CISI Capital Markets Programme — UK Financial Regulation Scenario Practice Guide

This guide is for candidates preparing for the Chartered Institute for Securities & Investment CISI Capital Markets Programme — UK Financial Regulation exam, code CISI CMP UK Reg. It focuses on how to work through scenario-based questions in a calm, disciplined way.

The goal is not to memorise a stock response to every situation. The goal is to identify the regulatory issue, decide whose obligation is being tested, and select the answer that best fits the facts given.

The core skill: read for the regulatory decision

A scenario question is usually not asking, “What topic does this remind you of?” It is asking, “Given these facts, what is the correct regulatory conclusion or next action?”

Before looking for familiar terms, slow down and ask:

• Who is acting?
• For whom are they acting?
• What activity, product, communication, or decision is involved?
• What regulatory obligation is triggered?
• What fact changes the answer?
• What should happen next?

In UK financial regulation questions, the strongest answer is often the one that protects the client, respects authority and permissions, requires appropriate disclosure or documentation, and avoids proceeding until the regulatory condition has been satisfied.

Start with the role of each party

Many scenario errors begin when the candidate treats every party as “the client” or every firm as having the same duty. In a regulation scenario, identity matters.

When you read the scenario, label the parties:

• Firm: the regulated firm, authorised person, appointed representative, platform, investment firm, adviser, broker, bank, insurer, or other provider.
• Individual: adviser, dealer, compliance officer, senior manager, employee, introducer, client-facing staff member, or approved/controlled function holder where relevant.
• Client or customer: retail, professional, eligible counterparty, consumer, corporate, trust, pension-related party, or other account holder depending on the syllabus context.
• Third party: custodian, product provider, issuer, counterparty, attorney, executor, beneficiary, intermediary, external auditor, regulator, or enforcement authority.
• Regulator or scheme: FCA, PRA, Bank of England, Financial Ombudsman Service, Financial Services Compensation Scheme, or another body if the scenario clearly places it in scope.

Then ask what each party is allowed or required to do. A firm’s duty to a retail client may not be the same as its interaction with a market counterparty. A compliance officer’s correct action may differ from a salesperson’s. A regulator’s role is not the same as an ombudsman or compensation scheme.

Find the actual decision point

Read the final sentence of the question carefully. Scenario questions commonly ask for one of several different things:

• The best next action
• The most appropriate regulatory treatment
• The main obligation triggered
• The party responsible
• The document, disclosure, approval, or record required
• The regulatory body or process involved
• The reason an action is not permitted
• The classification, status, or permission issue
• The most accurate explanation of a breach or risk

Do not answer a different question from the one asked. If the stem asks, “What should the firm do first?”, an answer describing the final outcome may be too late. If it asks, “Which principle is most relevant?”, a procedural answer may be incomplete. If it asks, “Who should be notified?”, an answer about internal documentation may not go far enough.

A useful test is:

If this answer is chosen, does it directly resolve the exact decision the question asked?

If not, keep looking.

Build a quick fact map

Before choosing an answer, organise the facts into regulatory categories. You do not need to write a long note in the exam, but you should mentally sort the scenario.

1. Activity

Identify what is actually happening:

• Giving investment advice
• Arranging a transaction
• Executing an order
• Managing investments
• Holding client money or assets
• Communicating a financial promotion
• Handling a complaint
• Onboarding a client
• Dealing with inside information
• Processing a suspicious activity concern
• Managing a conflict of interest
• Making a disclosure to a client or regulator
• Applying conduct, prudential, or governance requirements

The same product can trigger different obligations depending on the activity. For example, a firm merely providing factual information is not in the same position as a firm making a personal recommendation. A dealer executing a client order is not necessarily making the same decision as a portfolio manager exercising discretion.

2. Product or instrument

Look at the product only after you know the activity. The scenario may refer to:

• Shares, bonds, funds, derivatives, structured products, or other investments
• Insurance, pensions, deposits, mortgages, or credit-related products if relevant to the syllabus
• A capital markets transaction, issue, trade, or distribution
• A product with complexity, leverage, liquidity, volatility, or concentration risk

The product may matter because it affects risk, disclosure, suitability, appropriateness, permissions, client understanding, or market conduct. But do not jump to an answer simply because you recognise the product name.

3. Client status and relationship

Ask:

• Is the party a client, counterparty, beneficiary, trustee, corporate officer, intermediary, or authorised representative?
• Is the relationship advisory, discretionary, execution-only, or information-only?
• Has the client been classified or categorised?
• Has the client given instructions or authority?
• Is the firm relying on information supplied by the client?
• Is there a vulnerability, dependency, conflict, or unusual pressure point?

