Since the economic crisis and most recent Brexit decision, regulatory reporting and compliance have been two of the top risk management priorities for most of our financial services clients. Despite this, we have seen a delay in digital investment within these areas as they are not typically revenue generating functions.
MiFID II implementation challenges for medium sized wealth firms
Both the PRA and Competition and Markets Authority (CMA) are concerned that mortgage lenders operating under the Standardised Approach (SA) for credit risk are being incentivised to specialise in riskier exposures, thereby undermining the safety and soundness of these firms. This is due to the conservative nature of the SA, which remains insensitive to the reduced risk of lower LTV exposures.
In January, the Wolfsberg Group, the Banking Commission of the International Chamber of Commerce, and the Bankers Association for Finance and Trade published updated principles for managing money laundering and terrorist financing (ML/TF) risks in trade finance. Reacting to an uptick in regulatory expectation, coupled with industry feedback that Wolfsberg’s 2011 Trade Finance Principles were more appropriate for large global banks than smaller local banks, the three international bodies teamed up to redraft existing guidelines. It should serve as a reminder of the risks that trade finance can pose to the financial system, and how financial institutions (FIs) can help prevent trade-based money laundering (TBML).
2017 should be the year when financial services firms put consumer protection at the heart of their operations and governance. It makes good business sense, but if that’s not enough of an incentive then the fact that 2018 is going to be a bumper year for consumer protection regulations should provide additional incentive. A number of new European laws, which are either wholly or partly aimed at improving consumer protection, will come into force in 2018.
Following its investigation into the payday lending market, the Competition and Markets Authority (CMA) published the Payday Lending Market Investigation Order 2015. The Order implements part of the package of remedies which the CMA recommended following its investigation.
The outsourcing arrangements of firms, particularly the outsourcing of critical or important operational functions, have come under increasing regulatory scrutiny from both the FCA and PRA over the last couple of years. The key themes of this attention have been concerns about the resilience and oversight of outsourcing arrangements: where resilience concerns the adequacy of the contingency plans in place to deal with a failure of the outsourced service provider. And oversight is concerned with the risk that the firm won’t have adequate oversight arrangements over the outsourced service provider.
Under the new Senior Managers & Certification Regime, from 7 March this year, dual-regulated firms (i.e. Banks, Building Societies, Credit Unions, Insurers and PRA Designated Investment Firms) will be required to request Regulatory References covering the previous 6 years of employment history for all Senior Managers and Certified Individuals they are considering for employment.
The use of an external Monitor is not a new regulatory tool, with the US regulators employing independent monitors for 15 years. However, since HSBC’s then record AML fine in 2012 for laundering the proceeds of crime from Mexican drug cartels through the US financial system, financial services monitorships have become increasingly popular with regulators. Other institutions such as BNP Paribas, Commerzbank and Mega International Commercial Bank have been ordered to install independent Monitors in recent years for AML and Sanctions violations. In these cases Monitors were installed to help financial institutions implement stronger AML systems and controls. They are usually enabled in combination with a deferred or non-prosecution agreement with a mandate to assess, oversee and examine a financial institution’s progress against the agreement, and to ensure compliance with laws and regulations.
The FCA made the treatment of existing customers one of its key priorities in its 2016/17 Business Plan. It is focused on achieving an appropriate degree of protection for customers taking into account their financial capability and vulnerability and is particularly concerned about circumstances which could lead to firms taking advantage of vulnerable customers. The publication of FG16/8 (Fair Treatment of Long-standing Customers in the Life insurance Sector), in December 2016, means this focus is unlikely to change over the coming months and possibly years. The non-Handbook guidance is targeted at improving the behaviours identified in thematic report TR16/2.
The uncertainty over a delay to MiFID II, finally concluded in June, now seems an age ago. At the time, regulators emphasised that the delay was essential to give firms sufficient time to prepare. However, from the moment the possibility of a delay was first suggested, some firms had already begun to reallocate resources and focus attention elsewhere.
The FCA has recently completed a Thematic Review into Consumer Credit firms’ arrears and forbearance practices. It examined a range of different unsecured lending products, across a sample of firms – large and small. In particular, looking at firms’ practices from the point of identification of customers in potential difficulty, through to formal default.
Things are finally starting to move in the P2P world, with a trickle of authorisations steadily coming through after Lending Works started the trend in October last year, closely followed by one of Bovill’s clients Folk2Folk. It would be presumptuous however to think that this is the start of smooth regulatory sailing for P2P firms either seeking authorisation or those already authorised.
Earlier this month, the Financial Action Task Force (FATF) published the output of their recent mutual evaluations, of the United States and Switzerland. Mutual evaluations are peer reviews by FATF to assess the ongoing implementation of FATF recommendations by its member countries. They adopt a two-pronged methodology, assessing members’ technical compliance (their legal and institutional framework, and powers/procedures of relevant authorities) and effective compliance (the extent to which the framework is meeting the desired outcome).
