Fined £6.5m for serious financial crime control failings. The nature of ADMISI’s business and client base presented potentially high levels of money laundering risk because of its business model, the geographical location of its customers, the proportion of its business involving high-risk clients and because it had Politically Exposed Persons as clients. The FCA raised concerns with ADMISI in 2014 about its AML systems, including the absence of a formal process to classify customers by risk. The FCA expected ADMISI to make improvements. However, during a 2016 firm visit, the FCA found significant failings remained and also identified new and more systemic, failings. For example, it noted that ADMISI had not conducted a firm-wide money laundering risk assessment and the policies were outdated and referred to repealed legislation. Firms that fail to implement adequate AML systems and controls are exposed to the risk of financial crime and benefit from an unfair competitive advantage over compliant firms because they save on the costs involved in implementing such systems and because they are attractive to customers who wish to avoid customer due diligence and more rigorous enhanced due diligence checks.

Fined £2.5m for serious financial crime control failings in relation to cum-ex trading (i.e., the trading of shares on or just before the last cum-dividend date where, if in a suitable jurisdiction, this can allow a party to claim a tax rebate on withholding tax, sometimes without entitlement). Bastion Capital London Limited (in liquidation) failed to manage the risk of being used to facilitate fraudulent trading and money laundering. Between January 2014 and September 2015 Bastion executed trading to the value of approximately £49bn in Danish equities and £22.5bn in Belgian equities on behalf of Solo Group clients. The purported trades were carried out in a way that was highly suggestive of financial crime. Trading appears to have been carried out to allow the arranging of withholding tax reclaims in Denmark and Belgium. Bastion also ignored or failed to notice a series of red flags in relation to certain trades, which had no apparent economic purpose except to transfer funds from the Solo Group’s controller to his business associates.

Fined £17.2m for serious failings in its oversight of cum-ex trading. In permitting dividend arbitrage trading, MCM relied heavily on tax and legal opinions supporting and validating the trading strategies. The availability of tax and legal opinions were stated to be a fundamental plank of the approval of the business by MCM in the first instance and they were intended to be a key control as the trading proceeded from 2012 onwards. However, there were only very limited and superficial systems and controls in place to check that the required tax and legal opinions were available; there was a complete absence of any control regarding the review and application of such opinions. MCM are unable to confirm that any legal and tax opinions were in fact obtained prior to or during the course of the dividend arbitrage trading by the Equity Finance Desk. Failings allowed MCM to collect fees for trading strategies designed to enable its clients to illegitimately reclaim tax from the Danish authorities. The Final Notice includes mention of the Compliance function failing to consider what risks might arise (aside from money laundering and market abuse which were discounted).

Fined £4.0m for failing to put in place adequate anti-money laundering (AML) controls. Between April 2015 and November 2017, Al Rayan allowed money to pass through the bank and be used within the UK without carrying out appropriate checks. In addition to failing to have appropriate internal controls in order to prevent
activities related to money laundering and terrorist financing, and not keeping documents, data or information obtained for the purposes of applying CDD and EDD measures up-to-date, the firm also failed to adequately check its high-risk customers’ Source of Wealth and Source of Funds for financial crime risk. Failings were made worse by the lack of proper training provided to staff about how to handle large deposits, which further heightened the risk of money laundering and financial crime.  Al Rayan was aware of weaknesses but failed to implement effective change to fix them, despite the FCA raising concerns about inadequacies of their systems.

In August 2013 Guaranty Trust Bank (UK) Limited (GT Bank) was fined £525,000 for serious and systemic failings. This latest fine of £7.6 million relates to further failures identified in GT Bank's anti-money laundering systems and controls. Between October 2014 and July 2019, GT Bank failed to undertake adequate customer risk assessments, often not assessing or documenting the money laundering risks posed by its customers. The bank also failed to monitor customer transactions and business relationships to the required standard. These weaknesses were repeatedly highlighted to GT Bank by internal and external sources, including the FCA, but despite this, GT Bank failed to take appropriate action to fix them. The majority of failings identfied had a direct bearing on GT Bank’s ability to comply with regulatory obligations.  In addition to breaching Principle 3, GT Bank breached Senior Management Arrangements, Systems and Controls (“SYSC”) rules set out in the Authority’s Handbook: SYSC 6.1.1R and SYSC 6.3.1R.

