FCA has fined Al Rayan Bank PLC £4m for failing to have in place proper AML controls over 2.5 years to the end of November 2017. The bank is a subsidiary of a Qatar-based Islamic bank, and provides Sharia compliant savings, finance and current accounts to a range of customers, including many from member states of the Gulf Cooperation Council. It also provides secured lending arrangements to UK personal and business customers for the purpose of acquiring real estate, and set up a branch in 2015 specifically to target HNW and UNHW customers. FCA discovered the failings in the course of a supervisory visit, as a result of which the bank agreed not to take on further high risks customers until it had improved its systems and controls.
FCA found that:
- the bank’s EDD policies and procedures were lacking – and included reliance on due diligence carried out by others in circumstances where it knew the UK standards would not be met, and in breach of its own policies;
- the bank failed adequately to carry out source of funds and source of wealth checks;
- the bank also failed to carry out appropriate monitoring – including a 300 client backlog on periodic KYC reviews;
- where transaction reviews noted that further EDD was needed, this was not done;
- the failings were exacerbated by lack of proper staff training on how to handle large cash deposits, despite the bank having identified this as a high risk area;
- no internal audit of the bank’s financial crime unit was carried out between 2009 and 2017; and
- the bank knew of the weaknesses and had not implemented effective changes to fix then, even though FCA had raised concerns with it in both 2015 and 2017.
The voluntary requirement on the bank was lifted after it made progress following a Skilled Persons review, but is still subject to a limited business restriction until it automates some of its processes.