The UK financial regulator has reviewed asset management and platform firms to look at their crime controls, as a prelude to possible disciplinary action. This article considers the details.

Vague

In 2006-7 the old FSA developed a disconcerting habit of stating that this-or-that activity was “good” or “bad” practice with no reference to actual rules or even guidance. The FCA has continued this tradition here, with a battery of assertions – none of which could count in the eyes of the Upper Tribunal that hears firms' appeals against the FCA. For what it is worth, this list of assertions stresses the FCA's desire to see firms spending large amounts of money on the problems of money-laundering and bribery control.

As for the subject of firms using “management information” (an ill-defined term that refers to all the information about operations that staff can gather together for certain purposes) to combat crime, the FCA stresses its preference for a clear definition of “senior management roles”. This phrase is always left vague but the report contains a rare moment of specificity in the context of sign-off for business relationships with “politically exposed persons” and other highly risky customers, where the FCA reveals that it thinks of the money-laundering reporting officer as “senior management”. It does, however, imply that additional involvement from the head of risk, the chief operating officer and the CEO would be preferable.

The FCA also likes the idea of committees composed of senior people meeting regularly to pinpoint risks and – an increasing FCA favourite – the inclusion of staff compliance with money-laundering and bribery controls in remuneration and staff incentive structures. It dislikes the absence of “senior management challenge”, but leaves the reader to guess what this means.

Risk-assessments also find favour with the FCA, especially when undertaken regularly. It also, rather daringly, mentions board-level involvement in sign-off processes as part of senior management's role. Examples of poor practice include ad hoc risk assessments, lack of “dynamism” and the carrying-out of anti-bribery assessments as one-off exercises.

On the subject of money-laundering controls the FCA thinks that it is “good practice” for firms to come up with 'a clearly articulated definition of a PEP' (something that the Financial Action Task Force, the world's AML standard-setter, has continually failed to do for the whole of its history and the FCA along with it). It is also keen to see identification and verification information for customers reviewed periodically and 'refreshed', with a special eye on risks. It does not like out-of-date policies and procedures or failure to conduct 'enhanced due diligence' for PEPs, which admittedly is a legal requirement.