Just how important is AML/CTF Compliance?

Home / COMPLIANCE SERVICES / Just how important is AML/CTF Compliance?

The most recent business plan penned by the Financial Conduct Authority (FCA) has recognised that Financial Crime and Anti Money Laundering is one of their top priority issues to be tackled. Megan Butler, Executive Director of Supervision spoke at a conference in September last year and stated that the FCA wanted to work with compliance professionals to: “make the financial system as hostile as possible to those that wish to use it to further financial crime”.

The FCA is a supervisor under the Money Laundering Regulations 2017 and is responsible for around 15,000 firms and all e-money institutions and ensuring that they comply. For these firms, they need to ensure that they operate the same AML standards both inside as well as outside the EEA.

There are a number of objectives that the FCA have set themselves:

  • To create and maintain a hostile Financial Services sector for money launderers
  • To ensure AML requirements are proportionate and operate efficiently
  • To ensure that the unintended consequences of AML regulation are minimised
  • To ensure that firms’ AML processes do not exclude people unfairly or unreasonably from using financial services

Since 2012, the FCA have carried out a range of enforcement actions which has led to 7 banks and 1 Money Laundering Reporting Officer being fined for AML failings. However, it’s not all about the fines, the FCA may use business restrictions, senior manager attestations, fines, censuring or thematic reviews and other regulatory tools to achieve ‘good outcomes’.

The FCA approach to AML supervision is considered risk-based. 14 major retail and investment banks operating in the UK are subject to a Systematic AML Programme (SAMLP) and these assessments comprise a deep dive work on AML, sanctions and anti-bribery and corruption controls. This is completed on a four-year cycle. The FCA is aware that smaller firms can in some cases be more risk disproportionate to their size. Therefore, smaller firms with a high-risk business will have a programme of visits planned. The population of these firms is dynamic, and depending on risk levels, firms may move in and out. Thematic work will be carried out on key financial crime risks and action taken where this threshold is met.

In addition to the more proactive supervision programmes, the FCA also receives information about financial crime risks from sources such as law enforcement and other regulators. Using a risk-based approach the FCA will decide which action to take. Usually the FCA will use close on-going supervision to mitigate and monitor these risks. Occasionally the FCA may take more formal action, when they may require the firm to appoint skilled persons to assess the issues and set them right.

Talking to our contacts in this industry we’re aware of the headache that SAR’s cause to many. Obviously, the details can be vital for law enforcement but due to the worry by some MLROs of criminal liability, are some SARs defensive in nature and therefore not as effective as they could be? The FCA say they are aware of this issue and encourage firms to be ‘innovative’ in their approach.

So how can those managing AML/CTF compliance ensure they are adhering to the FCA rules and regulations and not falling foul? It is vital that there are safeguards in place to prevent the advent of financial crime. There is an influx of technology in the marketplace offering to make your compliance more efficient and effective, for the right price; including distributed ledger technology (something that the FCA are keeping a close eye on). Transaction monitoring is a large part of most compliance professionals’ lives and the FCA does indicate that an expensive monitoring system is not vital just to show willing. In our view clear policies and procedures should be established and acted upon also, having an organisational structure that promotes sharing of information is paramount.

The FCA is sometimes quite wrongly quoted as having a ‘zero failure approach’, which is not always the case. They are interested in good outcomes and as long as the right policies and procedures are in place, they will work with the firm to ensure they meet their compliance requirements.