FCA to issue further guidance to firms on systems and controls for addressing financial crime risks

In November 2014 the FCA published the results of two thematic reviews. The first thematic review looked at 12 smaller banks’ anti-money laundering (AML) and sanctions systems and controls. The second review considered the anti-bribery and corruption (ABC) systems and controls in ten wholesale insurance intermediaries.

The AML review was aimed at assessing the adequacy of AML and sanctions systems and controls within the chosen banks. The findings were clearly concerning to the FCA. They stated that whilst a small number of banks had implemented effective AML and sanctions controls, significant and widespread weaknesses were detected in most of the sample banks that were reviewed. In a similar manner to the AML review, when looking at ABC systems and controls, the FCA found that work conducted by the sample intermediaries in respect of their ABC systems and controls needed improvement. For example, the FCA considered that most risk assessments were based on too narrow a range of risk factors, half of the due diligence files reviewed were considered inadequate and management oversight was often found to be weak.

As a result of the failings identified by the thematic reviews, the FCA has announced that it intends to amend its regulatory guidance, Financial Crime: a guide for firms (“the Guide”). Whilst the thematic reviews focused on small banks and insurance intermediaries, the FCA has expressed its view that the amendments to the Guide will help all authorised firms strengthen their financial crime systems and controls. The emphasis continues to be on ensuring that firms approach financial crime compliance in a risk based and proportionate way.

The proposed changes to the Guide consist of amendments to both part 1 and part 2.  Part 1 will include new “management information” guidance which directly responds to the FCA’s findings that management oversight in relation to financial crime is often weak. The guidance contains the message that management information should provide senior management with sufficient information to understand the financial crime risks to which the firm is exposed. It is proposed that Part 1 of the Guide will also include more detailed guidance on the following areas:

• Risk assessments;
• Enhanced due diligence;
• Identifying a customer’s source of wealth and/or funds.

The key message from the FCA is that firms must approach their financial crime systems and controls using a risk based approach and must undertake more focused reviews of customers, using enhanced due diligence for example, where the risk associated with the relationship requires it.

Two new chapters are also proposed for part 2 of the Guide which will consolidate the examples of good practice identified in the FCA’s two thematic reviews. These chapters will cover the following issues: management information, governance structures, culture and tone from the top, risk assessment, enhanced due diligence and ongoing monitoring, transaction monitoring, customer reviews and sanctions.

New guidance is to be welcomed if it means that authorised firms will be given additional tools to strengthen their financial crime systems and controls. However, firms should be aware that increased guidance will raise the FCA’s expectations when looking at the efficacy of the systems and controls that they have in place. It is therefore important that firms ensure they paid careful attention to the guidance when devising their financial crime systems and controls.

The proposed changes to the Guide were subject to consultation which closed last week. We will cover the final changes on this blog once they are announced.