Try 10 focused CISI Intro questions on Financial Services Regulation, with answers and explanations, then continue with Securities Prep.
| Field | Detail |
|---|---|
| Exam route | CISI Intro |
| Issuer | CISI |
| Topic area | Financial Services Regulation |
| Blueprint weight | 10% |
| Page purpose | Focused sample questions before returning to mixed practice |
Use this page to isolate Financial Services Regulation for CISI Intro. Work through the 10 questions first, then review the explanations and return to mixed practice in Securities Prep.
| Pass | What to do | What to record |
|---|---|---|
| First attempt | Answer without checking the explanation first. | The fact, rule, calculation, or judgment point that controlled your answer. |
| Review | Read the explanation even when you were correct. | Why the best answer is stronger than the closest distractor. |
| Repair | Repeat only missed or uncertain items after a short break. | The pattern behind misses, not the answer letter. |
| Transfer | Return to mixed practice once the topic feels stable. | Whether the same skill holds up when the topic is no longer obvious. |
Blueprint context: 10% of the practice outline. A focused topic score can overstate readiness if you recognize the pattern too quickly, so use it as repair work before timed mixed sets.
These questions are original Securities Prep practice items aligned to this topic area. They are designed for self-assessment and are not official exam questions.
Topic: Financial Services Regulation
Before discussing a listed company with a retail client, an investment employee says she already owns shares in that company and asks whether a colleague should handle the conversation instead. Which broad CISI Code of Conduct principle does this most clearly demonstrate?
Best answer: B
What this tests: Financial Services Regulation
Explanation: The situation is about a personal interest that could affect client-facing behaviour. Under the CISI Code of Conduct, recognising and handling that conflict openly helps protect the client and supports fair professional standards.
The core concept is conflict-of-interest management. When an employee personally owns the same investment being discussed with a retail client, there is a risk that personal interests could influence the conversation or appear to do so. By disclosing the holding and suggesting another colleague could take over, the employee is dealing with the conflict openly rather than ignoring it.
This reflects the Code’s emphasis on professional behaviour, integrity, and putting client interests ahead of personal advantage. Transparency helps maintain trust and supports fair treatment. The key takeaway is that identifying and managing a conflict is more accurate here than focusing on technical knowledge, confidentiality, or market abuse.
Disclosing a personal holding and offering an alternative handler shows the employee is managing a potential conflict openly.
Topic: Financial Services Regulation
A UK investment firm has closed a client’s ISA account. The client asks for all personal data to be erased immediately, but the firm still needs some records to meet FCA and anti-money laundering requirements. What is the single best response?
Best answer: D
What this tests: Financial Services Regulation
Explanation: The client’s request does not automatically override the firm’s legal and regulatory duties. Under the Data Protection Act 2018, the firm should retain only the personal data it still needs for a valid purpose and remove the rest when that need ends.
The key data-protection principle here is that personal data should be kept only for specified purposes and no longer than necessary. A client can ask for erasure, but that right is not absolute. If an investment firm must keep certain records to satisfy FCA or anti-money laundering obligations, it can retain those records lawfully. However, it should not keep extra information just in case or treat regulation as a blanket exemption from data-protection duties.
In practice, the firm should:
The closest wrong view is immediate deletion, which ignores valid record-keeping obligations.
The right to erasure is not absolute, so the firm may retain only the data still needed for legal or regulatory purposes.
Topic: Financial Services Regulation
Which regulator matches this description: the main US body overseeing securities markets and requiring public companies to disclose information to investors?
Best answer: D
What this tests: Financial Services Regulation
Explanation: The Securities and Exchange Commission is the principal US securities regulator. It oversees securities markets and issuer disclosure, while the FCA and PRA are UK regulators and ESMA is a European authority.
