Financial crime compliance – FCA consultation on changes to its Financial Crime Guide

by Sarah Williams, Senior Associate, Baker & McKenzie LLP

Share this post

What is this article about?

The FCA’s proposed updates to its Financial Crime Guide (FCG)

Why is it important?

It sets clearer expectations for financial firms, including cryptoasset businesses, to improve their systems and controls against financial crime.

What’s next?

Firms should review the proposals and prepare to implement changes to the FCG after the consultation period ends on 27 June 2024

On 25 April 2024, the FCA published a Consultation (CP24/9) on proposed updates to its Financial Crime Guide (FCG) – these updates are intended to set clearer FCA expectations and help firms assess the adequacy of their financial crime systems and controls.

Proposed updates

In addition to introducing changes to guidance on sanctions, proliferation and transaction monitoring, the FCA is proposing to make clear that cryptoasset businesses that are registered with the FCA for anti-money laundering (AML) purposes should have regard to the FCG. Proposals include:

  • Sanctions: The FCA is proposing extensive updates to the Sanctions section of the FCG in light of the unprecedented size, scale and complexity of sanctions imposed in response to Russia’s invasion of Ukraine.

The FCA intends to provide greater clarity on (i) good and poor practices in the use of screening tools, (ii) guidance on governance arrangements and use of management information and (iii) further guidance on the interplay between KYC procedures and managing sanctions risk. Updates to note include the expectation that firms consider their reporting obligations to the FCA when they identify breaches of sanctions resulting from significant systems and control failures and an increased focus on senior management responsibility.

  • Proliferation financing: Since 2022, AML–regulated firms have been required to include proliferation financing in their AML risk assessments. The FCA is proposing to introduce guidance to reflect this requirement, including providing links to useful material for firms to consider as part of their assessment.
  • Transaction monitoring: Transaction monitoring is a key financial crime monitoring tool. The proposals include new guidance for firms when adopting and maintaining automated monitoring systems.

Proposals include (i) new self-assessment questions and examples of good and poor practices clarifying expectations on appropriate triggers in automated systems, (ii) good practice recommendations around switching between automated systems and the FCA’s expectations on the use of transaction alerts, (iii) good and poor practices on evaluating the effectiveness of monitoring systems and (iv) guidance on the importance of oversight, resource and expertise for effective screening.

  • Cryptoasset firms: The FCA is proposing to make clear that cryptoasset firms that it supervises for AML purposes should have regard to the FCG. Although still not subject to full FCA authorisation, cryptoasset firms are increasingly being brought in-scope of the FCA Handbook and the extension of the FCG to these firms continues this trend. The FCA considers that compliance with the FCG will increase standards and prepare firms for a future authorisation regime by helping them develop effective systems and controls.

Finally, the FCA intends to update the FCG to make clear that financial crime systems and controls must be consistent with the Consumer Duty. Payments and e-money firms should also remember the FCA’s guidance on Consumer Duty implementation on the freezing accounts for financial crime suspicions and how account suspensions should be managed in light of the Consumer Duty.

Why is it Important?

Compliance failures in the financial crime space, including failures to meet FCA expectations on effective systems and controls, are an area of significant regulatory risk for firms. Financial crime compliance and strong systems and controls for countering financial crime remain priority areas for FCA supervision and enforcement.

In the supervisory space, the FCA is increasingly focused on financial crime systems and controls – using its investigatory powers under s.166 of the Financial Services and Markets Act 2000 to carry out reviews into firms’ controls and require firms to undertake remediation processes. In parallel, the FCA has been using its ‘Voluntary Requirement’ powers to request that firms put in place business restrictions on the onboarding of new clients or certain client sectors until financial crime failings have been remediated.

Financial crime is also an enforcement focus. In 2023, the FCA issued 3 significant fines against firms for financial crime failings, totalling over £18 million. At the end of FY22/23, the FCA also had 30 cases open investigating financial crime issues, including 5 criminal cases and 9 dual-track criminal and civil cases.

The expectations set out in the final updated FCG should inform amendments to firm policies and procedures to ensure compliance and mitigate supervision and enforcement risk.

What should firms do now?

The consultation closes on 27 June 2024. Firms should review the proposals, provide comments to the FCA before this date, and be prepared to act on changes to the FCG once implemented.

Crypto firms, in particular, should expect the FCA to closely scrutinise their approach to compliance with the FCG as the UK’s regulatory regime for cryptoassets begins to take shape and crypto firms prepare for authorisation.

Read more Payments Intelligence

Facebook
Twitter
LinkedIn

More To Explore

Membership

Merchant Community Membership

Are you a member of The Payments Association?

Member benefits include free tickets, discounts to more tickets, elevated brand visibility and more. Sign in to book tickets and find out more.

Welcome

Log in to access complimentary passes or discounts and access exclusive content as part of your membership. An auto-login link will be sent directly to your email.

Continue reading

This content is only available to members - please see instructions below!

Become a member to continue reading

Member of The Payments Association? Log in to continue reading

Having trouble signing?

We use an auto-login link to ensure optimum security for your members hub. Simply enter your professional work e-mail address into the input area and you’ll receive a link to directly access your account.

First things first

Have you set up your Member account yet? If not, click here to do so.

Still not receiving your auto-login link?

Instead of using passwords, we e-mail you a link to log in to the site. This allows us to automatically verify you and apply member benefits based on your e-mail domain name.

Please click the button below which relates to the issue you’re having.

I didn't receive an e-mail

Tip: Check your spam

Sometimes our e-mails end up in spam. Make sure to check your spam folder for e-mails from The Payments Association

Tip: Check “other” tabs

Most modern e-mail clients now separate e-mails into different tabs. For example, Outlook has an “Other” tab, and Gmail has tabs for different types of e-mails, such as promotional.

Tip: Click the link within 60 minutes

For security reasons the link will expire after 60 minutes. Try submitting the login form again and wait a few seconds for the e-mail to arrive.

Tip: Only click once

The link will only work one time – once it’s been clicked, the link won’t log you in again. Instead, you’ll need to go back to the login screen and generate a new link.

Tip: Delete old login e-mails

Make sure you’re clicking the link on the most recent e-mail that’s been sent to you. We recommend deleting the e-mail once you’ve clicked the link.

Tip: Check your security policies

Some security systems will automatically click on links in e-mails to check for phishing, malware, viruses and other malicious threats. If these have been clicked, it won’t work when you try to click on the link.

Need to change your e-mail address?

For security reasons, e-mail address changes can only be complete by your Member Engagement Manager. Please contact the team directly for further help.

Still got a question?