In its response (7-page / 250KB PDF) to the Financial Services Authority (FSA)'s current consultation on the updated guidance, industry body the British Bankers' Association (BBA) said that the "fairly stark" language used by the regulator could "drive some firms to pursue good practice as defined by the FSA, and not the appropriate level of controls for their circumstances".
The BBA also called for more consistent use of terminology throughout the document to aid understanding, less cumbersome staff vetting procedures and more certainty with regards to the regulator's risk management expectations for firms.
The FSA proposed an updated version of its guidance on financial crime at the end of March after an investigation of ABC procedures at 15 regulated firms, including those of eight major global investment banks, revealed "a number of common weaknesses" including lack of adequate ABC risk assessment and poor management information. It has also refused to rule out taking further regulatory action on some of the firms it had investigated, which it has not yet named.
The regulator requires that firms establish and maintain effective systems and controls to mitigate the risks of financial crime, including bribery and corruption. The Bribery Act, which came into force in July last year, made companies with a presence in the UK liable for bribery by staff, intermediaries or "associated persons" anywhere in the world unless they have "adequate procedures" in place to prevent it.
The Bribery Act is enforced by the Serious Fraud Office (SFO) rather than the FSA, however the FSA may take action against firms that do not meet its rules regardless of whether any actual bribery has taken place.
The BBA said that its members felt that the majority of themes identified by the FSA within its proposed guidance were "areas where they have been actively implementing systems and controls".
Expecting firms to risk-assess every member of staff and third party it had a relationship with on an individual basis seemed out of proportion to the level of risk, the BBA said. It also requested further clarification of what "further responsibilities" would be expected of staff members who are 'politically exposed persons' (PEPs) or connected to such people.
"The BBA would suggest that a sensible approach is that firms should look to appropriately risk-classify categories or classes of staff, rather than every individual staff member. We would also wish further clarity on the specific criteria that the FSA envisages firms using to risk-assess staff for ABC risks," it said.
"Given the sheer volume of third party relationships and payment flows we think it is vital that a well founded risk-based approach is adopted as the overall level of due diligence applied will necessarily vary according to certain risk factors," it added. "In formulating guidance in this area the complexity of managing diverse third party relationships – which at any given time may run into the tens of thousands - should not be underestimated. By way of practical implementation it is therefore critical that firms focus their oversight efforts towards the areas of highest risk."
Bribery law expert Barry Vitou of Pinsent Masons, the law firm behind Out-Law.com, said that the BBA's suggestions were "very sensible".
"Although there are exceptions, broadly the FSA is taking quite a prescriptive approach to the systems and controls firms must introduce to reduce risk of financial crime," he said. "This contrasts with the Ministry of Justice guidance which is principles-based, including 'proportionate procedures'. A similar approach from the FSA would be welcomed."