There’s no escaping it, reducing and preventing financial crime is one of the FCA’s core commitments, detailed in its 2024/25 Business Plan. When considered against the backdrop of macroeconomic challenges, including ongoing conflicts and the lingering effects of Brexit and Covid, the urgent need for healthy financial sanctions screening processes is brought into sharp focus. To help you navigate the current landscape, our Regulatory & Compliance team look at what’s happening now, the risks to your business, and what you should be doing.
What’s happening now?
The FCA has hit banks with some of its biggest fines of late. Examples include the £108 million penalty against Santander UK in 2022 and £265 million penalty against NatWest in 2021, both relating to serious gaps in anti-money laundering controls.
The action against Starling follows a 2021 FCA review of financial crime controls at challenger banks. The review uncovered issues ranging from failures to consistently apply enhanced due diligence checks, to underdeveloped risk assessment frameworks and inadequate management of financial crime change programmes. In Starling’s case, the FCA identified particular concerns with anti-money laundering and sanctions frameworks, exacerbated by Starling’s notable growth – the systems designed to address financial crime couldn’t keep up.
What are the risks to your business?
- Overreliance on automated screening processes: technology and the automation of repetitive tasks certainly seems like the bee’s knees; it streamlines processes, frees up resources and saves you time and money. However, the reality is that automated processes are not always able to align with the nuances of every circumstance. Individuals, criminal organisations, corrupt officials and terrorism financiers frequently change their methods, meaning reliance on static algorithms without human command risks leaving the door to financial crime wide open.
- Responsibility for failing to prevent financial crime internally: while facilitating any economic crime is undoubtedly problematic, the fact is you don’t need to have actively facilitated crime to be held responsible. The series of “failure to prevent” offences for bribery, tax evasion and the recently introduced failure to prevent fraud offence (expected to come into force next year), means it’s now easier than ever to find yourself in hot water for certain financial crimes. Large organisations are expected not only to monitor their customers, but also the activities of persons associated with the business including employees and agents.
- Reputational damage: failing to protect your business against financial crime poses severe reputational risk, particularly for financial institutions. If a bank repeatedly loses money to fraud, its ability to keep money safe may be doubted. Association with illegal activity is likely to lead to negative publicity and customer distrust.
- Increased costs: as the complexity and scope of financial crime regulation increases, so too do compliance costs. This costs risk is exacerbated further by rising penalties for compliance failures.
What can you do about it?
The action against Starling provides a cautionary reminder to update and bolster sanctions policies and procedures. So, what practical steps can you take to guard against landing on the wrong side of an FCA investigation?
- Implement strategies to enhance financial crime control frameworks: an efficient compliance framework serves as a shield to safeguard the integrity of business transactions. Make sure your controls are comprehensive enough to identify and screen all parties relevant to a transaction, including the individuals or entities that may have control over the parties. Ensure your systems can address red flags and that record-keeping procedures thoroughly document any decision making, due diligence and mitigation measures taken.
- Ensure risk assessments and due diligence checks are fit for purpose: weaknesses in customer due diligence checks, such as failing to obtain customer income and occupation information, was one deficiency flagged by the FCA in its final notice to Starling. The identification of high risk or sanctioned individuals or entities before transacting should be a priority. Beyond basic due diligence, implement enhanced measures when verifying high-risk customers and ensure any concerns are promptly reported to the responsible authority.
- Proactively monitor internal policies and processes: use a risk-based approach to periodically review your anti-money laundering and sanctions screening policies in a way that anticipates future needs. By identifying your highest compliance risks as early as possible, any changes or mitigation measures stand a better chance of being effective. Dealing with financial crime issues on a reactive basis puts you on the back foot and may mean failing to address triggers before they escalate into full-blown compliance issues.
- Be aware of changing financial crime risks: an ever-changing regulatory landscape demands continual revision and development of financial crime systems and controls. Employees should also be kept updated of any such developments with frequent communication and role-specific training. Ensure your message is adapted to present events.
Financial crime failings: How we can support you
Please contact Andrew Northage or Jocelyne Girgis if you have queries about any of the points raised in this briefing, need assistance with reviewing and updating your financial crime controls and screening systems, or have concerns over any other regulatory or compliance issue.