FCA investigators have clearly not been furloughed
In 2019, the FCA registered nearly £400 million in fines for compliance breaches, and despite the pandemic, investigators are striking out high and fast against non-compliance. In the first half of 2020, only four cases have resulted in a fine, but collectively those fines have already reached £100 million.
Unfair treatment of mortgage customers
Lloyds, Bank of Scotland and The Mortgage Business were hit with a £64 million fine for poor handling of at least half a million mortgage customers who faced payment difficulties. The failings stretched back to 2011 and included untrained staff refusing to negotiate appropriate payment arrangements of vulnerable customers. Despite knowing about these issues, Lloyds Group failed to put in place any measures to rectify the problems. Somewhat ironically, these failures occurred during Lloyds’ own financial issues during its measure with HBOS during the financial crisis. A number of specialist mortgage sites were closed and a lot of experienced staff were lost to the business.
But that didn’t matter to regulators. The fine comes on top of a £300 million redress scheme to pay back customers who suffered as a result of the failings. Lloyds were given a 30% discount on their fine since they accepted the FCA’s findings and paid their fine early.
Compliance lesson – Skimping on staff training and lacking empathy for vulnerable clients will cost you in the long term.
Money laundering breaches
Commerzbank London was hit with a £37.8 million fine for anti-money laundering failings over a five year period. This is in spite of the fact the FCA pointed out AML concerns in 2012, 2015 and 2017. The bank failed to take reasonable or effective steps to fix the problems.
Commerzbank was not conducting timely due diligence checks, resulting in nearly 2,000 clients still being able to continue to transact with the London branch despite CDD not being carried out. In addition, the bank ignored long-standing weaknesses in its automated AML monitoring tool. Over 40 high-risk countries were not added to the list, plus 1,110 high-risk customers were not added either, and additional due diligence checks were not done.
The bank’s AML failings have had real-world impacts. In May 2020, the National Crime Agency seized £6.4 million held in a Commerzbank account which had been laundered through Liberia.
Compliance lesson – CDD is mandatory and an automated AML tool is no substitute for common sense.
Poor communication with customers
Moneybarn, a car financing subsidiary of Provident Financial, was fined £2.8 million, in addition to being required to implement a customer repayment scheme of at least £30 million, for failing to adequately communicate financial risks to customers.
Over 6,000 people who signed up for unsuitable short term loans were not properly warned of the consequences of failing to keep up with the payments by Moneybarn. Those customers, many of whom were vulnerable, were not given the chance to clear arrears over a realistic period of time, nor were those customers informed of the financial implications for exiting their loans early, resulting in higher termination costs.
Compliance lesson – There is no benefit in hiding important information from customers.
Data protection breaches
Claims management company Hall and Hanley sent PPI marketing text messages to customers’ mobile numbers without any steps being taken to ensure they had consented to receive the messages. What’s more, when the former Claims Management Regulator reviewed a sample of just over a dozen company files, it found eight contained documents where client signatures had been copied without their consent.
The main issue the FCA identified was that Hall and Hanley had acted negligently by failing to provide proper data protection training to its employees, and so a £91,000 fine was justified. The previous regulator had warned Hall and Hanley about their repeated use of consumer data and customer signatures without consent, but those lessons had not been learned.
Compliance lesson – Data protection failures are a real and clear compliance issue.
Enrol your staff in relevant compliance training
VinciWorks strives to make its training more than simply a tick-box exercise. Our courses are packed with realistic scenarios, real-life case studies and every customisation option you can think of. We have everything from in-depth induction training to refresher courses and five minute knowledge checks.