Mitigating the risk of facilitating financial crime: the FCA's second enforcement action relating to cum-ex

Same trading, same weaknesses, same breaches

In November 2021, the FCA fined Sunrise Brokers over GBP600,000 for having deficient anti money laundering (AML) controls.  This is the second enforcement brought by the regulator in relation to cum-ex trading, dividend arbitrage and withholding tax reclaim schemes.

It relates to business introduced to Sunrise by the same group of companies at the heart of the FCA’s first cum-ex fine and concerns the same breaches, namely:

1. Having inadequate systems and controls in place to identify and mitigate the risk of being used to facilitate fraudulent trading and money laundering (Principle 3).
2. Failing to exercise due skill care and diligence in applying AML policies and procedures (Principle 2).
3. Failing to properly assess, monitor and mitigate the risks of financial crime (Principle 2).

Specifically, the FCA identified weaknesses in the firm’s client on-boarding policies and processes; transaction monitoring arrangements; and record keeping.

Employees were provided with inadequate guidance on: obtaining and assessing information when on-boarding clients; and carrying out risk assessments for clients.  The firm’s processes and procedures for conducting enhanced due diligence and its risk-based approach to conducting client due diligence were also inadequate.  Risk assessments and due diligence were not always completed and, when they were, inadequacies resulted in a failure to identify high-risk clients.

Trading often commenced before clients had been on-boarded.

There were no formal processes or procedures on how, and the circumstances in which, customer transaction activity should be monitored and documented, resulting in a failure to conduct any transaction monitoring.

The firm did not have a formal financial crime or AML risk escalation policy.  It also failed to make and keep adequate (or in some cases any) written records evidencing the consideration and discussion of financial crime and AML matters by management.

Different regulatory journey

One key difference between this and the FCA’s previous cum-ex enforcement is that the FCA had previously alerted Sunrise to weaknesses in its AML / know-your-client arrangements and its market abuse controls.  To address the weaknesses identified by the FCA, the firm agreed a work programme with the regulator.

After the FCA had conducted an unannounced visit, as part of its investigation of the cum-ex trading, Sunrise realised that not all of the points in the work programme had been addressed.  This was counted as an aggravating factor when the FCA calculated Sunrise’s financial penalty. This is consistent with the approach that the FCA has taken in a number of other enforcement cases, where a firm’s failure to adequately address known issues in relation to their systems and controls has been interpreted by the FCA as a material aggravating factor.

Sunrise later instructed a compliance consultant to carry out an independent review of the relevant systems and controls.  However, the FCA gave Sunrise no credit for doing so on the basis that the main driver had been the prospect of a takeover rather than the FCA’s visit and follow-up correspondence.

Another other key difference between the first two cum-ex enforcements is that allowances were made for material financial hardship for the firm subject to the first enforcement; with the fine being reduced to only the figure representing disgorgement. Such allowances were not made by the FCA for Sunrise.

Disgorgement seeks to deprive a firm of any financial benefit gained from its own misconduct.  In both cases, a large proportion of the proposed penalty related to disgorgement: 81% of the proposed fine in the first enforcement; and 63% in the second.

Even if the FCA can be persuaded to reduce a penalty for financial hardship, it will not allow a firm to retain financial benefits derived directly from its breaches.

Getting it right

Preventing financial crime, and money laundering in particular, remains right at the top of the agenda for national and international regulators and law enforcement agencies.

The first two cum-ex enforcements concern firms which the FCA found fell well short of managing this risk.  However, the FCA has used these cases and other recent enforcement cases to remind firms of the wealth of guidance that is available to them on its expectations in relation to the prevention of financial crime; including the FCA’s own Financial Crime Guide and Guidance issued by the Joint Money Laundering Steering Group.

Overall, fines imposed on firms for failing to prevent or mitigate the risk of facilitating financial crime remain among the highest levied by the FCA.  During 2021, the FCA imposed financial penalties totalling over GBP476.7 million (representing 84% of all financial penalties it imposed in 2021) on firms for financial crime failings. These financial penalties ranged from GBP178,000 to just over GBP264.7 million and the average financial penalty imposed was GBP95.3 million. With 12% of the FCA’s current enforcement caseload being dedicated to investigations relating to financial crime issues, we are likely to see a continued stream of financial crime enforcement actions for some time to come.