Financial crime - Q4 2023

IndustriesFinancial servicesRegulatory InsightsFS regulatory affairs newsletter – Q4 2023

Financial crime - Q4 2023

Changes in legislation have increased the requirements on organisations to identify and mitigate the risk of fraud committed for their benefit.

Section 199 of the Economic Crime and Corporate Transparency Act 2023 (ECCTA) came into force on 25 October 2023. This included significant changes to the criminal charges organisations can face for failing to prevent fraud.

The requirements apply to any organisation meeting the following criteria (based on the financial year preceding any offence):

  • More than 250 employees.
  • More than GBP 36 million turnover.
  • Assets of more than GBP 18 million.

The failure to prevent offences means that an organisation can be criminally liable where it has failed to prevent misconduct carried out by associated persons. Associated persons can include agents, brokers, professional advisors, as well as employees of the organisation (including those based within any subsidiaries).

There is also the potential for organisations outside of the UK to be brought into scope, depending on whether activity conducted on their behalf (by an “associated person”) commits an offence under UK law.

While the guidance is yet to be released, it is expected to come out in Q2/3 and is likely to follow a similar approach to guidance on similar offences, namely those related to the Bribery Act 2010 and tax evasion (per the 2017 Criminal Finances Act). The offence itself is expected to come into force by the end of Q2 2024.

Impact on Firms and Reasonable Procedures

One of the key impacts relates to the defence from prosecution based on an organisation having in place “reasonable prevention procedures” which cover 6 broad principles, namely:

  • proportionate procedures
  • top-level commitment
  • risk assessment
  • due diligence
  • communications (including training)
  • monitoring and review

While there are several categories of offences, examples of the types of activities that could give rise to criminal prosecution include: misleading financial reporting, misleading investors in an IPO, mis-selling of financial products, and greenwashing (misleading statements regarding the environmental impact of a product).

What management should consider 

Whilst the guidance is yet to be issued, Management should assess whether its fraud risk assessment incorporates the related offences and fraud typologies as well as consider whether the related controls, policies and procedures remain fit for purpose. This includes, for example, the extent to which due diligence measures for high-risk third parties are appropriate.

For firms that have not already done so, the mapping of its associated persons is essential to identify potential exposure and to support an assessment of whether the firm is applying a risk-based and proportionate approach in mitigating the associated risks of the failure to prevent offences.

The use of technology and counter-fraud analytics will play a pivotal role in countering these risks and should leverage existing tools, ensuring that those responsible for compliance can focus on high-risk issues rather than drowning compliance staff in low-quality issue resolution activities.

Training and awareness should also be a focus, with organisations ensuring they incorporate the related offences into their existing programmes and that the appropriate mechanisms for raising concerns are in place, particularly for those employees working in higher-risk areas.

Finally, the extent to which contractual arrangements make provisions relating to the failure to prevent offences should be given attention. This includes those relating to employees as well as associated persons.

Financial Crime - Senior Managers

A further change of the ECCTA which came into force on Boxing Day relates to the guiding mind principle and the role of a “senior manager” within an organisation. This is distinct from the FCA’s Senior Manager and Certification Regime (SMCR) and defines a senior manager as an individual who plays a significant role in the decision-making process and management of an organisation. The definition focuses on the roles and responsibilities of senior managers in an organisation, not just their job titles.

An organisation will therefore be liable for offences where a senior manager is acting within the actual or apparent scope of their authority. These offences, set out in Schedule 12 of the ECCTA, include money laundering, fraud, terrorist financing, fraud, false accounting and false statements (see below for a more comprehensive list of the offences covered).

What management should consider

Management should perform an assessment of who the senior managers within their business are and consider whether they are subject to the appropriate level of monitoring and oversight. This should also factor in the training and awareness of these individuals relating to the offences.

There will inevitably be a requirement to assess also whether enhancements need to be made to the onboarding and performance review processes.

Upcoming Regulatory Developments

 A summary of some of the key regulatory developments we anticipate will impact financial crime compliance in the coming year include:

  • The FCA's expanded powers over the cryptocurrency sector, specifically requirements regarding financial promotions (in force since 8 October 2023) are likely to be tested, given relevant firms had until 8 January 2024 to implement the 24-hour cooling period, client appropriateness testing and client categorisation features. These core rules were designed to make the marketing of crypto asset products clearer and more accurate and to ban incentives like ‘refer a friend’ bonuses.
  • The Financial Action Task Force (FATF) will continue to drive global compliance and in the first half of 2024 are due to publish the results of the steps FATF member jurisdictions and other jurisdictions with materially important Virtual Asset Service Provider (VASP) activities have taken towards implementing Recommendation 15 – which relates to assessing the AML/CTF risk of new technologies.
  • The FCA is due to publish its report on the review of the treatment of Politically Exposed Persons (PEPs) by the end of June 2024, which focuses on the distinction between domestic and foreign PEPs.
  • The UK government announced an Independent Review into the Disclosure Regime and Fraud Offences on 16 October 2023. The recommendations on reforming the disclosure regime are expected in the summer of 2024.
  • In the latter half of 2024, the Finance Bill 2024 is expected to be fully enforced with changes to tax avoidance penalties.
  • On 18 December 2023, the European Commission welcomed the adoption of a 12th package of sanctions against Russia. The focus of this package was to impose additional import and export bans on Russia, combat sanctions circumvention and close loopholes. As of 1 March 2024, a ban on Russian diamonds polished in a third country will take effect and, as of 1 September 2024, the ban will be expanded to include lab-grown diamonds, jewellery, and watches containing diamonds.
  • In 2024, the OTSI (Office of Trade Sanctions Implementation) will be up and running. This new department will primarily be responsible for the civil enforcement of trade sanctions, including the power to issue civil monetary penalties (criminal enforcement of trade sanctions offences will remain the responsibility of HM Revenue & Customs). We expect that OTSI will be able to provide clear and practical guidance to organisations on the application and scope of the UK’s trade sanctions legislation.

Get in touch

If you would like to speak with a member of our team, please click the button below.

Contact us today

Related pages

National contacts

Contact us

+44 20 7063 4000
Meet our local team
Discover our offices
Or use our contact form