Continuing on the Skilled Persons Review series, Thistle Initiatives Partner, Michael Knight-Robson, looks at managing relationships with the Skilled Person and Regular Authority.
As I’ve highlighted before, a Skilled Person review is as much about how a firm engages as it is about what the review ultimately finds. While previous articles in this series have explored the mechanics of preparing for a review and responding to a requirement notice, the ongoing relationship with both the Regulatory Authority and the Skilled Person is where outcomes are often shaped in practice.
Firms that approach this process defensively, sporadically, or without structure tend to experience increased scrutiny, prolonged reviews, and more severe findings. Conversely, those who demonstrate transparency, discipline, and professionalism in their interactions often build credibility, even in the face of control weaknesses. This is important because if a firm shows maturity, then it can prevent further and follow-up reviews, which can save on costs and resources in the long run.
Establishing a Structured Engagement Framework
From the outset, firms should establish a clear and consistent engagement model with both the Skilled Person and the Regulatory Authority. This is not simply good project management, it is a critical control mechanism that ensures alignment, reduces misunderstandings, and provides a documented audit trail of interactions. When selecting the Skilled Person, most shortlisted Skilled Person firms will have/should have, provided an overview of how they will engage with the firm and the Regulatory Authority throughout the review. At a minimum, firms should expect (and request if the Skilled Person does not propose themselves):
- Weekly project engagement team meetings (Bilateral)
- Fortnightly management team meetings (Bilateral)
- Trilaterals (usually 3 or 4 throughout the course of the review, but the Regulatory Authority will lead on the cadence for these and when they would like an update)
- Clear escalation routes
- Defined points of contact across all parties
The Skilled Person and Regulatory Authority will utilise terminology such as bilaterals and trilaterals. Bilateral (firm and Skilled Person) and trilateral (firm, Skilled Person, and Regulatory Authority) meetings are important. Bilateral sessions allow for more detailed working discussions, clarification of requests, and operational alignment. Trilateral meetings, on the other hand, provide transparency to the regulator and ensure there are no surprises as the review progresses.
Weekly Project Engagement Team Meetings
These meetings typically involve the core project teams: the firm’s project leads, subject matter experts, and the Skilled Person’s review team. The purpose is to maintain momentum, track progress, and resolve issues in real time. A typical agenda should include:
- Progress update against plan - review of completed phases (review of documentation, control testing, interviews, etc.), upcoming milestones, and any slippage against timelines.
- Information requests and data provision - status of outstanding requests, clarification of any requests, and agreement on delivery timelines of such requests
- Challenges or blockers - identification of any constraints impacting delivery, including data quality, resource limitations, or access issues.
- Next steps and actions - clear articulation of responsibilities and deadlines before the next meeting.
Fortnightly Management Meetings
These sessions should involve senior stakeholders, including members of the firm’s management team and senior representatives from the Skilled Person, with the objective of being more strategic than operational. These meetings provide an opportunity for senior management to demonstrate oversight, reinforce accountability, and address any material issues. A typical agenda should include:
- Overall review status and key milestones - high-level progress against the agreed scope and timeline.
- Summary of emerging risks and themes – initial observations identified by the Skilled Person to date
- Significant challenges or delays - escalation of issues from the weekly project engagement team meeting that require senior intervention.
- Regulatory communications – discussion on communication with the Regulatory Authority, including agenda items for the next trilateral meeting.
These meetings are particularly important from a regulatory perspective. They provide evidence that senior management is actively engaged and exercising appropriate oversight, something regulators consistently expect.
Managing Meeting Logistics and Expectations
Firms should not hesitate to request adequate notice for meetings, particularly where complex topics are to be discussed. Last-minute invitations, or meetings without clear objectives, can lead to unproductive discussions and increase the risk of miscommunication. Therefore, firms should feel comfortable in:
- Requesting agendas in advance of meetings
- Seeking clarification on the discussion points, prior to the meeting, that are unclear
- Asking for sufficient time to prepare
Where agenda items require detailed input or analysis, firms should challenge whether they have been given enough time to prepare. This is not about delaying progress, it is about ensuring that discussions are informed, accurate, and constructive. Similarly, if agenda items are vague or lack context, firms should proactively request additional information. Entering a meeting unprepared, particularly in a regulatory context, can undermine credibility. There will be instances where firms are asked to comment on topics during meetings without sufficient background or evidence. In these situations, it is perfectly reasonable and responsible to:
- Request further details before responding fully
- Propose deferring the discussion until adequate information is available
- Confirm that any initial comments provided are preliminary and subject to further review
Ensuring Clarity and Documentation of Findings
One of the most important aspects of managing the relationship with the Skilled Person and the Regulatory Authority is ensuring that all findings, observations, and actions are clearly documented. Where findings or issues are discussed, particularly those that may evolve into findings in the report, it is critical that firms request written confirmation following the meeting. This, led by the Skilled Person, typically takes the form of:
- A documented ‘fact-checking/findings’ tracker
- Clear articulation of the finding and alignment with regulatory requirement
- How the finding was identified (i.e. review of X Policy)
- Any agreed next steps or actions
This serves several purposes:
- It ensures there is a shared understanding of what was discussed
- It provides an audit trail for internal governance and regulatory purposes
- It reduces the risk of misinterpretation or scope creep
In practice, many Skilled Persons prefer to discuss emerging findings verbally before formalising them in writing. This allows them to test their understanding, validate facts, and ensure accuracy. This approach is entirely reasonable and often beneficial. However, firms should ensure that these discussions are always followed by formal documentation, should the Skilled Person request a response on the item prior to reporting, to ensure complete accuracy in the report. Some firms prefer to receive findings in writing before any discussion takes place. While this can be helpful, it is not always aligned with how Skilled Persons operate. The key is to strike a balance, engage constructively in discussions, but ensure that nothing remains informal or undocumented.