Fined £107.8m after the FCA found serious and persistent gaps in Santanders anti-money laundering (AML) controls. Between December 2012 and October 2017, Santander failed to properly oversee and manage its AML systems, significantly impacting account oversight of more than 560,000 business customers. At the start of the Relevant Period, Santander UK’s processes did not provide for the effective ownership of the money laundering risk presented by its Business Banking portfolio. Various AML functions were divided between different teams, which operated in siloes and did not share information sufficiently, and some functions operated a centralised operational model which prioritised the completion of processes above qualitative assessments. As a result, its governance processes failed to ensure that its systems managed AML risks within Business Banking appropriately. Santander had ineffective systems to adequately verify the information provided by customers about the business they would be doing. Weaknesses at onboarding were exacerbated by the absence of an effective framework within Business Banking for ongoing customer monitoring. 

Fined £18 million for failing to conduct its business with integrity, failing to take reasonable care to organise and control its affairs and failing to be open and cooperative with the FCA. The FCA also banned the former Regional Head for Bank Julius Baer (BJB), the former BJB Sub-Regional (Market) Head for Russia and Eastern Europe and JBI non-executive director, and a former relationship manager on JBI’s Russian and Eastern European Desk.  The FCA concluded that JBI facilitated finder’s arrangements between BJB and an employee of a number of Yukos Group companies. Under these arrangements, BJB paid finder’s fees for introducing Yukos Group companies to Julius Baer. This was done on the understanding that the Yukos Group companies would then place large cash sums with Julius Baer from which Julius Baer could generate significant revenues. The FCA Executive Director of Enforcement and Market Oversight said: 'There were obvious signs that the relationships here were corrupt, which senior individuals saw and ignored. These weaknesses create the circumstances in which financial crime of the most serious kind can flourish. The FCA’s decisions on the individuals whom the FCA alleges were involved in these failures will now be reviewed in the Upper Tribunal.'

Fined £1.5 million for poor anti-money laundering checks. Between June 2014 and July 2017 Gatehouse Bank (a Shariah-compliant bank) failed to conduct sufficient checks on its customers based in countries with a higher risk of money laundering and terrorist financing. In one instance, Gatehouse set up an account for a company based in Kuwait to aggregate customer funds. Gatehouse did not require the company to collect information about customers’ source of funds or wealth, which was required under Gatehouse’s anti-money laundering policies. As a result, over a two-year period, Gatehouse accepted US$62m into the account without properly vetting the funds for financial crime risks. Gatehouse also failed to undertake the correct checks for some customers classed as Politically Exposed Persons (PEPs).

Fined £5.8 million for poor anti-money laundering and counter-terrorist financing controls over its correspondent banking activities. Banks are required to do extra checks on correspondent banking customers to reduce the higher risk of money laundering and terrorist financing associated with the service. Between 1 January 2012 and 31 December 2016, GIB did not adequately perform the additional checks required when it established relationships with the overseas banks and failed to demonstrate it had assessed those banks’ anti-money laundering controls. GIB also failed to undertake annual reviews of the information it held on the banks it had a relationship with, failed to give staff adequate training on how to scrutinise transactions properly and did not establish appropriate policies and procedures for staff.

Fined £7.9 million for financial crime control failings, which in one instance allowed bribery of over $3m to take place.  UK-based JLTSL provided insurance broking, risk management and insurance claims services. It was part of JLT Group plc, which had a number of subsidiaries around the world. JLTSL placed business in the London reinsurance market for JLT Re Colombia, another company in the JLT group. The business had been introduced by a third-party based in Panama. Between November 2013 and June 2017, JLTSL paid $12.3m in commission to JLT Colombia Wholesale Limited, the parent company of JLT Re Colombia, which in turn paid $10.8m to a third-party introducer, who then paid over $3m to government officials at a state-owned insurer in order to help retain and secure their business for JLTSL and JLT Re Colombia. The FCA found that JLTSL failed to manage their business and risks responsibly and effectively.

