FCA PRIORITIES FOR PAYMENTS FIRMS

Unpacking the Financial Conduct Authority (FCA) latest announcement

 

On the 16 March 2023, the Financial Conduct Authority (FCA) issued their latest “Dear CEO” letter to firms authorised or registered under the Payment Services Regulations 2017 (“PSRs”) and the Electronic Money Regulations 2011 (“EMRs”) such as Payment Institutions (“PIs”), Electronic Money Institutions (“EMIs”) and Registered Account Information Service Providers (“RAISPs), which highlighted a number of concerns and 3 key outcomes it requires these businesses to deliver:

  1. ensure that your customers’ money is safe
  2. ensure that your firm does not compromise financial system integrity; and
  3. ensure that you meet your customers’ needs, including through high quality products and services, competition and innovation, and robust implementation of the FCA Consumer Duty.

We will focus on outcome 2, Firms do not compromise financial system integrity, which aligns to the FCA’s 2022-20225 strategy which has a strong focus on reducing and preventing financial crime.

The FCA highlighted that it has seen increasing evidence of financial crime in the payments portfolio as these firms provide bank-like services, are willing to service higher-risk customers and may be a target for bad actors exploiting weaker systems and controls.

The FCA’s approach is designed to ensure that firms do not compromise financial system integrity and is focussed on two priorities

  1. Money Laundering & Sanctions
  2. Fraud
LEARN MORE ABOUT OUR SOLUTIONS

 

 

Priority 1:  Money Laundering & Sanctions

 

 

The first priority in regards to money laundering, the FCA has made it very clear that any firms that are subject to the UK’s Money Laundering Regulations must have in place systems and controls to identify, assess, monitor and manage money laundering risk.  These must be comprehensive and proportionate to the nature, scale and complexity of a firm’s activities.

In regards to economic and financial sanctions, the FCA also set the expectations that regulated forms must ensure that they operate effective systems and controls, in order to identify and manage any sanctions exposure and risk, associated with their customers and business activities.

Material issues identified with financial crime systems and controls

The FCA has emphasised that over the past two years they have identified material issues with financial crime systems and controls including (but not limited to):

  • failure to carry out and/or to evidence adequate KYC/due diligence
  • business-wide risk assessments not supported by a robust and effective methodology
  • enhanced due diligence not adequately risk based and not commensurate to the risk event and/or the customer
  • failure to regularly review and refresh risk assessments and control frameworks in an evolving threat landscape
  • policies and procedures which are insufficiently detailed and tailored to firms' business models
  • failure to maintain and evolve the control framework, in line with business growth
  • failure to ensure name screening solutions from third party providers are appropriately and adequately calibrated to meet their business requirements
  • firms unable to reasonably justify and/or verify why their sanction screening solution does not generate alerts against certain names on the UK’s Office of Financial Sanctions Implementation list. 

Actions the FCA expects payment and electronic money institutions to take

The FCA expects payment and electronic money institutions to ensure their anti-money laundering systems and controls are effective and commensurate with the risks in the business, including as it grows over time. 

This includes the expectation that your firm will conduct regular reviews to assess its compliance with anti-money laundering obligations and sanctions requirements, and to work swiftly to remediate weaknesses identified. 

Further the FCA has established a minimum expectation that your firm will comply with its responsibilities under the Proceeds of Crime Act 2002 and Terrorism Act 2000 through accurate and timely submissions of Suspicious Activity Reports (SARs) and to regularly review themes from Suspicious Activity Reporting (SARs) and act efficiently to rectify any issues identified.

 

 

Priority 2: Fraud

 

 

The second priority the FCA highlighted was Fraud and in particular evidence that fraud incidents at payment and electronic money institutions is increasing, particularly, in relation to the cost-of-living crisis and they expect firms to take immediate action to address any weaknesses in their systems and controls to prevent fraud.

Common weaknesses identified at payment and electronic money institutions

The FCA has emphasised that over the past two years they have identified common weaknesses including (but not limited to):

  • insufficient emphasis on mitigating the risk of fraud against customers and insufficient customer education relating to fraud prevention
  • a lack of engagement with industry information sharing bodies
  • weaknesses in firms’ anti-fraud systems and controls
  • backlogs that have led to fraud reports from consumers not being actioned within a reasonable timeframe by relevant staff
  • a high proportion of customer accounts being used to receive proceeds of fraud. 