A scenario may include a sophisticated-sounding client, but the regulatory answer still depends on the recognised classification and the service being provided.

4. Authority and permissions

Check whether the actor has authority to proceed:

• Does the firm have the relevant permission for the activity?
• Is the individual authorised, supervised, or competent to carry out the action?
• Has the client given valid instruction or consent?
• Is there a power of attorney, mandate, board approval, trustee authority, or account mandate issue?
• Is internal approval required before proceeding?
• Is escalation to compliance, senior management, MLRO, or another responsible function needed?

When authority is missing or uncertain, the most defensible answer often involves stopping, verifying, documenting, or escalating before taking the transaction step.

5. Timing

Regulatory scenarios often turn on timing:

• Before onboarding
• Before recommending
• Before executing
• At the point of disclosure
• When a complaint is received
• When a conflict is identified
• When inside information is obtained
• When suspicion arises
• After an error, breach, or client loss
• Before reporting to a regulator or client

If the question asks for the first or next step, choose the answer that matches the current stage of the process, not a later administrative task.

Separate facts from distractors

Scenario questions often include extra facts that sound important but do not control the answer. Your task is not to use every detail. Your task is to find the facts that change the regulatory conclusion.

Facts that usually matter

Pay close attention to facts about:

• Client classification or vulnerability
• Whether advice, discretion, or execution-only service is being provided
• Whether the product is complex, illiquid, leveraged, or high risk
• Whether the client’s objectives, knowledge, experience, financial position, or risk tolerance are known
• Whether a disclosure, warning, or suitability process has been completed
• Whether the firm has permission or authority
• Whether there is a conflict of interest
• Whether information is confidential or price-sensitive
• Whether the communication is promotional, factual, misleading, or targeted
• Whether the issue involves complaint handling, financial crime, market abuse, or regulatory reporting
• Whether the scenario says the firm has incomplete, outdated, or inconsistent information

Facts that may be distractors

Treat these carefully:

• The client is wealthy, experienced, or important to the firm
• The transaction is profitable
• The client is in a hurry
• The product has performed well recently
• A competitor would do the transaction
• The employee has done similar deals before
• The client says they understand the risks
• The communication is labelled “for information only”
• The firm has a long relationship with the client
• The amount is small compared with the client’s wealth

These facts may be relevant in context, but they do not usually override regulatory obligations, authority checks, disclosure duties, or client protection requirements.

Use a decision sequence for UK financial regulation scenarios

When you feel stuck between two plausible answers, run the facts through this sequence.

Step 1: Is the activity within the regulatory perimeter?

Ask whether the scenario is about a regulated activity, a regulated firm, a financial promotion, market conduct, client assets, financial crime, governance, complaints, or another area of financial regulation.

If the issue is outside the apparent perimeter, the correct answer may focus on referral, not proceeding, or recognising that a specific regulatory process does not apply. If it is within scope, move to the party’s obligations.

Step 2: What capacity is the firm acting in?

Identify whether the firm is:

• Advising
• Dealing as agent
• Dealing as principal
• Managing investments
• Arranging
• Custody or safeguarding
• Communicating or approving information
• Handling client money or assets
• Operating under a mandate or discretion
• Responding to a complaint or regulatory issue

The same fact pattern can lead to different answers depending on capacity. For example, a discretionary manager has a different decision-making role from an execution-only broker.

Step 3: What client duty applies?

Ask whether the scenario points to:

• Fair treatment and client interests
• Clear, fair, and not misleading communication
• Suitability or appropriateness considerations
• Disclosure of costs, risks, status, conflicts, or other required information
• Best execution or order handling expectations
• Complaint handling
• Protection of client money or assets
• Recordkeeping
• Escalation or reporting

You do not need to overcomplicate this step. The exam answer usually reflects a principle plus the practical action needed to comply with it.

Step 4: Is there a permission, authority, or competence issue?

Before choosing an action, test whether the actor is allowed to take it.

A strong answer will not ask an unauthorised individual to make a regulated decision alone. It will not proceed on an invalid client instruction. It will not ignore a missing mandate, stale documentation, unclear beneficial owner, or unresolved compliance approval.

If authority is uncertain, choose the answer that verifies or escalates before acting.

Step 5: Is documentation or disclosure required before action?

Many finance regulation scenarios turn on the order of events. The firm may need to:

• Obtain information
• Give a risk warning
• Confirm client classification
• Provide a disclosure
• Record a recommendation or rationale
• Update a client file
• Document consent
• Record an order
• Maintain an audit trail
• Escalate a concern internally

Documentation is not just paperwork in these questions. It is often evidence that the correct regulatory process occurred.

Step 6: Is there a conduct risk that changes the answer?

