The Complete Due Diligence Framework: 15 Criteria for Broker Evaluation

Evaluating a financial services provider requires more than confirming regulatory status. Comprehensive due diligence considers authorisation scope, enforcement transparency, product governance, cost structure, and consumer protection mechanisms in parallel. This article presents 15 objective criteria derived from UK regulatory principles (including FCA Handbook requirements), MiFID II concepts applicable to EEA firms, and institutional due diligence practices adapted for retail consumers.

Sterling Capital Hub Ltd publishes this framework as an educational methodology. It does not rank, endorse, or recommend any provider. The objective is to transfer evaluation capability to the individual consumer.

Framework Design Principles

Each criterion is:

• Objectively verifiable — based on documented evidence rather than sales representations;
• Independently assessable — without reliance on account managers;
• Equally weighted at screening stage — failure on critical criteria such as authorisation or client asset segregation justifies pausing even if other items pass.

The 15 Criteria: Summary Table

#	Criterion	Primary Source	Pass Threshold
1	Regulatory authorisation	FCA Register	Active authorisation; entity and activities match
2	Warning and clone screening	FCA Warning List	No warning or clone match
3	Corporate transparency	Legal disclosures, Companies House	Full legal name, company number, registered address disclosed
4	Client asset segregation (CASS)	Terms of business, regulatory disclosures	Explicit client money and asset segregation stated
5	Execution model (STP / ECN / market maker)	Execution policy, product disclosure	Model disclosed; conflicts management explained
6	Financial reporting and audit	Published accounts, regulatory filings	Audited accounts available for review
7	Product governance	KID, costs and charges disclosure	Target market defined; risk documents provided
8	Cost and fee transparency	Fee schedule, ex-ante cost disclosure	All costs disclosed before account opening
9	Complaints and dispute resolution	Complaints procedure, FOS eligibility	Documented process; Financial Ombudsman Service access confirmed
10	Data protection and cybersecurity	Privacy policy, security standards	UK GDPR compliance; claimed certifications verified
11	Withdrawal and transfer procedures	Terms, user documentation	Defined timelines and methods for withdrawals
12	Conflicts of interest management	Conflicts policy	Written policy; inducement rules disclosed
13	Professional indemnity and capital adequacy	Regulatory capital requirements	Minimum capital met for permission category
14	Operational track record	Register history, enforcement records	No unresolved enforcement or suspension
15	Marketing conduct compliance	FCA financial promotions rules	No pressure tactics; balanced risk presentation

Detailed Criterion Analysis

Criterion 1: Regulatory Authorisation

Foundation criterion. Verify legal name and FRN on the FCA Register. Permissions must cover proposed services — execution, advice, or arranging. Payment institution authorisation alone does not permit regulated investment advice. See our step-by-step Register guide.

Criterion 2: Warning and Clone Screening

Search the FCA Warning List for entity name, domain, and key personnel. Clone operations exploit legitimate register entries while operating from different URLs — see entities flagged by the FCA.

Criterion 3: Corporate Transparency

Website legal notices should state corporate name, Companies House number, registered office, and responsible party. Cross-reference with the Register and Companies House. Opaque legal disclosure is inconsistent with regulated conduct standards.

Criterion 4: Client Asset Segregation (CASS)

FCA-authorised firms holding client money and safe custody assets must comply with CASS rules requiring segregation from proprietary assets. Terms of service should explicitly describe segregation arrangements and treatment in firm insolvency. Absence of segregation language is a material concern.

Criterion 5: Execution Model — STP, ECN, Market Maker

Understanding how orders are executed is core to due diligence. Three ideal types (often hybrid in practice):

• STP (Straight-Through Processing) — orders routed to liquidity providers or markets with minimal internal intervention; execution policy disclosure required;
• ECN (Electronic Communication Network) — orders enter an electronic venue where multiple participants post bids and offers; spread and liquidity dynamics differ from market-maker models;
• Market maker / dealing desk — firm acts as principal counterparty, holding inventory risk. Not inherently improper, but conflict structure requires informed understanding and disclosure.

Evaluate published execution policies rather than marketing labels. MoneyHelper provides general education on choosing financial services at moneyhelper.org.uk.

Criterion 6: Financial Reporting and Audit

Regulated entities typically publish or file audited annual accounts. Negative equity, qualified audit opinions, or going-concern emphasis are warning signs. Full analysis is not required, but account availability indicates operational substance.

