This report follows the Financial Services Authority’s 2011 report on Bank’s management of high money-laundering risk situations (the 2011 AML review) and the subsequent enforcement action and regulatory guidance. It sets out the findings of our thematic review into how small banks manage their anti-money-laundering (AML) and sanctions risk.
Why are we issuing this thematic review?
The purpose of this review was to assess how the sector had responded to the specific issues identified in the 2011 AML review and the extent to which our actions have affected the quality of anti-money laundering (AML) systems and controls in smaller banks. This review focused on high-risk customers, PEPs, and correspondent banking. We also considered the adequacy of financial sanctions (sanctions) systems and controls, as previous FSA thematic work published in 2009 found weaknesses here, particularly among small firms. We did not review banks’ wire transfer controls as no major weaknesses were found in this area during the 2011 AML review.
What did we find?
Given the amount of work we have carried out on AML in recent years, we were disappointed to find continuing weaknesses in most small banks’ AML systems and controls. Although senior management engagement had improved, a third of banks had inadequate resources, staff often had weak knowledge of money laundering risks, and some overseas banks struggled to reconcile their group policies with higher UK requirements.
Who is the thematic review aimed at?
This review is not only relevant for banks. The findings and examples of good practice may be of interest to all firms within scope of our anti-money laundering provisions in SYSC 3.2.6A-J or SYSC 6.3. It may also be of interest to firms for whom we are the supervisory authority under the Money Laundering Regulations 2007. All firms are required to comply with the UK’s financial sanctions regime. We are responsible for ensuring that the firms we supervise have adequate systems and controls to do so. Our findings may therefore be of interest to all firms subject to the financial crime rules in SYSC 3.2.6R or SYSC 6.1.1R as well as e-money institutions and payment institutions within our supervisory scope.
What are the next steps?
We provided individual feedback to each of the banks in our sample. We found particularly serious issues at six banks and, as a result, we have taken the following action:
- Four banks voluntarily agreed to limit their business activities with certain types of high risk customers until they have corrected control weaknesses.
- We required three of these banks to appoint a skilled person under s.166 of the Financial Services and Markets Act 2000. We used this tool mainly where we had previously told banks about weaknesses in their AML controls and they had failed to make adequate improvements. The other three banks are conducting remedial work under the guidance of external consultants.
- We have started Enforcement investigations into two of the six banks.