Skilled Person
Lot E - Financial Crime
Financial crimes strike at the heart of communities and sound functioning markets.
The FCA will move to a Skilled Person review under lot E if the outcomes of their supervisory work present an unacceptable level of financial crime risk. A review will consider all or some aspects of financial crime compliance: anti-money laundering, anti-bribery and corruption, sanctions, cryptocurrency and payments solutions, tax evasion, market abuse (including insider dealing and market manipulation).
The Skilled Person review will assess the adequacy of a firm’s systems and controls and the associated governance arrangements. The review will focus on areas of heightened financial crime risk relevant to a particular firm and will encompass document / record reviews and interviews with key members of staff, including senior management.
“The aim of AML regulation is…. to set high standards of probity and scrutiny to inhibit illicit money flows in the financial system and to encourage participants in the system to behave as custodians and guardians of the public interest.”
— Mark Steward, Executive Director of Enforcement and Market Oversight, FCA
Considerations for firms
-
Governance and oversight
The cornerstone of a robust financial crime framework is having a clear governance and oversight structure. Responsibility for managing financial crime risks must be clearly articulated and senior management knowledge of, and engagement in, addressing these risks must be evidenced.
-
Risk assessments
A thorough understanding of its financial crime risks is key if a firm is to apply proportionate and effective systems and controls. Risk assessments should be insightful, telling you where to apply more oversight or to invest in new controls.
More mature firms are thinking about the “real” risks of financial crime occurring and not just the regulatory risk of being fined or censured.
-
Due diligence
How do you balance the art and the science? Due diligence is a large scale operation, but requires skill and judgement to get it right. It can’t just be a tick box process. From a well balanced customer risk assessment, to due diligence which achieves insight, and enhanced levels of scrutiny where appropriate - due diligence remains a complex and challenging process to execute at scale.
-
PEPs and high risk relationships
The purpose of the risk-based approach is that you spend your time and effort on the highest risk scenarios. PEPs and higher risk relationships need to be identified and understood so they can be subject to greater (deeper, more regular) scrutiny.
-
Sanctions
Firms need to have systems and controls in place to help ensure they do not breach sanctions regimes. Screening systems need to be proportionate to the nature, size, and risk of a firm's business – buying off-the-shelf solutions, without adequate calibration and testing, or failing to conduct effective oversight and testing can lead to problems later.
-
Transaction monitoring and SARs
The whole framework needs to align to supporting your ability to monitor for, identify, escalate and report suspicious activity. This is a combination of getting the right data of the right quality and the system configuration to utilise it. And of course if you consider a client to be involved in criminal activity you’ll need to take appropriate action internally as well.