Out-Law / Your Daily Need-To-Know

FCA identifies system and control failings at small banks and insurance brokers

Out-Law News | 21 Nov 2014 | 4:56 pm | 2 min. read

Most insurance brokers' systems and controls for managing bribery and corruption risks are not wholly effective, the Financial Conduct Authority (FCA) has found.

In a thematic review, the regulator assessed 10 insurance intermediaries' approach to tackling corporate crime and found that most "did not yet adequately manage the risk that they might become involved in bribery or corruption". The FCA's review follows a study into the management of bribery and corruption risks by insurance intermediaries its predecessor, the Financial Services Authority (FSA), conducted in 2010.

It said brokers' risk assessments on bribery and corruption were "often too narrow", that client relationship risk assessments were not scrutinised sufficiently thoroughly and that senior managers' oversight of risk management was weak at some of the brokers it reviewed.

"Our rules require intermediaries to put in place and maintain systems and controls to manage bribery and corruption risk, and to conduct their business with integrity," the FCA said. "This means that intermediaries must identify, assess and mitigate bribery and corruption risk, and take reasonable steps to prevent this risk crystallising in their business."

In a separate thematic review, the FCA identified failings with how small banks are managing "money laundering and sanctions risk". The FSA previously reported problems in this area in 2011.

According to the FCA's report, there are "continuing weaknesses" in the way small banks' anti-money laundering (AML) procedures. The FCA, which assessed 21 small banks in its review, said it found "significant and widespread weaknesses" in AML controls, including with banks' risk assessments, their enhanced due diligence checks and in their dealings with politically exposed persons.

The regulator said that other weaknesses include inadequate resourcing of AML activities at banks. It said in some cases it had found "weak" knowledge and understanding among bank staff of AML and sanctions risks. Shortcomings with the way in which overseas-based UK banks rely on customer due diligence checks being performed by other parts of their group were also identified by the FCA.

Two banks are facing enforcement action over their AML and sanctions risk failings, the FCA said.

Financial services enforcement expert Michael Ruck of Pinsent Masons, the law firm behind Out-Law.com, said that it is clear that the FCA is AML and anti-bribery systems and controls is "one of the key areas on which it is focussing".

"When combined with the FCA’s increasing desire to hold senior management personally accountable the FCA is seeking to ensure better behaviours are encouraged with appropriate systems and controls being put in place and monitored," Ruck said. "However, it is clear that the FCA will only use the carrot approach to a certain extent and that the stick of enforcement or similar action could become increasingly prevalent."

"All firms across the regulated industry should take note and from senior management downwards ensure AML and anti bribery are high on the agenda for review with appropriate systems and controls in place. The regulator has previously made it crystal clear that a failure to address the risk of money laundering or bribery will incur large penalties without any evidence of criminal behaviour or improper payments being found," he said.

In response to the issues it found in both reviews, the FCA proposed amendments to its guidance on financial crime systems and controls with examples of good practices.

Tracey McDermott, the FCA's director of enforcement and financial crime, said: "Firms must take their responsibility to reduce the risk of financial crime seriously. Significant improvements are still required in this area. To do that successfully requires firms to use their judgement and common sense. That is not about box ticking or wholesale de-risking. It is about firms getting the basics right – understanding their customers, the risks they pose and managing those risks proportionately and sensibly."