A recent FCA survey examining sanctions controls at 90 UK firms has revealed several deficiencies in key areas, including staffing, technology, and reporting frameworks.
The regulator discovered that many firms still do not have sufficient resources for effective sanctions screening. Additionally, it noted issues with poorly calibrated or tailored screening tools, and a concerning dependence on third-party providers lacking adequate oversight.
Customer Due Diligence (CDD) and Know Your Customer (KYC) procedures were also flagged as inadequate, with the FCA reporting ongoing instances of subpar CDD and KYC assessments, alongside significant backlogs.
Moreover, the timeliness of reporting breaches was found to be lacking, with inconsistent practices across firms.
In a speech at the Financial Crime Summit, Sarah Pritchard, the FCA’s director of markets and international, cautioned that firms engaging in “tick box” compliance activities should not be surprised by upcoming FCA visits. She emphasized that proactive measures could save firms millions in potential fines and protect their reputations.
Pritchard highlighted that, prior to Russia’s invasion of Ukraine, many firms were sluggish in their responses, leading to unmanageable backlogs. She advised against the reliance on generic tech solutions, asserting that firms cannot externalize risk management entirely. “It’s essential for firms to grasp their risk landscape—both high and low—and adopt a proportionate and risk-based approach to address these challenges,” she stated.