The FCA has published its final notice issued to Canara Bank, levying a fine of £896,000 and imposing a restriction on accepting deposits for new customers for 147 days, for failings relating to AML systems and controls between 2012 and 2016. Canara is the UK branch of the Indian state owned bank of the same name.

The FCA visited Canara in 2012, and notified it of a number of serious weaknesses in its systems and controls. Following a re-visit in 2015, the remedial actions were considered insufficient, and Canara had failed to test the implementation and effectiveness of the steps taken. A skilled persons report was subsequently commissioned, and found that:

  • the organisational and corporate governance structure and arrangements at the bank were not adequately designed or effective;
  • its compliance and AML systems and controls were not appropriately designed, and the AML risk management and governance framework was not fit for purpose; and
  • There was a lack of understanding of AML risk profile, a lack of monitoring of AML risks and controls, an inability to identify or flag unusual transactions and an inability to recognise politically exposed persons.

These failings were found to be endemic throughout Canara’s UK operations, and had an effect on almost every part of its business.

A key finding from the FCA was a lack of adequate management experience, stemming from senior management transfers from its Indian head office and the resultant lack of understanding of UK legal and regulatory AML requirements.

The FCA stated that in imposing the restriction, in addition to the financial penalty, it hoped that this would be a more effective and persuasive deterrent, and that it would “demonstrate to firms that fail to address deficiencies in their AML systems and controls that the Authority will take disciplinary action to suspend and/or restrict the firm’s regulated activities”.