14 Mar 2016
The list below is a summary of my analysis of UK FCA fines for AML between 2002-2015 and common recurring themes identified. This list is by no means exhaustive and should not be considered as a source of regulatory requirements. Please scroll down to the end of the post for the list of fines reviewed and link to the FCA website for the original list of fines.
An interesting observation is that the key failures identified in the first fine in 2002 (earliest available on the site) are very similar in principle to those highlighted in the recent 2015 fine. Also the fines refer to ML Regulations, JMLSG Guidance and published FCA Best Practices as the references for review.
Culture of Compliance:
- 1. Failure to demonstrate the culture and level of cooperation expected by the Authority.
Senior Management Oversight (Compliance and Business):
- 2. Roles and Responsibilities: Lack of clarity re roles and responsibilities within Business and Compliance.
- 3. Failure by the Compliance officer to take reasonable steps for implementation of adequate procedures to control money laundering risk.
- 4. Identification of Gaps and Mitigation of Risks:
- Failings not identified by the Firm.
- Failure continued for a considerable amount of time.
- Shortcomings identified in compliance not addressed
- 5. Reporting:
- Gaps in providing key management information to the Money Laundering Reporting Officer (MLRO).
- Reporting to management was informal.
- 6. Resources: Lack of adequate resources in compliance.
- 7. Branches outside London not subject to regular visits by Compliance department.
- 8. Reliance on a system of self-certification of AML compliance by branches.
Policies and Procedures:
- 9. Firm policies and procedures not up to date with regulatory developments.
Risk Assessment Methodology:
- 10. Risk Assessment Methodology did not consider High Risk Products and Services.
Customer Due Diligence (CDD):
- 11. Failure in identifying customers adequately especially non-resident individuals, non face to face customers and those incorporated in high-risk and/or less transparent jurisdictions.
- 12. Failure to question high profile clients.
- 13. Failure in obtaining sufficient ‘know your customer’ (KYC) documentation.
- 14. Failure in recording CDD documentation. This also meant:
- Firm could not demonstrate that it had all relevant facts about its customers and so could not show that it had taken all reasonable steps to ensure that customers’ accounts remained suitable.
- Insufficient evidence to show that the clients were who they had claimed to be.
- 15. Lack of understanding of Source of Wealth and Source of Funds.
- 16. Failure to review and fully understand documents in foreign languages.
- 17. CDD checklists not completed and/or reviewed.
- 18. Failure in screening customers against Sanctions and/or PEPs lists.
- 19. Failure in controls for high risk customers e.g., PEPs.
- 20. Inadequate guidance given to staff on how they should assess the classification of a customer resulting in customer classified as lower risk.
- 21. Request to waive identification process approved because of the high-profile nature of the customer.
- 22. Gaps in ongoing review of Customer relationships.
- 23. Failure to understand nature of transaction.
- 24. Transactions not in line with the customer profile (e.g., huge unexpected amounts did not trigger a review of the transaction or the relationship).
- 25. High non-compliance rates found in non-personal accounts where there was an increased risk of actual money laundering taking place.
Suspicious Activity Reporting (SAR):
- 26. High Risk Indicators ignored.
- 27. Failed to ensure that suspicious activity reports were promptly considered and reported to the FIU.
- 28. Series of high-risk transactions not followed by adequate investigations or review of account.
Three Lines of Defence:
- 29. Failure in AML compliance monitoring by a central function.
- 30. Concerns around the effectiveness of the internal audit function.
Enterprise Wide Risk Assessment:
- 31. Failure to carry out Enterprise Wide Risk Assessment.
- 32. Failure to carry out gap analysis between regulatory requirements and implementation within the bank.
Training and Education:
- 33. Lack of clarity re roles and responsibilities within Business and Compliance.
- 34. Failure in training employees adequately.
- 35. Failure in revising training content adequately to address shortcomings in AML controls.
- 36. Failure to maintain sufficient records of staff completion of AML training.
- 37. Inadequate training on high risk indicators.
- 38. Failure in checking whether the staff understood their AML responsibilities fully.
- 39. Inadequate guidance given to staff on how they should assess the classification of a customer.
Record Keeping and Retention:
- 40. Failure to keep records of Customer information and also which could evidence what actions had been taken.
List of fines reviewed
- 2002 Royal Bank of Scotland Plc – £750000
- 2003 Abbey National Plc – £2,320000
- 2003 Northern Bank – £1,250,000
- 2004 Bank of Ireland – £375000
- 2004 Bank of Scotland – £1,250,000
- 2004 Carr Sheppards Crosthwaite – £500,000
- 2005 Investment Services UK Limited – £175,000
- 2005 Investment Services UK Limited – Managing Director – Ram Melwani – £30,000
- 2008 Sindicatum Holdings Limited (SHL) £49,000
- 2008 Sindicatum Holdings Limited (SHL) MLRO Michael Wheelhouse – £17,500
- 2010 Alpari (UK) Limited – £140000
- 2010 Alpari (UK) Limited Sudipto Chattopadhyay (MLRO) – £14,000
- 2012 Habib Bank AG Zurich (Habib) – £525,000
- 2012 Habib Bank AG Zurich (Habib) former MLRO Syed Itrat Hussain – £17,500
- 2012 Coutts – £8.75 million
- 2013 EFG Private Bank Ltd – £4,200,000
- 2013 Guaranty Trust Bank (UK) Limited – £525,000
- 2014 Standard Bank PLC – £7,640,400
- 2015 Bank of Beirut (UK) Ltd. – £2.1 m
- 2015 Bank of Beirut (UK) Ltd. – Anthony Wills (former compliance officer), and Michael Allin (internal auditor), £19,600 and £9,900, respectively
- 2015 Barclays – £72 million
For my latest post on USA AML fines, please click on https://www.linkedin.com/pulse/analysis-usa-fca-aml-fines-2002-2015-common-recurring-ica-dip-aml-?trk=hpfeed-article-title-share
Author profile: Anu Ratan, Senior Global AML Policy and Advisory Manager and Independent AML Practitioner – https://uk.linkedin.com/in/anuratan
A PDF copy of this research paper is here: FCA Fines Summary 26 Jan 2016.
Advance your CPD minutes for this content, by signing up and using the CPD WalletFREE CPD Wallet