INTERVIEW WITH BCB GROUP’S CRCO
James Sullivan’s arrival as Chief Risk and Compliance Officer signals an enhanced focus on institutional trust, regulatory alignment and infrastructure built to scale with confidence.
In a sector defined by velocity, scrutiny and institutional ambition, James Sullivan’s focus is clear: strengthen resilience, mature governance and embed a robust controls environment as a strategic growth driver.
“Long-term sustainable growth requires embedded frameworks,” says Sullivan, BCB Group’s new chief risk and compliance officer.
His arrival follows a decade of legal and compliance leadership across traditional finance and crypto-native firms. Most recently he was general counsel at Bitstamp.
Now at BCB, he’s applying that experience to help the business scale responsibly, deepen institutional trust and navigate ever increasing regulatory expectations across Europe, the Middle East and beyond.
“We’re starting from a strong foundation,” he says, noting that he steps into an existing role, leading a substantial team.
What follows is not a reset, but a refinement. Sullivan’s approach is grounded in pragmatism, shaped by experience and aligned with BCB’s ambition to become the infrastructure partner of choice for Tier 1 banks and other credible financial institutions.
Resilience as a strategic asset
Sullivan’s approach to risk is shaped by experience. He’s seen how firms that prioritise speed over structure often face costly corrections later.
“Some firms have made strategic decisions to ‘move fast and break things,’ fixing issues later. That’s a choice,” he says. “My experience shows that this approach only gets you so far – eventually, there’s a painful catch-up.”
At BCB, the emphasis is on building resilience by design. That means defining risk appetite early, investing in control frameworks and ensuring that operational decisions are made with long-term sustainability in mind.
This mindset aligns with broader industry trends. Across major economies, regulators are increasingly treating operational resilience as a core supervisory priority. In the UK, the FCA’s enhanced safeguarding proposals for payments and e-money firms include statutory trusts and stricter oversight of secure liquid assets.
In the EU, MiCA introduces new standards for crypto service providers, with a strong emphasis on custody, financial crime controls and transparency. In the Middle East, jurisdictions like the UAE and Saudi Arabia are building regulatory frameworks that place safeguarding and governance at the centre of their digital finance ambitions.
Governance that evolves with scale
As BCB expands, governance structures must evolve alongside it. Sullivan’s approach is to understand not just formal decision-making processes, but the informal dynamics that shape outcomes.
“When I go through my own due diligence, I always ask: how are decisions being made, and who makes them? Often, there’s a formal decision-making group, but a core subgroup is the real driver.”
He views governance as a living system – one that should support innovation while maintaining clarity and accountability. Recent leadership hires at BCB, including across legal, operations and finance, are helping to mature that system.
“My perception of BCB is that there’s an opportunity to mature its governance to be fit for its ambition, growth and scale. Some of the new hires are enabling that,” he says. “Awareness is the starting point.”
Sullivan’s role is to be a check and balance – providing alternative view points, facilitating discussion or asking pertinent questions, surfacing blind spots and helping the business move faster with confidence.
Controls as a growth enabler
Controls such as safeguarding are often framed as a regulatory obligation. Sullivan sees it differently. For him, controls are a strategic lever that builds trust, attracts institutional clients and supports BCB’s positioning as a credible infrastructure provider.
“With MiCA coming into effect, expectations on service providers are increasing,” he notes. “It’s not a binary issue. It’s about improving controls, especially around financial crime and safeguarding.”
He advocates for collaborative engagement with regulators and clients, using data and dialogue to surface known issues and strengthen internal practices.
“Helping firms recognise and address known issues, providing data points and engaging with their internal stakeholders can be done collaboratively. I believe that’s the right starting point,” he says.
This approach is particularly relevant as BCB expands into new markets. In Europe, the firm is building out its presence to support euro-denominated payments and custody. In the Middle East, BCB is engaging with regulators and partners to support cross-border settlement and tokenisation initiatives. In each case, custody and safeguarding are not just a compliance requirement – they’re a prerequisite for institutional trust.
Risk and compliance as a business partner
Sullivan is clear that risk and compliance should not operate in isolation. His goal is to integrate these functions into the commercial rhythm of the business, helping teams make informed decisions and build with clarity.
“The goal of a risk and compliance function is to be an enabler and a business partner – not just a control function,” he clarifies.
That includes defining risk appetite, supporting product development and ensuring that governance frameworks are aligned with operational realities.
“Setting risk appetite is key. Many firms are running fast and building without pausing to define their risk appetite. It’s a difficult but valuable process.”
His team is encouraged to take a proactive stance—identifying areas for improvement, supporting cross-functional collaboration and contributing to BCB’s strategic direction.
“If you help the business build a strong platform, you can win and retain clients and attract ever better ones, enabling growth.”
A platform built for institutional trust
BCB Group’s ambition to work with the type of partners in its sights depends on its ability to meet—and exceed—regulatory expectations. Sullivan’s background equips him to bridge the gap between crypto-native innovation and TradFi standards. He’s led international teams, overseen multi-jurisdictional compliance functions and understands the due diligence questions to expect from institutional clients.
“Anyone operating in regulated financial services knows the questions asked during due diligence and the expectations around ways of working. These are areas where I can add value to the business.”
His focus is not on accepting the status quo, but on helping it move faster, but also with clarity, confidence and credibility.
Looking ahead
As the digital asset economy matures, firms that invest in safeguarding will be best positioned to lead. Sullivan’s appointment reflects BCB’s commitment to building a platform where resilience, governance and institutional-grade infrastructure are not just aspirations—they’re embedded in the way the business operates.
Risk and control, in this context, is not a checkbox, it’s a growth strategy.
Related Insights
weekly roundup – CBDC Latest Reports | Fidelity | Bakkt | FED
READ
1 Minute Market Rundown – 21st September 2022
READ
The Battle Against APP Fraud
READ
1 Minute Market Rundown – 14th July 2022
READ
weekly roundup – BLINC Countdown | Twitter Hack | CBDCs | DeFi $
READ
Fresh capital key to growth – BCB Group’s panel at the Digital Assets Forum
READ
2021 Crypto Review: Cryptocurrency’s Biggest Moments
READ
