Financial Conduct Authority fines Standard Bank £7.6 million for failures in its anti-money laundering controls, underlining the importance of both having and implementing adequate policies in relation to money laundering.

On 22 January, the UK Financial Conduct Authority (FCA) published a decision notice1 imposing a £7.6 million fine on Standard Bank PLC, the UK subsidiary of South Africa’s Standard Bank Group.2 The fine was issued for failures relating to Standard Bank’s anti-money laundering (AML) policies and procedures for corporate customers connected to politically exposed persons (PEPs).3 This is the first AML fine issued under the FCA’s new penalty regime and the first such fine by the FCA—or its predecessor, the Financial Services Authority—in relation to commercial banking activity.

Under Regulation 20(1) of the Money Laundering Regulations 2007, regulated institutions, such as banks, must establish and maintain “appropriate risk-sensitive policies and procedures” on customer due diligence measures and ongoing monitoring of business relationships, amongst others. The policies must be aimed at preventing money laundering and terrorist financing. Guidance issued by the Joint Money Laundering Steering Group states that enhanced due diligence (EDD) should be applied where a corporate customer is linked to a PEP, such as through a directorship or shareholding, as it is likely that this will put the customer at higher risk of being involved in bribery and corruption.

As part of its investigation into Standard Bank, the FCA reviewed a sample of 48 corporate customer files, which all had a connection with a PEP, and discovered “serious weaknesses” in the application of the bank’s AML policies and procedures. The FCA found that, from 15 December 2007 to 20 July 2011, Standard Bank breached the Money Laundering Regulations 2007 by failing to take reasonable care to ensure that all aspects of its AML policies were applied appropriately and consistently to its corporate customers connected to PEPs. In particular, the FCA found that Standard Bank did not consistently carry out adequate EDD measures before establishing business relationships with corporate customers linked to PEPs and did not conduct the appropriate level of ongoing monitoring for existing business relationships by updating its due diligence. The FCA noted the failings were particularly serious because the bank dealt with corporate customers from jurisdictions regarded as posing a higher risk of money laundering and because the FCA had previously stressed the importance of AML compliance to the industry.4 The gravity of the failings was underlined by the FCA’s director of enforcement and financial crime, who stated that “[if banks] accept business from high risk customers they must have effective systems, controls and practices in place to manage that risk. Standard Bank clearly failed in this respect”.

This is the first AML case to use the FCA’s new penalty regime, which applies to breaches committed from 6 March 2010 and under which larger fines are expected. The FCA’s decision notice sets out how it determined the level of the fine, by reference to a five-step framework (as outlined in the Decision Procedure and Penalties Manual).5 The FCA considered the fact that the bank and its senior management cooperated in the investigation and took significant steps to remediate the problems, including seeking advice from external consultants, to be a mitigating factor. In addition, Standard Bank’s decision to settle the matter at an early stage of the investigation resulted in a 30% discount on the fine. The original penalty was £10.9 million.

The FCA’s action against Standard Bank illustrates the increasingly tough approach taken by the UK authorities against financial crime and shows that the FCA is willing and able to enforce AML legislation. Banks and regulated firms are encouraged to ensure that they have effective policies and procedures against money laundering in place and that these are being adhered to.