The Complete Due Diligence Framework: 15 Criteria for Broker Evaluation

Evaluating a financial service provider requires more than confirming regulatory status. A comprehensive due diligence framework examines regulatory standing, operational transparency, product suitability, cost structure, and consumer protection mechanisms in parallel. This article presents fifteen objective criteria — organised as an evaluative checklist and comparison table — that French consumers and financial literacy students can apply to any broker, adviser, or investment platform under consideration.

La Investfra Holding publishes this framework as an educational methodology. It does not rank, endorse, or recommend any specific provider. Its purpose is to transfer evaluative capability from institutions to individuals.

Framework Design Principles

The fifteen criteria are derived from regulatory requirements under MiFID II, AMF conduct standards, and established institutional due diligence practices (adapted for retail application). Each criterion is:

• Objectively verifiable — based on documented evidence, not subjective impression;
• Independently assessable — checkable without relying on the firm's sales representatives;
• Equally weighted at the screening stage — failure on any single critical criterion (regulatory status, asset segregation) warrants pause regardless of performance on others.

The 15 Criteria: Summary Table

#	Criterion	Primary Source	Pass Threshold
1	Regulatory authorisation	REGAFI / EU register	Active licence matching legal entity and proposed activities
2	Blacklist and clone screening	AMF warnings database	No matches on blacklist or clone alerts
3	Legal entity transparency	Legal notices, contracts	Full legal name, SIREN, registered address disclosed
4	Client asset segregation	Terms of service, regulatory disclosures	Client funds held in segregated accounts
5	Financial reporting and audit	Published accounts, regulator	Audited financial statements available for legal entity
6	Product governance	Product documentation, KID/KIID	Target market defined; risk disclosures provided
7	Cost and fee transparency	Fee schedule, ex-ante cost disclosure	All costs disclosed before account opening
8	Order execution policy	Execution policy publication	Published best execution policy with venue details
9	Complaint and dispute resolution	Complaints procedure, mediator	Documented process with independent ombudsman access
10	Data protection and cybersecurity	Privacy policy, regulatory standards	GDPR-compliant; security certifications if claimed
11	Withdrawal and transfer procedures	Terms of service, user documentation	Clear withdrawal process with defined timelines
12	Conflicts of interest management	Conflict policy disclosure	Written policy published; inducement rules stated
13	Professional indemnity and capital adequacy	Regulatory capital requirements	Meets minimum capital for licence category
14	Operational track record	Register history, enforcement records	No unresolved enforcement actions or licence suspensions
15	Marketing conduct compliance	AMF marketing rules, firm communications	No pressure tactics; balanced risk presentation

Detailed Criterion Analysis

Criterion 1: Regulatory Authorisation

The foundational criterion. Verify the firm's legal name and licence number in REGAFI or the home-state EU register for passported firms. Confirm that authorised activities cover the specific services proposed — execution, advisory, portfolio management, or custody. An authorisation for payment services does not permit investment advice.

Criterion 2: Blacklist and Clone Screening

Search the AMF blacklist and clone warnings for the firm's name, domain, and key personnel. This criterion catches impersonation operations that exploit legitimate register entries belonging to unrelated entities.

Criterion 3: Legal Entity Transparency

Review the website's legal notice (mentions legales) for the full corporate name, registration number (SIREN for French entities), registered office, and publication director. Cross-reference with REGAFI. Opaque or missing legal disclosures are inconsistent with regulated conduct standards.

Criterion 4: Client Asset Segregation

Regulated investment firms must hold client funds and financial instruments in segregated accounts, separate from the firm's own assets. The terms of service should explicitly describe segregation arrangements and what happens in the event of firm insolvency. Absence of segregation language is a material concern.

Criterion 5: Financial Reporting and Audit

For EU-authorised entities, audited annual accounts are typically filed with the home-state companies register. Review the most recent accounts for signs of financial distress: negative equity, qualified audit opinions, or going-concern warnings. While retail consumers rarely perform full financial analysis, the availability and general condition of published accounts indicate operational substance.

Criterion 6: Product Governance

Under MiFID II product governance rules, manufacturers and distributors must define a target market for each product. Retail consumers should receive a Key Information Document (KID) or Key Investor Information Document (KIID) for packaged products, detailing risks, costs, and recommended holding periods. Evaluate whether offered products align with your experience level and objectives.

Criterion 7: Cost and Fee Transparency

Request a complete fee schedule covering spreads, commissions, overnight financing, inactivity fees, currency conversion, and withdrawal charges. MiFID II requires ex-ante and ex-post cost disclosure. Hidden costs discovered only after account opening indicate conduct failures.

Criterion 8: Order Execution Policy

Investment firms must publish their order execution policy, describing how they achieve best execution for client orders, including the execution venues and factors considered. Review this document to understand whether the firm acts as agent or principal and which liquidity providers are involved.

