An FCA survey of sanctions controls at 90 UK firm has found deficiencies across a range of key indicators, including staffing, technology and reporting frameworks.
The regulator found that some firms still lack adequate resources to ensure effective sanctions screening. It also saw poorly calibrated or tailored screening tools, with some firms also too reliant on third party providers with ineffective oversight over them.
Customer Due Diligence (CDD) and Know Your Customer (KYC) procedures were also found to be wanting. "We have continued to find instances of low quality CDD and KYC assessments and backlogs," says the FCA.
The timeliness of reporting breaches was also found to be poor, with inconstiencies across firms a prevalent feature.
In a speech at the Financial Crime Summit, director of markets and international at the FCA, Sarah Pritchard, told delegates that firms who are carrying out “tick box” compliance exercises should not be surprised to find a visit from the FCA.
“Taking early action can save millions in fines down the line as well as the reputations of firms.”
She says that in the run up to Russia's invasion of Ukraine, many firms dragged their feet, creating backlogs that they were unable to keep on top of.
"Equally, too many firms thought that an off-the-shelf tech solution would suffice," she says. "You simply cannot outsource risk calibration to a third party and palm off all responsibility for keeping on top of it to external firms. Firms need to understand their risks - both high and low - and make sure they have a proportionate and risk-based approach to deal with them."