The framework
BlackCores RM10 Standards
Ten defined criteria covering governance, documentation and responsible-market conduct for institution-facing firms across the FX/CFD ecosystem.
How to read each standard
Every standard sets out six things: what it means, why it matters, who it applies to, evidence examples, what may be recorded, and what it does not prove. Select a standard to expand the full detail.
RM1Regulatory Perimeter & Licence Identity
Make the firm's regulatory perimeter, licence identity and permitted activities clearly documented and internally consistent.
Documentary Status: Defined Scope
Regulatory Perimeter & Licence Identity
Make the firm's regulatory perimeter, licence identity and permitted activities clearly documented and internally consistent.
What it means
Make the firm's regulatory perimeter, licence identity and permitted activities clearly documented and internally consistent.
Why it matters
Institution-facing counterparties and partners need a coherent, self-consistent picture of where a firm operates, under which entities, and within what permitted activities before they engage. Ambiguity here is a common source of mis-set expectations.
Who it applies to
All firms operating in or adjacent to the FX/CFD ecosystem.
Evidence examples
- Licence and registration references where applicable
- Entity structure and permitted-activity mapping
- Public disclosure consistency review
What may be recorded
- That perimeter and licence-identity documentation was submitted within a defined scope
- The documentary status assigned for this criterion
What this does not prove
It does not confirm that a firm is licensed, authorised or approved by any regulator, and it is not a substitute for verifying a firm's status with the relevant authority.
RM2Client Classification & Distribution Boundaries
Evidence how client categories, eligibility and distribution boundaries are defined and enforced.
Criteria Coverage: Documented
Client Classification & Distribution Boundaries
Evidence how client categories, eligibility and distribution boundaries are defined and enforced.
What it means
Evidence how client categories, eligibility and distribution boundaries are defined and enforced.
Why it matters
How a firm classifies clients and bounds its distribution determines who it serves and how. Documented boundaries help institution-facing audiences understand the firm's intended market and the controls around it.
Who it applies to
Firms that onboard, classify or distribute to clients or partners.
Evidence examples
- Client classification policy
- Distribution and territory boundary controls
- Appropriateness and eligibility records
What may be recorded
- That classification and distribution-boundary documentation was reviewed within scope
- The criteria-coverage status assigned
What this does not prove
It does not confirm the outcome of any individual onboarding decision, nor that every client was correctly classified in practice.
RM3Responsible Marketing, Affiliate & IB Controls
Demonstrate controls over marketing, affiliate and introducing-broker activity and the records that support them.
Evidence Submitted
Responsible Marketing, Affiliate & IB Controls
Demonstrate controls over marketing, affiliate and introducing-broker activity and the records that support them.
What it means
Demonstrate controls over marketing, affiliate and introducing-broker activity and the records that support them.
Why it matters
Marketing and third-party promotion are where conduct risk is most visible to the public. Documented approval and monitoring controls show how a firm governs the messages and partners that act in its name.
Who it applies to
Firms using marketing, affiliates, IBs or third-party promotion.
Evidence examples
- Marketing approval and review process
- Affiliate / IB onboarding and monitoring records
- Promotional content control samples
What may be recorded
- That marketing and affiliate/IB control documentation was submitted
- The evidence-submission status for this criterion
What this does not prove
It does not certify any individual campaign, advertisement or affiliate, and it does not guarantee that all promotional activity complies with applicable rules.
RM4AML/CFT, Sanctions, KYB & Financial Crime Controls
Evidence financial-crime control frameworks across AML/CFT, sanctions screening and know-your-business.
Criteria Coverage: Documented
AML/CFT, Sanctions, KYB & Financial Crime Controls
Evidence financial-crime control frameworks across AML/CFT, sanctions screening and know-your-business.
What it means
Evidence financial-crime control frameworks across AML/CFT, sanctions screening and know-your-business.
Why it matters
Financial-crime controls are a baseline expectation for any firm handling funds or counterparties. Documented frameworks let institution-facing audiences see that the firm has defined policies, screening and beneficial-ownership procedures.
Who it applies to
Firms with onboarding, funds-handling or counterparty exposure.
Evidence examples
- AML/CFT policy and risk assessment
- Sanctions and PEP screening approach
- KYB and beneficial-ownership procedures
What may be recorded
- That financial-crime control documentation was reviewed within scope
- The criteria-coverage status assigned
What this does not prove
It does not test live transactions, confirm that no financial crime has occurred, or replace a firm's own regulatory obligations and supervisory examinations.
RM5Counterparty, Supplier & Outsourcing Governance
Demonstrate governance over counterparties, suppliers and outsourced functions.
Documentary Status: Defined Scope
Counterparty, Supplier & Outsourcing Governance
Demonstrate governance over counterparties, suppliers and outsourced functions.
What it means
Demonstrate governance over counterparties, suppliers and outsourced functions.
Why it matters
Modern firms depend on a web of counterparties and outsourced services. Documented governance shows how a firm selects, oversees and manages dependency on the third parties embedded in its operations.
Who it applies to
Firms relying on counterparties, vendors or outsourced operations.
Evidence examples
- Counterparty due-diligence framework
- Outsourcing and supplier register
- Service and dependency oversight records
What may be recorded
- That counterparty and outsourcing governance documentation was submitted within scope
- The documentary status assigned
What this does not prove
It does not assess the financial soundness or conduct of any individual counterparty or supplier, nor guarantee uninterrupted service.