Criterion 7: Product Governance

Under MiFID II product governance and FCA product intervention rules, firms should define target markets and provide risk documentation. Key Information Documents (KIDs) and costs and charges disclosure should be reviewed against your experience level and objectives.

Criterion 8: Cost and Fee Transparency

Complete fee schedules should cover spreads, commissions, overnight financing, inactivity fees, currency conversion, and withdrawal charges. Hidden costs discovered after ex-ante disclosure indicate conduct failures.

Criterion 9: Complaints and Dispute Resolution

Internal complaints procedures and external redress access are mandatory for FCA-authorised firms within scope. Eligible firms participate in the Financial Ombudsman Service (FOS). Confirm clear contact instructions in the complaints policy.

Criterion 10: Data Protection and Cybersecurity

Privacy policies should demonstrate UK GDPR compliance, data retention limits, and third-party sharing practices. Claims of ISO 27001 or similar certifications should be independently verified where material to your decision.

Criterion 11: Withdrawal and Transfer Procedures

Review withdrawal processes before funding: processing times, minimum amounts, supported methods, and conditions for delay. Documented obstruction patterns are hallmarks of fraud in FCA enforcement data — see our scam pattern checklist.

Criterion 12: Conflicts of Interest Management

Conflicts policies should address proprietary trading, payment for order flow, and third-party inducements. Systematic identification and management obligations apply to regulated firms under SYSC and COBS requirements.

Criterion 13: Professional Indemnity and Capital Adequacy

Minimum regulatory capital and professional indemnity insurance vary by permission category. Extreme undercapitalisation visible in filed accounts warrants concern.

Criterion 14: Operational Track Record

Research regulatory history: prior enforcement, fines, suspensions. A multi-year clean record does not guarantee future compliance but suggests sustained adherence. Recent enforcement warrants detailed investigation.

Criterion 15: Marketing Conduct Compliance

Evaluate contact acquisition methods and service presentation. FCA financial promotions must be fair, clear, and not misleading. Unrealistic outcome language, urgency pressure, and omitted risk warnings on complex products indicate non-compliance.

Execution Model Comparison Matrix

Model	Overview	Key Verification Question	Conflict Focus
STP	Automated order routing	Who are liquidity providers? Requote policy?	Commercial terms with LPs
ECN	Electronic network matching	Venue identity and fee structure	Fairness of liquidity access
Market maker	Firm is counterparty	Principal disclosure? Hedging policy?	Inventory position vs client orders

Applying the Framework to Multiple Providers

For educational comparison, construct a matrix with 15 criteria as rows and providers as columns. Score each cell Pass / Fail / Inconclusive / N/A. This visual structure reduces cognitive bias from recent contact or polished interfaces.

Suggested weighting:

• Critical (must pass): 1, 2, 4, 11 — authorisation, warnings, segregation, withdrawal access;
• Important (should pass): 3, 5, 8, 9, 12, 14, 15 — transparency, execution, costs, complaints, conflicts, track record, marketing;
• Supplementary (fit assessment): 6, 7, 10, 13 — financial health, product governance, data protection, capital.

Pre-Engagement Checklist

• Positive FCA Register match completed
• Warning List and clone warnings screened — no match
• Legal entity name and address verified across three independent sources
• Fee schedule and cost disclosure obtained in writing
• Terms reviewed — segregation and withdrawal clauses
• Complaints procedure and FOS access confirmed
• Conflicts of interest policy reviewed
• Execution model (STP/ECN/market maker) understood
• Product risk documentation (KID) received
• No pressure tactics or unrealistic claims observed
• Verification dossier documented

Framework Limitations

This framework evaluates provider integrity and regulatory compliance — not personal product suitability. All fifteen criteria may pass while a product remains inappropriate for your experience level. Regulatory compliance does not eliminate market risk.

Clone websites impersonating authorised firms cannot be detected with certainty through register checks alone. Criterion 2 and independent domain verification are essential complements.

Conclusion

Fifteen criteria translate regulatory principles into a consumer-operable evaluation system. Authorisation, client asset segregation, execution transparency, withdrawal access, and complaints mechanisms — assessed systematically — reduce dependence on marketing narratives. Combined with the FCA Register methodology in our verification guide and the regulatory context in Understanding Financial Regulation, structured evaluation becomes an accessible financial literacy practice for UK consumers.