DRAFT

BOARD CONFIDENTIAL

Compliance Team Kick-Off Meeting

Compliance Team Meeting

20th March 2026

Commencing at [time]

[Location]

Present

Mr A. Dymock (in the chair)

Ms D. Allen

Ms E. Garrett

In Attendance

None recorded.

Apologies

None received.

Quorum

It was noted that a quorum was present and the meeting was declared open.

Declarations of Interest

No new declarations of interest were made.

Previous Minutes

This being the inaugural meeting of the compliance team, there were no previous minutes to approve.

Matters Arising

There were no matters arising not otherwise covered by the agenda.

1. Compliance Plan Framework Review

The team received and considered the initial compliance plan framework document and spreadsheet that had been circulated in advance. It was noted that Ms Garrett had reviewed the framework and identified areas where she would be comfortable taking a lead role and those where additional guidance and support would be beneficial.

It was agreed that Ms Allen would review the same framework and organise items by importance and urgency. The team noted that while nothing was currently presenting immediate risk to the business, ICE remediation catch-up work required attention within existing operations.

The board noted the need for clearer demarcation between first and second line functions across the business, which would be added to the agenda for future sessions.

Action: Ms Allen to organise compliance plan list by importance and present findings at the next meeting.

2. Team Cadence and Operating Framework

Following detailed discussion regarding meeting frequency and team rhythm, it was agreed that the team would meet on Friday mornings on a regular basis. The meeting chair would rotate among team members, with the chair responsible for circulating agendas and any pre-reading materials in advance.

It was noted that these meetings would serve as internal planning sessions rather than formal governance meetings and would not be minuted in the same manner as board proceedings.

The team agreed to establish a Teams channel for day-to-day communications to facilitate efficient information sharing between formal meetings.

It was resolved that the team would adopt a working time allocation framework of approximately one-third on urgent issues, one-third on important strategic matters, and one-third maintaining capacity for reactive requirements.

Action: Ms Allen to set up a Teams channel for the compliance team.

Action: Mr Dymock to send meeting notes and actions to the team by close of business on 20th March 2026.

3. File Review Process Enhancement

The team considered the current file review process and noted concerns regarding its effectiveness in its present form. Following discussion, it was agreed that the process should be restructured to incorporate a first-line automated checklist system using green, amber, and red indicators.

It was noted that quality assurance would intervene on amber and red flags before compliance oversight became necessary, ensuring that compliance remained genuinely second line while quality assurance operated at approximately "1.5 line" level.

This approach was considered essential to maintain appropriate segregation of duties and ensure compliance resources were deployed effectively.

4. Conduct Risk Committee Establishment

It was agreed that Ms Allen would chair the conduct risk committee with support from Ms Garrett. The committee would include business leaders and management representatives who had not yet been informed of their appointments.

The team noted that an inaugural meeting would need to be scheduled and that vulnerable customer matters would be incorporated as an agenda item initially, while Customer Advisory Services would remain as a separate committee.

It was noted that outputs from the conduct risk committee would feed into reporting for the audit, risk, and compliance committee, with Ms Allen attending as both a member and reporter.

Action: Mr Dymock to draft terms of reference for the conduct risk committee for review by Ms Allen and Ms Garrett.

5. Marketing Communications Review Process

The team received a report on current marketing communications review activities. It was noted that Ms Allen had spent considerable time on 19th March 2026 reviewing seven documents of approximately six pages each, covering topics including property investment in SIPs and SIP death benefits.

The team agreed to develop a digital intake form requiring the business to self-certify answers to key compliance questions before submitting materials for review. This would improve efficiency and ensure proper documentation of the review process.

Discussion took place regarding the annual document review process previously undertaken by a former colleague. It was noted that there were no material tax year changes requiring comprehensive review, though the team acknowledged the importance of maintaining a complete inventory of external-facing documents with appropriate version control.

6. Management Information Requirements

The team noted that compliance currently receives no proactive management information from the business, with incidents, complaints, and errors requiring manual extraction from systems.

It was agreed that a comprehensive wishlist of desired management information would be developed, organised by daily, weekly, monthly, and quarterly reporting cadences, to present clear requirements to the business.

The team agreed to share responsibility for monitoring the AML and compliance inboxes, with Mr Dymock reviewing at the start and end of each week, and Ms Allen and Ms Garrett covering mid-week periods.

Action: Ms Allen to define desired management information requirements organised by reporting frequency.

