The FCA has written a Dear CEO letter to firms that carry out trade finance business.
On Thursday, 9 September 2021, the FCA and PRA published a critical and hard-hitting Dear CEO letter, reiterating their expectations of firms operating in the trade finance space.
The letter struck a firm tone from the regulators. It referred to the slew of high-profile scandals that have made headlines over the past year and a half. These scandals are linked to what the FCA and PRA called
- "failures of commodity and trade finance firms" to rectify "significant issues relating to both credit risk analysis and financial crime controls" and resulted in "significant financial loss".
The letter tells Firms to conduct a full financial crime risk assessment of their activities to detect any exposure to sanctions evasion, terrorist financing, money laundering and fraud threats.
The purpose of this letter is to
- Reiterate FCA and PRA expectations of firms when undertaking trade finance activity.
- Both the FCA and PRA have expectations for trade finance activity, reflecting their respective remits.
- The expectations set out in this letter are not exhaustive and should be considered alongside relevant rules and guidelines such as Joint Money Laundering Steering Group guidance, the PRA Rulebook and the FCA's Financial Crime Guide.
- There is also an action for your firm to carry out a financial crime risk assessment, detailed below.
- During the past 18 months, commodity and trade finance firms have had several high-profile failures with significant financial losses.
- There are inherent risks within trade finance activity, given that it can be complex, global and the large volumes of trade flows utilising multiple currencies.
The FSA say
- Firms need to demonstrate that they have taken a risk-sensitive approach to their control environment that ensures the relevant risks are effectively mitigated.
- After recent assessments of individual firms, several significant issues relating to credit risk analysis and financial crime controls have been seen
- These issues have exposed firms to unnecessary risks that are material in both conduct and prudential context.
What they say
- Risk Assessment
- In our reviews to date, we have found that there is often insufficient focus on the identification and assessment of financial crime risk factors, such as
- The risk of dual-use goods or
- The potential for fraud.
- In other instances, firms
- Have not adequately evidenced their assessment of mitigating controls or recorded the rationale to support conclusions drawn on the level of residual risk to which the firm is exposed.
- At the client risk level, assessments have been too generic to cover the different types of risk exposures that may exist in trade finance client relationships, such as the industry or jurisdictions in which the client operates.
- The client risk rating will impact the level of due diligence required for individual trade finance transactions, and firms should also consider the risks presented by the specifics of the transaction itself, including any apparent transaction-specific "red flags".
- We have found that firms have either
- Failed fully to assess these risks, are unable to evidence the checks they have undertaken, or
- In some cases, discounted them inappropriately.
- Failure to assess or understand these risks can lead to insufficient due diligence being undertaken, such:
- As additional pricing checks or
- Using tools such as vessel tracking and
- Independent document verification.
- We have seen examples of how failing to conduct these checks can lead to exposure to suspicious activity.
- As a firm that undertakes trade finance activity, you should, if you have not already,
- Undertake a holistic assessment of the associated financial crime risks.
- These risks include:
-Terrorist financing and
10. The Money Laundering Reporting Officer (SMF17) should be responsible for:
- Ensuring that the assessment is subject to appropriate governance, oversight and challenge.
11. In carrying out this assessment, we expect your firm to also consider the issues raised in this letter.
- The assessment should be clearly documented within the business-wide financial crime risk assessment and should identify the types of customers or transactions where enhanced due diligence is needed.
12. In future engagement with your firm, we may ask to see the risk assessment you have carried out and any follow-up action undertaken as a result.
- In line with the PRA's regulatory expectations, we expect firms to undertake appropriate credit analysis of all trade finance counterparts prior to formal credit limits being put in place.
- This analysis should include all parties with an interest in the transaction and not be limited to the borrower i.e. the end-buyer, credit insurer and other parties, where relevant, should form part of the analysis.
- A firm's policies and procedures should set out clearly when it may be appropriate to conduct due diligence on other parties. For example,
- Counterparty checks can help in identifying related parties or adverse media, and
- Verify the rationale for the transaction.
- We identified examples where firms had facilitated transactions
- With no sensible business rationale given the jurisdictions, or industry of other parties involved in the transaction.
- This could be an indicator of fraudulent activity, collusion or money laundering.
- Firms should also consider whether the activity is in line with the expected activity of their client and previous interactions with the parties to the transaction.
- Prior to individual transactions being approved, we expect firms to determine if further specific analysis is required. This should include, but not be limited to,
- Consideration of the financial and non-financial risk on the end-buyers and the rationale for the transaction.
- Firms should identify instances of higher risk which require enhanced due diligence.
- Conducting a more structured assessment of risks and red flags, as well as clearly defined policies and procedures, helps trade finance specialists in the business to identify transactions that require additional due diligence or escalation to the second line.
- Firms should ensure there is adequate oversight of the work being undertaken, to ensure that the firm's policies and controls are operating effectively.
- This could include monitoring the discounting of red flags, transaction approval rationales, and the quality of escalations from first-line business functions or trade finance operations teams.
- Where the end-buyers represent the primary source of repayment under the transaction, prudent risk management is likely to include obtaining formal written acknowledgement from the end-buyer that the amount due and payable under the trade finance transaction is payable to the financing firm, and not to the borrower.
- For transactions involving credit insurance arrangements, best practice would be for a firm to seek formal confirmation that they are explicitly identified as a loss payee for risk insurance cover on non-payment of debts by the end-buyers and that the firm is in compliance with any requirements set out in the insurance agreement.
- Robust risk management would ensure that the security is appropriately valued, perfection of security is correctly applied, appropriately maintained, including in respect of segregation as well as consideration of how to realise the underlying security in the event of non-payment.
Read the letter