Fined £0.8 million for oversight failings in its relationship with collapsed payments firm Premier FX. Barclays was Premier FX’s sole banker in the UK and Barclays categorised Premier FX as a money service business (“MSB”). Barclays assessed MSBs to be high-risk clients. The FCA considered that Barclays did not act with due skill, care and diligence in carrying out its ongoing monitoring of Premier FX during the relevant period. FCA findings noted 'Much of the information contained in the AML/EDD review reports prepared for Premier FX by Barclays was repeated and included information cut and pasted from previous reports, which included errors that Barclays did not identify and rectify'.

Fined £63.9 million for deficient transaction monitoring controls. HSBC failed to: (i) consider whether scenarios used to identify indicators of money laundering or terrorist financing covered relevant risks until 2014; and carry out timely risk assessments for new scenarios after 2016; (ii) appropriately test and update the parameters within the systems that were used to determine whether a transaction was indicative of potentially suspicious activity; and (iii) check the accuracy and completeness of the data being fed into, and contained within, monitoring systems.

In the first criminal case pursued by the FCA for money laundering failings, NatWest was fined £264.8 million at Southwark Crown Court for failing to properly monitor activity of Fowler Oldfield, a commercial customer. Over the course of the customer relationship approximately £365m was deposited with the bank, of which around £264m was in cash. Bank employees reported their suspicions to bank staff responsible for investigating suspected money laundering, however no appropriate action was taken. An FCA spokesman, said: “NatWest is responsible for a catalogue of failures in the way it monitored and scrutinised transactions that were self-evidently suspicious. Combined with serious systems failures, like the treatment of cash deposits as cheques, these failures created an open door for money laundering” (See also: (a) ‘Statement of Facts’; and (b) Sentencing remarks of Mrs Justice Cockerill.

Fined £0.6 million for serious financial crime control failings in relation to cum-ex trading. The FCA found that Sunrise had deficient systems and controls to identify and mitigate the risk of facilitating fraudulent trading and money laundering in relation to business introduced by the Solo Group, between 17 February 2015 and 4 November 2015. Solo trading throughout the period was characterised by a circular pattern of purported trades – characteristics which are highly suggestive of financial crime. The trading appears to have been carried out to allow the arranging of withholding tax reclaims in Denmark and Belgium.

Fined £147.2 million for serious financial crime due diligence failings related to loans worth over $1.3 billion, which the bank arranged for the Republic of Mozambique. Credit Suisse failed to sufficiently prioritise the mitigation of financial crime risks, including corruption risks, within its Emerging Markets business. Credit Suisse lacked a financial crime strategy for the management of those risks, (which was exemplified by the under-resourcing of its EMEA financial crime compliance team and procedural weaknesses in its financial crime risk management).

Fined £147.2 million for serious financial crime due diligence failings related to loans worth over $1.3 billion, which the bank arranged for the Republic of Mozambique. Credit Suisse failed to sufficiently prioritise the mitigation of financial crime risks, including corruption risks, within its Emerging Markets business. Credit Suisse lacked a financial crime strategy for the management of those risks, (which was exemplified by the under-resourcing of its EMEA financial crime compliance team and procedural weaknesses in its financial crime risk management).

Fined £96.6 million for risk management failures connected to fund raising transactions for 1Malaysia Development Berhad (1MDB). GSI failed to exercise due skill, care and diligence when managing allegations of bribery and misconduct. Other issues identified include deficiencies in record keeping by committees - a serious breach of Principle 3 – which meant the risk approach to transactions could not be properly reviewed at the time of the transactions, nor could it be adequately scrutinised post the transactions when issues of possible financial crime arose.

