Written by Matt Raver
FCA action against firms can emanate from its enforcement division or its supervisory division. This article explores how an effective compliance function can assist with managing the risks.
Al Rayan Bank – the UK subsidiary of a Qatar Islamic Bank – fined £4,023,600 for breaches of financial crime rules in the retail banking sector.
Sigma Broking Limited – fined £531,600 for transaction reporting and market abuse failures. Fines totalling over £200,000 on three current and former directors; two directors prohibited from holding significant management functions in FCA-regulated firms.
Guaranty Trust Bank (UK) Limited – fined £7,671,800 for failing to remedy weaknesses in AML systems and controls.
GAM International – fined £9,103,523 for breaches of PRIN 2 and 8 related to managing conflicts of interest in the asset management sector.
The above are all recent headline-grabbing announcements made by the FCA when concluding on enforcement action against financial institutions. The announcement is usually followed by a flurry of activity as the action is relayed to the wider world. Practitioners both provide analysis and extol the virtues of taking measures to avoid getting into the situation in the first place.
Over 2022, the FCA imposed 26 financial penalties on firms and individuals – up by 160% from 10 fines in 2021! The fines related to a fairly broad range of misconduct, including issues of market abuse, financial crime and money laundering, conflicts of interest, breaches of the Listing Rules and pensions mis-selling.
From the relatively small number of publicly available enforcement decision announcements by the FCA, some might be tempted to think: We’re only a small firm, we run a tight ship (most of the time)- this couldn’t happen here.
However, these enforcement cases are just the tip of the iceberg.
FCA supervisory interventions, by contrast, are legion.
Our experience, from our client base of investment firms, is that most FCA supervisory activity occurs beneath the radar – but that such interventions often prove intrusive, costly and time-consuming for the firms concerned – sometimes leading to financial and reputational damage and on some occasions leading to an organisation no longer being able to perform business activities and closing down. Here’s one case in point.
Where investigations find fault, the FCA has wide supervisory powers including requiring remedial action and amending or suspending a firm’s regulatory permissions.
The starting point for FCA supervisory action is not always obvious or intuitive.
Sometimes, a simple application for a Variation of Permission, Change of Control or other transaction triggers an investigation and the FCA suddenly requests to view a host of unrelated documents.
Late-filed regulatory returns may spark further attention and scrutiny, not just of the areas being reported on.
A single issue may prompt them to dig deeper into a firm’s affairs or may impinge on multiple regulatory aspects; a prudential breach, for example, might prompt the FCA to go after a senior manager for breaching the Senior Managers and Certification Regime (“SMCR”).
We have seen this ‘domino effect’ in one case where an issue occurred within the firm’s unregulated business, but the investigation spread to the regulated elements.
One firm we assisted had sought prior help from no fewer than four consulting firms – and their failure to establish proper records forced them to employ a remediation team at considerable cost.
Like a house of cards, a relatively minor failing may prompt an investigation which spreads from one area to the next, effectively paralysing the firm from going about its normal business.
How can an effective compliance function assist in managing these risks?
As the saying goes: “an ounce of prevention is worth a pound of cure.”
You want your business to run smoothly, enjoying ongoing relationships with the regulator that are cordial and co-operative – without undue friction, stress or unachievable deadlines. Likewise, you would like to optimise customer satisfaction – avoiding complaints and adverse publicity from disaffected investors, who can be increasingly vocal on social media.
Essential to this is a functional Compliance programme, implemented from the top down – evidencing Board engagement, definitive statements of responsibility for Senior Managers, clear reporting lines, all staff trained in their Conduct Rules and other responsibilities. Supporting this framework, a network of interlinked policies and ongoing monitoring should establish and maintain regulatory order – leaving your firm free to focus on what it does best – provide financial products and services to its clients.
Retail clients are subject to additional protections, such as those afforded by the upcoming Consumer Duty. Professional and institutional clients will have the expectation that the business has proper systems and controls, whether in relation to financial crime, corporate governance, conflicts of interest, SMCR, prudential and liquidity, information and cyber-security, operational resilience, or ESG.
In fact, ‘best of class’ compliance systems can become a firm’s unique selling point and secret weapon. The FCA does tend to focus on ‘outlier’ firms and one way to ensure your systems are optimal for the industry is to benchmark them against those of your peers – to which end, advice from an external consultant, with deep knowledge of the industry, can be of immense value.
Compliance units are sometimes unkindly branded the ‘Business Prevention Unit’, but it is often when firms seek to bypass them, to cut corners, in their quest to land profitable accounts, that such failings take root. Implementing a strong compliance framework should work to protect your firm, and your senior managers, against these risks. In our experience, the most successful and sustainable businesses tend to have more effective compliance arrangements. This is not a coincidence.
As our clients know, it is best to have appropriate compliance systems in place long before the FCA starts to take an interest. We know what ‘best in class’ looks like and we offer a range of project solutions to provide assurance to firms that their compliance functions are appropriate and effective. These include a mock audit; review of existing policies and procedures, with gap analysis and recommendations; a regulatory health check; coaching and training programmes for managers and staff.
Click below to enquire about our FCA Project Solutions: