Back to Quest Board
📋

The Tribunal of the Elder Council

Regulatory Investigation — Critical Compliance Failure
P1 — Critical

The Elder Council — the supreme arbiters of law and order across the realm — have dispatched their most feared inquisitors to your gates. Ancient wards of protection that should have shielded the realm from dark gold and forbidden transactions have been found shattered and neglected. Worse still, a sacred oath to notify the Council of a breach within the prescribed celestial cycle has been broken. The inquisitors carry scrolls of enforcement, and the very charter of your guild hangs in the balance.

60 minutes
DC 14
4 Injects
4–12 Players

Compliance Frameworks

FCA SYSC PRA SS1/21 GDPR Art.33-34 SM&CR

🛡️ Roles & Party Members

War Chief Required
Incident Commander

Leads the response team, coordinates across all workstreams, and makes escalation decisions

Keeper of the Codex Required
Compliance Officer

Assesses the scope of AML screening failures, manages FCA relationship, and coordinates remediation evidence

Loremaster Required
Legal Counsel

Advises on regulatory enforcement exposure, legal privilege, and enforcement strategy

High Council Elder Required
Senior Management

Provides executive authority, manages SM&CR personal accountability implications, and engages the board

Warden of the Sacred Scrolls Optional
Data Protection Officer

Manages GDPR breach notification obligations, liaises with the ICO, and assesses data subject impact

Sentinel of the Golden Seal Optional
MLRO

Assesses the AML screening failure scope, manages SAR obligations, and coordinates NCA engagement

Arcane Engineer Optional
Operations Lead

Provides technical context on screening system failures, data flows, and remediation feasibility

⚡ Inject Timeline

1
The Inquisitors Arrive — A Writ of Judgement
T+0 Minutes

At 08:47 UTC on a Tuesday morning, the bank's Compliance Director receives a formal notification from the Financial Conduct Authority's Enforcement and Market Oversight Division. The FCA has completed...

6 Discussion Prompts 1 Dice Events 4 Possible Complications
2
The Investigation Deepens — Unearthing Forgotten Relics
T+15 Minutes

The internal investigation team — assembled under the direction of external legal counsel to preserve legal privilege — has been working for four hours. The findings are escalating. A forensic rev...

6 Discussion Prompts 1 Dice Events 4 Possible Complications
3
Forging the Shield — The Remediation Compact
T+30 Minutes

Forty-eight hours have passed since the FCA Requirement Notice was received. The Skilled Person review is underway and the initial findings call has been held with the FCA supervisory team. The FCA's ...

6 Discussion Prompts 1 Dice Events 4 Possible Complications
4
The Council's Verdict — Restoring the Realm's Honour
T+45 Minutes

Six weeks have elapsed. The lookback review of 47,000 transactions is nearing completion. The final results show that 31 transactions totalling £11.3 million involved sanctioned counterparties during...

6 Discussion Prompts 1 Dice Events 4 Possible Complications

📋 Debrief Questions

Post-Battle Assessment
  1. Were the AML screening failures detected in a timely manner, and what controls should have identified the issue earlier?
  2. Was the GDPR breach notification process adequate, and why did the internal escalation fail?
  3. Were SM&CR accountability structures clear, and did Senior Managers understand their personal obligations?
  4. How effective was the coordination between the FCA and ICO response workstreams?
  5. Was legal privilege appropriately managed throughout the investigation?
  6. What governance, process, and technology changes would prevent recurrence of both the AML and GDPR failures?
  7. How should the bank's compliance culture be strengthened to ensure issues are escalated rather than suppressed?