Challenges for Challengers – the FCA Shares Its Expectations for Financial Crime Controls at Disruptor Banks and Provides Lessons for All

The Financial Conduct Authority’s (FCA) expectations for challenger banks provide lessons for all in the financial service industry. Challenger banks, offering updated consumer experiences and disrupting standard practice within the financial services market, have pushed the FCA to consider what it expects for financial crime controls in an ever-changing marketplace. 

In 2021 (notably prior to the expansion of the UK sanctions regime relating to the Russian invasion of Ukraine), the FCA undertook a review of financial crime and anti-money laundering (AML) controls at a sample group of six UK challenger banks, covering eight million customers.

The outcome of this review was published on 22 April 2022, which offers significant insight into the FCA’s wider expectations in relation to such controls, along with an understanding of how technology may be used to meet these expectations while improving customer interactions.

Why Did the FCA Undertake This Review?

In addition to the FCA’s continued focus on preventing financial crime in the financial services industry, the FCA’s interest in this area was no doubt piqued by:

• The latest UK National Risk Assessment for Money Laundering and Terrorist Financing.
• The substantial recent increase in the number of suspicious activity reports and defense against money laundering reports made by challenger banks to the UK Financial Intelligence Unit within the National Crime Agency.

In particular, the UK National Risk Assessment for Money Laundering and Terrorist Financing flagged that the fast onboarding processes advertised by challenger banks may attract criminal customers, especially for the expansion of their money mule networks. It also stated that these fast onboarding processes increase the risk of challenger banks failing to gather enough information to properly identify high-risk customers.

What Did the FCA’s Review Find?

The FCA’s review of financial crime and AML controls focused on a few key areas: governance and management information, policies and procedures, risk assessment, identification of high-risk individuals, due diligence and ongoing monitoring, and training and awareness.

Broadly, while the FCA identified some good practices (particularly in relation to the use of technology to quickly identify and verify customers), it found a number of areas of concern. Key issues identified were:

• Weaknesses in the management of financial crime controls, including insufficient oversight. Several challenger banks had established systems of control that were unable to keep pace with the constant changes to their business models.
• Insufficient resourcing, particularly in financial crime and AML monitoring functions. This meant that certain transaction monitoring alerts were ineffectively managed or were not reviewed in a timely fashion.
• Underdeveloped consumer risk assessment frameworks, which meant that some challenger bank risk assessment processes lacked detail and some challenger banks did not even have a customer risk assessment in place.
• Insufficiently detailed customer due diligence processes, which did not obtain details such as customer income levels or occupation.

What Can We Learn From This?

While the action points identified here are most narrowly applicable to challenger banks, it is clear that the lessons learned can be extrapolated to all firms subject to the AML regime, as well as more generally to UK-authorised firms currently managing the integration of enhanced sanctions risk into their policies and procedures.

From a positive perspective, the FCA acknowledged the innovative use of technology demonstrated by some challenger banks, particularly when working on identifying and onboarding new customers. This comment is indicative of the FCA’s attitude to modernization, namely that technology can be a useful tool for streamlining and updating the practical application of long-standing compliance principles.

However, the FCA’s review also speaks to a wider concern that FCA-regulated entities, active in the current environment of fast-paced regulatory change, must be prepared to update their financial crime and AML controls speedily in response to current events and business model changes.

Practically speaking, this means that banks and firms need to review their compliance frameworks to ensure they are confident that customer due diligence measures are sufficiently adapted and adequate for heightened sanctions risks and that they adequately address the AML issues identified in the National Risk Assessment for Money Laundering and Terrorist Financing.

How Can We Help?

The FCA’s regulatory and enforcement agendas are subject to constant change, which may at times prove difficult for firms to track. However, firms and senior individuals with responsibilities in this area can do much to protect themselves. K&L Gates is equipped to advise on the full suite of regulatory and criminal issues and can offer clear, practical advice on how best to meet FCA requirements in this fast-moving regulatory environment. The touchstone of our practice is to offer industry-focused and client-led solutions from the preparation of adequate controls to full-scale investigations should any potential wrongdoing arise.