Look for signs of:

• Misleading communication
• Inadequate disclosure
• Unmanaged conflict
• Personal account dealing concern
• Inside information or market abuse issue
• Financial crime suspicion
• Pressure to prioritise revenue over client interests
• Inadequate systems and controls
• Failure to escalate
• Poor complaint handling

When these facts appear, the best answer is usually more cautious than a normal transaction answer. It may involve stopping, reporting internally, seeking compliance input, or following the firm’s control process.

Step 7: What is the best next action?

Finally, decide what should happen now.

Good next-action answers are usually:

• Specific to the scenario
• Within the actor’s authority
• Timed correctly
• Protective of the client or market
• Consistent with disclosure and documentation expectations
• Capable of being evidenced later
• Proportionate to the issue

Avoid answers that are attractive but incomplete, such as “proceed because the client agreed” when the scenario shows missing suitability information, or “refer everything to the regulator immediately” when the proper first step is internal escalation.

Reading answer choices defensibly

After you understand the scenario, compare the answer choices by asking five questions.

Does the answer address the exact issue?

If the issue is suitability, an answer about marketing approval may be irrelevant. If the issue is inside information, an answer about ordinary client consent may not solve the problem. If the issue is client authority, a product-risk answer may be secondary.

Is the answer complete?

Some answers are partly correct but fail to include a necessary step. For example, “disclose the conflict” may be insufficient if the conflict must also be managed, avoided, or escalated depending on the facts. “Record the complaint” may be insufficient if the firm must also follow the complaint-handling process.

Is the answer in the right order?

A later step may be true but not the best answer. If the question asks what to do before execution, the answer should not focus only on post-trade documentation. If the scenario describes a suspicion, the answer should not skip the internal reporting route and move straight to ordinary business processing.

Is the answer too extreme?

Be wary of responses that overstate the consequence unless the facts clearly justify it. Not every error requires the same regulatory outcome. Not every client issue means the product is banned. Not every concern requires immediate external reporting by the individual employee. The best answer is proportionate to the facts.

Is the answer too casual?

Also be wary of answers that allow business to continue without resolving the regulatory issue. Urgency, revenue, client status, or convenience rarely justify bypassing authority, disclosure, suitability, documentation, or escalation requirements.

Practical mini-scenarios

Use these examples to practise the reasoning pattern. They are generic study examples, not official CISI questions.

Example 1: Advisory service and incomplete client information

A client asks an adviser to recommend a high-risk investment. The client says they are comfortable with risk, but the file has not been updated for several years and the adviser does not have current information about the client’s financial position or objectives.

The decision point is not “Is the client interested?” It is whether the adviser has enough current information to make a suitable recommendation.

The defensible approach is to obtain and assess the necessary client information before recommending. The client’s enthusiasm does not remove the need for an appropriate advice process.

Example 2: Execution-only instruction with a complex product

A client gives an execution-only instruction for a product that may be difficult to understand. The firm is not making a personal recommendation.

The decision point is not automatically suitability, because the firm is not advising. The analysis should consider the service type, product type, client knowledge and experience, any required warnings or appropriateness process, and the firm’s execution-only procedures.

The best answer is likely the one that follows the relevant non-advised process before execution, not the one that treats the transaction as advised or ignores the product features.

Example 3: Conflicted remuneration

An employee recommends a product that pays the firm more than a similar alternative. The client is not told about the conflict.

The decision point is not whether the product could be profitable. It is whether the firm has identified, managed, and disclosed the conflict appropriately, and whether the recommendation remains in the client’s interests.

A defensible answer will address the conflict and client-facing duty, not merely the commercial attractiveness of the product.

Example 4: Possible inside information

An employee receives confidential, price-sensitive information about an issuer before a client order is placed.

The decision point is not ordinary order handling. The issue is market conduct and information control.

A defensible answer will usually involve not using the information improperly and escalating through the firm’s required controls. An answer that simply executes quickly because the client benefits is unlikely to be the most defensible.

Example 5: Complaint or dissatisfaction

A client complains that they were not told about a key risk before investing.

The decision point is not whether the firm thinks the client will win. It is whether the matter should be treated through the complaint process, recorded, investigated, and responded to appropriately.

A defensible answer follows the complaint-handling route rather than dismissing the issue informally because the investment loss is small or market-related.

Scenario clues by topic area

For final review, train yourself to notice the clues that commonly change the answer.

Regulatory structure and responsibilities

Look for:

• Which body or function is responsible
• Whether the question is about authorisation, supervision, enforcement, compensation, complaints, or prudential oversight
• Whether the firm, individual, regulator, ombudsman, or scheme is the relevant actor
• Whether the issue is a rule breach, client dispute, compensation question, or internal governance matter

Choose the answer that matches the body’s role. Do not assign every problem to the same institution.

