Your clients shared their entire financial picture with you in confidence. Make sure where you store it deserves that confidence.
Bigby gives IFAs, wealth managers, and financial advisers encrypted, UK-based cloud storage that supports the record-keeping obligations of FCA-regulated practice.
FCA regulation sets clear expectations around client records. So does common sense when you consider what those records contain.
When a client allows you to advise on their pension, investments, protection, or estate, they hand you a complete picture of their financial life. The value of their assets, the nature of their debts, their retirement plans, their family’s financial circumstances. That information is not shared lightly.
FCA-regulated advisers are required to retain client records and suitability documentation for years. Most do so on whatever storage the firm adopted at the start. Consumer cloud services and general business platforms were not designed for the record-keeping obligations of regulated financial advice, and their data handling terms don’t reflect the sensitivity of what they are being asked to hold.
Where standard cloud storage creates risk for regulated advisers
General-purpose cloud platforms were not designed with FCA-regulated financial advice in mind. The distance between what they offer and what your obligations require is worth understanding before something goes wrong.
FCA record-keeping obligations
The FCA requires advisers to retain suitability reports, client correspondence, fact-finds, and investment recommendations for a minimum of five years, and in some cases considerably longer. Those records need to be retrievable, intact, and demonstrably secure. A storage arrangement that provides no meaningful protection, no UK data residency, and no audit trail is not a defensible basis for meeting that obligation.
The sensitivity of financial planning data
Pension values, investment portfolios, inheritance expectations, protection needs, and family financial circumstances represent some of the most personal information your clients will ever share with anyone. A data breach affecting that information is not simply a regulatory event: it is a profound breach of trust with real consequences for the people whose lives the data describes.
AML and KYC documentation
Anti-money laundering compliance requires collecting and retaining copies of identity documents, proof of address, and source of funds information. Passports, utility bills, and bank statements stored on a consumer platform with broad data usage rights or overseas data transfer is an uncomfortable combination for material collected under a regulatory obligation. The AML record-keeping requirement and the data protection obligation need to be satisfied together.
Regulatory supervision and enforcement exposure
An FCA supervision visit or complaint investigation may examine not just the quality of your advice but the security of your record-keeping. A data breach affecting client financial records is both a regulatory event and a reputational one. For advisers whose business depends on client trust, demonstrating that you took the security of their data seriously from the outset is not merely a compliance matter.
How Bigby works
Encryption at rest, UK infrastructure, and no business model built on your clients’ financial data
Unlike the major cloud platforms, Bigby does not scan, analyse, or profit from the files you store. Here is how that works.
01. Encrypted at rest
Your files are encrypted on our UK servers. The data stored on our infrastructure is in encrypted form, which provides meaningful protection in the event of a storage breach and ensures client records are not sitting as readable plain text on any server.
02. No access to file contents
Bigby does not open, scan, or read the contents of what you store. We have no business reason to and our data processing terms prohibit it. Suitability reports, fact-finds, investment records, and AML documents are stored without anyone at Bigby reading them.
03. No AI training or secondary use
Your stored content is not used for AI training, advertising targeting, or any analysis of any kind. The subscription fee covers the cost of running the service. That is the entire arrangement.
04. UK data residency throughout
All data is stored on UK-based infrastructure. UK GDPR applies. There is no transfer to US servers and no exposure to US jurisdiction. Your clients’ financial records do not leave the UK.
Frequently asked questions
Does Bigby help with FCA record-keeping obligations?
Bigby provides encrypted, UK-based storage with a clear data processing model – the foundations the FCA expects to see in any storage arrangement for client records. UK data residency, encryption at rest, and no secondary data use mean your record-keeping arrangements are on considerably stronger ground than with a general consumer or business platform. FCA compliance for a regulated firm extends beyond storage alone, and we would recommend reviewing your full data handling practices with a compliance specialist.
Can I store client suitability reports and investment records securely?
Yes. Suitability reports, fact-finds, investment recommendations, client correspondence, and portfolio documentation can all be stored and accessed securely on Bigby. We do not access the contents of stored files. Encryption applies on all plans. If you work with a small team of advisers or paraplanners, the Group plan provides shared encrypted storage with per-user access controls.
Is Bigby appropriate for storing AML and KYC documents?
Yes. Identity documents, proof of address, source of funds records, and other AML compliance documentation can be stored securely on Bigby. All files are held in encrypted form on UK infrastructure. We do not access the contents of stored files. Storing AML documents on a platform with clear UK data residency and no secondary data use is considerably more appropriate than a general consumer cloud drive, particularly given the personal sensitivity of the material involved.
What happens if Bigby receives a request related to client files?
Bigby is a UK company subject to UK law. We may be required to comply with lawful UK court orders or other legal demands. We do not hold data under US jurisdiction and are not subject to the CLOUD Act. We will challenge any demands we consider unlawful and will notify users where the law permits. For specific advice on how this intersects with your FCA or data protection obligations, we recommend a qualified compliance or data protection specialist.
I work as a sole adviser. What plan is most suitable?
The Storage and Office plans are designed for individual users with no minimum commitment. Most sole advisers find the 100 GB Storage plan more than sufficient for client records, suitability reports, and correspondence. The Office plan adds document editing within your encrypted workspace, which some advisers find useful for drafting suitability letters and client-facing documents without passing content through a general-purpose application. Storage can be topped up at any point.
We are a small advice firm with several advisers. Is there a plan for teams?
Yes. The Group plan provides shared encrypted storage and document collaboration for teams of three or more, with per-user access controls. Each adviser accesses their own client files; shared resources such as firm templates, compliance documents, and procedures can be made available to the full team. The plan is priced per user from £4.99 per month on annual billing.
Storage that meets the standard your clients’ financial plans deserve
Private, encrypted, UK-based cloud storage from £3.99 per month. Built for regulated advisers who understand that how they store client data is as much a part of the service as the advice itself.
Annual billing · All prices in GBP · UK data residency · GDPR compliant