FCA shares concerns regarding AML controls

If there was a Family Fortunes round, “Name the top five concerns of the FCA”, then a winning answer would almost certainly be financial crime and, in particular, what systems and controls firms have in place in respect of identifying money laundering, terrorist financing and proliferation financing.

This was illustrated earlier this week, when the FCA published a Dear CEO letter, which was sent to Annex I financial institutions. 

What is an Annex I financial institution (FI)?

The term is defined in the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (as amended), referred to as the MLRs, and includes businesses that undertake activities such as lending, financial leasing, payment services or issuing e-money activities.

Common control failings

The letter, entitled 'Action needed in response to common control failings identified in anti-money laundering frameworks', detailed the weaknesses that the FCA has seen in recent assessments of certain FIs' financial crime frameworks. Observations include:

• Business model: discrepancies between firms' registered and actual activities, as well as a lack of financial crime controls to keep up with business growth.
• Risk assessment: weaknesses in firms' business-wide risk assessments and customer risk assessments.
• Due diligence, ongoing monitoring, and policies and procedures: insufficient detail in firms' customer due diligence and monitoring policies, which resulted in ambiguity around actions staff should take to comply with their obligations under the MLRs.
• Governance, management information and training: firms lacked both resources relating to financial crime and adequate financial crime training. There was also an absence of a clear audit trail for financial crime-related decision making - some firms failed to document how they responded to risks or the rationale for their decisions.

FCA's expectations

The FCA expects firms to undertake a gap analysis against each of the common weaknesses identified in the letter within six months, and to take prompt, reasonable steps to bridge gaps they identify. As part of its supervisory engagement with firms, it is likely to ask firms to provide evidence of their gap analysis and the remedial actions taken.

FCA intervention

The FCA reminds firms that it will consider taking regulatory intervention against firms that are considered not to have managed their financial crime risk adequately.

Help is at hand

Our Financial Services Regulatory and FinTech team has significant expertise in helping firms build the necessary AML systems and controls and can assist you with designing a gap analysis and any remedial plans.