Client onboarding and classification

Look for:

• New client relationship
• Missing identity, beneficial ownership, or account information
• Retail/professional/eligible counterparty status
• Client consent, election, or categorisation issue
• Documentation that is absent, outdated, or inconsistent

The best answer often requires completing the correct onboarding or classification step before providing the service.

Advice, suitability, and non-advised business

Look for:

• Personal recommendation
• Client objectives and risk tolerance
• Knowledge and experience
• Financial situation or ability to bear loss
• Complexity of the product
• Execution-only wording
• Client request versus firm recommendation
• Warnings or disclosures

First decide whether the service is advised, discretionary, or execution-only. Then match the obligation to the service.

Communications and financial promotions

Look for:

• Advertisement, email, presentation, factsheet, website, social media, or client pitch
• Target audience
• Risk warnings
• Balance between benefits and risks
• Use of projections, past performance, or comparisons
• Approval or compliance review
• Whether the communication could mislead

A defensible answer focuses on ensuring the communication is clear, fair, not misleading, and properly approved or controlled where required.

Conflicts of interest

Look for:

• Commission, incentives, gifts, hospitality, or fees
• Personal relationships
• Firm trading against a client
• Allocation of scarce investment opportunities
• Research, corporate finance, or dealing conflicts
• Preferential treatment between clients
• Personal account dealing

The answer should identify, manage, disclose, restrict, or escalate the conflict as appropriate. Merely assuming the client will not be harmed is not enough.

Market conduct and inside information

Look for:

• Confidential information
• Information not generally available
• Potential price impact
• Trading before an announcement
• Rumours, research, issuer contact, or takeover information
• Attempts to manipulate price or volume
• Improper disclosure to others

The best answer protects market integrity and follows escalation or information-barrier procedures. It should not encourage trading, tipping, or using confidential information for advantage.

Financial crime controls

Look for:

• Unusual transaction patterns
• Reluctance to provide information
• Complex ownership structures without clear explanation
• Source of funds concerns
• Sanctions, bribery, fraud, or money laundering indicators
• Pressure to bypass checks
• Internal reporting responsibilities

The best answer usually follows the firm’s financial crime process, including appropriate internal escalation. It should not continue normal processing simply because the client is valuable or long-standing.

Client assets and client money

Look for:

• Holding or controlling client assets
• Segregation, reconciliation, custody, or record issues
• Third-party custody arrangements
• Client instructions about transfers
• Shortfalls, errors, or misallocations

The defensible answer protects client assets, verifies authority, follows the firm’s controls, and creates a reliable record.

Complaints and redress

Look for:

• Client dissatisfaction
• Alleged poor advice, mis-selling, delay, loss, misleading communication, or service failure
• Formal or informal complaint wording
• Escalation to a complaint-handling function
• Investigation, response, recordkeeping, or referral route

Treat the substance of the client’s concern seriously. A complaint does not need to use special legal wording to require proper handling.

A compact exam-room checklist

Use this quick checklist when a scenario feels dense:

1. Question asked: What exactly must I decide?
2. Actor: Whose action or duty is being tested?
3. Client role: Who is owed what duty?
4. Service type: Advice, discretionary, execution-only, arranging, dealing, promotion, complaint, or control issue?
5. Trigger fact: What fact changes the answer?
6. Authority: Is permission, mandate, consent, or approval present?
7. Disclosure/documentation: What must happen before or after action?
8. Conduct risk: Is there conflict, market abuse, financial crime, misleading communication, or client harm?
9. Timing: Is the answer the first, next, or final step?
10. Best fit: Which option is most complete, proportionate, and defensible?

How to practise this before exam day

For each CISI CMP UK Reg practice scenario, do not just mark the answer. Review your reasoning:

• Write one sentence naming the decision point.
• Underline the two or three facts that controlled the answer.
• Cross out at least one distractor fact.
• Explain why the correct answer is better than the closest alternative.
• Note whether the issue was role, authority, disclosure, suitability, conflict, reporting, or documentation.
• Rework the question a day later without looking at your notes.

This builds the habit the exam rewards: disciplined interpretation of facts, not fast recognition of keywords.

Final review method

In the last stage of preparation, mix three types of practice:

• Scenario practice to strengthen decision-making under realistic wording.
• Topic drills to repair weak areas such as client classification, conduct rules, financial promotions, market abuse, complaints, or financial crime controls.
• Mock exams to test timing, stamina, and answer discipline across the full syllabus.

Your next step: choose a short set of UK Financial Regulation scenario questions, read the final sentence first, apply the checklist above, and force yourself to justify the best answer from the facts before checking the explanation.