AML failings have led the FCA to ban a bank from accepting deposits from any new customers for 168 days and levy a £3,250,600 fine.

The Financial Conduct Authority (FCA) found acute and systemic weaknesses affected most levels of Sonali Bank (UK) Limited’s anti-money laundering (AML) control and governance structures.

“Fighting money laundering is an issue of extreme international importance. … The FCA will not hesitate to take action against firms and senior individuals who fall short of our standards”, the FCA warns.

From the Final Notice, we can see the FCA wants firms to have:

  • an effective and cohesive board of directors and senior management team, which offer sufficient challenge on management information about AML compliance;
  • a robust, well-resourced, money laundering reporting function and an effective person in the role of money laundering reporting officer (MLRO);
  • effectual oversight of any branch network, with clear reporting lines;
  • monitoring systems, such as up to date and regularly upgraded software, capable of detecting compliance short falls; and
  • adequate AML processes, procedures and policies, with meaningful practical guidance, training, and business ownership of compliance.

Although the fine is, of course, significant, the business prohibition is more so; while the bank’s major business (money remittance) is unaffected on paper, practically this type of sanction to another business line is likely to be a blow.

The FCA’s final notice states that: “the board and senior management failed to embed a culture of compliance throughout the firm and failed to provide adequate oversight to the MLRO department, which was under-resourced”. As the accountability regime is now in place for banking (and steps are in place to widen this across the industry), individuals as well as firms need to heed the FCA’s warnings.

The FCA identified the 15 failings (see section 5 of the final notice) as “level 4 or 5 factors” (DEPP 6.5A.2G (11)), clearly signalling the emphasis the FCA wants firms to place on such issues. These were identified in 2010 as part of thematic work into financial crime controls at smaller firms. As such, the bank could have been in no doubt of the importance of AML controls. A further FCA visit in January 2014 identified that the implementation and effectiveness of the remediation plan put in place was not tested. A skilled person was appointed at this time and the FCA referred the firm for investigation in September 2014 for breach of Principle 3 (organise affairs responsibly with adequate risk management). In March 2015, the bank breached Principle 11 (be open and cooperative with FCA) as it waited approximately 7 weeks to notify the FCA of a significant potential fraud event.

Please see here for related MLRO prohibition and fine