Mark Taylor
Senior Editorial Manager
UK banks must review their financial crime controls as part of guidance from the regulator.
The Financial Conduct Authority (FCA) is consulting on updates to its Financial Crime Guide, which sets expectations of what it considers good compliance to look like.
The regulator is proposing updates in relation to sanctions, proliferation financing, and transaction monitoring.
It is also gearing to add references to cryptoassets and the Consumer Duty, along with other consequential changes throughout the guidance, giving firms until 27 June to respond.
The FCA said it wants to “help firms assess the adequacy of their financial crime systems and controls” and remedy deficiencies.
The guide does not contain rules and imposes no new requirements on firms, however, it should serve as insight into the regulator’s thinking and expectations of robust compliance functions.
“As part of our responsibility to help ensure the integrity of the UK financial markets we require all authorised firms to have proportionate systems and controls in place to mitigate the risk that they might be used to commit financial crime,” the consultation reads.
How sanctions compliance is changing
Proposed updates to firms’ sanctions systems and controls focus on obligations management.
Reporting requirements are liked to be altered, along with governance arrangements to oversee sanctions systems and controls.
This includes senior management accountability, oversight of outsourced functions, and engagement in public-private and private-private information/best practice sharing, the FCA said.
Specific guidance on the interplay between Customer Due Diligence (CDD)/ Know Your Customer (KYC) procedures for anti-money laundering purposes and managing sanctions risks, is likely to be updated, the FCA said.
Proliferation financing guidance updates
Since 2022, money laundering amendments have required firms to identify and assess the risks of proliferation financing to which their business is exposed.
The changes are intended to update the guidance to reflect this requirement, the FCA said.
As such, firms need to understand their financial crime risks if they are to apply proportionate and effective systems and controls, according to the FCA.
Improved transaction monitoring
Transaction monitoring is a key control for almost all regulated firms, and the regulator has frequently called out examples of poor software deployment.
Alongside this, the FCA has also observed an industry-wide desire to innovate using new technologies to improve the effectiveness of systems to detect potential financial crime.
Consequently, the FCA is proposing to provide more guidance to help firms in adopting and maintaining automated monitoring systems.
“We intend to maintain our existing position that automated monitoring is only required where appropriate for the size and nature of the business and is not necessary if manual processes achieve an effective outcome,” the consultation reads.
Specific guidance includes new self-assessment questions and examples of good and poor practice.
Updates to cryptoasset guidance
The FCA became the supervisor for certain cryptoasset businesses in January 2020.
Whilst the Financial Crime Guide has helped businesses understand their obligations, the regulator wants firms to actively use it when designing their financial crime systems and controls.
“Recognising the evolving development of cryptoasset businesses and regulations, we will continue to seek to provide feedback on good and poor-quality applications under the [money laundering rules] and provide additional guidance for the new regime as it develops,”: the FCA said.
Since 1 September 2023, cryptoasset businesses in the UK are required to collect, verify and share information about cryptoasset transfers, known as the ‘Travel Rule’.
The regulator intends to update the guide to include a reference to the travel rule in the section that already exists for customer payments.
“We are also proposing some additions to the sections on risk assessment, handling higher risk situations and fraud, and to reflect some of the findings of good and poor practice when using blockchain analytics as part of transaction monitoring,” it said.
What does the FCA expect from regulated institutions?
In a recent speech, FCA director and financial crime supervisor Mark Francis said the regulator intended to continue focusing on the management of financial crime systems and controls.
He also emphasised the regulator’s positive view of horizon scanning and preventative measures.
“Essential though it is, we know that financial crime is not a problem that we (or any agency) can just enforce our way out of,” he said. Prevention is one of the biggest levers available in the fight against financial crime.”
He also encouraged regulated firms to be “bolder” in their approach to compliance.
“Data and technology are transforming fraud and money-laundering detection, but cyber fraud, cyber-attacks, and identity fraud are increasing in scale, sophistication, and effectiveness as the use of AI grows,” Francis said.
“Firms should be bolder and more collaborative in how they engage with new technologies to keep up with emerging risks.”
CUBE comment
Fighting financial crime is a major part of the FCA’s current strategy, and it makes sense the regulator will focus on how robust systems and controls are.
The messaging in the consultation is consistent with previous updates that firms need to be faster and smarter in their approach to preventing abuse of the financial system.
Criminals have been quick to adopt new technologies such as generative AI and deepfakes to commit fraud, which means businesses need to consider not just how to respond but how to stay ahead.
Innovative firms are turning to Automated Regulatory Intelligence to eliminate manual tasks and free skilled professionals inside the compliance function to focus on strategy, and thus exceeding regulatory expectations.
To learn more about Automated Regulatory Intelligence, get in touch with us today.