FCTR 10.1 Introduction

FCTR 10.1.1G

1Who should read this chapter? This chapter is relevant, and its statements of good and poor practice apply, to small firms in all sectors who are subject to the financial crime rules in SYSC 3.2.6R or SYSC 6.1.1R and small e-money institutions and payment institutions within our supervisory scope.

FCTR 10.1.2G

1In May 2010 the FSA published the findings of its thematic review into the extent to which small firms across the financial services industry addressed financial crime risks in their business. The review conducted visits to 159 small retail and wholesale firms in a variety of financial sectors. It was the first systematic review of financial crime systems and controls in small firms conducted by the FSA.

FCTR 10.1.3G

1The review covered three main areas: anti-money laundering and financial sanctions; data security; and fraud controls. The review sought to determine whether firms understood clearly the requirements placed on them by the wide range of legislation and regulations to which they were subject.

FCTR 10.1.4G

1The FSA found that firms generally demonstrated a reasonable awareness of their obligations, particularly regarding AML systems and controls. But it found weaknesses across the sector regarding the implementation of systems and controls put in place to reduce firms’ broader financial crime risk.

FCTR 10.1.5G

1The review emphasised the key role that the small firms sector often plays in acting as the first point of entry for customers to the wider UK financial services industry; and the importance, therefore, of firms having adequate customer due diligence measures in place. The report flagged up concerns relating to weaknesses in firms’ enhanced due diligence procedures when dealing with high-risk customers.

FCTR 10.1.6G

1The FSA concluded that, despite an increased awareness of the risks posed by financial crime and information supplied by the FSA, small firms were generally weak in their assessment and mitigation of financial crime risks.

FCTR 10.1.7G

1The contents of this report are reflected in FCG 2 (Financial crime systems and controls), FCG 3 (Money laundering and terrorist financing), FCG 4 (Fraud), FCG 5 (Data security) and FCG 7 (sanctions and asset freezes).