RM6Responsible Product, Service & Programme Design
Evidence responsible design of products, services and programmes, including target-market logic.
Criteria Coverage: Documented
Responsible Product, Service & Programme Design
Evidence responsible design of products, services and programmes, including target-market logic.
What it means
Evidence responsible design of products, services and programmes, including target-market logic.
Why it matters
How products and programmes are designed shapes the outcomes they create. Documented design governance and target-market logic show that a firm considers suitability and responsibility at the point of design, not only at sale.
Who it applies to
Firms designing products, services, education or programmes.
Evidence examples
- Product governance and design records
- Target-market and suitability logic
- Review and approval trail
What may be recorded
- That product and programme design documentation was reviewed within scope
- The criteria-coverage status assigned
What this does not prove
It does not evaluate commercial performance, investment returns or the suitability of any product for a particular person.
RM7Complaints, Fair Handling & Remediation Records
Demonstrate complaints handling, fair-treatment practices and remediation record-keeping.
Evidence Submitted
Complaints, Fair Handling & Remediation Records
Demonstrate complaints handling, fair-treatment practices and remediation record-keeping.
What it means
Demonstrate complaints handling, fair-treatment practices and remediation record-keeping.
Why it matters
How a firm responds when things go wrong is a strong signal of its conduct culture. Documented complaints, fair-handling and remediation processes show a structured approach to resolution and root-cause learning.
Who it applies to
Firms handling clients, partners or end-user complaints.
Evidence examples
- Complaints policy and workflow
- Remediation and root-cause records
- Fair-handling governance reporting
What may be recorded
- That complaints and remediation documentation was submitted within scope
- The evidence-submission status for this criterion
What this does not prove
It does not confirm the outcome of any individual complaint or that every complaint was resolved to a complainant's satisfaction.
RM8Technology, Data, Cyber & Operational Resilience
Evidence technology governance, data protection, cyber controls and operational resilience.
Criteria Coverage: Documented
Technology, Data, Cyber & Operational Resilience
Evidence technology governance, data protection, cyber controls and operational resilience.
What it means
Evidence technology governance, data protection, cyber controls and operational resilience.
Why it matters
Technology and data sit at the core of institution-facing operations. Documented security, resilience and continuity governance show how a firm protects systems and data and prepares for disruption.
Who it applies to
Firms operating platforms, data systems or critical technology.
Evidence examples
- Information-security and data-protection policies
- Resilience, continuity and incident records
- Cyber control and testing summaries
What may be recorded
- That technology, data and resilience documentation was reviewed within scope
- The criteria-coverage status assigned
What this does not prove
It is not a penetration test, security certification or guarantee against breaches, outages or data loss.
RM9Money, Payment, Safeguarding & Settlement Boundaries
Demonstrate boundaries and controls around money handling, payments, safeguarding and settlement.
Documentary Status: Defined Scope
Money, Payment, Safeguarding & Settlement Boundaries
Demonstrate boundaries and controls around money handling, payments, safeguarding and settlement.
What it means
Demonstrate boundaries and controls around money handling, payments, safeguarding and settlement.
Why it matters
Where client money and settlement are involved, clear boundaries matter most. Documented safeguarding, segregation and reconciliation controls show how a firm structures and oversees the movement of funds.
Who it applies to
Firms handling, routing or safeguarding money or settlement flows.
Evidence examples
- Safeguarding and segregation approach
- Payment and settlement control records
- Reconciliation and oversight documentation
What may be recorded
- That money-handling and safeguarding documentation was submitted within scope
- The documentary status assigned
What this does not prove
It does not audit financial soundness, confirm solvency, or guarantee that client funds are protected in all circumstances.
RM10Governance, Anti-Corruption & Annual Improvement
Evidence governance maturity, anti-corruption controls and a documented annual improvement cycle.
Annual Update Filed
Governance, Anti-Corruption & Annual Improvement
Evidence governance maturity, anti-corruption controls and a documented annual improvement cycle.
What it means
Evidence governance maturity, anti-corruption controls and a documented annual improvement cycle.
Why it matters
Responsible conduct is sustained by governance and a habit of improvement. Documented oversight, anti-corruption controls and an annual update cycle show that a firm treats responsibility as an ongoing programme, not a one-off exercise.
Who it applies to
All participating firms across the ecosystem.
Evidence examples
- Governance and board oversight records
- Anti-corruption and ethics policies
- Annual improvement and update filing
What may be recorded
- That governance and anti-corruption documentation was submitted
- Whether an annual update has been filed for the current cycle
What this does not prove
It does not certify the integrity of any individual or guarantee that misconduct cannot occur within the firm.
See how RM10 maps to your firm type.
The FX/CFD framework sets out applicability across eighteen stakeholder categories.
Scope Notes
Markers in the text above resolve to the full boundary wording below. These notes define what this page records — and what it does not claim.
- 7.
RM10 Standards: BlackCores RM10 Standards are BlackCores-owned standards for documentary mapping and responsible-market conduct presentation. They are not regulatory rules, official regulator standards, UN standards, or a substitute for professional advice.
- 8.
General information: Website content is provided for general business and institutional information only. It should not be relied on as legal, financial, tax, investment, insurance, regulatory or trading advice. Users should obtain independent professional advice where appropriate.