Actions the FCA expects payment and electronic money institutions to take

The FCA expects payment and electronic money institutions to take immediate action to protect your firm’s customers against the risk of fraud and to ensure that your firm is not being used to receive the proceeds of fraud. 

In particular, the FCA requested that regulated firms should ensure that they:

  • review their internal risk appetite statements and policies and procedures to ensure that these adequately address the risk of fraud to its customers
  • regularly review fraud prevention systems and controls to ensure effectiveness; and
  • maintain appropriate customer due diligence controls (at onboarding and ongoing) to identify and prevent accounts being used to receive proceeds of fraud or financial crime.

Furthermore, the FCA emphasised that firms should take immediate action to protect their customers against the risk of fraud and to ensure that the firm is not being used to receive the proceeds of fraud. This includes reviewing internal risk appetite statements and policies and procedures to ensure they adequately address the risk of fraud, regularly reviewing fraud prevention systems and controls, and maintaining appropriate customer due diligence controls at the onboarding stage and on an ongoing basis.

 

Is your business vulnerable to financial crime?

We can help with your financial crime risk assessment.

 

 

Financial crime is a significant global problem.

Financial crimes like money laundering, terrorism financing, tax evasion, human trafficking, bribery, corruption and fraud cost the global economy between USD$1.6 and USD$2.2 trillion a year.

Less than 1% of criminal proceeds are ever recovered and organised criminal networks are generating billions in profits to reinvest in their illegal activities.

The human cost of financial crime is incalculable.

Financial crime is growing exponentially and devastating our communities.

  • 40 million victims of slavery (25% of victims are children)
  • Drug use is increasing and drug addiction is reaching epidemic levels
  • Domestic and gang-related violence is steadily increasing
  • Drug related suicides and overdoses are rising fast
  • Emergency services (police, hospitals, courts) are overwhelmed
  • Breakdown in families is increasing at alarming rates.

Organised criminal networks are profiteering and creating wide-spread harm and this is unacceptable - we all must do much more to fight financial crime.

 

Criminals are laundering billions through our institutions every day.

Financial crime proceeds are free flowing through financial institutions, casinos, gaming venues, real-estate, high-value goods and other sectors.

Regulated businesses are legally obligated to deter, detect and report to regulatory authorities - many fail to as they lack the resources, skills, tools and capabilities to prevent this from happening.

 

Financial crime risk assessments are at the heart of tackling this problem.

Understanding how your business is vulnerable to the risks of exploitation by organised criminal networks is fundamental to tackling this problem.

Regulated businesses must identify and assess the risks posed by:

  • The types of customers you establish and maintain relationships with
  • The types of products and services you offer may be attractive to criminals
  • The channels you offer these products and services may provide anonymity
  • The geographies that you are exposed too, could increase your risks
  • The internal and external environmental context may present unique risks.

It is your responsibility not only to identify and assess your businesses risks to money laundering and terrorism financing but you are also required to design, implement and maintain appropriate and proportionate controls to mitigate and manage the risks you have identified.

 

The tone starts (and ends) at the top.

Boards and Senior Executives are ultimately accountable for oversight of financial crime risk management programs to ensure they:

  • Identify and assess the ML/TF risks your business might typically face
  • Mitigate and manage ML/TF risks in an appropriate and proportionate way
  • Remain aligned to the Board’s Risk Appetite and Risk Tolerance statement
  • Are appropriately resourced by skilled, experienced & knowledgeable staff
  • Are prepared to explain and defend their ML/TF risk assessment to regulators
  • Are protecting the public and shareholders from facilitating criminal activity.

 

The game is changing, ignore the warning signs at your peril.

After decades of inaction, many countries and organisations are now under significant pressure to reform themselves amid systemic conduct risk and cultural failures.

Regulated businesses face increasing pressure from many angles:

  • Royal commissions into misconduct, including financial crime risk failures
  • The rise in personal accountability regimes, resulting in fines of individuals
  • Increase in enforced audits to forensically examine the state of compliance
  • Increase in frequency and depth of compliance reporting to regulators
  • AML laws are expected to extend to new industry sectors
  • Increase in fines and penalties, with single penalties reaching billions

Many Board Directors, CEO’s, and Executive Management have lost their jobs (and reputations) for being asleep at the wheel for too long.  Time is not on your side.

