The past few years have witnessed a debate in the field of banking and broader financial services law: should the law relating to the duty of care owed by financial services firms to their customers be reformed? The Financial Services Consumer Panel (FSCP) argues that the answer to this question is yes; the current law does not provide consumers with adequate levels of protection, and thus the law needs to be. The current regulatory regime requires firms to treat their customers fairly, however the FSCP believes that banks and other financial services firms should be held to a higher standard and for this reason have advanced reform proposals to address this issue.
The purpose of this blog post is to analyse the content of the reform proposals and assess the viability of any reform, in light of the existing legal regime. It will be argued that, as indicated by the Parliamentary Commission on Banking Standards (PCBS) and the Financial Conduct Authority (FCA), the proposal advanced by the FSCP is unlikely to improve the law in this area. (more…)
The regulation of banks is a difficult and high profile task. The banking industry is complex and plays a fundamental role in the UK’s economy. The financial crisis highlighted the importance of the UK having a regulatory regime that can maintain the health and stability of the banking sector. Banks provide payment and funding services that are central to the successful operation of the modern economy. Regulation therefore needs to ensure that the banking sector is healthy. This blog post will briefly outline the main developments in the UK’s regulatory approach in recent years, and will identify the key areas of concern facing the regulators. (more…)
The day has arrived on which a cyber attack has succeeded in breaching a bank’s security with the result that customers’ money has been taken from their accounts. According to press reports the accounts of around 40,000 customers of Tesco Bank have been accessed and the bank has refunded £2.5 million to 9,000 who have had money removed.
Banks’ IT systems are an obvious target for cybercriminals. The fact that such systems contain both money and data on customers makes them extremely tempting. As banks have developed new channels for delivery of services, such as websites, mobile applications and social media, these have often been added, or linked, to existing out-dated systems. This increased complexity may mean that new avenues of attack are inadvertently created, and make it difficult for a bank to rapidly pinpoint the source of system risks and breaches. The increased use of distributed computing, with multiple systems running across multiple servers, can also create new system risks and simultaneously increase the number of staff requiring access. While external threats are increasing, it appears that industry insiders remain responsible for a significant share of bank fraud. How the Tesco cyber attack was carried out remains unclear, but the scale and speed of the transfer of funds suggests a degree of sophistication. (more…)
It has not been a good few weeks for the banking industry. In America Wells Fargo has been rocked by a scandal in which staff have been found to have fraudulently opened accounts for customers as a way of meeting sales targets. Deutsche Bank has teetered on the brink of disaster as a result of the size of the penalty it is facing in the US for misselling mortgage bonds. In Singapore the Monetary Authority has penalised two banks for anti-money laundering failures and control lapses and has withdrawn the license of a third bank for such failures. For once, the major UK based banks have been out of the headlines. However, the Financial Conduct Authority has added to the picture by penalising the Bangladeshi Sonali Bank (UK) Ltd £3.11 million and Steven Smith, the bank’s Compliance Officer and Money Laundering Reporting Officer (MLRO) a further £17,900 for anti money laundering (AML) failures. The bank was also prohibited from accepting deposits from new customers for a period of 168 days and Smith prohibited from performing a range of functions in the industry.
The Sonali Bank decisions are further examples of the FCA using its enforcement powers to send messages to the industry. It is part of the attempt to change the culture in banking and to reduce, if not eliminate, risk which might threaten the integrity of the banking system as a whole. It is widely accepted that money laundering poses a significant threat to the integrity of the financial system. As a result, firms are required to adopt rigorous controls aimed at minimising the risk of money laundering occurring. The facts of Sonali concerned these AML obligations. The case is a good example of the fact that the criminal offences which are commonly said to place banks under a stringent obligation to guard against money laundering are, in practice, of much less significance than regulatory action concerning failures taken by the FCA. (more…)