Metro Bank PLC was fined £16,675,200 (after a 30% discount) by the Financial Conduct Authority for failings in its transaction monitoring systems and controls. The FCA found that the bank’s failures led to the risk it was inadvertently being used for the purposes of financial crime.
Key facts:
- Metro Bank PLC implemented an Automated Transaction Monitoring System (“ATMS”) to monitor customer transactions.
- There were deficiencies in the set-up, operation and oversight of the system. Specifically, an error in the data store used by Metro Bank to populate the ATMS resulted in missing transaction records or records being rejected (owing to incomplete data feeds) for over a three-year period.
- The failure to check the completeness of data fed into the ATMS significantly affected Metro Bank’s ability to identify which customer, account and transaction records were (or were not) sent to the ATMS. Consequently, its ability to ensure the transactions were appropriately monitored was hampered.
- The errors were not identified by Metro Bank in a timely manner and reconciliation attempts were inadequate.
- Metro Bank also failed to implement a regular review process in relation to the rejected records. This meant the bank did not have clear visibility of the true volume or nature of customer transactions being rejected.
- While some efforts were made to investigate the errors and escalate issues to senior staff during the relevant period, the FCA found that no substantive action was taken at the time.
Key takeaways:
- Financial institutions operating in the UK are responsible for minimising their risk of being used for criminal purposes, including the risk of being used to facilitate money laundering.
- Failing to adequately monitor transactions can lead to delays in identifying suspicious activity, and this increases the risk of a firm inadvertently being used for the purposes of financial crime. In this case, Metro failed to monitor around 6% of its total transaction volume (over 60 million transactions with a value of over £51 billion). Its remediation efforts resulted in the bank submitting 153 suspicious activity reports and 43 notices to customers closing their accounts.
- Anti-money laundering controls, which are compliant with the Money Laundering Regulations, should be reviewed and revised on a regular basis to ensure that they are appropriate for the nature and size of the business and the risks identified.
- From a governance perspective, financial crime related risks must be escalated in a culture which takes them seriously and senior staff must take substantive action where necessary.
- Ongoing monitoring is essential to ensuring firms know their customers, can assess risk and ensure that they are not being used to facilitate financial crime. It is also crucial for dealing with issues in a timely fashion. Without good transaction monitoring, there is a risk that suspicious or unusual account activity is missed, exposing a firm to financial crime risk.
- Firms should ensure that they have controls in place to check, on an ongoing basis, that transactions are properly monitored.
- Firms should also ensure that exceptions processes are adequate and that there are processes in place to deal with rejected records.
Disclaimer
This information is for general information purposes only and does not constitute legal advice. It is recommended that specific professional advice is sought before acting on any of the information given. Please contact us for specific advice on your circumstances. © Shoosmiths LLP 2024.