 

When the tide goes out, don’t get caught
swimming naked!

You must act now to manage your financial crime risks appropriately or you could face consequences including:

  • Civil penalties costing billions of dollars in fines
  • Criminal penalties for wilful blindness and failure to act against Directors
  • Remediation projects costing millions and distracting management for years
  • Sharp declines in your companies share price and market capitalisation
  • Class action suits by shareholders and victims of financial crime
  • Unrelenting mainstream and social media scrutiny, examining failures
  • Clean-out of the Board and Executive Management unsettling the rank and file.

Financial crime risk management is
critical to the future of your business.

Business-wide risk assessments are at the heart of any anti-money laundering or counter-terrorism financing compliance program, but it is often poorly understood or poorly executed, using manual processes that are time consuming and costly to conduct and are often hard to explain and defend to your key stakeholders.

At Arctic Intelligence, we have helped hundreds of businesses of all different shapes and sizes, in different industries and countries to conduct financial crime risk assessments in a smart way that is easy and highly effective in strengthening their defences against organised criminal networks.

We call this. Compliance. The Smart Way.

Trust our multi-award winning risk assessment platforms

At Arctic Intelligence, we have been widely recognised as experts in financial crime regulatory technology (RegTech) and have developed two multi-award winning financial crime risk assessment platforms.

AML Accelerate Platform

Arctic’s AML Accelerate Platform is cloud-based and designed for smaller and medium sized businesses who want to be guided through a comprehensive ML/TF risk assessment process, document their AML/CTF Program and keep track of action plans easily!

The ML/TF Risk Assessment and AML/CTF Policies/Programs have been tailored to 30+ industry sectors and tailored to the laws of over 30 countries (so far).

Risk Assessment Platform

Arctic’s Risk Assessment Platform is cloud-based and fully customisable and designed for larger businesses that want to configure their risk methodology, build risk models, import control libraries, apply weightings, build real-time dashboard reports and much more.

Our experts have developed risk domains across many financial crime disciplines like money laundering, sanctions, fraud, correspondent banking, human and wildlife trafficking or you can build your own.

 

AI - Suncorp Case Study

Arctic Intelligence has helped
hundreds of businesses just like yours

Arctic Intelligence has developed a suite of multi-award winning business-wide financial crime risk assessment solutions and is trusted by hundreds of clients in over 20 industry sectors and 15 countries to help them to manage their financial crime risk assessment process in a technology-enabled, human-led approach. 

Financial crime risk assessments need to become embedded within your business to appropriately respond to a rapidly changing, risk, threat and regulatory landscape - spreadsheets are simply not able to cope, you need to do more to strengthen your defences against financial crime.

^ United Nations Office on Drugs and Crime (UNODC)

 

Discover risk assessment trends in your industry:

Arctic Intelligence commissioned our second AML Industry Benchmarking Report recently. In it, we unpack our key findings and recommendations based on hundreds of ML/TF risk assessments across key industries.

 

BENCHMARK REPORT 2022 COVER

Hear about Arctic’s Risk Assessment Platform from our
Founder and CEO, Anthony Quinn

output-onlinepngtools

What could happen if businesses don’t act?

Failure to implement robust compliance could allow financial crime to grow and fraud could become more common, which could put the financial system at risk. The FCA said that if it identifies issues, it will take ‘swift and assertive action’ to protect customers and maintain market integrity.

How Arctic Intelligence can help

Arctic Intelligence is dedicated to supporting hundreds of FCA regulated businesses like yours, including e-money, money remittance, and payments processors.

Our multi-award-winning platforms help our clients identify and assess their business-wide money laundering and terrorism financing risks and build appropriate and proportionate controls to help them mitigate and manage them.

The Arctic Intelligence business-wide risk assessment solutions for Money Laundering, Terrorism Financing, Sanctions, Bribery & Corruption and Fraud help payment and electronic money institutions to meet the FCA’s obligations and reduce the risks of their firm being exploited by organised criminal networks.

Book a Demo
AML-Accelerate-logo-mono
Risk-Assessment-logo-mono