14 February 2016

RBS hit with £5.6m fine for sanctions screening failings

03 August 2010  |  17514 views  |  1 FSA

Royal Bank of Scotland (RBS) has been fined £5.6 million by the Financial Services Authority (FSA) for IT systems failures that could have resulted in terrorist financing.

The FSA says the group did not have adequate systems and controls in place to prevent breaches of UK financial sanctions between 15 December 2007 and 31 December 2008 at its RBS, NatWest, Ulster Bank and Coutts units.

RBS failed to adequately screen both its customers, and the payments they made and received, against the government's Treasury sanctions list, says the watchdog. During the year-long period it did not screen any payments remitted from outside of the UK.

This led to an "unacceptable risk" that the bank could have facilitated transactions involving sanctions targets, including terrorist financing.

According to the FSA, RBS manually entered around 14,000 payment messages worth about £2.5 billion into its gateway application for Swift messages which meant they bypassed the screening software. In addition, the group's automated screening software only covered three out of 47 Swift trade finance message types.

Meanwhile, a failure in the screening software used to check payments against the Treasury list meant it did not block or screen transactions where the beneficiary name was across more than one line in the Swift message. This meant that the technology sometimes failed to pick up exact matches to the Treasury list, a problem not picked up when the software was tested and rolled out in 2006.

Another problem with the software affected its "fuzzy matching" which is supposed to help identify words within payments messages that are mis-spelt or inaccurately translated.

Despite rules designed to ensure firms update their systems' fuzzy matching logic to keep up with changes to the Treasury list, RBS only calibrated theirs once, when it was first installed. When the fuzzy matching logic was finally checked in 2008, several weaknesses were identified that could see payments slip through.

Margaret Cole, director, enforcement and financial crime, FSA, says: "By failing to screen relevant customers and payments against the HM Treasury sanctions list, RBSG left itself open to the risk that it was facilitating terrorist financing."

Nathan Bostock, head, restructuring and risk, RBS says the bank acknowledges the FSA findings adding: "We have taken appropriate action to remedy these issues and continue to enhance our control environment with a view to ensuring a more robust sanctions compliance framework and ultimately that our detection and prevention capabilities are in line with best practice in the market."

The bank received a 30% discount on the fine for settling early.

You can read the full decision notice here.

Comments: (1)

Ketharaman Swaminathan
Ketharaman Swaminathan - GTM360 Marketing Solutions - Pune | 04 August, 2010, 13:15

In an article I'd published last year on multilingual support, I'd pointed out the risk of non-compliance owing to the tendency of many cross-border payments applications to skip the German umlaut and other European-language accents and thus passing payments that should actually have been blocked. The current incident suggests that banks possibly have more fundamental issues to resolve than making all their payments applications multilingual. Wonder if we've seen the last of this issue!   

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Comment on this story (membership required)
Log in to receive notifications when someone posts a comment

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board, sign up now.

Related blogs

Create a blog about this story (membership required)

Related stories

30 June, 2010
02 June, 2010
10 May, 2010
26 March, 2010
18 December, 2009
18 August, 2006

Related company news


Top topics

Most viewed Most shared
UK sets out open banking API frameworkUK sets out open banking API framework
16361 views comments | 106 tweets | 91 linkedin
Deutsche Bank calls for co-operation with fintech firms on B2B servicesDeutsche Bank calls for co-operation with...
9118 views comments | 30 tweets | 30 linkedin
How to accelerate your fintech startupHow to accelerate your fintech startup
8714 views comments | 35 tweets | 10 linkedin
Is Paym a failure?Is Paym a failure?
7222 views 16 comments | 23 tweets | 16 linkedin
Visa issues API to offer consumer control over card transactionsVisa issues API to offer consumer control...
6590 views comments | 17 tweets | 28 linkedin

Featured job

£100,000 basic, £180,000 OTE + Benefits

Find your next job