UT-2022-00097 - [2024] UKUT 00352 (TCC)

Principle 2 requires authorised persons to conduct their business with due skill, care and diligence.

Principle 3 requires firms to take reasonable care to organise and control their affairs responsibly and effectively, with adequate risk management systems.

Other rules in the Authority’s Handbook provide more detailed requirements on the need for firms to create and implement policies and procedures to prevent and detect money laundering, and to counter the risk of being used to facilitate financial crime. Notably, SYSC 6.3.1 R says:

“A firm must ensure the policies and procedures established under SYSC 6.1.1 R include systems and controls that:

(1)

enable it to identify, assess, monitor and manage money laundering risk; and

(2)

are comprehensive and proportionate to the nature, scale and complexity of its activities.”

SYSC 6.3 contained other important provisions in the relevant period, notably:

its customer, product and activity profiles;…

the complexity and volume of its transactions;

its processes and systems; and

its operating environment.”

appropriate training for its employees in relation to money laundering;

appropriate documentation of its risk management policies and risk profile in relation to money laundering, including documentation of its application of those policies (see SYSC 9);

appropriate measures to ensure that money laundering risk is taken into account in its day-to-day operation, including in relation to:

the taking-on of new customers; and

changes in its business profile; ….”

Firms like the Applicant needed adequate systems and controls to identify, assess and monitor money laundering risk, as well as conducting customer due diligence and ongoing monitoring of business relationships and transactions.

Under section 206 of the Financial Services and Markets Act 2000 (“FSMA”) the Authority may impose a financial penalty on an authorised person if the Authority considers that the authorised person has contravened a “relevant requirement”. Principles 2 and 3 are “relevant requirements” for this purpose.

The Authority’s policy on imposing a financial penalty is set out in that part of the Authority’s Handbook known as DEPP.

DEPP 6.1.2 states that the principal purpose of imposing a financial penalty is to promote high standards of regulatory and/or market conduct by deterring persons who have committed breaches from committing further breaches and helping to deter other persons from committing similar breaches, as well as demonstrating generally the benefits of compliant business.

DEPP 6.2.5 states that when considering whether to impose a financial penalty or censure in respect of a breach of the Authority's rules on systems and controls against money laundering it will have regard to whether a firm has followed relevant provisions in the guidance for the UK financial sector issued by the Joint Money Laundering Steering Group (“JMLSG”). This is in line with SYSC 6.3.5 G quoted above.

DEPP 6.5.2 states that the FCA's penalty-setting regime is based on the following principles:

As set out in DEPP 6.5A, the Authority applies a five-step framework to determine the appropriate level of financial penalty. So far as relevant, this framework is set out as follows.