7. LexisNexis Implementation

The team noted that the Company had acquired a three-year licence for LexisNexis risk and compliance modules, covering FCA rulebooks, Companies House obligations, whistleblowing, modern slavery, GDPR, and related areas.

It was reported that the tool enables obligation tracking, compliance status monitoring, and documentation of rationale for non-compliance or alternative approaches. Implementation was estimated to require 6-12 months for full embedding given the granular nature of the system.

The team agreed to begin with one checklist module during the following week, working through it collectively before broadening access to the wider business around April/May 2026.

Action: Ms Allen to sign Ms Garrett up to LexisNexis and select an initial checklist for team review.

8. Strategic Initiative Oversight

The team received briefings on three strategic initiatives requiring compliance involvement: ClearBank treasury arrangements, Reward/Freedom retirement services, and the L25 AI-first system development.

ClearBank Treasury Opportunity

It was reported that the Company was in discussions with ClearBank to move away from current neo-bank intermediaries towards a direct relationship. The proposed structure would involve one primary account with unlimited virtual accounts for individual clients, enabling cash pooling and enhanced treasury functions.

The team agreed to adopt a "noses in, hands out" approach, providing appropriate challenge and scrutiny without taking operational responsibility for implementation.

Reward/Freedom Initiative

The team received an outline of the "retirement as a service" concept backed by ClearBank and Visa, focusing on financial services for retired populations including a card product enabling pension spending while maintaining assets within SIP structures.

It was agreed that the team needed to understand the proposition more thoroughly and ensure appropriate consumer duty and conduct of business analysis.

L25 System Development

The team noted the engagement of L25 to build an AI-first internal system promising efficiency gains and compliance automation. Concerns were raised regarding the external development approach and the need for proper internal stakeholder engagement to ensure successful adoption.

Action: The team to engage with relevant meetings for each strategic initiative to provide appropriate compliance analysis.

9. Urgent Compliance Gaps

Ms Allen highlighted two urgent gaps requiring immediate attention: the absence of a firm-wide risk assessment (required biennially) and the lack of a Data Protection Impact Assessment (DPIA). It was noted that data protection controls generally required strengthening.

These items were classified as urgent priorities given their regulatory significance and potential impact on due diligence processes.

10. Sanctions Case: John Anthony Fallon

The team received a briefing on an active sanctions case involving John Anthony Fallon, who appears on the OFAC sanctions list. It was reported that an NCA DAML request was active, Metro Bank accounts had been frozen, and US sanctions legal advice was being sought.

It was noted that communications with the individual would be conducted through anonymised email addresses as a precautionary measure, and that external legal counsel was advising on the matter at partner rates during the transition period.

Action: Ms Garrett to research John Anthony Fallon and related OFAC-listed entities via Companies House records.

Action: Ms Garrett to review NCA correspondence in the S drive and join future calls on this matter.

11. Process Improvement Initiatives

The team agreed to develop process guides for operational teams, particularly around beneficial owner verification procedures, to reduce routine compliance queries and enable first-line teams to handle standard cases independently.

It was noted that this approach would preserve compliance resources for genuinely complex matters while improving overall operational efficiency.

Action: Ms Allen to write process guides for operational teams on beneficial owner checks.

12. Product Governance Priority

The team noted that product governance had been raised at the board meeting on 19th March 2026 and flagged by the FCA as requiring attention. It was agreed that developing a comprehensive product governance playbook would be an early priority, covering product definition, launch procedures, and governance requirements.

This would ensure no products reached public announcement without proper internal governance processes being followed.

Any Other Business

The team agreed to develop a Performance Development Process framework for quarterly and annual objectives aligned with the compliance plan to be finalised at the next meeting.

It was noted that realistic goal-setting would be prioritised to ensure deliverable commitments rather than over-ambitious targets.

Action: Ms Garrett to prepare agenda items for next week's compliance team meeting focusing on prioritisation and six-week deliverable objectives.

Date of Next Meeting

The next meeting was scheduled for Friday 27th March 2026, with the primary focus on finalising a prioritised six-week compliance plan identifying achievable near-term objectives.

Close

There being no further business, the Chair declared the meeting closed at [time].

