft before it goes to the board?
Yes. Every section across every format is editable inline, and Otto can regenerate any individual section if your underlying data changes. Each section has its own “Generate with Otto AI” and “Edit Manually” buttons plus a free-text “Add additional notes or edits…” textarea. Export the active report as a branded formatted PDF (navy cover, auto-TOC) for the regulator, as a Word (.doc) file that opens with track-changes for internal edits, or as a Full Pack ZIP that bundles the underlying AR record exports alongside.
How does risk-based intensified monitoring work?
When you rate an AR Red or Amber, the platform opens an intensified monitoring plan under SUP 12.6.13R: you capture the trigger (a complaints cluster, a SUP 15 breach, a prior-year rating), the raised monitoring cadence (monthly / quarterly), the named owner (SMF), the outcome and the next review date. Raised file-review sampling and pre-issue financial-promotion checks are tracked against the AR until it returns to Green. This is the exact gap the FCA Multi-Firm Review flagged — principals showing RAG ratings but unable to show what changed when the colour did. The Dashboard surfaces the AR risk distribution (Green / Amber / Red / Unrated) so escalations are never out of sight.
What is the FCA Dry-Run and what does “RAG-rated” mean here?
It's a mock supervisory interview. Otto asks 12 set SUP 12 questions on your firm's behalf and answers each one from your live AR oversight data. For every answer it returns: a 1–3 sentence response in your firm's voice, a Green / Amber / Red rating reflecting the depth of evidence in your data (Green = comprehensive evidence; Amber = partial / in-progress; Red = absent or materially deficient), and a 1–2 sentence examiner observation telling you what an FCA supervisor would push back on. Read it before the supervisor does. Better to fix the Reds in advance than to be surprised mid-interview.
How do AR onboarding and due diligence work?
Each AR gets a structured onboarding workspace: appointment dates, contacts, regulated activities and a permissions & scope map (activity, customer types, geography, restrictions). Alongside it sits a due-diligence register — FCA Register check, business plan, accounts, PI insurance, references and beneficial-owner screening — each item tracked Not Requested / Requested / Received with the evidence file attached. The agreement scope is mapped before go-live, so an AR never takes on business outside its permitted activities. It's the SUP 12.4 appointment standard, evidenced per AR rather than buried in a folder.
What FCA rules does the module cover?
The full SUP 12 framework for appointed representatives: SUP 12.2 (introduction & scope), SUP 12.4 (appointment & due diligence), SUP 12.5 (the AR / IAR agreement and scope), SUP 12.6 (ongoing oversight), SUP 12.6.13R (risk-based intensified monitoring), SUP 12.6A (annual self-assessment & board sign-off), SUP 12.7 (FCA notifications), SUP 12.8 (termination) and SUP 12.9 (records, five-year retention). Adjacent obligations: FIT 1.3 and APER for the AR's approved persons, COBS 4 / SUP 12.6.10G for financial-promotion approval, SUP 15 for breach and complaint notifications, and the post-Dec 2022 enhanced regime (PS22/11).
What's in the 25-item FCA SUP 12 Compliance Checklist?
Items a through y. Each is a principal-level SUP 12 control with a plain-English statement and a rule anchor. Covers pre-appointment due diligence, the AR agreement and scope of appointment, fitness & propriety of approved persons, ongoing monitoring and supervisory visits, risk-based intensified monitoring, financial-promotion approval, complaints and breach handling, conflicts of interest, FCA notifications, termination, five-year record retention, and the annual self-assessment with Board sign-off. 2 pts (Met), 1 pt (Partial), 0 pts (Not Met) — feeding the checklist component of the SUP 12 Health score.
How do issues, breaches and SUP 15 notifications work?
Every AR has its own issue register. You log issues, breaches and complaints with a category, severity (Red / Amber / Green), SUP 15 notification status (Yes / No / Pending), owner and remediation due date. Anomaly flags auto-suggest issues from your data — for example a lapsed PI certificate — as one-click candidates before they escalate. When an issue is closed it keeps its root-cause analysis and lessons learned, so the next supervisor who asks “what went wrong with this AR, and what did you do?” gets a complete answer rather than a shrug.
How does it integrate with the rest of RegTechPRO?
One platform, one set of data. SUP 12 oversight shares records with the rest of the platform — one workspace per AR. The AR's people surface in People Compliance (the APER record is mirrored), issues and breaches feed the MI Dashboard, and the AR's documents sit in the shared evidence vault and Document Library. One platform, one set of compliance data.
How do attestations from the AR network work?
You push a periodic attestation to every AR and track them coming back. Each submission lands with the AR's self-reported RAG, a full set of question-by-question answers (compliance status, outstanding issues, PI cover, key changes, data breaches, board sign-off) and a submission date. The principal approves or rejects each one with comments. The Dashboard shows the network approval rate — Approved / Pending / Missing — at a glance, and every submission is exportable to CSV for the board pack.
