An examination by the Financial Conduct Authority (FCA) into the efficacy of sanctions controls at 90 UK firms revealed shortcomings across various critical areas, such as staffing, technology infrastructure, and reporting systems.
The regulatory body identified that some companies still lack sufficient resources to ensure effective sanctions screening. Furthermore, it observed inadequately calibrated or customized screening tools, with certain firms excessively relying on third-party providers with inadequate oversight.
Concerns were also raised about the Customer Due Diligence (CDD) and Know Your Customer (KYC) procedures, with the FCA noting instances of subpar CDD and KYC assessments and persistent backlogs.
The promptness of reporting breaches also exhibited deficiencies, with inconsistencies among firms being a recurring issue.
Speaking at the Financial Crime Summit, Sarah Pritchard, the Director of Markets and International Affairs at the FCA, cautioned attendees that firms engaging in superficial compliance checks should expect visits from the FCA.
Pritchard emphasized that taking proactive measures can prevent substantial fines in the future and safeguard a company's reputation. She pointed out that in the lead-up to Russia's invasion of Ukraine, many firms procrastinated, resulting in unmanageable backlogs.
Similarly, she criticized the misconception held by some firms that off-the-shelf technological solutions would suffice. Pritchard emphasized that outsourcing risk calibration to third parties and relinquishing responsibility for managing it to external entities is not a viable approach. Firms must comprehend their risks, both high and low, and adopt a proportional, risk-based strategy to address them.