The UK Financial Services Authority’s (FSA) £5.6 million fine for Royal Bank of Scotland (RBS) Group this week for the group’s failure to have adequate data checks in place to conduct mandatory anti-money laundering (AML) screening is indicative of the need for firms to get a better handle on their customer data. According to the regulator, RBS Plc, NatWest, Ulster Bank and Coutts and Co, which are all members of group, failed to adequately screen both their customers and the payments they made and received against the Treasury’s sanctions list over the period of a year, from 15 December 2007 to 31 December 2008.
The FSA indicates that it considers the failings to have resulted in an “unacceptable risk” to the integrity of the country’s financial services sector and this is why it was compelled to impose its largest fine for a financial crime infraction. The regulator makes particular reference to the potential funding of terrorism in its judgement as an example of this risk. Margaret Cole, FSA director of enforcement and financial crime, explains: “The scale of the fine shows how seriously the FSA takes this issue and should act as a warning to other firms to ensure that they have adequate screening procedures.”
The fine could also have been much higher, a whopping £8 million, had RBS Group not agreed to settle at an early stage of the FSA investigation and qualified for a 30% reduction in penalty.
The screening of customer data for wider compliance and AML checking purposes is part and parcel of the customer data management challenge. In light of this challenge, over the last few years, many financial institutions have been investing in this space in order to stay out of the regulators’ bad books. For example, German bank WestLB started on the journey to revamp its customer data management and KYC systems back in 2006, whereas Royal Bank of Canada (RBC) kicked off a similar project this year. There is therefore a heightened level of awareness within the market in the post-crisis environment about getting a better handle on customer data, which should be raised further still by the FSA’s actions.
For its part, the wholesale business of RBS is also working on a customer data management system revamp, focused on rationalising the database it acquired from ABN Amro and merging this with the legal entity data on the central RBS system. The project has been ongoing since the acquisition of the ABN Amro business by a consortium including RBS a couple of years ago and much progress has been made (check out an interview with Mark Davies, head of reference data, SSF Risk Services for RBS, on the site soon).
Following the fine, RBS Group will no doubt also be focusing its attentions on making sure it doesn’t fall foul of the regulator in future and that its AML systems are robust enough to go the distance.
RBS, however, is not likely to be the last firm to face such a fine. Given the state of many firms’ data management systems in the post-crisis environment, following such an intense period of M&A activity, many more are likely viewing the FSA’s action as serious threat as well as a warning.