Fined £37.8 million for failing to put adequate anti-money laundering (AML) systems and controls in place between October 2012 and September 2017. Commerzbank London was aware of these weaknesses and failed to take reasonable and effective steps to fix them despite the FCA raising specific concerns about them in 2012, 2015 and 2017.  Failings over several years created a significant risk that financial and other crime might be undetected.

Fined £102 million for AML breaches in two higher risk areas of its business: (i) UK Wholesale Bank Correspondent Banking; and (ii) Branches in the United Arab Emirates (UAE). The FCA found serious and sustained shortcomings in AML controls relating to customer due diligence and ongoing monitoring. Standard Chartered failed to establish and maintain risk-sensitive policies and procedures, and failed to ensure its UAE branches applied UK equivalent AML and counter-terrorist financing controls.

Fined £0.9 million and a restriction imposed, preventing Canara Bank from accepting deposits from new customers for 147 days. Having failed to maintain adequate AML systems and failed to take sufficient steps to remedy identified weaknesses, despite having been notified of shortcomings in its AML systems and controls.  The Final Notice issued by the FCA highlights the importance of branches of overseas banks and their senior management having sufficient understanding of their regulatory responsibilities and ensuring those obligations are met with appropriate resources.

Fined £163 million for failing to maintain an adequate AML control framework during the period between 1 January 2012 and 31 December 2015. Deutsche Bank exposed the UK financial system to the risks of financial crime by failing to properly oversee the formation of new customer relationships and the booking of global business in the UK. As a consequence of its inadequate AML control framework, Deutsche Bank was used by unidentified customers to transfer approximately $10 billion, of unknown origin, from Russia to offshore bank accounts in a manner that is highly suggestive of financial crime.

Fined £3.25 million and a restriction imposed, preventing Sonali Bank (UK) Limited from accepting deposits from new customers for 168 days. It also fined the bank’s former money laundering reporting officer (MLRO) and prohibited him from performing the MLRO or compliance oversight functions at regulated firms. The FCA found serious and systemic weaknesses affected almost all levels of its AML control and governance structure, including its senior management team, its money laundering reporting function, the oversight of its branches and its AML policies and procedures.

Fined £6 million for failing to put in place adequate controls in the fixed income area of its front office, and for providing inaccurate information to the regulator. In June 2011 the FCA was notified that staff had been appointed ('Specified Individuals') to be responsible “for all aspects of dealing” on the Emerging Markets and High Yield desks. However, a subsequent Skilled Person review identified a number of deficiencies. The FCA considered failings to be particularly serious because the deficiencies allowed a fund manager to initiate, execute and book a $150 million trade which, had it settled, could have caused a $110 million loss to the relevant client funds. Front office Controls in the fixed income area did not mitigate the risk of unauthorised trading. The FCA's Final Notice includes the deficiencies in the controls meant there was scope for the potential facilitation of financial crime.

Fined £72 million for poor handling of financial crime risks, relating to a £1.88 billion transaction that Barclays arranged and executed in 2011 and 2012 for a number of ultra-high net worth clients. The clients involved were politically exposed persons (PEPs) and should therefore have been subject to enhanced levels of due diligence and monitoring by Barclays. Barclays went to unacceptable lengths to accommodate the clients, and did not obtain information that it was required to obtain from the clients to comply with financial crime requirements. Barclays did not follow its standard procedures, preferring instead to take on the clients as quickly as possible and thereby generated £52.3 million in revenue.

Fined £2.1 million and stopped from acquiring new customers from high-risk jurisdictions for 126 days. The Bank of Beirut repeatedly provided the regulator with misleading information after it was required to address concerns regarding its financial crime systems and controls. The bank's former compliance officer and an internal auditor were also fined for failing to deal with the regulator in an open and cooperative way when responding to queries about the actions taken to mitigate financial crime risk. Bank of Beirut settled with the FCA at an early stage of the investigation. Had it not done so, it would have faced a fine of £3m and a restriction of 180 days.