Criterion 9: Complaint and Dispute Resolution

Regulated firms must maintain an internal complaints procedure and participate in an approved dispute resolution scheme. In France, the Mediateur de l'AMF provides an independent mediation channel. Verify that the firm's complaints policy references this mechanism with clear contact instructions.

Criterion 10: Data Protection and Cybersecurity

Evaluate the firm's privacy policy for GDPR compliance, data retention periods, and third-party sharing practices. If the firm claims security certifications (e.g., ISO 27001), verify the certification independently. Data breaches at financial firms can expose consumers to identity theft and financial loss.

Criterion 11: Withdrawal and Transfer Procedures

Before depositing funds, review the withdrawal process: expected processing times, minimum withdrawal amounts, supported methods, and any conditions that could delay access to your capital. Documented withdrawal obstruction patterns are a hallmark of fraudulent operations identified in AMF enforcement data.

Criterion 12: Conflicts of Interest Management

Review the firm's conflicts of interest policy. Key questions: Does the firm engage in proprietary trading alongside client services? Does it receive payment for order flow? Are inducements from third parties disclosed? MiFID II requires firms to identify, prevent, and disclose conflicts systematically.

Criterion 13: Professional Indemnity and Capital Adequacy

Regulated firms must maintain minimum regulatory capital and professional indemnity insurance appropriate to their licence category. While exact capital figures may not be publicly prominent, extreme undercapitalisation visible in filed accounts is a warning sign. The firm's licence category determines minimum thresholds set by its regulator.

Criterion 14: Operational Track Record

Research the firm's regulatory history: prior enforcement actions, licence suspensions, fines, or public censures from the AMF, ESMA, or home-state regulators. A clean multi-year record does not guarantee future performance but demonstrates sustained compliance. Recent enforcement actions warrant detailed investigation before engagement.

Criterion 15: Marketing Conduct Compliance

Evaluate how the firm acquired your contact and how it presents its services. Regulated marketing must be fair, clear, and not misleading. Indicators of non-compliant conduct include: guaranteed outcome language, pressure to deposit within unrealistic timeframes, omission of risk warnings on complex products, and testimonials presented as typical results.

Comparison Framework: Applying Criteria Across Providers

When evaluating multiple providers for educational comparison purposes, construct a matrix with the fifteen criteria as rows and each provider as a column. Score each cell as Pass, Fail, Inconclusive, or Not Applicable. This visual structure prevents cognitive bias toward whichever firm contacted you most recently or presented the most polished interface.

Recommended weighting for decision purposes:

• Critical (must pass): Criteria 1, 2, 4, 11 — regulatory status, blacklist clearance, asset segregation, and withdrawal access;
• Important (should pass): Criteria 3, 7, 9, 12, 14, 15 — transparency, costs, complaints, conflicts, track record, marketing;
• Supplementary (evaluate for fit): Criteria 5, 6, 8, 10, 13 — financial health, product governance, execution, data protection, capital adequacy.

Checklist: Pre-Engagement Verification

• REGAFI or EU register search completed with positive match
• AMF blacklist and clone warnings screened — no matches
• Legal entity name and address verified across three independent sources
• Fee schedule and cost disclosure document obtained in writing
• Terms of service reviewed for segregation and withdrawal clauses
• Complaints procedure and ombudsman access confirmed
• Conflicts of interest policy reviewed and understood
• Product risk documentation (KID/KIID) received for each proposed product
• No pressure tactics or unrealistic outcome claims observed
• Verification dossier documented with screenshots and dates

Framework Limitations

This framework evaluates provider integrity and regulatory compliance — not product suitability for your personal financial situation. A firm that passes all fifteen criteria may still offer products inappropriate for your experience level or objectives. Conversely, regulatory compliance does not eliminate market risk: authorised firms operate in markets where capital loss is possible.

The framework also cannot detect fraud with certainty in cases where authorised firms are impersonated via clone websites. Criterion 2 (blacklist and clone screening) and independent domain verification are essential complements to register checks.

Integration with Broader Financial Literacy

Due diligence is not a one-time event. Re-evaluate providers periodically — at minimum annually, or when you notice changes in ownership, regulatory status, fee structures, or service quality. The AMF publishes updated warnings continuously; a provider that passed screening twelve months ago may subsequently appear on enforcement lists.

Students of financial literacy should practise this framework on publicly known regulated entities before applying it under time pressure to a live solicitation. Familiarity with register interfaces and contractual norms builds the fluency required for effective real-world application.

Conclusion

The fifteen criteria presented in this framework translate regulatory principles into a consumer-operable evaluation system. By systematically assessing authorisation, transparency, consumer protection, and conduct compliance, individuals reduce dependence on marketing narratives and third-party opinions. In the French regulatory context, where the AMF provides robust public tools for verification, due diligence is not merely advisable — it is accessible to every consumer willing to invest the time in structured evaluation.