The rise and rise of the Dear CEO letter

It has become something of a trend for the FCA to issue Dear CEO letters

Graeme Stewart

Graeme Stewart

4 November 2020
Officially referred to as portfolio letters, the regulator has a dedicated 'supervisory correspondence' section on its website to house them all.

This table shows the change in the volume of Dear CEO letters issued over the last two years:
  2018 2019 2020 (to date)
Number of Dear CEO letters issued 1
(across one sector)
(across 3 sectors)
(across six sectors)

As more Dear CEO letters have been issued this year in particular, it's worth understanding the FCA's rationale for sending them, the common themes and how firms should respond.  

The FCA perspective

The regulator uses a range of different channels to communicate with firms, including:

  • sending letters to senior individuals in firms
  • using social media such as Twitter and LinkedIn
  • publishing its monthly regulation round-up email and market watch newsletter
  • pro-active calls from the FCA contact centre and supervisory teams
  • hosting industry roundtable events
  • speeches from senior FCA staff 
  • engaging with firms at public events such as the Live and Local programme
All firms are supervised by the FCA as members of a 'portfolio' that share a common business model (hence the name 'portfolio letters'). 

The regulator says: "For portfolio communications, we will set out our view of the main risks of harm in a portfolio, the action we expect firms to take, and what we will be doing to reduce the level of harm in that sector.”

Where firms’ activities span several regulated sectors, they will receive a letter for the main portfolio they operate in.

But firms should also review letters for other portfolios that may be relevant to their business.

The portfolios by sector are:

  • Wholesale financial markets
  • Retail lending (including mortgage brokers)
  • Investment management
  • General insurance and protection (including personal and commercial lines insurance brokers)
  • Pensions and retail investments (including financial advisers and planners)
  • Retail banking and payments
(You can find a more detailed breakdown of portfolios by sector here)
The letters themselves are generally four to six pages long and tend to come across as quite terse and instructional.

They set out:

  • What the FCA sees as the key drivers of harm in the particular portfolio a firm is in
  • What the FCA is going to do to reduce these harms
  • What action(s) firms are expected to take as a result of receiving the letter
As mentioned earlier, the FCA also seems to expect firms to act not only on any letter they may receive, but also be aware of other letters being issued if the topics raised are relevant to their firm’s activities. 

Arguably this is quite a big ask of firms, but this seems to be an expectation nonetheless.  

The common themes

While each letter will detail the specific issues the FCA has identified as causing harm in a portfolio, there are some consistent themes.    

Perhaps unsurprisingly, the main key messages relate to the Senior Managers and Certification Regime (SMCR).

As part of this, there's a big focus on culture. 

The FCA defines culture as “the habitual behaviours and mindsets that characterise an organisation.”

Drivers of culture that the FCA focus on include:


A firm’s purpose sits at the heart of its business model.

Strategy and culture can pay a fundamental role in reducing harm to clients and to markets.

The FCA recently noted that some staff in firms they had so-called 'engine room' discussions with were unclear about their firm’s corporate purpose.

Staff were also said to be unclear about how their own roles contributed to that purpose, which was rarely discussed.


Senior managers should demonstrate they have strong ownership of their responsibilities as described in their statement of responsibilities.

Senior managers are accountable for taking steps to train, manage and lead their teams.

They should use also use their management information (MI) to identify any failings and, where necessary, intervene to make sure these failings are correctly addressed.


Firms should have up-to-date and bespoke systems and controls in place to run the business compliantly, such as training and competence plans.

Approach to people

Firms should be able to demonstrate good management and good supervision of their people.

Alongside this, there should be a recruitment policy in place for diversity and inclusion, and pay and reward processes that are based on quality output rather than being weighted towards the quantity of output.

Another theme that often crops up is around the FCA’s concerns that firms with appointed representatives are not doing enough to ensure proper supervision by the principal firm.

How firms should respond to a Dear CEO letter

To paraphrase Mel Brooks, the approach here is to hope for the best while planning for the worst. 

It's not unreasonable to think that at some stage the FCA will want to review the effectiveness of sending Dear CEO/ portfolio letters. 

This could well take the form of a follow-up letter in which the regulator reminds a firm of the actions they were recommended to take, and then requests evidence that these actions have been carried out or that additional staff training has been provided. 

So, start by asking yourself what you could send back to the FCA to evidence the action(s) you took in response to receiving their letter.

This could include:

  • Who saw the letter - for example, as evidenced by senior manager meeting minutes, continuing professional development records, action plans and/or team meeting discussion minutes
  • Who took action - evidenced by all/ any of the above, most likely someone holding the appropriate senior management function. At the very least, this should cover the actions)being overseen by that person
  • What action was taken - evidenced by all of the above, or by changes to internal processes
  • How did you review effectiveness - evidenced by all/ any of the above, feedback from clients or staff, changes in the MI, reduction in complaints, increase to bank balance
  • How were relevant staff trained/ updated on the actions taken? - evidenced by all/ any of the above, updates in job descriptions, statements of responsibilities
  • Where is this recorded? - evidenced by all/ any of the above
How a firm can evidence their response to receiving a Dear CEO letter will very much be determined by the structure and size of the firm.

However, being ready to respond to any Dear CEO letter you've received (and other portfolio letters relevant to your firm's business) doesn’t need to be more complex than the above guidance. #

We hope you find this helpful.

Reading this blog counts towards your CPD!

Click here to add this session to your Paradigm CPD log.



APCC Member
Paradigm Consulting is a Member of the Association of Professional Compliance Consultants

Paradigm Consulting is a trading name of Paradigm Partners Ltd
Office address: Paradigm Partners Ltd, Paradigm House, Brooke Court, Wilmslow, Cheshire, SK9 3ND
Paradigm Partners Ltd is registered in England and Wales. No.09902499. Registered Office: As above

Paradigm Mortgage Services LLP
Office address: 1310 Solihull Parkway, Birmingham Business Park, Birmingham B37 7YB
Registered in England and Wales. Company No: OC323403. Registered Office: Paradigm House, Brooke Court, Lower Meadow Road, Wilmslow, SK9 3ND
Paradigm Mortgage Services LLP is a Limited Liability Partnership.

Paradigm Protect is a trading name of Paradigm Mortgage Services LLP
Office address: 1310 Solihull Parkway, Birmingham Business Park, Birmingham B37 7YB
Paradigm Mortgage Services LLP is registered in England and Wales. Company No: OC323403. Registered Office: Paradigm House, Brooke Court, Lower Meadow Road, Wilmslow, SK9 3ND
Paradigm Mortgage Services LLP is a Limited Liability Partnership.