For any firm holding or controlling client money, the Client Assets Sourcebook (CASS) is the foundation for how regulated firms manage client assets. Within this regime, CASS 7 sets the standard for how firms must handle, reconcile, and safeguard client money to ensure it is always identifiable, protected, and recoverable.

Yet, compliance with CASS 7 continues to challenge firms of all sizes. Complex ledger structures, fragmented data, manual processes and third-party inconsistencies across banks and third-party intermediaries make it difficult to prove that client money is correctly segregated and monitored. At the same time, the FCA expects stronger governance, faster reconciliation, and more transparent reporting.

This article explores the core principles of CASS 7, outlines practical steps for effective compliance, and shows how technology – particularly integrated platforms like Grath – enables firms to segregate client money with confidence.

Understanding CASS 7: The foundation of client money protection

CASS 7 applies to investment firms, asset managers, and intermediaries that hold or control client money. Its purpose is straightforward: to ensure that client monies are always protected from the firm’s own assets and that, if the firm fails, such funds can be transferred or distributed quickly and accurately.

These requirements are designed to protect clients but also to promote market confidence. When firms demonstrate robust CASS 7 compliance, they symbolise wider operational resilience and a well-run firm.

The FCA’s focus: Evidence, Accountability, and Agility

The FCA’s approach to client asset supervision has evolved. It is no longer enough to show that controls exist. Firms must evidence that those controls work, are reviewed regularly, and can adapt to new risks.

In its recent reviews, the FCA has highlighted common weaknesses amongst firsts performing this function:

• Over-reliance on manual reconciliations.

• Incomplete or outdated client money records.

• Unclear ownership of controls or remedial actions.

• Poorly designed oversight frameworks.

The regulator’s message is clear: control must be active, auditable, and continuous. Firms are expected to prove they can identify issues in real-time, act on them quickly, and demonstrate that remediation is effective.

Grath believes technology should play a central role in meeting this expectation. Automated reconciliation, workflow management, and data integration provide the agility and assurance that regulators now expect as standard.

The core pillars of effective CASS 7 compliance

Firms that manage client money successfully tend to share the same foundation: clarity, structure, and technology-enabled control. 

1. Segregation and reconciliation

   Segregation and reconciliation sit at the heart of CASS 7. Firms must be able to show that client money is segregated immediately upon receipt and reconciled daily between their internal records and the bank accounts where funds are held.

   Reconciliations should be timely, accurate, and well-documented. Exceptions must be identified, investigated, and resolved without delay. Where discrepancies occur, the process should record who acted, what they found, and when it was closed.

   Many firms still rely on spreadsheets for these reconciliations, but that approach introduces operational risk. Automation ensures precision, improves speed and scalability, and creates an audit trail that can be reviewed instantly.

   
   

2. Record-keeping and audit readiness

   CASS 7 requires firms to maintain detailed records that demonstrate compliance. This includes transaction data, reconciliations, governance documents, and control logs.

   The key to strong record-keeping is traceability. Every action must link back to a defined control and individual owner. In an FCA review or audit, the ability to produce this evidence on demand shows both control and confidence.

   
   

3. Oversight and assurance

   Firms should maintain regular oversight through governance committees, risk reviews, and internal audits. Continuous monitoring, supported by data analytics and automated alerts, enables early identification of issues before they become breaches.

   
   

4. Culture and competence

   Compliance with CASS 7 is not just procedural. It reflects the culture of the organisation. Staff at every level should understand the importance of safeguarding client money and feel accountable for maintaining it.

   Training, communication, and transparent systems build this culture. When employees see their responsibilities clearly in technology systems, accountability becomes embedded rather than imposed.

Practical steps to strengthen your CASS 7 framework

For firms looking to enhance their client money controls, the following practical steps provide a structured path forward: 

This structure ensures that compliance is not only achieved but sustained as business operations evolve.

Turning CASS 7 into a strategic opportunity

Firms often view CASS as a compliance burden. In reality, it is an opportunity to build stronger operational foundations.  A firm that can track, reconcile, and evidence every client transaction in real-time is better equipped to apply that same discipline to its own operations, demonstrating strong ledger control and embedding sound practice across all financial reconciliations. This is not just good governance; it’s a defining mark of it.

Automation and integration deliver more than efficiency. They build trust between teams, with auditors, and with customers. When firms can demonstrate that client money is safeguarded with precision and transparency, they strengthen their reputation and regulatory resilience.

Grath:  Real-time compliance. Real-world control.

At Grath, we help regulated firms transform their approach to client money safeguarding. Our platform brings together reconciliation, attestation, and oversight in one connected, intelligent compliance platform.

If your firm is ready to modernise its CASS 7 framework, contact Grath to see how.