Fined £0.3 million for failing to take reasonable care to establish and maintain effective systems and controls for countering the risks of bribery and corruption. Besso, a general insurance broker operated a weak control environment over commission-sharing arrangements with third parties, giving rise to an unacceptable risk that they could be used for corrupt purposes. Rule breaches occurred between 14 January 2005 and 31 August 2011, linked to: (i) policies and procedures (content and implementation); (ii) third-parties (risk assessment, due diligence and monitoring); and (iii) record keeping (failing to record adequate commercial rationale to support payments to third parties).

Fined £7.6 million for failures relating to its AML policies and procedures over corporate customers connected to politically exposed persons (‘PEPs’), in the period from 15 December 2007 to 20 July 2011. Standard Bank was the UK subsidiary of Standard Bank Group, South Africa’s largest banking group. The FCA noted that Standard Bank did not consistently: (i) carry out adequate EDD measures before establishing business relationships with corporate customers that had connections with PEPs; and (ii) conduct the appropriate level of ongoing monitoring for existing business relationships by keeping customer due diligence up to date.

Fined £1.8 million for failing to have in place appropriate checks and controls to guard against the risk of bribery or corruption when making payments to overseas third parties. A provider of insurance broking and risk management services, JLTSL was found to have failed to conduct proper due diligence before entering into a relationship with partners in other countries who helped JLTSL secure new business, known as overseas introducers. JLTSL also did not adequately assess the potential risk of new insurance business secured through its existing overseas introducers. JLTSL's failure to manage the risks created by overseas payments, which occurred between February 2009 and May 2012, breached the FCA’s principle on management and control. During this period, JLTSL received almost £20.7 million in gross commission from business provided by overseas introducers, and paid them over £11.7 million in return. Inadequate systems around these payments created an unacceptable risk that overseas introducers could use payments made by JLTSL for corrupt purposes, including paying bribes to people connected with insured clients and/or public officials.

Fined £0.5 million for failings in AML controls relating to high risk customers between May 2008 and June 2010. The failings in GT Bank (a subsidiary of Nigerian Guaranty Trust Bank PLC) were particularly serious as they affected customers based in countries associated with a higher risk of money laundering, bribery or corruption, including accounts held by politically exposed persons (PEPs). GT Bank was unable to fully understand or assess higher risk customers' activities; a breach of FCA Principle 3 (which requires firms to take reasonable care to organise and control their affairs responsibly and effectively).

Fined £4.2 million for failing to take reasonable care to establish and maintain effective AML controls for high risk customers. The failings were serious and lasted for more than three years. EFG is the UK private banking subsidiary of the EFGI Group, a global private banking group, based in Switzerland. EFG provides private banking and wealth management services to high net worth individuals including some from overseas jurisdictions recognised as presenting a higher risk of money laundering and/or bribery and corruption.

In 2012, the Financial Services Authority (‘FSA’), as lead regulator for the HSBC Group globally, took action in relation to issues in respect of HSBC’s compliance with AML rules and U.S. sanctions requirements. The FSA made a number of requirements of HSBC Holdings plc, designed to ensure that all parts of the HSBC Group are in compliance with relevant legal and regulatory requirements across the Group. They included: (i) Establishing a committee of the HSBC Board with a mandate to oversee matters relating to AML, sanctions, CTF and proliferation financing; (ii) Reviewing Group policies and procedures to ensure that all parts of the HSBC Group are subject to standards equivalent to those required under UK requirements; (iii) Appointing a Group MLRO; (iii) Appointing an independent monitor to oversee the Group’s compliance with UK AML, sanctions, CTF and proliferation financing requirements. [NB: These measures were in addition to requirements of a Cease and Desist order issued by the Federal Reserve Board and a Deferred Prosecution Agreement issued by the U.S. Department of Justice on 11 December 2012]

Fined £29.7 million for breaches of Principles 2 and 3 of the FSA’s Principles for Businesses, which occurred between June to September 2011, in the Global Synthetic Equities business of the London Branch of UBS. The branch failed to take reasonable care to organise and control its affairs responsibly and effectively, and failed to conduct business with due skill, care and diligence. The breaches became apparent when UBS discovered that one of its trader's had amassed substantial losses amounting to $2.3 billion. The trader was subsequently convicted of fraud by abuse of position and sentenced to 7 years’ imprisonment.

