The FCA stated that it has enhanced its supervision and monitoring of the financial crime policies, controls, and procedures in place by Annex 1 firms and the letter sets four common control weaknesses identified during recent FCA assessments, alongside the regulator’s expectations:
- Business Model: Discrepancies between firms’ registered and actual activities, and lack of Financial Crime controls to keep pace with business growth;
- Risk Assessment: Weaknesses in Business Wide Risk Assessments and Customer Risk Assessments;
- Due Diligence, Ongoing Monitoring and Policies and Procedures: Lack of detail in policies creating ambiguity around actions staff should take to comply with their obligations under the MLRs; and
- Governance, Management Information and Training: Lack of resources for Financial Crime, inadequate Financial Crime training and absence of a clear audit trail for Financial Crime related decision-making.
- The FCA expects Annex 1 firms to complete a gap analysis against each of the common weaknesses outlined in the letter within six months, and take any prompt and reasonable steps to close any gaps identified. Necessary steps should also be taken to gain assurance that Financial Crime policies, controls, and procedures are commensurate with their risk profile and meet the requirements of the MLRs.
Regulated firms should also view the letter to understand the broader implications of AML control failings and areas of current supervisory focus for the FCA.