Welcome back to our financial crime series, where we shed light on crucial aspects of financial crime systems and controls. In this instalment, we tackle the scenario that can be nerve-wracking for any organisation and has become more frequent in recent years – when you capture the attention of the regulator.
Let's be honest: no one looks forward to a call or investigation from the regulator, but it can and does happen to even the most conscientious organisations. If you find yourself in this situation, it's essential to know what to do and how to handle it…
So, you’ve been contacted by the regulator: Now what?
The first thing you should do is to take a deep breath and stay calm. Remember, the regulator isn’t your enemy; they’re simply trying to ensure organisations like yours are complying with all the complex and continuously evolving financial crime laws and regulations.
Initially, a regulator will likely ask for some information about your financial crime systems and controls, including your compliance programme, which may include your:
- Organisation's financial crime policies and procedures
- Customer due diligence (CDD) and Enhanced Due Diligence (EDD) processes and some example client files
- Transaction monitoring systems and outputs
- Suspicious activity reporting (SAR) process, activity and outputs
- Client Screening System and Process, including your discounting methodologies
- Risk Assessment documentation, including your Business Wide Risk Assessment, Customer Risk Assessment, Financial Crime Risk Assessment and Transaction Monitoring Risk Assessment
.jpg?width=795&height=464&name=Untitled%20design%20(58).jpg)
What’s next?
Prepare an action plan for regulator interaction. Don’t wait for it to happen – mobilise now, get your ducks in a row, and try and stay on the front foot:
1) Mobilise your financial crime team
Your financial crime team should be experts in your systems, controls, processes and compliance measures, so they are an invaluable asset during regulatory visits and investigations. Take action now to ensure everyone's on the same page and ready to collaborate and cooperate.
2) Review your financial crime systems and controls
Great if you're thinking ahead, but how is this step useful if the regulator has already been in touch and started their investigations? Even if the regulator has established contact, this is a great time to review and reassess your financial crime controls. Are they robust? Have there been any lapses? Address any weaknesses or gaps immediately. The regulator will likely scrutinise your controls and your governance around those controls, so a proactive approach to making improvements demonstrates the right attitude.
3) Cooperate transparently
Transparency is your ally. Be prepared to cooperate fully with the regulator, providing all requested information promptly and accurately. Any attempt to hide or mislead will be viewed very negatively, and will put you and your organisation in breach of Principle 11 in the FCA Handbook. Clear, honest communication is a must and goes a long way in building trust.
4) Understand any allegations
If there are specific allegations, take the time to understand them thoroughly, not just for your response but also to fortify your financial crime controls against similar issues in the future. It can feel scary and overwhelming, but try to use this as an opportunity to enhance and learn.
5) Seek legal guidance
Having legal experts on your side is integral to providing valuable insights and guidance throughout the regulatory process. They can help you navigate the potential pitfalls and challenges that do arise regularly in these situations, and ensure that you are doing what you need to when you need to, ensuring you continue to meet your regulatory responses and align with legal obligations.
6) Implement remediation measures
If the regulator identifies areas for improvement, make sure you take swift action and implement remediation measures promptly to address any concerns. Acting fast not only showcases your commitment to compliance but also helps you prevent future issues from arising.
7) Reassess your financial crime control training
Training is a cornerstone of effective financial crime controls. If regulatory scrutiny reveals lapses in understanding or execution, consider reassessing your training and development programmes for all relevant team members. The aim is that everyone feels informed and well-equipped to handle any financial crime challenges.
8) Communicate, communicate, communicate
Internally, ensure your team is updated and informed about the situation. Externally (if required), communicate transparently with stakeholders, customers and partners. Managing the narrative can go a long way in helping you mitigate reputational damage.
9) Post-regulatory assessment
What lessons have you learned? How can you bolster your financial crime controls further? Use the experience to emerge stronger, more resilient and with a heightened commitment to compliance.
Getting attention from the regulator can be worrying, stressful and daunting, but it's also an opportunity for growth and improvement. By following these steps and maintaining a proactive stance toward financial crime compliance, you can navigate the regulatory spotlight with resilience and integrity.
Looking for support?
Brighter has years of experience helping clients manage regulator interactions, ensuring the best outcome is achieved and that risks are mitigated, including under the more formal regulatory interventions that are now frequently used, known as s166 requirements. If you’d like a confidential chat on anything related to your financial crime controls, please contact Simon Davis today.
COMMENTS