Skip to content
Lending Agent Oversight

Lending Agent Oversight

An operating system for principal firms. Register every AR. Detect risk early. Evidence supervision the way the FCA expects, with PS22/11 baked in.
Open the demo What it is View source
Section titled “Quick links by audience”
For principal firms If you hold the FCA permission and supervise an AR network across mortgage, GI, investment, or credit broking.
For ARs If you carry on regulated activity under a principal's permissions and need to file MI returns and breaches.
For regulators & risk teams SUP 12, PS22/11, SUP 15 timing, SYSC 9 record-keeping, Consumer Duty for principals, vulnerable customers at network level.
See also: Lending Agent family Three sibling demos. Lending Agent (waterfall), Lending Agent Presenter (menu), Lending Agent Oversight (this site).

What you’ll find here

Section titled “What you’ll find here”

Product walkthrough

Marketing landing, principal-compliance home, AR register, AR detail, breach workflow, file review, AR self-service, annual fitness review. Start here.

Architecture

Data model, risk-scoring algorithm, persona and tenant model, per-surface state machines, mock-vs-real boundary. Read the architecture.

Safety

Threat model, rate limiting, insider threat (principal abuse), tampering and replay. Safety overview.

Privacy

UK GDPR, DPIA framework, data minimisation, retention (7 years SYSC 9 floor, 10 years on the audit chain). Privacy overview.

Regulatory

FSMA s.39, SUP 12, PS22/11, SUP 15, SYSC 9, SYSC 15A, DISP 1, Consumer Duty, FG21/1. Regulatory overview.

Deploy your own

Run locally, deploy to Vercel, wire a custom domain, harden for production. Deploy guide.

The TL;DR

Section titled “The TL;DR”

A demo product that replaces principal-firm AR oversight spreadsheets with a structured register, composite risk scoring, breach workflow with FCA notification countdowns, file reviews scored against the right regulatory rubric (MCOB, ICOBS, CONC), AR-side MI return submission, and annual fitness review packets. Three principal-firm skins ship with the demo: Heritage Mortgage Network, Crown GI Collective, Pinpoint Credit Network. Two persona views: principal-compliance-officer and ar-user.

The product positions as tooling for FCA-authorised principal firms, not as a regulated supervisor itself. Each principal firm using it remains the regulated party under FSMA s.39.

This is a demo product, built independently. The four surfaces and the three principal-firm skins are real and runnable. The backend, session auth, FCA notification submission, PDF export, and audit chain are documented at engineering-spec depth so a future production build can be handed cold to a developer or an agent and start on day 1.