This is a function-and-jurisdiction match. The Securities and Exchange Commission (SEC) is the main US regulator for securities markets, market participants, and disclosure by public companies, helping protect investors and support fair, orderly markets. By contrast, the Financial Conduct Authority and Prudential Regulation Authority are UK regulators with conduct and prudential roles respectively, and ESMA operates at the European level for securities markets. The deciding clue is the combination of US securities oversight and investor disclosure requirements.
The SEC is the main US regulator for securities markets and public-company disclosure.
Topic: Financial Services Regulation
A UK investment firm advised a retail client to buy an OEIC. The client later complains that the risks were not explained properly. After investigating, the firm decides not to uphold the complaint. Which action best applies UK complaint-handling principles?
Best answer: B
What this tests: Financial Services Regulation
Explanation: A firm that rejects a retail client’s complaint should still give a clear final written response and signpost the client to the Financial Ombudsman Service. This reflects the basic principle of fair handling, transparent communication, and access to independent review.
The key principle is that complaints must be handled fairly, investigated properly, and concluded with a clear written outcome. Where a retail client complains about advice given by the firm, the firm remains responsible for handling that complaint, even if the investment was a third-party product such as an OEIC. If the firm does not uphold the complaint, it should issue a final written response explaining its decision and informing the client that the Financial Ombudsman Service can review the matter independently.
The Financial Services Compensation Scheme has a different role: it may provide compensation in certain circumstances, but it does not act as the normal complaint adjudicator. The main distinction is independent complaint review by the Financial Ombudsman Service versus compensation by the FSCS.
A rejected complaint should still end with a clear final written response and signposting to the Financial Ombudsman Service for independent review.
Topic: Financial Services Regulation
A UK investment firm’s finance officer receives an email that appears to be from a long-standing software supplier. It says the supplier’s bank details have changed and asks for payment today, adding that phone lines are down because of a cyber incident. Which action best applies a sound anti-fraud principle?
Best answer: B
What this tests: Financial Services Regulation
Explanation: The best response is to verify the new bank details through an independent, trusted channel already held by the firm. Urgency, a request to avoid calling, and changed payment instructions are classic signs of payment-diversion fraud or business email compromise.
This scenario tests the principle of independent verification for payment instruction changes. A message can look authentic because criminals often compromise or imitate genuine email accounts, copy invoice details, and create urgency to stop staff checking properly. The safest approach is to contact the supplier using a phone number or contact route already held in the firm’s own records, then follow internal approval procedures before amending bank details.
In practice, key warning signs include:
A reply to the same email chain is not independent, and a small test payment still sends money to a fraudster if the account is false. The key takeaway is that a known counterparty does not make a new payment instruction low risk.
Independent verification through a known channel helps detect payment-diversion fraud even when the email looks genuine.
Topic: Financial Services Regulation
Which body operates at European level to help coordinate securities-market regulation across EU member states and promote supervisory convergence?
Best answer: B
What this tests: Financial Services Regulation
Explanation: The European Securities and Markets Authority is the EU-level body for securities markets. Its role is to support consistent regulation and supervision across member states, rather than acting as a UK or US national regulator.
ESMA is a European authority concerned with securities markets, investor protection, and consistent supervisory standards across the EU. At CISI Intro level, the key point is that it works above the national level to help align how securities rules are applied across member states. By contrast, the FCA and PRA are UK regulators, while the SEC is the main US securities regulator. So when the question refers to EU-wide coordination of securities-market regulation, ESMA is the best match.
The closest distractor is the SEC because it also relates to securities markets, but its remit is the United States rather than the EU.
ESMA is the EU-level authority focused on securities markets and more consistent supervision across member states.
Topic: Financial Services Regulation
Which term describes a cybercrime in which a fraudster sends an email that appears to come from a genuine financial firm to trick the recipient into revealing passwords or other confidential information?
Best answer: C
What this tests: Financial Services Regulation
Explanation: This is phishing because the key feature is a fraudulent email designed to persuade the recipient to disclose security details. The criminal is exploiting trust in a genuine-looking message from a known firm.
