Start-Up Bank : Security Controls Assessment and Remediation


Our client, a finance provider, sought to expand their services by obtaining a banking license.

However, they lacked the experience and specialist knowledge needed to ensure they were able to meet the necessary security control requirements and satisfy the regulatory baseline.


Broadgate conducted a cyber and data security assessment of their current state using our methodology which identified both gaps and maturity levels against industry peers.

We reviewed the results with the client leadership team, identified risks in controls, and provided an FCA compliant remedial plan to address gaps.


Our assessment provided a clear risk-based representation of the security maturity level of the organisation and identified ‘quick wins’.

This helped to form a priority driven roadmap, which enabled the company to pass the security requirements of the banking application.

In addition, our methodology provided a baseline from which our client was able to implement a continuous improvement process.

Regulator : Company Registration and Renewal Portal


A regulator approached Broadgate to perform a high-level analysis of their Company Registration system. We were asked to review the current architecture (based on Microsoft Dynamics) and provide recommendations as to how an improved solution might look.

This included verifying against best practices, the ratio of configuration against code, and checking that the data model was aligned with the client’s design principles.

In addition, we were requested to recommend whether the solution should be migrated or redeveloped.


Broadgate provided a small team of Dynamics architects and developers to work with the client to understand goals and the current set-up.

We analysed the code, data structures and configuration against the existing solution and proposed improvements.

We followed Broadgate’s IVEAR (Identify, Verify, Review, Assess, Recommend) methodology to produce a weighted assessment and recommendations.


A report detailing findings and recommendations. We identified significant areas where configuration code be used instead of coding and customisation.

We recommended migration to cloud-based solution to reduce in-house maintenance and support requirements.

We produced a costed, risk assessed plan to deliver the required solution within the necessary deadlines.

We were engaged to execute the plan which was subsequently delivered on time and to budget.

Show More

Contact us

We’re always happy to hear from anyone interested in working with us. Please use the contact form to get in touch. Or contact us with phone or e-mail.

+44 203 326 8000