Royal Bank of Scotland fined £5.6m for anti-terrorism system failures

The Financial Services Authority (FSA) has fined the Royal Bank of Scotland Group (RBSG) £5.6 million for failing to have adequate systems and controls in place to screen transactions under Money Laundering Regulations.

Under Money Laundering Regulations, banks must have proper systems in place to screen customers and payments against the Treasury List. This is a list of individuals and entities that are subject to financial sanctions. The law requires firms to not provide funds or financial services to designated persons unless a licence is obtained from the Treasury.

However, during the period between 15 December 2007 and 31 December 2008, RBSG, which includes RBS, Natwest, Ulster Bank and Coutts & Company, was considered to be in breach of the regulations for a number of failings, including weaknesses in its screening software, which was implemented in 2006.

Although the group was unable to provide a breakdown of the volumes of payments and SWIFT messages that were not screened during this period, the FSA said that data for one day in July 2009 indicates that around 75 percent of all inbound and outbound messages would not have been screened in the relevant period.

In its decision notice, the FSA said it considered the banking group’s failings to be particularly serious because: “Unless they have in place robust systems and controls, UK financial institutions risk being used to facilitate transactions involving sanctions targets, including financing.

“Small amounts of funding could be sufficient to finance terrorist activities and hence the sanctions-related systems and controls implemented by firms need to be robust enough to capture such payments.”

The FSA found that after RBSG initially set up the screening systems, it failed to routinely review and monitor the ‘fuzzy matching ‘ capabilities in the screening software. This meant that the fuzzy matching parameters, which refers to the ability of screening software to identify names similar to those on the sanctions list, became out-of-date and therefore become significantly less effective at identifying potential matches.

1 2 Page 1
Page 1 of 2
9 steps to lock down corporate browsers
Shop Tech Products at Amazon