In the first of our twelve part weekly series, we take a more focused look at the 12 priorities set out in the FCA Business Plan 2019/2020, starting with financial crime and Anti-Money Laundering
Financial crime and Anti-Money Laundering (AML) remains a key cross-sector priority for the Financial Conduct Authority (FCA).
This year the FCA's work on this is firmly set within the global context of the UK's financial services industry and the problems and opportunities presented by the changing technology landscape. The regulator is keen to understand sector specific types of fraud in pensions and payments, to better focus its activity. The FCA has been and continues to encourage firms to invest in innovative technology to better detect and prevent economic crime.
This article focuses on the likely future enforcement activity surrounding AML control breaches.
What now for FCA enforcement activity and sanctions?
Given that financial crime, AML in particular, has consistently been an area of focus for the FCA, it appears the regulator is now ready to take a harder approach to any firm found to have or to have had AML breaches.
The £102 million fine imposed on Standard Chartered Bank in April for AML systems and controls breaches illustrates the importance the FCA place on adherence in this area. Mark Steward, Director of Enforcement and Market Oversight at the FCA, commented that "these breaches are especially serious because they occurred against a backdrop of heightened awareness within the broader, global community." The FCA also fined Deutsche Bank £163 million in 2017 for AML control failings and made it clear then that firm's needed to review their policies and procedures to ensure compliance.
In mid-2018, as well as imposing a fine on Canara Bank, the FCA imposed a restriction preventing the bank from accepting deposits from new customers for 147 days. This strikes at the Bank's bottom line, and no doubt their reputation but are fines and restrictions enough of a deterrent?
Speaking on 4 April 2019 at the Global Investigations Review Live event, Mark Steward said "it is time that the FCA gave effect to the full intention of the Money-Laundering Regulations which provides for criminal prosecutions." He went onto clarify that the FCA is currently undertaking 'dual track' investigations (i.e. those which may give rise to civil or criminal proceedings) akin to those already run in market abuse cases.
Criminal prosecutions will be "exceptional" and reserved for the most egregious cases but there is now a clear expectation that the full array of sanctions will be used. It should be remembered that proof of actual money laundering is not required for a criminal prosecution to be pursued for breach of the requirements where the underlying breach relates, for example, to prejudicing an investigation into potential contravention of the relevant requirements (see more below).
The relevant requirements and sanctions are contained in The Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (the Regulations) which came into force on 26 June 2017, implementing the EU’s fourth directive on money laundering. The Regulations impose a number of requirements, not least for firms to have a written AML risk assessment and policies and procedures to deal with those identified risks.
The FCA has powers to impose fines, remove or suspend permissions (in addition to requesting that firms voluntarily accept the imposition of a requirement (VREQ)), impose prohibitions on management, and injunct in some circumstances.
There are three criminal offices which can result in up to two years’ imprisonment. These include:
1. The information offence; 2. Prejudicing an investigation; and 3. Contravention of a ‘relevant requirement’
The third of these offences is wide ranging and makes it a criminal offence for a person to contravene a relevant requirement imposed on that person. This includes the requirement to mitigate and manage any identified risks by establishing and maintaining policies, controls, and procedures which are proportionate to those risks. If a person can show that they took all reasonable steps and exercised all due diligence to avoid committing the offence, they will not be guilty of the same.
The criminalisation of this area is set against a background of calls, from some at least, for a corporate 'failure to prevent' economic crime offence. The government mooted this in 2016 and The Treasury Committee published its 'Report on Economic Crime – anti-money laundering supervision and sanctions implementation' in March this year. In this they push for a new offence to be enacted to strengthen the controls and deterrents for corporates. Only time will tell whether there is parliamentary time to consider such reform with other competing priorities.
What should you be doing to stay on the right side of the FCA in respect of your AML controls?
- Ensure you review your AML risk assessment regularly and ensure senior oversight is visible;
- Identify and understand the high risk areas within your business and implement tailored policies and procedures to address those risks;
- Establish an independent audit function to assess the adequacy and effectiveness of AML policies and controls and to make recommendations in relation to such policies and controls and to monitor compliance with the Regulations;
- Be able to evidence your internal communications and training regarding your AML controls;
- Adopt appraisal and remuneration policies which support good AML practice;
- Devote sufficient resource to your financial crime teams and give them teeth within the business. This will save you money in the long run; and
- Seek expert advice if you are unsure whether you are meeting regulatory requirements.
With AML compliance being as much a moving target as financial crime activity itself firms need to devote time and energy, at a senior level, to deal with this issue.