Risk Management

Automating governance, risk & compliance workflows

Risk management in the increasingly regulated world of capital markets is facing enormous change. Financial services firms have accepted the need to mitigate risk and are turning their attention towards strengthening their operating models and cultures to weave risk management controls into the fabric of their organisations.
GreySpark has the experience and expertise to establish and deliver new operating models that deliver confidence across entire businesses, regardless of the regulatory jurisdiction. Combining our strong procedural foundation, proven governance framework and Risk Management Development Kit, we provide clients with a scalable ability to manage risk and the implementation of controls under continuous supervision.

Our Value

Banks have been very successful in their responses to regulatory mandates establishing adequate levels of controls. However, approaches to risk and controls management remain inconsistent. Maturing this area will be of great benefit to the reputation and standing of banks.

GreySpark leverages expertise across electronic trading, regulatory change and trade surveillance to deliver strategic solutions tailored to meet your business requirements. We implement a vertically-integrated approach to risk management processes and controls and embed it into the fabric of the organisation, thereby delivering new cultural awareness across the entire bank.

We recognise that each problem is unique and that it is not possible or healthy to apply a one-size-fits-all technological solution. The GreySpark mission is to best utilise our expertise and cross-disciplinary teams to thoroughly understand our client needs, provide industry-leading, actionable advice and deliver innovative, bespoke solutions.

Interested in GreySpark's Risk Management Services?

We implement a vertically-integrated approach to risk management processes and controls and embed it into the fabric of the organisation, thereby delivering new cultural awareness across the entire bank.

Risk Management Service Offering

Electronic Trading Compliance and Risk Management

GreySpark’s Electronic Trading Risk Management services are specifically calibrated to help large financial institutions tackle the increasingly regulated world of capital markets. The service portfolio provides a proven governance foundation that scales across the electronic trading business for continuous supervision.

Health Check

  • GreySpark’s Health Check advisory and implementation service quickly determines gaps and weaknesses.


  • Governance framework provides assurances that the polices, procedures and controls are fully adopted to secure against regulatory risk.


  • Delivering sophisticated solutions with workflow management, risk assessment and real-time dashboards.
  • Providing metrics, reporting, controls and communications for build and run activities


  • Development of a ‘digital’ framework provides the foundation for a sustainable approach to compliance.

MiFID II RTS 6 Self-Assessment Practices

  • GreySpark uses a risk management process to review, evaluate and validate a client’s algorithmic trading systems, governance, stress-testing, business continuity and compliance with Article 9 of MiFID II’s RTS 6 criteria.

Comprehensive Model Risk Management Services

  • GreySpark leverages its experience in risk management practices and its close relationship with members of the investment banking community to enable its clients improve and attain the highest level of efficiency possible at all stages of their model risk management lifecycle.

Operational Resilience Services

  • GreySpark Partners adapts the Client’s existing operational risk process to improve the resilience of key services and bring it in line with regulatory expectations and industry best practices.


MiFID II Health Check

The Regulators are coming…


It is clear that in the second half of 2018 the regulators and regional authorities, such as the FCA, will start to focus on firms’ compliance with MiFID II.

Regulators will inspect market participants to ensure compliance with the regulation.

GreySpark’s expectation is that institutions will see many of their non-compliant procedures exposed.

At the very least firms will need to be able to evidence activity working towards compliance.


Initial feedback to GreySpark indicates that the focus of the regulators will be on compliance within these key areas:

  • Algorithmic Trading
  • Best Execution
  • Electronic Trading
  • Pre-Trade Risk Control
  • Research Unbundling
  • Transaction Reporting
  • Transparency Reporting

Governance Framework

Managing your risks…


Simply altering existing policies and producing new documents, mapped to the regulatory requirements, is not enough. Regulators are looking for sustainability and enforcement throughout the organisation.

Documentation must not only meet all regulatory requirements, but also be developed in line with industry best practices, be consumable by an external regulator and be consistently deployed and implemented across the business.

A lack of top-to-bottom coordination and unclear oversight will lead to increased scrutiny from the regulator.


Establishing a governance framework and structured independent functions, providing oversight, allows for the identification of risk.

Adequate identification of risk allows for necessary adjustment to:

  • 1st Line of Defence documentation
  • 2nd Line of Defence documentation
  • Regulatory Controls

Monitoring Adherence and Risk Management

Enabling iterative changes…


The dynamic regulatory landscape requires an operational shift in the industry’s approach to new legislation.

A ‘digital’ framework for regulatory management introduces the ability to improve the adaptability of an organisation.

By implementing the aforementioned framework, regulatory change can be realised in an iterative manner that best utilises the existing resources.


Establishing a ‘digital’ framework through GreySpark’s ability to:

  • Establish organisational requirements
  • Leverage industry leading market intelligence across vendor landscape
  • Implement technological solutions
  • Provide SME oversight

Adaptability to a Changing Regulatory Landscape

Engaging with future iterations…


There is a consistent trend of global regulatory upheaval, with advantages to be gained by firms that can best react to this dynamic situation.


Initial feedback to GreySpark indicates the current key regulatory challenges that firms are working towards are:

  • Brexit
  • Capital Requirement Directive IV (CRD IV)
  • Fundamental Review of the Trading Book (FRTB)
  • MiFID II implementation
  • Model Risk Management (SR 11-7 & TRIM)
  • Money Markets Fund Regulation (MMFR)
  • Securities Financing Transactions Regulation (SFTR)
  • Senior Managers & Certification Regime (SMCR)

MiFID II RTS 6 Self-Assessment Practices


Financial services firms are now being monitored up by EU regulators to review their annual self-assessment of algorithms against the MiFID II RTS 6 requirements.

