The Three Steps: Help Along the Way

Achieving client protection, one step at a time. 

The Client Protection Pathway consists of three steps that support financial service providers in their journey to implement a client-centric business model. There is no set timeframe to move forward on the Pathway. You do as you wish, working at your own pace. Cerise+SPTF provides the roadmap and works continuously to develop and refine the tools that can help you along the way.

View details about each step:    STEP 1  |  STEP 2  |  STEP 3

Step 1: Commit to implement

Submit this sign-up form to formalize your commitment to implement client protection and be publicly listed here as a Committed Institution.  The form walks you through signing our statement of commitment and submitting a client protection assessment.

All financial institutions are welcome to sign up for the Client Protection Pathway, regardless of model, size, maturity, status, or country. 

The Client Protection Pathway sign-up form will ask you to agree to this statement:

“Our organization has reviewed the Client Protection Standards, and we commit to using them to improve our practices over time.”

The Client Protection Pathway sign-up form requires you to upload a recent client protection assessment (dated within the last two years) or to commit to submitting one within the next six months.

We accept the following assessments:

Tools on SPI Online:

  1. Client Protection Commit Tool 
  2. Client Protection Full Tool
  4. SPI5 Entry or SPI5 Full
External tools: 
  1. Code of Conduct Assessment (Cambodia, India, EU)
  2. Social Rating
  3. Client Protection Certification (completed in the last 3 years)

Note: Submitted documents must remain current for an organization to still be considered formally committed.  After initial sign-up, when your most recent submitted assessment reaches 2 years of age (3 years for certifications), Cerise+SPTF will request an updated assessment.  If none is provided within one year, you will be marked “Inactive” in our list of Committed Institutions.

Documents submitted to Cerise+SPTF are used only for verification purposes and will not be shared with external parties. However, interested parties who notice your organization on our public list of Committed Institutions may contact you directly asking to view your documents.

Step 2: Improve

Based on your assessment, identify the gaps in your client protection practices and prepare an action plan.  Then, continuously improve your practices using Cerise+SPTF resources to support implementation. 

Use this simple decision tree to help your organization decide how to jump into this step.

If not yet completed, conduct a comprehensive assessment of your practices and policies.

Review the results of your assessment with an honest, open mind — and without overstating the results. They are mainly intended to show where to improve.  

Then, craft your action plan to address the real gaps in your client protection practices.  Ultimately, this is the only way to truly serve clients better.

Once you have created an action plan based on your assessment results, use these free resources provided by Cerise+SPTF to support your improvement journey:

Step 3: Report

Get a third-party validation of your client protection practices from an external agency or individual.

Third party validation is an important step that FSPs can take to demonstrate their commitment to compliance and accountability to the CP standards, so that they can serve their customers better.

PLEASE NOTE: Cerise+SPTF does not conduct validations, nor issue certificates, nor does it recommend, endorse or make any representations regarding third-parties. For more information, please see Third-Party Validation.

A third-party validation is the independent and impartial evaluation of client protection systems and practices of a financial service provider, ideally measured against compliance with Cerise+SPTF’s “CP Full” tool.

While a financial service provider may have gone through a self-assessment or an accompanied self-assessment in Step 2, and worked on its gaps, a third-party validation will bring an objective and expert opinion of the organization’s compliance with the Client Protection Standards. The output of a third-party validation is a thorough report which documents the provider’s achievements and the remaining gaps and which can be shared with stakeholders.

There are 2 ways of getting a third-party validation.

  1. CP certification conducted by a company with an independent certification committee or
  2. Third party validation conducted by a team of two individuals with at least one CP qualified auditor.

Both are conducted by qualified experts, who are independent of the organization being assessed, ensuring impartiality and thorough analysis.

Both serve the objective of demonstrating your performance and compliance with the Cerise+SPTF client protection standards.

The key difference is that a Certification involves the additional step of discussion and decision by an independent certification committee, usually leading to a formal recognition in the form of a certificate.

Determining which third-party validation to pursue depends on various factors that the FSP should consider, such as :

  • the specific goal sought
  • the level of credibility and recognition required
  • the available budget compared with the expected comprehensiveness of the analysis
  • the expectations and preferences of stakeholders such as clients, investors, regulators, and partners.

Cerise+SPTF recommends that the selection of third-parties be undertaken carefully, with attention to the proposed providers’ reputation and their specific expertise in client protection. To help stakeholders in their selection process, we have established recommended Guidelines for third-party validations.

Cerise+SPTF recommends that the selection of third-parties be undertaken carefully, with attention to the proposed providers’ reputation and their specific expertise in client protection. To help stakeholders in their selection process, we have established recommended Guidelines for third-party validations.

The Cerise+SPTF Client Protection framework consists of the assessment of Essential Practices, set out in a structured list of indicators and details described in the Client Protection Standards, using the Client Protection Assessment Tool – CP Full (available on SPI Online).

The process should involve gathering evidence on-site, and triangulating information found in Paper (policies, manuals, circulars, trainings..), People (interviews with Board members, management, staff and clients), Practice (field observation, client interviews, implementation of policies).

The Client Protection framework has subsets of minimum requirements.

  • Entry-level indicators (n=33): These indicators address practice over policy, as well as key concerns for the sector, along the 8 standards.
  • Progress-level indicators (n=21): These indicators are more rigorous requirements to demonstrate progress towards advanced practices.
  • Advanced-level indicators (n=24): These indicators confirm practices with policies and processes, and mitigate the biggest risks to clients.

And all the other indicators that complement the Standards, reaching a total of 128 scored elements.

The final score shows the percentage of compliant indicators in relation to the total number of indicators. The FSP is considered compliant if all parts of the indicator are fulfilled or implemented to the letter, with relevant evidence and justification. All indicators individually weigh the same in the final score. Indicators that are not applicable to the organization should be removed from all calculations and scoring.

This is not the end of your journey!

You are already certified and wonder what to do next?

This is not the end of your journey!  

As you journey along the Client Protection Pathway, please remember:


    • There are no deadlines. Cerise+SPTF provides the roadmap and the resources; you do as you wish, working at your own pace.
    • All financial institutions are welcome to join, regardless of size, maturity, status, or country.
    • All Cerise+SPTF tools are free of charge.