How to Challenge Effectively
Perhaps the most delicate aspect of managing these relationships is how firms respond to findings. It is natural for individuals to feel defensive when their controls, processes, or governance are challenged. However, the way in which these challenges are handled can significantly influence the outcome of the review. The starting point is to listen and take on board the feedback being provided. Even where findings appear incorrect or overstated, immediate confrontation is never productive. Firms should:
- Acknowledge the points raised
- Ask clarifying questions where necessary
- Avoid interrupting or dismissing the Skilled Person’s perspective
Initial comments or reactions are acceptable, particularly where factual inaccuracies are identified. However, these should be measured and constructive. It is important to recognise that Skilled Person Reviews are, by their nature, a critical assessment of a firm’s systems and controls. Findings will often highlight weaknesses, gaps, or failures in a firm’s control framework. Responding emotionally, or attempting to defend every point in real time, can create a negative dynamic. More importantly, it can damage the firm’s credibility with both the Skilled Person and the Regulatory Authority. Having witnessed firsthand examples where senior management have challenged findings aggressively, interrupting the Regulatory Authority, the Skilled Person, dismissing conclusions, and questioning competence. While this may provide a sense of immediate defence, it almost always results in increased regulatory scrutiny and a strained relationship with both the Regulatory Authority and Skilled Person. Ultimately, it leaves a lasting negative impression. A far more effective approach is to request that findings are taken away for detailed review before providing a formal response. This should include:
- Requesting the relevant regulatory requirements underpinning the finding (e.g. legislation, regulation, or regulatory/industry guidance)
- Reviewing internal documentation, controls, and evidence
- Engaging subject matter experts within the firm
Firms should then provide a considered, evidence-based response that either confirms the finding or provides additional information or clarification that may address or refine the finding. It is important to distinguish between factual accuracy (which can and should be challenged where appropriate), and regulatory interpretation or risk severity (which is generally not the focus at this stage). A Skilled Person’s role is to assess the firm against regulatory expectations. The Skilled Person, if part of the Skilled Person Panel, has been accredited by the FCA/PRA as a subject matter expert in their field. Challenging their interpretation of regulatory requirements or debating the severity of risks during early discussions is unlikely to be productive.
Building a Constructive Relationship
Despite the inherent tension in a Skilled Person Review, it is possible, and highly beneficial, to build a constructive working relationship with both the Skilled Person and the Regulatory Authority. This can be achieved through:
- Transparency - being open about challenges, limitations, and areas of weakness.
- Responsiveness - providing information promptly and engaging proactively.
- Consistency - ensuring messages are aligned across teams and interactions.
- Professionalism - maintaining a respectful and measured tone at all times.
Firms that adopt this approach are often viewed more favourably, even where significant issues are identified. Regulators recognise that weaknesses can exist, the key concern is how firms respond to them.
Final Thoughts
Managing relationships during a Skilled Person Review requires a careful balance of structure, discipline, and professionalism. It is not simply about complying with requests, it is about demonstrating control, accountability, and a commitment to improvement. By establishing a clear meeting cadence, preparing effectively for interactions, and responding to findings in a measured and constructive manner, firms can navigate the process more effectively.
Perhaps most importantly, firms should remember that every interaction contributes to the overall regulatory narrative. A well-managed relationship can build trust and credibility, even in difficult circumstances, while a poorly managed one can significantly increase scrutiny and prolong the review.
Meet the Expert
Michael Knight-Robson, Financial Crime Partner 
Michael has joined as a Partner in the Financial Crime team, working alongside Jessica Cath. With over 15 years’ experience in financial crime compliance, he was most recently a Director at BDO, where he built a strong reputation for leading s166 Skilled Person reviews and providing firms with proportionate, risk-based advice to stay compliant. His career also includes senior roles at Bovill, Lloyds Banking Group and Investec, giving him practical, well-rounded expertise to help firms strengthen their financial crime compliance frameworks.