Regulatory Round Up: October 2024
The FCA has published its Annual Report and Accounts for the year ending 31 March 2024. Overall, enforcement action appears to be continuing on the previous year’s downward trend. This trend, however, obscures that a record 21 individuals were charged with financial crimes. Substantial penalties for breaching FCA rules also continue, with a £15m fine imposed on PwC for failing to alert the regulator about suspected fraudulent activity. Despite the overall downward trend, the FCA continues to take strong action to hold firms and individuals to account, particularly for misconduct that impacts consumer trust and market stability.
The number of firms that were stripped of regulatory approval was 1200, over twice as many during the 2022/23 period.
RELATED ARTICLES:
RELATED RESOURCES:
Operational resilience is a key concern for the future, with over 1000 disruptions reported in the latest period, compared to 785 in the previous period. The annual report sets out that the FCA will consult in 2024 on how firms report operational incidents to them, with the aim of making the process clearer for firms. They have also confirmed that they continue to assess firms’ ability to maintain their important business services within impact tolerances. With the deadline of 31 March 2025 coming up, firms should be mindful of the potential for the regulator to take proactive action where it finds firms coming up short.
Financial crime is, unsurprisingly, also a major focus. The report highlights that as well as the 21 individuals charged with financial crime offences, nine were prosecuted for fraud and over 87% of crypto registrations were withdrawn or refused for weak money laundering controls. The FCA had 83 ongoing enforcement operations focused on reducing and preventing financial crime by 31 March 2024. The emphasis on preventing financial crime reflects their priorities around consumer protection and deterrence, and firms should ensure robust compliance frameworks.
The FCA’s joint executive director of enforcement and market oversight gave a speech on 24 September, setting out the reasons behind recent shifts in FCA enforcement investigations. The regulator is aiming to focus on a smaller number of investigations, but to complete the investigations much faster than over the previous decade. The rationale is that the longer the investigations take, the longer it takes to send signals to the market – ultimately diluting the deterrent.
Use of skilled persons report
The FCA reported that in 2023/24 they used the s166 power in 83 cases. Skilled persons reviews allow the FCA to bring in independent experts to assess specific areas of activity, such as governance or financial crime controls.
This is up from 22/23 (47) and 21/22 (38).
Of the 83 cases, in 66 the regulated firm appointed the skilled person, and the FCA appointed the skilled person in the remaining 17 cases. The reviews examined several regulatory issues:
Market Abuse
Anti-Fraud and Financial Crime
Operational Resilience
Governance
Consumer Duty
Failure to prevent fraud offence
Given the clear focus on AML and fraud, firms should be aware of the ‘failure to prevent fraud’ offence. Introduced in October 2023 as part of the Economic Crime and Corporate Transparency Bill, it will hold organisations accountable if they fail to prevent fraud committed by employees or third parties acting on their behalf, unless they can prove that adequate procedures to prevent fraud were in place.
The offence carries an unlimited fine.
The offence applies to ‘large companies’ and to partnerships, and typically covers acts like false accounting and dishonest statements to obtain financial benefit.
ICO issues reprimand for ‘cookies without consent’
Bonne Terre Limited, trading as Sky Betting and Gaming, was found to have been processing people’s personal data and sharing it with advertising technology companies as soon as they accessed the SkyBet website, and before they had the option to accept or reject advertising cookies. The effect was that personal information could then be used for personalised adverts without prior consent or knowledge.
The ICO said that while no evidence of deliberate misuse was found, they concluded that Sky Betting and Gaming was processing personal data in a way that was not lawful, transparent, or fair.
The ICO will publish updated guidance for consultation later this year on the use of cookies and similar tracking technologies. Firms that are unsure about their use of cookies can read about the ICO’s recommendations here.
Our online training courses introduce new staff to regulatory requirements, key legislation and process, and offer excellent refresher training for established staff, with up-to-date scenarios and soft skills training. Our full range of e-learning courses are available here.
Comments