Given the increased level of regulatory attention, it is important that those firms begin to consider the best approach for the self-assessment and effective operation of algorithmic trading environments.


Establishing a comprehensive and well-documented self-assessment report, measured against industry best practices and address any gaps identified.

GreySpark Can:

  • Produce a Self-assessment Report;
  • Benchmark existing Self-assessment Reports against Industry Best Practices; and
  • Support Remedial Activities and Prioritise a Programme of Work to Address Identified Gaps as needed.

Comprehensive Model Risk Management Services


Although the model misk management (MRM) lifecycle concept, introduced by the FED’s SR 11-7, is widely understood and accepted across the industry, GreySpark Partners has identified common challenges amongst banks of different tiers with regards to its practical implementation. These include but are not limited to:

  • A lack of robust documentation supporting the MRM process across the three lines of defense;
  • Lengthy time to market for new or modified models and the algorithms they feed into;
  • Inefficient record keeping of models and of their interdependencies;
  • Disorganised communication between the stakeholders involved at the various stages of the lifecycle.


GreySpark has worked with a number of banks to assess the maturity of their current approach to MRM practices. As a result, GreySpark has built an established view on what constitutes industry best practice and can help bring the right advice and expertise to bear as banks look to continually improve and optimise in this space. GreySpark can help in the following ways:

  • Benchmark existing processes and procedures against industry best practices;
  • Document the frameworks, policies, procedures and guidelines governing the model risk management practice, across all lines of defence;
  • Develop MRM supporting tools such as decision trees and exclusion lists, tailored to the client’s needs and existing policies;
  • Support and enable the implementation of automated software solutions.

Operational Resilience Services


Increasingly sophisticated cyber-attacks, rising third-party supplier dependencies and recent disruptive incidents, most notably the COVID-19 pandemic, has focused supervisory attention on the operational resilience of financial services firms. Upcoming regulations proposed by the UK and EU regulators, as well as guidance published by the US regulators and the BCBS mean that now more than ever, a robust operational resilience framework is an essential part of effective business management.


GreySpark can help firms evaluate and enhance their operational resilience. We believe that a firm bolsters its robustness when operational resilience concepts are not solely to be found within Compliance teams but are embedded within the company culture. To assist firms in preparing to enhance their operational resilience plans to mitigate the effects of a future disruptive incident, GreySpark can:

  • Demonstrate the self-assessment process and provide tools and templates for the client to conduct future self-assessments. 
  • Provide guidance on building a best practice operational resilience framework including governance policies and processes. 
  • Assist in devising and implementing a remediation to address any gaps and deficiencies that have been identified.


  • Best Practices in Pre-Trade Risk Controls 2016

InsightsRisk ManagementTechnology Trends
1 Oct, 2020

Webinar: Models and EUCs in a Disruptive Environment hosted by GreySpark

COVID-19 has challenged the robustness of banks’ model risk management and EUC policies. In a context where market behaviors are uncertain and changing rapidly, banks need to adapt their approach…
InsightsRisk ManagementTechnology Trends
27 Apr, 2020

Model Risk Management & the Art of Sharing Information Efficiently

In Europe, the US Federal Reserve (FED) and the US Office of the Comptroller of the Currency (OCC)’s Supervisory Guidance on model Risk Management (SR 11-7) is accepted as the…
InsightsRisk ManagementTechnology Trends
9 Apr, 2020

Model Risk Management: Model Change Management

In Europe, the US Federal Reserve (FED) and the US Office of the Comptroller of the Currency (OCC)’s Supervisory Guidance on model Risk Management (SR 11-7) is accepted as the…

Case Studies

2 Oct, 2020 in Case Studies, Risk Management

Model Risk Management Benchmark and Review

Our client, a Tier-1 US bank, commissioned an investigation of the current practices employed across the banking industry regarding the governance and risk management processes for e-Trading algorithms (algos) that…
Read More
2 Oct, 2020 in Case Studies, Risk Management

Algorithm and Model Risk Governance Review

The obligations and definitions for model risk management set out in the Fed’s SR11-7 have caused a high level of confusion in US institutions active in the algorithmic (algo) space.…
Read More
30 Aug, 2017 in Case Studies, Risk Management

Audit and Compliance – Electronic Markets

In response to a historical incident that resulted in a financial loss for the bank, Electronic Markets has decided to take a pro-active approach to a number of other (historical)…
Read More
30 Aug, 2017 in Case Studies, Regulatory Compliance, Risk Management

Algorithm Risk Control Management and Reporting – Integration with Model Risk Management Process

For regulatory purposes, the client’s electronic FX and Fixed Income businesses have identified a need to document and evidence their catalogue of eTrading algorithms, detailing and evidencing a series of…
Read More
30 Aug, 2017 in Case Studies, Risk Management

Algorithm Risk Management (ARM) Governance Policies, Standards, and ATP Validation Infrastructure

Under the obligation set out by the OCC and CFTC the client required assistance in developing the foundation elements for a Algorithm Risk Management (ARM) framework.
Read More
30 Aug, 2017 in Case Studies, Risk Management

Electronic Trading Risk Control Analysis and Oversight Governance Council Framework

Under the obligation set out by the OCC and CFTC the client required assistance for full self-disclosure in the form of documented due-diligence of their Automated Trading Programs (ATP) across…
Read More

Careers at GreySpark

We want our professionals to be proud of being a part of an international, fast-pace, growing organisation with great prospects.