Non-Compliance Horror Stories

The threat of non-compliance with FCA regulation has serious consequences for both individuals and firms, bringing risks that range from financial penalties to reputational damage and instill fear and caution. Here we look at three examples of non-compliance and the lessons they offer for improved compliance management.

Consequences of Non-Compliance

  • Financial Penalties: The FCA has the authority to impose substantial financial penalties on firms and individuals for non-compliance. For instance, Santander was fined over £107 million for anti-money laundering breaches. Such penalties can significantly impact a firm’s profitability and financial stability.
  • Reputational Damage: Non-compliance can severely damage a firm’s reputation. The FCA stresses that issues like fraud and financial crime affect not only finances but also a firm’s standing (FCTR 2.1.4G). A damaged reputation can lead to loss of clients, reduced business opportunities, with lasting effects on a firm’s brand.
  • Regulatory Sanctions: The FCA can impose sanctions, including public censure, suspension, or even withdrawal of a firm’s authorisation to operate. For individuals, this could mean being banned from performing certain roles within the financial services industry (EG 7.1.2).
  • Legal Action: The FCA has the power to take legal action, including seeking injunctions or restitution orders, and in some cases, pursuing criminal prosecutions (EG 19.38.5). This can lead to legal costs, potential imprisonment, and further financial liabilities.
  • Operational Disruptions: Non-compliance can lead to operational disruptions, with firms required to undertake corrective measures that are often resource intensive. This can divert focus from core business activities and impact overall efficiency.

Why This Instils Fear

The threat of non-compliance with FCA regulation is multifaceted, spanning financial, reputational, and operational risks. The potential consequences and ensuing fear and caution among firms and individuals reinforce the need for robust compliance management operations.

Below we look at 3 major cases where non-compliance was identified and sanctioned, and we explore how these incidents could have been managed better to reduce risks, fear of non-compliance, and prevent breaches.

Volkswagen Financial Services (UK) Limited – (VWFS)

Notice Date: 21 October 2024

Penalty: £5,397,600

Reason: VWFS failed to act in the interests of customers by neglecting to treat them fairly and communicate clearly. Additionally, they failed to consider vulnerable customers with due care and handle complaints appropriately.

Regulatory Reference: CONC 7.2.1R, 7.3.4R, 7.3.9R, 7.3.14R(1) and DISP 1.3.1R.

Key Issues: VWFS failed to implement arrears and vulnerability policies and procedures which would otherwise have likely avoided the extent of the above failings. Consequently, VWFS failed to take reasonable care to organise and control its affairs responsibly and effectively in practice, with adequate risk management systems.

Source: Final Notice 2024: Volkswagen Financial Services (UK) Limited

The Solution: Many of these issues could have been identified with a strict monitoring regime and thorough risk assessments. Implementing technology to highlight risks and required controls would likely have prevented regulatory breaches. Had a comprehensive monitoring program been in place, VWFS could have identified what was expected of them and take steps to meet their responsibilities.

Starling Bank Limited – (Starling)

Notice Date: 27 September 2024

Penalty: £28,959,426

Reason: Whilst Starling underwent exponential business growth it was not able to scale its financial crime controls. Despite a voluntary agreement to improve its policies and procedures, it failed to adequately monitor compliance with this.

Regulatory Reference: Section 206 of the Financial Services and Markets Act 2000.

Key Issues: Any requirement imposed by the FCA, even voluntary ones, are imperative to be complied with to avoid sanctions. When Starling agreed to improve its already lacking monitoring of Financial Crime risk and AML considerations, then consequently doing so insufficiently, this made them subject to serious non-compliance. Resultant of their inability to manage scale as well as failing to consistently monitor the conduct of their policies and procedures.

Source: Final Notice 2024: Starling Bank Limited

The Solution: Monitoring policies and procedures during rapid growth is challenging but can be managed effectively with compliance technology. Compliance monitoring technology and automating scheduling and notifications enable teams to keep up with ongoing activities, helping ensure proper adherence to policies and reducing compliance risks. The ability to set recurring tasks this enables the compliance team stay up to date on the review of ongoing activities and ensuring appropriate policies and procedures are followed — reducing the risk of non-compliance.

London Capital & Finance plc – (LCF)

Notice Date: 11 October 2023

Penalty: Criminal Investigations, Regulatory Investigations, Civil Court Action

Reason: The financial promotions published by LCF were judged to be unfair, unclear and misleading and as a result LCF was no longer permitted to publish any financial promotions of their relevant products and services.

Regulatory Reference: Section 205 of FSMA 2000, COBS 4.2.1(1)R.

Key Issues: LCF was marketing its bonds on their websites with statements that were in breach of COBS 4.2.1(1)R in that they were unfair, unclear and misleading. This is due to marketing their products as ISA’s however LCF bonds were not a product that qualified as an ISA. By not following the rules in place regarding financial promotions LCF lost their permissions and resultantly went into administration.

Source: Final Notice 2023: London Capital & Finance plc (in administration)

The Solution: Following an effective workflow embedded with an efficient compliance review process enables the best combination of fast output and compliant promotions. Implementing a digital workflow creates a clear process where a financial promotion can be submitted for review and approval therefore ensuring it meets the necessary requirements. Workflows within a digital platform can be customised to go through all the necessary approval stages whilst having readily available the relevant regulatory information. This process results in the efficient output of compliant marketing material whilst creating a clear trail of compliance processes should the need for evidence arise.

Conclusion

These three case studies highlight the serious risks associated with non-compliance and underscore the need for robust compliance protocols to mitigate such risks. ComplyPortal, designed by compliance specialists, helps firms achieve effective compliance management, reducing the fear and risk of non-compliance.

With a full range of modules, ComplyPortal enables firms to manage compliance across multiple functional areas via periodic or ongoing reviews, risk assessments, and structured workflows for reviews, approvals, and monitoring assessments.

To discover how ComplyPortal can support your firm in mitigating the risks of non-compliance and maximise the efficiency or your compliance operations Book your bespoke, complimentary demonstration:

Book your complimentary demo today!

Find out more about how the ComplyPortal platform can help firms adapt to new regulatory expectations at: https://complyportal.uk/modules/

About ComplyPortal:

First developed in 2011 by compliance professionals for compliance officers, ComplyPortal offers workflow, automation, and several modules to help firms with control and regulatory compliance monitoring. 

ComplyPortal simplifies financial services regulatory compliance management on an easy-to-use cloud-based comprehensive compliance platform. It enables compliance officers, risk officers and senior management to keep track of their firm’s regulatory responsibilities and workflows. Our platform includes the following modules, among others: 

  • Monitoring: a year-round schedule pre-populated with monitoring questionnaires to ease compliance processes.
  • Approvals: authorise request and keep track of workflows
  • Registers: lists controlled by the Compliance officer, but easy for staff to view.
  • Risk: map and control risk areas to effectively identify and manage risk for your firm.
  • Training: access our LMS platform for all Compliance and Governance Training

CLICK HERE TO GET STARTED!