Phishing is a common form of cyber-enabled fraud. A criminal sends a message, usually by email, that imitates a trusted organisation such as a bank or investment firm. The aim is to make the victim click a link, open an attachment, or enter passwords and other sensitive data. In the stem, the deciding clue is the fake email that appears genuine and asks for confidential information. That matches phishing.
The key takeaway is to identify the fraud by the channel used and the method of deception.
Phishing uses deceptive emails or linked websites to obtain confidential information from the recipient.
Topic: Financial Services Regulation
After routing stolen money through several bank accounts, a criminal uses the funds to buy a legitimate business and then presents the business income as clean money. Which broad stage of money laundering is illustrated when the funds re-enter the economy as apparently legitimate?
Best answer: D
What this tests: Financial Services Regulation
Explanation: Money laundering is the process of making criminal proceeds appear legitimate. When funds are brought back into the economy through a seemingly lawful business or asset, the stage is integration. The earlier movement through bank accounts is layering, but the question asks about the point at which the money appears clean.
Money laundering means disguising the origin of criminal property so it can be used without obvious suspicion. The classic pattern is placement, then layering, then integration. In the stem, moving the stolen money through several bank accounts is layering because it helps obscure the source of the funds. Buying a legitimate business and presenting the resulting income as clean money is integration, because the proceeds have been reintroduced into normal economic activity with an apparently lawful explanation. Placement would be the earlier point at which illicit funds first enter the financial system. Tipping off is not a stage at all; it is a related criminal offence involving disclosure that suspicious activity has been reported or may be investigated. The key clue is that the money is now appearing legitimate.
Integration is the stage where criminal proceeds re-enter the economy and appear to come from a legitimate source.
Topic: Financial Services Regulation
A firm monitors complaints, sales incentives and product governance to spot patterns that could lead to poor customer outcomes. Under the FCA’s approach to managing conduct risk, which outcome is this mainly designed to achieve?
Best answer: B
What this tests: Financial Services Regulation
Explanation: The FCA’s conduct-risk approach is focused on customer outcomes. By monitoring incentives, complaints and product governance, a firm is trying to identify and prevent harm before it affects more customers.
Conduct risk is the risk that a firm’s actions, culture, incentives or controls cause poor outcomes for customers or harm market integrity. In this stem, the firm is reviewing the main drivers of conduct problems inside the business, such as how products are designed, how staff are rewarded and what complaints reveal. The intended outcome is to reduce foreseeable customer harm and improve customer outcomes, not to strengthen solvency or deal with problems only after failure.
The key point is that conduct-risk management is proactive and customer-focused, whereas capital, compensation and trade settlement relate to different regulatory functions.
Managing conduct risk is mainly about preventing poor customer outcomes arising from a firm’s culture, incentives and controls.
Topic: Financial Services Regulation
Which statement correctly describes insider dealing under UK rules?
Best answer: C
What this tests: Financial Services Regulation
Explanation: Insider dealing is broader than simply buying or selling shares while knowing non-public information. At foundation level, it includes dealing yourself, encouraging someone else to deal, or improperly passing on inside information in relation to price-affected securities.
The core concept is that insider dealing concerns the misuse of inside information relating to price-affected securities. The offence is not limited to one action: it can involve dealing personally, encouraging another person to deal, or improperly disclosing the inside information to someone else. It is also not restricted to company directors, because any person who has the relevant inside information may be caught. Likewise, it is not confined to ordinary shares; the scope is wider than equities alone. A profit does not have to be made for the conduct to amount to insider dealing.
A useful distinction is that market abuse is the broader regulatory concept, while insider dealing is one specific type of misconduct involving inside information.
Insider dealing is not just personal trading; it also includes encouraging dealing and improper disclosure of inside information relating to price-affected securities.
Use the CISI Intro Practice Test page for the full Securities Prep route, mixed-topic practice, timed mock exams, explanations, and web/mobile app access.
Read the CISI Intro guide on SecuritiesMastery.com, then return to Securities Prep for timed practice.