Fined £0.3 million for breaching the Money Laundering Regulations 2007 (MLR). Breaches related to TBUK’s correspondent banking arrangements were widespread and lasted over two and a half years. TBUK (a wholly owned subsidiary of Turkish Bank Limited, incorporated in Northern Cyprus) failed to: (i) establish and maintain appropriate and risk-sensitive AML policies and procedures for its correspondent banking relationships; (ii) carry out adequate due diligence on, and ongoing monitoring of, the respondent banks it dealt with and failing to reconsider these relationships when this was not possible; and (iii) maintain adequate records relating to the above. These failings led to an unacceptable risk that TBUK may have been used to launder money. 

Fined £0.5 million for failing to take reasonable care to establish and maintain adequate AML systems and controls between 15 December 2007 and 15 November 2010. Habib failed to: (a) establish and maintain an adequate procedure for assessing the level of money laundering risk posed by prospective and existing customers (including maintaining a flawed High Risk Country List); (b) conduct sufficient enhanced due diligence in relation to higher risk customers; (c) carry out adequate reviews of its AML systems and controls; and (d) revise training adequately to address shortcomings in AML practice identified by the MLRO and to maintain sufficient records of staff completion of AML training and of all AML steps taken on individual customer accounts.

Fined £8.75 million for failing to take reasonable care to establish and maintain effective AML systems and controls in relation to customers that posed a higher money laundering risk than standard customers (high risk customers). The failings at Coutts were serious, systemic and were allowed to persist for almost three years.  In particular, the Firm did not: (i) assess adequately the level of money laundering risk posed by prospective and existing high risk customers. This included failing properly to identify and record all politically exposed persons (PEPs); (ii) gather the appropriate level of due diligence information about a large number of prospective high risk customers; (iii) apply robust controls when establishing relationships with high risk customers. In particular, the AML team failed to provide an appropriate level of scrutiny and challenge; (iv) consistently apply appropriate ongoing monitoring to its existing high risk customers to ensure that changes in circumstances and risk profiles were identified, assessed and managed appropriately and that all unusual transactions would be identified; and (v) carry out adequate reviews of its AML systems and controls for high risk customers.

Fined £6.9 million for failings in anti-bribery and corruption systems and controls. Between January 2005 and December 2009, Willis Limited made payments to overseas third parties who assisted it in winning and retaining business from overseas clients, particularly in high risk jurisdictions. These payments totalled £27 million.  Willis Limited failed to: (i) ensure that it established and recorded an adequate commercial rationale to support its payments to overseas third parties; (ii) ensure that adequate due diligence was carried out on overseas third parties to evaluate the risk involved in doing business with them; and (iii) adequately review its relationships on a regular basis to confirm whether it was still necessary and appropriate for Willis Limited to continue with the relationship. The failures contributed to a weak control environment surrounding payments to overseas third parties and gave rise to an unacceptable risk that these payments could be used for corrupt purposes, including paying bribes

Members of the Royal Bank of Scotland Group (RBSG) fined £5.6m for failing to have adequate systems and controls in place to prevent breaches of UK financial sanctions. During 2007, RBSG processed the largest volume of foreign payments of any UK financial institution. However, between 15 December 2007 and 31 December 2008, RBS Plc, NatWest, Ulster Bank and Coutts and Co, which are all members of RBSG, failed to adequately screen both their customers, and the payments they made and received, against the sanctions list. This resulted in an unacceptable risk that RBSG could have facilitated transactions involving sanctions targets, including terrorist financing.