# DRAFT

## BOARD CONFIDENTIAL

# Compliance Team Kick-Off Meeting
**Compliance Team Meeting**
20th March 2026
Commencing at [time]
[Location]

## Present
Mr A. Dymock (in the chair)
Ms D. Allen
Ms E. Garrett

## In Attendance
None recorded.

## Apologies
None received.

## Quorum
It was noted that a quorum was present and the meeting was declared open.

## Declarations of Interest
No new declarations of interest were made.

## Previous Minutes
This being the inaugural meeting of the compliance team, there were no previous minutes to approve.

## Matters Arising
There were no matters arising not otherwise covered by the agenda.

## 1. Compliance Plan Framework Review

The board noted the need for clearer demarcation between first and second line functions across the business, which would be added to the agenda for future sessions.

**Action:** Ms Allen to organise compliance plan list by importance and present findings at the next meeting.

## 2. Team Cadence and Operating Framework

It was noted that these meetings would serve as internal planning sessions rather than formal governance meetings and would not be minuted in the same manner as board proceedings.

The team agreed to establish a Teams channel for day-to-day communications to facilitate efficient information sharing between formal meetings.

**Action:** Ms Allen to set up a Teams channel for the compliance team.
**Action:** Mr Dymock to send meeting notes and actions to the team by close of business on 20th March 2026.

## 3. File Review Process Enhancement

This approach was considered essential to maintain appropriate segregation of duties and ensure compliance resources were deployed effectively.

## 4. Conduct Risk Committee Establishment

It was noted that outputs from the conduct risk committee would feed into reporting for the audit, risk, and compliance committee, with Ms Allen attending as both a member and reporter.

**Action:** Mr Dymock to draft terms of reference for the conduct risk committee for review by Ms Allen and Ms Garrett.

## 5. Marketing Communications Review Process

## 6. Management Information Requirements

The team noted that compliance currently receives no proactive management information from the business, with incidents, complaints, and errors requiring manual extraction from systems.

**Action:** Ms Allen to define desired management information requirements organised by reporting frequency.

## 7. LexisNexis Implementation

The team agreed to begin with one checklist module during the following week, working through it collectively before broadening access to the wider business around April/May 2026.

**Action:** Ms Allen to sign Ms Garrett up to LexisNexis and select an initial checklist for team review.

## 8. Strategic Initiative Oversight

### ClearBank Treasury Opportunity
It was reported that the Company was in discussions with ClearBank to move away from current neo-bank intermediaries towards a direct relationship. The proposed structure would involve one primary account with unlimited virtual accounts for individual clients, enabling cash pooling and enhanced treasury functions.

The team agreed to adopt a "noses in, hands out" approach, providing appropriate challenge and scrutiny without taking operational responsibility for implementation.

### Reward/Freedom Initiative
The team received an outline of the "retirement as a service" concept backed by ClearBank and Visa, focusing on financial services for retired populations including a card product enabling pension spending while maintaining assets within SIP structures.

It was agreed that the team needed to understand the proposition more thoroughly and ensure appropriate consumer duty and conduct of business analysis.

### L25 System Development
The team noted the engagement of L25 to build an AI-first internal system promising efficiency gains and compliance automation. Concerns were raised regarding the external development approach and the need for proper internal stakeholder engagement to ensure successful adoption.

**Action:** The team to engage with relevant meetings for each strategic initiative to provide appropriate compliance analysis.

## 9. Urgent Compliance Gaps

These items were classified as urgent priorities given their regulatory significance and potential impact on due diligence processes.

## 10. Sanctions Case: John Anthony Fallon

**Action:** Ms Garrett to research John Anthony Fallon and related OFAC-listed entities via Companies House records.
**Action:** Ms Garrett to review NCA correspondence in the S drive and join future calls on this matter.

## 11. Process Improvement Initiatives

It was noted that this approach would preserve compliance resources for genuinely complex matters while improving overall operational efficiency.

**Action:** Ms Allen to write process guides for operational teams on beneficial owner checks.

## 12. Product Governance Priority

This would ensure no products reached public announcement without proper internal governance processes being followed.

## Any Other Business

The team agreed to develop a Performance Development Process framework for quarterly and annual objectives aligned with the compliance plan to be finalised at the next meeting.

It was noted that realistic goal-setting would be prioritised to ensure deliverable commitments rather than over-ambitious targets.

**Action:** Ms Garrett to prepare agenda items for next week's compliance team meeting focusing on prioritisation and six-week deliverable objectives.

## Date of Next Meeting

The next meeting was scheduled for Friday 27th March 2026, with the primary focus on finalising a prioritised six-week compliance plan identifying achievable near-term objectives.

## Close

There being no further business, the Chair declared the meeting closed at [time].