The UK Financial Conduct Authority (FCA) has fined Sigma Broking Limited £1,087,300 for submitting almost 1 million inaccurate or incomplete transaction reports between 2018 and 2023, close to 100% of the firm’s trades during that period. This is not an isolated incident. It follows a £531,600 fine in 2022 for similar transaction reporting breaches and market abuse surveillance failures, which also saw three directors personally penalised and two banned from senior roles.
The story of Sigma Broking Limited is a cautionary tale in regulatory negligence, systemic governance failures, and the high cost of ignoring transaction reporting obligations. With over £1.6 million in cumulative fines, repeat enforcement action paints a clear picture: Sigma’s compliance failings were not the result of one-off mistakes but a sustained pattern of weak governance, ineffective controls, and a failure to learn from past regulatory interventions. For compliance officers, Sigma’s trajectory offers a stark reminder of the consequences of neglecting core reporting obligations and ignoring regulator warnings.
Two enforcement actions, one core issue
2022 fine: Governance breakdown
In October 2022, the FCA fined Sigma £531,600 for failing to report 56,000 CFD (contracts for difference) transactions and for missing 97 suspicious transaction reports between December 2014 and August 2016. But the financial penalty was only part of the story. Three directors were also sanctioned:
- Simon Tyson (CEO) – Fined £67,900 and banned from senior management.
- Stephen Tomlin (Director) – Fined £69,600 and also banned.
- Matthew Kent (Director) – Fined £83,600 but not banned.
The FCA made it clear: these failures weren’t isolated technical mistakes. They stemmed from poor board-level governance and oversight. Despite the availability of clear FCA guidance, Sigma’s directors failed to ensure robust surveillance systems or fulfil their market abuse reporting obligations.
This was not only a breach of Article 26 of MiFIR but also of Principle 3 of the FCA’s Principles for Businesses: the requirement to organise and control affairs responsibly and effectively.
2025 fine: A second, larger failure
Less than three years later, the FCA issued a second and more damning penalty: £1,087,300 for reporting failures that spanned nearly five years, from December 2018 to December 2023.
Key findings from the FCA’s final notice:
- Sigma submitted 924,584 inaccurate or incomplete transaction reports – effectively 100% of its reportable trades.
- Issues stemmed from incorrect system setup during MiFID II implementation and persisted due to weak internal controls.
- The firm failed to identify the problems promptly, despite already being fined for similar failures.
- Sigma only initiated effective remediation after becoming a Category 1 member of the London Metal Exchange in 2022 — and even then, it took over a year to correct and resubmit backdated reports.
The FCA elevated the seriousness of this breach to Level 4 on its enforcement scale. Notably, the regulator doubled the base fine for deterrence purposes and applied a 40% aggravation increase due to repeat offending, failure to self-report swiftly, and the firm’s disregard for prior enforcement action.
What went wrong at Sigma: A compliance autopsy
Systemic control failures
Sigma’s core systems for transaction reporting were misconfigured from the outset. That’s a technical error. But the real failure was the lack of any mechanism to detect or correct it for at least five years. The firm had no effective reconciliation processes, no periodic internal audits of reporting logic, and no escalation structure when inconsistencies emerged.
Governance inertia
The 2022 fine should have served as a wake-up call. Instead, it was met with inaction. The directors failed to lead a compliance overhaul or even reassess existing controls. In the FCA’s own words, Sigma’s board “was effectively reminded” of its obligations, yet failed to act, a clear breach of Principle 3.
Delayed and incomplete self-disclosure
The FCA was first to identify issues in May 2023. Sigma responded late, failed to disclose the full scope of errors, and only admitted to the scale of underreporting (924,584 trades) in January 2024. The remediation process wasn’t completed until February 2025. That’s a clear signal of not only weak systems, but a weak compliance culture.
Failure to monitor regulatory developments
The FCA had provided extensive guidance: Market Watch newsletters, Q&As, reporting forums, and regular public enforcement cases. Sigma’s ignorance of these resources — or its failure to act on them — was viewed as an aggravating factor. Compliance officers must actively monitor and adapt to regulatory expectations, especially in high-risk areas like market abuse.
What compliance teams can learn from the Sigma failures
Transaction reporting is not just a back-office task
It’s a frontline compliance function central to the FCA’s ability to detect insider trading, market manipulation, and broader financial crime. Firms must treat transaction reports with the same scrutiny as suspicious activity reports or client due diligence records.
Regulatory memory matters
The FCA has zero tolerance for repeat offenders, especially those previously penalised for the same issue. Enforcement escalates dramatically when firms ignore past warnings. If your firm has ever been subject to an FCA notice, that history should shape your current compliance strategy.
Reconciliation is not optional
Any firm executing trades must perform regular reconciliations of what was executed vs. what was reported. This means:
- Automated exception reports.
- Controls to flag reversal or missing fields (e.g., buyer/seller swaps).
- Internal audits at least annually.
- Independent testing of reporting logic.
You are accountable for third-party failures
Even though Sigma brought in a third party for remediation, it still bore full responsibility for the underlying errors. Firms cannot outsource accountability. The board remains liable, regardless of who builds or maintains the reporting system.
Speed matters in remediation
The FCA noted that Sigma took too long to respond and remediate. Firms must act decisively when a compliance breach is suspected. That includes:
- Notifying the FCA promptly.
- Commissioning independent reviews within weeks, not months.
- Prioritising fixes over PR management.
