The UK’s Financial Conduct Authority (FCA) has revealed the findings of a recent review of financial crime controls at challenger banks. During this review process, the financial regulator found that the sample of challenger banks have insufficient Anti-Money Laundering (AML) controls and customer risk frameworks required to comply with AML regulations. This includes instances of significant financial crime control failures, specifically where several areas of the financial control framework were not fully compliant with money laundering regulations.
Despite the detail in the review, there has not been malpractice to the point of fines or official warnings from the regulator, and many of the AML failings outlined in this statement also apply to traditional banking institutions’ AML practices. It is important to consider this statement as a wake-up call for financial institutions to strengthen their Know Your Customer (KYC) and broader financial crime processes and procedures to meet the money laundering regulations.
Challengers vs traditional banks – what do the FCA’s findings reveal?
So, what are the material differences in KYC and AML issues that rival institutional players face? Challenger banks don’t have the complex web of legacy systems issues that their more established competitors have to deal with, but they can be seen as targets by criminals as a result of their high growth potential and less mature systems and controls. This has been clearly evidenced by the FCA’s findings which are discussed in more detail below.
Following a risk-based approach and using judgement are critical elements of any financial crime programme and an over-reliance on technological solutions can reduce their effective application. Therefore, it is essential that firms use an effective combination of technology and people to identify, manage and mitigate the AML risks facing the businesses.
A breakdown of the review
The review spanned 50% of UK challenger banks, covering the majority market share and customer base. The banks assessed in the sample had a customer base of more than 8 million people in total – indicating the wide-ranging perspective on financial crime controls.
The FCA found that often basic processes failed to sufficiently protect the bank from the risks of money laundering activity, hinting that the balance between rapid customer growth needed to compete in financial services and the legal requirement to comply with Customer Due Diligence (CDD) obligations should be tilted towards the former.
The following findings were outlined in the review:
· An imbalance in the volume of Suspicious Activity Report (SAR)s submitted compared with the numbers of customers rejected at onboarding – indicating that onboarding checks were not sufficiently protecting the bank’s AML interests
· The quality of SARs was sometimes below-par, for instance listing suspicious transactions without explanation of the risk level
· Weaknesses in the management of financial crime change programmes, including a lack of alignment of AML frameworks with changes to business models
· Ineffective management of transaction monitoring alerts
· Absent or insufficient customer risk assessment
· Insufficiently applied enhanced due diligence (EDD) measures, specifically when managing higher risk clients
· Weaknesses in general CDD practices, including obtaining basic data such as customer income, occupation and purpose of the banking relationship
What's next for challenger banks?
The FCA’s review has not highlighted an awareness problem here. The recent Ukraine-Russia conflict underscored what is already widespread industry awareness about the importance of financial crime detection among the UK’s challenger financial institutions.
The problem, rather, is an ‘implementation’ one, a capability many institutions, particularly the fledgling ones, will continue to be challenged by. The cold fact about institutions failing to combat financial crime is that business imperatives often take precedence above crime prevention.
In light of the review performed by the FCA, challenger banks must consider the observations made by the regulator in order to enhance their KYC and CDD frameworks, responding specifically to each point raised by the FCA.
Practical measures to consider
It is prudent to recognise the importance of each of the FCA’s suggestions and perform dedicated internal reviews to identify weaknesses and improvements that are needed to satisfy each recommendation.
Despite the progress made by financial institutions internally, regarding increasing headcounts and technological improvements, client onboarding times have risen.
Bringing in the right external expertise to supplement your internal teams is a fast and efficient way of uplifting the effectiveness and speed of your onboarding processes to align them with FCA expectations whilst continuing to support fast business growth.
