Stress-Testing Your Legal Team's Predictions on Regulator Enforcement
This guide shows how to pressure-test internal legal predictions about how regulators will actually enforce new rules, using external intelligence rather than internal consensus. After reading, you will know how to structure a validation exercise that surfaces where your legal team is right, where they are guessing, and where they are wrong.
The problem with internal legal predictions
Your internal legal team is smart, well-informed, and paid to give you a view. They will tell you how the FCA, PRA, SEC, or your relevant regulator is likely to enforce a new rule. They will describe supervisory priorities, likely thresholds, and the shape of early enforcement action.
The problem: they are reading the same speeches, consultation responses, and Dear CEO letters as everyone else. They are inferring intent from public signals. And they are subject to the same institutional pressure you are, which is to produce a defensible, coherent story that lets the business move forward.
That story is often right. When it is wrong, the cost is significant: remediation programmes, Section 166 reviews, public censure, or the slower burn of building systems for an enforcement posture that never materialises.
Validating the prediction is not about second-guessing your lawyers. It is about testing whether the specific enforcement behaviour they are forecasting matches what supervisors, former regulators, and peer institutions actually expect.
What good validation looks like
A useful validation exercise separates three things your legal team has bundled together:
- The rule itself (what it says)
- The supervisory intent (what the regulator wants it to achieve)
- The enforcement posture (how they will actually behave in year one, year two, and beyond)
Most internal predictions collapse these into one view. The rule says X, therefore the regulator wants Y, therefore they will enforce Z. Each step contains assumptions that can be tested independently.
Good validation asks: on which of these three is our legal team confident because they have hard evidence, and on which are they extrapolating?
How Polar Insight approaches this
We run structured intelligence exercises that test enforcement predictions against three external reference points.
Former regulators and supervisors
We speak, on a non-attributable basis, to people who were inside the regulator during the drafting or early implementation of comparable rules. They know how enforcement decisions actually get made: which teams have capacity, which cases get prioritised, which thresholds trigger action, and which parts of a new rulebook tend to sit dormant for two years before anyone acts on them.
This is where internal legal predictions most often fail. Lawyers read the rule. Former supervisors know what the supervision teams will actually do with it on a Tuesday morning in Q3.
Peer institution reality-testing
We map what comparable firms are actually doing, not what they are saying publicly. If your legal team thinks the regulator will enforce aggressively on a specific provision, but every peer bank is treating that provision as low-priority, one of two things is true: either your lawyers see something others do not, or they are wrong. Both are useful to know.
Structured signal analysis from the regulator
We examine the pattern of the regulator's recent actions on adjacent rules: speed of first enforcement, size of early fines, which types of firms get hit first, whether they lead with thematic reviews or individual cases. Enforcement style is more predictable than enforcement targets.
Where teams get this wrong
The most common mistake is validating too late. Firms commission this work after they have already built the compliance programme, when the exercise becomes political rather than analytical. By then, admitting the legal prediction was wrong means admitting the spend was misdirected.
Do the validation before you commit resources, or at defined checkpoints where you can still change course. Not at the end.
The second mistake is asking for confirmation rather than challenge. If you brief us to "validate" a view, we can do that, but the more useful brief is: "tell us where our legal team's prediction is weakest." That produces intelligence you can act on.
The third mistake is treating enforcement prediction as binary. Regulators rarely enforce a rule uniformly. They pick their opening cases carefully. Understanding which firms, products, or behaviours are likely to be in the first wave matters more than a general view on strictness.
The decision point
Before your next major compliance build, ask your legal team two questions. First: what specifically are you predicting about enforcement, separated from your reading of the rule? Second: what evidence would change your view?
If the second answer is thin, you have a validation problem worth solving before you spend.
Polar Insight helps senior leaders in financial services understand what their key stakeholders actually think before significant decisions are made.
Book a conversation