Credit Suisse financial crime failure puts Anti-Bribery and Corruption Risk Assessments under FCA scrutiny
The UK regulator imposed the penalty on Credit Suisse in a final notice on 19 October 20201 after it determined the institution had:
- Breached its obligations to establish, implement and maintain adequate systems and controls to counter the risk of being used to facilitate financial crime,
- Failed to act with due skill, care and diligence to adhere to the systems and controls they had put in place, and
- Not properly assessed, monitored and managed the risk of financial crime.
The FCA has stated:
- Credit Suisse lacked a financial crime strategy for the management of those risks, which was exemplified by the under-resourcing of its EMEA financial crime compliance team and procedural weaknesses in its financial crime risk management.
- That between 1 October 2012 and 30 March 2016 ("the Relevant Period") Credit Suisse failed to meet these obligations, breaching
- Principle 3 (by failing to take reasonable steps to manage and control its affairs),
- SYSC 6.1.1R (by failing to maintain adequate policies and procedures to counter the risk it would be used to further financial crime) and
- Principle 2 (by conducting its business without skill, care and diligence).
- In the Relevant Period Credit Suisse failed to sufficiently prioritise the mitigation of financial crime risks, including corruption risks, within its Emerging Markets business.
In its final notice The Financial Conduct Authority (FCA) has pledged to:
- "Pursue serious financial crime control failings by regulated firms" after it fined Credit Suisse International, Credit Suisse Securities (Europe) and Credit Suisse AG a total of more than £147m,
Credit Suisse said it has:
- "Already taken decisive steps to strengthen its relevant governance and processes".
The FCA's final notice highlights their view that:
- Risk factors need to be considered not only individually but holistically, ensuring that all the threads of intelligence within an organisation are pulled together to determine risks and mitigation measures."
The case relates to:
- Loans and a bond exchange worth over $1.3bn, which the bank arranged involving the Republic of Mozambique between October 2012 and March 2016.
- These loans and bond exchange were found to be tainted by corruption.
According to the FCA,
- Due diligence carried out by Credit Suisse identified risks with a contractor involved in the transactions.
- This contractor paid significant kickbacks, estimated at over $50 million, to members of Credit Suisse's then deal team.
- Those individuals took steps to conceal the kickbacks, but the FCA found fault with Credit Suisse's control functions and said that there were enough red flags for the institution to have identified the risk of bribery and acted.
The FCA said that Credit Suisse
- Failed to prioritise the mitigation of financial crime risks, including corruption risks, within its emerging markets business sufficiently.
- In addition, it identified inadequacies in its financial crime strategy for the management of those risks.
The FCA fine is part of an approximate $475 million global settlement that Credit Suisse has agreed that also involves the US Department of Justice, the US Securities and Exchange Commission, and the Swiss Financial Market Supervisory Authority (FINMA). As part of its settlement with the FCA, the institution has undertaken to
- "Forgive $200 million of debt owed by the Republic of Mozambique".
Anti-bribery and corruption expert Neil McInnes of Pinsent Masons, the law firm behind Out-Law, said:
- "The FCA's final notice highlights their view that risk factors need to be considered not only individually but holistically, ensuring that all the threads of intelligence within an organisation are pulled together to determine risks and mitigation measures.
- Corruption red flags will often be - rather than direct evidence of corruption or bribery - apparent from the context of the transaction, sector, jurisdiction and counterparty.
- Effective compliance programmes should ensure risks factors and red flags are consistently and sufficiently investigated, challenged and scrutinised."
Read article here
PINSENT MASON BRIEFING NOTE