How much does the SUP 12 module cost?
Affordable, modular monthly pricing. The module ships a 14-chapter Otto-generated oversight report. See regtechpro.co.uk/pricing for the full modular calculator.
Do I need the whole RegTechPRO platform, or can I just have this module?
SUP 12 oversight is an add-on to a RegTechPRO subscription. It sits inside the platform so it can share data with People Compliance (the APER record), the MI Dashboard (AR network tiles) and the Document Library (AR evidence and exports). The base subscription includes the core modules you need to make AR oversight function end-to-end.
How long does setup take?
Under a day. The module ships pre-seeded with the 25-item SUP 12 checklist, the 14-chapter gap-analysis structure, the due-diligence document set, the APER controlled-function list and the report skeleton. You add your ARs, their approved persons, their permissions and your monitoring schedule. Then Otto drafts the report. No migration project; the framework ships built in.
I'm a compliance consultant. Can I run this across my client book?
Yes. It's one of the module's strongest use cases. Each principal client gets its own workspace — its own AR register, its own SUP 12 Health score, its own 14-chapter oversight report. You run the production line; the client retains accountability (the SMF sign-off, self-assessment answers and Board review date). Consultants reserved for skilled-person reviews; the oversight production itself becomes platform-owned.
How is multi-year history kept defensible?
Three layers. First, on 1 January the platform auto-locks the previous year and writes an audit-trail entry recording the lock event. Second, previous years are read-only by default — an FCA skilled-person opening the 2024 report sees exactly what was approved by the Board at the time. Third, if you legitimately need to amend a prior year (e.g. a QA finding), you click Unlock; this opens a modal capturing your email (auto-detected) and a required free-text reason, both written to the audit trail. A clock-icon button next to the year selector opens the Unlock History popup so the full date / user / reason history for any year is one click away. Defensible posture for any FCA review.
What's the Field Guidance / tooltip system?
A small (i) icon next to every form-field label. Hover for an unpinned preview; click for a pinned popover. Each tooltip shows a regulatory citation pill (e.g. SUP 12.7 / FIT 1.3), a plain-English description, an option-by-option guide for dropdowns, and a worked example. It removes the “what does this field actually want?” guesswork and makes onboarding a new oversight owner dramatically faster. Same component used in our Data Protection and Financial Crime modules.
Does Otto ever attest on my behalf?
No. Otto synthesises; it never attests. The design principle is deliberate and matches the other RegTechPRO modules: human attestation at the input (your due-diligence sign-offs, your AR risk ratings, your self-assessment answers, the Board sponsor's sign-off date), AI efficiency in the middle (its 14-chapter oversight report), human sign-off at the output. This is the supervisory-grade division of labour the FCA would want to see, and matches SUP 12.6A's clear board-accountability expectation.
What does Otto actually cite when it writes?
The SUP 12 rule it's addressing. The due-diligence chapter opens with "in accordance with SUP 12.4, which requires the firm to be satisfied an appointed representative is solvent and suitable…", plus the specific facts from your records (the AR's FRN, the diligence items received, the dates of your last monitoring visit, the AR's current RAG rating). Adjacent citations: FIT 1.3 and APER for approved-persons fitness, SUP 15 for reportable breaches, and SUP 12.7 for any notifiable event.
How reproducible is a prior-year report?
Fully reproducible. The Year selector lets you view any historical report as it was signed off; previous years are read-only by default and any edit requires the audit-trailed unlock flow. Each section is stored per-year per-format after Otto generates it, so a 2026 Board Quarterly opened in 2028 still reads exactly as approved at the time. The underlying AR records are preserved alongside, so an FCA skilled-person review can trace every claim back to the record that supports it.
What audit trail do inspectors see?
Every section status is timestamped. Every due-diligence item records who marked it Received and when. Every monitoring visit logs a date, scope, RAG rating and the actions raised. Every issue carries a severity, a SUP 15 notification status and a remediation owner. Every AR attestation records the submission date, the self-reported RAG and the approver. Every year-lock and unlock event is in the audit trail with user and reason. An inspector asking “when did you last review this AR?” gets a dated, named-owner, RAG-rated answer in one click; “who unlocked 2024 in March?” gets a name, timestamp and reason.

Book a consultation

See how RegTechPRO can strengthen your appointed representative oversight — and prove it in just a few clicks.

Book a Consultation

Message Us

Thank you!

We've received your enquiry and will be in touch shortly.