FCA Financial Crime Guide Update – Key Takeaways

On the 29th of November, the FCA published the finalised update to its Financial Crime Guide following its consultation in April this year.

For all firms subject to FCA and financial crime supervision, (including crypto asset businesses) it will be important to consider changes to your framework to reflect the updated guidance from the regulator.

Here are some of our key takeaways from the guidance:

1. Proliferation Financing

Ensuring that systems and controls identify, assess and manage proliferation financing is an important update. Whilst for many firms the risk may not be significant, the update to the guidance reflects the requirement to assess the risk exposure, update risk assessments, policy and procedures and operational controls to adhere to regulation and best practice.

2. Transaction Monitoring

The updates to the guide focus on providing insight for firms using automated tooling and more novel solutions including artificial intelligence (AI). It's key for firms to have a clear understanding of how their automated and/or manual tooling works, this should include:

• Testing of tooling on a frequent basis
• Piloting new approaches/rules/thresholds in advance of implementation
• Monitoring customers using a holistic view of their behaviour
• Monitoring using multiple levels of aggregation
• Decommissioning tooling and implementation of tooling with clear justification
• Strong transaction monitoring record keeping with evidence of decision-making and investigation

3. Sanctions

The updates reflect the findings from the recent FCA assessment of sanctions systems and controls. Firms should have a think about the following:

• Understanding reporting obligations where a breach is found
• Strong governance and senior management oversight
• Effective and targeted management information (MI)
• Given the rapid changes in the sanctions regime, creating a process to assess exposure in a timely manner
• Tooling management and testing for effectiveness on an ongoing basis

4. Cryptoasset Businesses

The FCA have clarified that they expect cryptoasset businesses to have read and considered the Guide in relation to the effectiveness of their systems and controls.

5. Consumer Duty

The update also highlights the need to apply a Consumer Duty lens to a firms’ financial crime framework.

Thistle work extensively with clients to whom this Guide applies and from our experience we see on a regular basis the areas the Guide is now highlighting. We regularly perform financial crime audits and the lack of proliferation financing considerations is certainly a common theme. Additionally, we have also seen examples of issues through our independent testing with transaction monitoring and sanctions toolings and rulesets just not performing the way the users think they are, leading to potential risks if not picked up.

Recommendations

Based on our experience we recommend the following next steps for firms to consider:

1. Have an objective Financial Crime Audit, including proliferation financing as part of the scope
2. Undertake testing of transaction monitoring tools, look for assurance that they are operating correctly, don’t assume
3. Perform testing of sanctions screening tools, the sanctions regime is too dynamic to not have full awareness of the effectiveness of a sanctions screening programme.

Lots to think about with the New Year on the horizon, if you or your team need any help with the above, please contact Leanda Mark-Ihama, Senior Financial Crime Manager at Thistle Initiatives: leanda.mark-ihama@thistleinitiatives.co.uk.