Lending Agent Oversight

FCA principal firms supervise networks of Appointed Representatives across mortgage, general insurance, and credit broking. PS22/11 turned “you should supervise” into “you must evidence supervision”, and the existing tooling never caught up. Most principal firms still run their AR register in a shared Excel workbook and chase MI returns by email.

Where Lending Agent and Lending Agent Presenter both deal with the customer-facing journey, Oversight is the back-office product. It replaces the spreadsheet with a structured AR register, the email trail with a breach workflow that surfaces SUP 15 timing as the centrepiece, and the annual board pack scramble with a continuously aggregated fitness review packet ready for director sign-off.

This is a personal side project. Not a product of any firm I work for. The codebase is mine, the regulatory mapping is mine, the demo is mine. It exists to make my own thinking concrete on principal-firm tooling and to give buyers in this space something specific to point at.

Marketing landing. One sentence, one CTA, an animated tablet+phone preview that cycles through the top-10 risk table while a phone overlay shows an AR submitting their quarterly MI return. Editorial rather than SaaS.

Principal compliance home. The buyer's daily surface. Four KPI tiles (ARs in critical band, breaches awaiting FCA, overdue file reviews, annual reviews due in 30 days), top-10 highest-risk ARs with 30-day risk-score sparklines, breach activity heatmap across 90 days, next-actions widget surfacing what to do today.

AR register. Filterable list of every AR. Click a row to drill into the deep view: semicircular risk gauge animating from 0 to score over 800ms, tabbed body covering Overview (key facts, permissions), Breaches, File reviews, MI returns, Conduct events.

Breach triage and detail. The regulatory-credibility centrepiece. Three-node SUP 15 notification timer (Received, Must notify by, Notified) with animated progress fill, time-left chip, severity-driven banner tinting, step-up auth on the FCA notification action.

File review workspace. Per-skin regulatory rubric (MCOB / ICOBS / CONC) with handbook codes inline. Reviewer scores each item Pass / Advisory / Fail / N/A. Live-derived score, root-cause taxonomy chips, close-review gating.

Annual fitness review packet. The SUP 12.6A artefact. Long-scrolling document with anchor rail, seven sections (Overview, Risk trajectory, Breach summary, File reviews, MI return trend, Consumer Duty outcomes, Director sign-off). Sign-off recorded in the audit chain with director attribution.

AR self-service. The other persona. Greeting set in Fraunces (the “different shoes” cue). Required-this-week list. Own risk score and file-review average. Three-step MI return submission. Breach reporting with SUP 15 clock-start warning. Profile.

The persona switch as the architectural spine. Cross-persona state coherence is the demo's payoff. A breach filed on the AR side appears in the principal-side triage queue immediately, with the SUP 15 clock starting at the AR's submission moment. The persona switcher is a segmented control with a motion layoutId slide; the first scripted-mode crossing into AR view opens a confirmation modal explaining the boundary, subsequent switches are silent.

SUP 15 timing as a first-class visual. Three timestamps per breach (awareAt, reportedAt, notifiedFcaAt), rendered as a three-node track with a progress fill animating along it. Time-left chip top-right, panel banner tinting amber on in-window and destructive on overdue. The countdown is the only thing that matters in real life, so the surface treats it as the centrepiece.

Per-skin brand colour via one CSS variable. Three principal-firm skins ship with the demo. Each overrides --brand-primary on its data-skin attribute. Heritage indigo (mortgage, MCOB), Crown forest emerald (general insurance, ICOBS), Pinpoint plum (credit broking, CONC). Amber stays as the family secondary accent across all three. The skin reaches every primary CTA, the gauge fill, the heatmap opacity scale, and the sub-nav active pill.

Editorial typography over generic SaaS. Fraunces variable serif for the display face (page H1s, AR-side greeting, marketing hero). Geist as the body sans, Geist Mono for tabular figures (risk scores, monetary values, FRNs, timestamps). Paper-warm background with a faint grain. Matches the visual language already established in Lending Agent Presenter.

Composite risk score with attribution. Five normalised inputs (complaints density, breach severity sum, file-review-score-inverse, time-since-last-review, MI anomaly score) with default weights summing to 1.0. The explainScore helper returns per-input contribution so a tooltip can show exactly why a score moved. Weights are tunable per principal firm; a 90-day backtest panel previews band-distribution shifts before the change is saved.

Type system as source of truth. lib/types.ts defines AppointedRep, BreachReport, FileReview, MIReturn, AnnualReview, ConductEvent, AuditEvent, RequiredAction. The production extension (tenantId, hash chain, soft-delete fields) is documented at engineering-spec depth in the docs site so the shapes line up cleanly.

Cross-persona state coherence. Zustand store with liveBreaches and liveMIReturns arrays. AR-side submissions append to these and the principal-side queries layer them on top of the fixture set. Per-tab session only; nothing persists across reloads except skin choice. In production the equivalent is a tenant-scoped Postgres write with row-level security plus a server-sent-events fan-out.

Rubric as data, not code. lib/rubrics.ts holds three vertical rubrics (MCOB, ICOBS, CONC) as flat arrays of items keyed by handbook code. Adding a fourth vertical (investment, equity release) is a configuration job, not a code job. The rubric supports a versioning field on FileReview so historic reviews stay legible after the rubric is amended.

Engineering-spec docs as a parallel deliverable. Separate Astro Starlight site at lending-agent-oversight-docs.vercel.app, 61 pages mirroring the lending-agent-docs sidebar exactly: Introduction, Product, Architecture (with the full data model and risk-scoring algorithm), Implementation playbooks for principal firms and ARs, Safety, Privacy, Regulatory (FSMA s.39 through Consumer Duty PRIN 2A with handbook citations verified against handbook.fca.org.uk), Deploy, Reference. Written so a v1 production build can be handed cold to a developer or an agent and start on day 1.

Working demo. Live on Vercel. Seven surfaces are real and runnable end to end with a 10-step scripted walkthrough that crosses the persona boundary. State is in-memory; the backend, session auth, FCA notification submission, PDF export, and audit chain are documented at engineering-spec depth in the parallel docs site rather than implemented. The intent is that a v1 production build is roughly two weeks of focused engineering from the documentation, not a fresh design phase.

If this is interesting for your principal firm, AR network, or regulated-services compliance practice, or you'd like to grab a coffee and talk about it, I'd love to hear from you.