What Regulators Actually Look For in a Submission

What Regulators Actually Look For in a Submission

If you are asking what regulators look for in a submission, the honest answer is this: they are reading for evidence that you understand your own business, that your controls match the risks you are actually running, and that the people in front of them can be trusted to tell them bad news early. Everything else is packaging.

The formal requirements are public. The judgement criteria are not. This guide covers the judgement layer: what reviewers are quietly testing for as they read, and what separates a submission that gets waved through from one that triggers a second, third, and fourth round of questions.

The four things being assessed beneath the surface

1. Coherence between strategy, risk, and controls

Reviewers read the business plan, the risk assessment, and the control framework as a single document. If your strategy describes rapid growth into SME lending but your risk appetite statement is written for a retail savings book, you have already lost credibility. The most common failure is not weakness in any one section. It is internal contradiction across sections drafted by different teams.

Before submission, have one person read the full pack end to end with a single question: does the risk framework actually match the business being described? If the answer is no, fix it before the regulator does.

2. Evidence, not assertion

Statements like "we have a strong compliance culture" or "the board provides robust oversight" carry no weight. Reviewers want artefacts: board minutes showing genuine challenge, MI packs that demonstrate the right things are being measured, policies with version histories that show they are living documents.

What good looks like: every material claim in the narrative is supported by a specific, dated, referenced piece of evidence in the annex. What bad looks like: a polished narrative with a generic policy library bolted on.

3. Realism about weaknesses

This is where most submissions fail. Authors try to present a flawless picture. Experienced reviewers know no firm is flawless, so a flawless submission reads as either naive or evasive. Both are disqualifying.

Identify your two or three genuine weak points. Name them. Explain the mitigation, the timeline, and who owns it. A submission that says "our second line is under-resourced for the planned growth, here is the hiring plan with dates and the interim controls" is far stronger than one that claims everything is already in place.

4. The people behind the paper

Senior Manager attestations, SMF interviews, and named individuals carry real weight. Reviewers form a view on whether the accountable executives actually understand the detail. If the CRO cannot answer a question about a risk that appears in their own submission, the document is discredited.

Brief your named individuals on every part of the submission they are accountable for. Not the summary. The detail.

What goes wrong

Submissions written by consultants and signed by executives who have not read them carefully. Reviewers can detect this within twenty pages. The language shifts, the specificity disappears, and the interview reveals the gap.

Over-engineered responses to minor questions. When a regulator asks a clarifying question, answer it. Do not use it as a prompt to resubmit fifty pages. Long responses to small questions suggest the original submission was incomplete.

Missing the unstated question. Regulators often ask narrow questions to test broader concerns. A question about a single outsourced function may be probing your wider third party risk approach. Read the question, then ask what the reviewer is actually worried about.

Inconsistent numbers. Capital, liquidity, and forecast figures that do not reconcile across sections are the fastest way to lose reviewer confidence. Run a numbers reconciliation as a separate workstream before submission.

What good looks like

A submission that a reviewer can read in sequence without going back to check whether something contradicts an earlier section. Claims supported by evidence. Weaknesses named and addressed. Accountable executives who can speak to the detail without notes. A document that anticipates the second and third question, not just the first.

Next step

Before your next submission goes out, give the full pack to someone who has not been involved in drafting and ask them to find the contradictions. If they find more than two, the document is not ready. Fix it now, not after the first round of questions arrives.