Westport · Luzern Contact →
Remediation — de Risk Partners

Remediation.

Consent orders, MRAs, MRIAs, examination findings, enforcement actions. We run the remediation, brief the board, and stay until the regulator closes the file — surgical, urgent, time-boxed.

72h
Time to mobilize. Senior team on site within three business days of contract signing.
90d
Diagnostic phase. Findings mapped, root causes identified, board briefed inside one quarter.
9mo
Typical close-out. Most engagements run nine to fifteen months — measured to regulator closure, not deliverable count.
01 — The Remediation Path

From finding to closure. A four-phase path.

— The path, visualised
REGULATORY ACTION RECEIVED PHASE 01 Mobilise Senior team in. Scope locked. Engagement letter signed. 0 – 30 DAYS PHASE 02 Diagnose Root cause analysis. Board-level briefing. 30 – 90 DAYS PHASE 03 Execute. Build, fix, test, document. Validate with second line. 3 – 9 MONTHS PHASE 04 Close-out Sustainability proven. Regulator closes the file. 9 – 15 MONTHS REGULATOR CLOSES THE FILE CLEAR · CLOSED
01

Mobilise.

0 – 30 Days

Senior partners and a delivery lead are on site within 72 hours. Engagement letter signed, scope locked, governance set up, regulator and board points of contact agreed. The first week is about stabilising the file, not solving it.

Day 30Mobilised. Scope locked.
02

Diagnose.

30 – 90 Days

Findings mapped to root causes — not symptoms. People, process, data, technology, governance all examined. Board and audit committee briefed with the unvarnished picture. The plan to close the order is built here.

Day 90Root cause & plan agreed.
03

Execute.

3 – 9 Months

Policies rewritten, controls rebuilt, processes redesigned, technology reconfigured, and training delivered. Second line validates as we go. Evidence is captured continuously — never reconstructed at the end.

Month 9Findings remediated & tested.
04

Close-out.

9 – 15 Months

Sustainability proven through repeated cycles of monitoring, testing, and reporting. Regulator-facing close-out submissions prepared and defended. We stay engaged until the file is closed.

Month 15File closed. Good standing.
02 — What We Remediate

Eight findings we see every quarter.

— Finding 01

BSA / AML Program Deficiencies.

Inadequate risk assessment, weak transaction monitoring tuning, untimely SAR filings, and gaps in the four pillars.

— Finding 02

Sanctions Screening Failures.

Look-back programs, screening rule deficiencies, OFAC false-positive overload, and PEP / adverse-media gaps.

— Finding 03

BaaS & Third-Party Risk.

Sponsor bank oversight failures, fintech program risk, vendor due diligence gaps, and OCC / FDIC third-party guidance.

— Finding 04

Consumer Compliance Issues.

UDAAP, fair lending, Reg E, Reg Z, ECOA, CRA, and fee-related consumer harm findings.

— Finding 05

Governance & Oversight.

Board oversight, three-lines-of-defence gaps, committee structures, and management information weaknesses.

— Finding 06

Internal Audit & Testing.

Audit coverage, frequency, depth, independence concerns, and testing program design.

— Finding 07

Crypto & Digital Assets.

NYDFS BitLicense, VASP frameworks, FINMA Travel Rule, and exchange operational compliance.

— Finding 08

Data, Technology, & Models.

Data quality, model risk management (SR 11-7), system controls, and reporting reliability findings.

03 — Who We Work With

Regulators we run remediations with.

US Federal

Federal Bank Regulators.

OCC, FDIC, Federal Reserve, FinCEN, CFPB — Matters Requiring Attention (MRA), Matters Requiring Immediate Attention (MRIA), Cease & Desist orders, and Consent Orders.

OCC · FDIC · FRB · FinCEN · CFPB
US State

State Regulators.

NY DFS, California DFPI, Texas DOB, and other state banking departments — consent orders, supervisory letters, and money transmitter findings.

NY DFS · CA DFPI · TX DOB · CSBS
Credit Unions

Credit Union Regulators.

NCUA and state CU regulators — CAMELS downgrade remediation, DORs, Letters of Understanding & Agreement, and conservatorship support.

NCUA · State CU · DOR · LUA
Switzerland

FINMA & Swiss Authorities.

FINMA enforcement, SRO findings, AMLA / FinIA proceedings, MROS escalations, and Swiss banking law compliance restorations.

FINMA · SRO · MROS · AMLA
GCC

GCC Regulators.

VARA (Dubai), DFSA (DIFC), FSRA (ADGM), Saudi SAMA — VASP findings, AML enforcement, and licensing remediation.

VARA · DFSA · FSRA · SAMA
EU & UK

European Regulators.

FCA, ECB SSM, national competent authorities — Section 166 reviews, supervisory findings, MiCA readiness, and AMLAR program restorations.

FCA · ECB · NCA · S166 · MiCA
04 — Proof

What close-out looks like at the regulator's table.

A bank under a multi-year consent order, closed in thirteen months — with the supervisor describing the new program as the strongest in its peer group.
Illustrative engagement — Community Bank ($3.4B AUM)
BSA / AML Consent Order · OFAC Look-back · Governance Restoration
— Regulator at the Door?

We've been there. We know what closes the file.

A 30-minute call with a partner. We'll walk through the finding letter, the board exposure, and what the remediation path realistically looks like for your firm.

Talk to a Partner Read the Insights
de Risk Partners — Footer Component