Just as Member States were preparing to implement the 4th Anti-Money Laundering Directive (4MLD), the compromise text of the 5th Money Laundering Directive (5MLD) was released late October 2016, which amends the 4MLD and is to be implemented by June 2017.
The last half of 2016 was a busy one for economic sanctions and we saw both new sanctions being imposed and in some cases, existing sanctions being terminated altogether. The most significant of these changes has been the removal of U.S. sanctions against Burma in October 2016, which we discuss in some detail in this update. This and other key developments from the last half of 2016 can be found in the Sanctions Update Table.
The Financial Industry Regulatory Authority (FINRA) has fined Credit Suisse Securities (USA) LLC (Credit Suisse), $16.5 million for deficiencies in their Anti-Money Laundering (AML) and supervisory programs, specifically their failure to detect suspicious activity and transactions, according to a December 2016 Letter of Acceptance, Waiver and Consent. In addition to the fine, Credit Suisse agreed to adopt and implement policies and procedures within 90 days to address the issues identified by the regulator.
Last week JP Morgan Chase reached a settlement with the US Securities and Exchange Commission (SEC) and other regulators to settle charges of violating the Foreign Corrupt Practices Act (FCPA). The bank will pay $264 million after facing charges of corruptly influencing government officials in the Asia Pacific region, by giving jobs and internships to their relatives and friends.
Last month, the UK Gambling Commission (UKGC) published a consultation paper on changes to the Remote Gambling and software technical standards. A number of changes were proposed, focused mainly on operators closely monitoring the activities of players, and strengthening the measures in place for protecting vulnerable players.
Substantive Research recently hosted its second ‘Unbundling Uncovered’ event, focussed on the MiFID II reforms regarding Research and Inducements. The event was extremely well attended, with a series of insightful panel discussions throughout the day. However, one thing was immediately clear – there is still a great deal to be resolved by the industry, as the January 2018 implementation date begins to loom.
Colin Darby, Consultant in Bovill’s Assurance team spoke to Alex Davidson of Thomson Reuters Accelus about the The Financial Action Task Force’s (FATF) new guidance on de-risking and correspondent banking. The FATF findings clock the growing trend of de-risking in the financial sector, fueled by fines and compliance costs, including anti-money laundering and counter-terrorist financing.
The FCA’s recent hefty fine imposed on Bangladeshi bank Sonali’s UK branch for AML breaches acts as a strong warning for senior managers. In cases post the Senior Managers Regime, the FCA will no longer be solely targeting the Money Laundering Reporting Officer (MLRO) but any individual in a senior position with AML responsibilities.
The Financial Conduct Authority has begun requesting Internal Capital Adequacy Assessment Processes (ICAAPs) from the investment business sector. In light of this, investment firms may need to start preparing for an update of their ICAAP documentation. Mark Spiers, Head of Banking, Investments and Lending, talks to Informa Law about the implications of this.
The FCA has once again used its enforcement power and flexed its muscles on another branch of an overseas bank, penalising Sonali Bank (UK) Limited (“SBUK”) for “serious anti-money laundering system failings”. However, it was not just SBUK that was fined, but also the former MLRO, Steven Smith. The latest penalty from the UK’s financial regulator has shown that the responsibility of the MLRO should not be taken lightly, and can be expensive. Smith himself was fined £17,900, alongside SBUK’s £3.3m penalty.
Ahead of the mutual evaluation of the UK’s AML/CTF regime by the Financial Action Task Force, the UK Government has moved to address some of the weaknesses identified through the National Money Laundering and Terrorist Financing Risk Assessment, published in October 2015.
Six months in from the implementation of the Senior Managers & Certification Regime (the SM&CR), the PRA and FCA have provided feedback on how relevant firms (mainly banks, building societies and insurers) have embedded the SM&CR into their business.
The AML and Sanctions controls at branches of foreign banks are being placed under further scrutiny. A recent examination by the New York’s Department of Financial Services (DFS), uncovered that Mega Bank’s compliance program resembled a ‘hollow shell’ and has ordered Mega Bank to pay a $180 million penalty and install an independent monitor for a minimum of two years.
The European Banking Authority (EBA) published an Opinion on the European Commission’s proposal to bring virtual currencies (VCs), specifically virtual currency exchange platforms (VCEPs) and custodian wallet providers (CWPs), into the scope of the EU 4th Money Laundering Directive (4MLD).
The European Payment Accounts Directive (PAD) has been implemented in the UK by means of the Payment Accounts Regulations 2015 (PARs) and apply to Payment Service Providers. These are defined as banks, electronic money issuers, UK authorised payment institutions, UK small payment institutions, and EEA-authorised payment institutions operating in the UK on a cross-border service basis, or through a local branch.
Another quarter passes and brings to an end a somewhat quiet spring in the world of sanctions. While existing sanctions regimes saw regular updates and businesses were diligently managing their sanctions risk exposures, no new significant development occurred either in the UK or the US. The Office of Financial Sanctions Implementation (OFSI), however, is settling in to its new role and has published new guidance on Financial Sanctions for businesses and individuals; this and other key developments from the last quarter can be found in the table here.