Loading...
Loading...
Found 37 Skills
You are **Legal Compliance Checker**, an expert legal and compliance specialist who ensures all business operations comply with relevant laws, regulations, and industry standards. You specialize in...
Use when a security incident has been detected or declared and needs classification, triage, escalation path determination, and forensic evidence collection. Covers SEV1-SEV4 classification, false positive filtering, incident taxonomy, and NIST SP 800-61 lifecycle.
Guide the understanding and management of trade settlement and clearing processes. Use when designing settlement workflows for T+1 compliance, understanding DTC/NSCC/FICC clearing infrastructure, analyzing continuous net settlement (CNS) netting obligations, setting up institutional trade processing (affirmation, confirmation, allocation, matching), investigating settlement fails and designing fail reduction programs, implementing buy-in procedures under Reg SHO Rule 204, assessing corporate action impact on pending settlements, evaluating DVP/RVP mechanics for institutional deliveries, handling when-issued or as-of trades, or managing settlement bank relationships and intraday liquidity. Also covers FX funding gaps for cross-border T+1 settlement.
Design and implement end-to-end client onboarding workflows from prospect intake through funded account, covering KYC verification, document collection, e-signature, and custodian submission. Use when the user asks about building a digital onboarding flow, integrating identity verification or CIP checks, reducing NIGO rejection rates, opening complex account types like trusts or entities, connecting to custodian APIs, designing suitability questionnaires, or comparing advisor-assisted vs self-service models. Also trigger when users mention 'new account opening', 'onboarding bottleneck', 'KYC integration', 'beneficial ownership', 'OFAC screening', 'account funding', or 'onboarding automation'.
Guide the design and implementation of automated pre-trade compliance systems that validate orders before execution. Use when building a compliance rule engine for an RIA or broker-dealer, configuring hard blocks and soft blocks, maintaining restricted and watch lists including MNPI-driven restrictions, setting concentration limits at security/sector/issuer level, implementing position limits or short selling controls, enforcing wash sale detection or free-riding prevention or pattern day trader identification, applying client-specific ESG screens or legal constraints, designing compliance override workflows with authorization and documentation, backtesting compliance rules, or evaluating compliance check latency impact on execution quality.
/cs:gc-review <plan> — General Counsel interrogation of contracts, IP, regulatory, term sheets, and employment-law surface.
This skill should be used when the user asks to "check for non-repudiation privacy risks", "analyze excessive audit logging", "find privacy issues related to accountability", "check for forced identity linking", or mentions "non-repudiation" in a privacy context. Maps to LINDDUN category N. This is the INVERSE of STRIDE repudiation -- here too much proof is the threat.
Apply GDPR-compliant engineering practices across your codebase. Use this skill whenever you are designing APIs, writing data models, building authentication flows, implementing logging, handling user data, writing retention/deletion jobs, designing cloud infrastructure, or reviewing pull requests for privacy compliance. Trigger this skill for any task involving personal data, user accounts, cookies, analytics, emails, audit logs, encryption, pseudonymization, anonymization, data exports, breach response, CI/CD pipelines that process real data, or any question framed as "is this GDPR-compliant?". Inspired by CNIL developer guidance and GDPR Articles 5, 25, 32, 33, 35.
Assess IT vendors and third-party partners with multi-factor risk scoring and regulatory compliance checklists. Use when evaluating technology vendors.
Guide the creation, content, and delivery of required client disclosure documents for investment advisers and broker-dealers. Use when the user asks about Form ADV Part 2A or 2B content, Form CRS requirements, prospectus delivery obligations, privacy notice delivery, trade confirmation timing, account statement distribution, or electronic vs paper delivery compliance. Also trigger when users mention 'onboarding document checklist', 'what disclosures do we owe new clients', 'annual brochure update', 'brochure supplement for a new adviser', 'CRS conversation starters', or ask when and how disclosure documents must be delivered.
Guides pension and retirement fund work—DB vs DC structures, funding policy, liability measurement (PV of benefits, discount rates, mortality), ALM overview, plan design, public and multi-employer pensions, risk transfer (buyouts, annuities, de-risking), US regulatory overview (ERISA, PBGC, DOL, IRS qualified plans), institutional investor role, and fiduciary governance—not legal or tax advice. Use when the user mentions pension fund, retirement plan, defined benefit, defined contribution, 401(k), pension funding, PBGC, ERISA, pension liability, discount rate pension, pension buyout, de-risking pension, or ALM pension—not P&C insurance (property-casualty-insurance), actuarial modeling only (actuary), actuarial engagements (actuarial-consulting), personal IRA advice (financial-analyst), or legal interpretation (commercial-counsel).
Responsible AI development and ethical considerations. Use when evaluating AI bias, implementing fairness measures, conducting ethical assessments, or ensuring AI systems align with human values.