The Report is the product of a review by FSA publicised in its “Dear CEO” letter of November 2007, in which it highlighted the unacceptable practices of wholesale insurance brokers in making illicit payments or inducements to third parties to win or retain business and required brokers to review those practices. In the period December 2008 to January 2010 FSA carried out a thematic review of 17 brokers to establish how they had planned, implemented and completed the reviews required by FSA’s letter and in September 2009 FSA produced its interim findings in that review. Click here for a copy of our Law-Now on those interim findings.
While publication of FSA’s report can be said to be the culmination of its review it might, more properly, be regarded as just the beginning. In the words of the report:
“As a result of this review and our concurrent casework, we have commissioned a skilled persons report to assess past payments to third parties made by a firm and issued a formal private warning to another after we became aware of a number of third party payments which were made without an adequate business case being established and documented. We are considering whether further regulatory action is required in relation to other individuals and firms and it is likely that there will be referrals to enforcement.”
The Report’s findings can be summarised as follows:
Governance and MI
Most brokers had senior managers tasked with responsibility for overseeing bribery and corruption risks. However, more than half of these did not understand the risks bribery and corruption posed to their businesses. Some brokers produced no MI on these risks, while in others it was insufficient. FSA is looking for a swifter, and more effective, management-led response to bribery and corruption events. This will involve clear division and documentation of responsibilities for managing these risks and regular updates to the Board, as well as considerations such as suitability of current IT systems for anti bribery and corruption purposes.
Risk assessment and Responses
FSA criticised a ‘one size fits all’ approach taken by firms to their systems and controls. This was incompatible with the expected risk based approach of giving more attention to higher risk jurisdictions, classes of business or third parties. FSA highlighted as good practice in this area, ensuring regular assessments of bribery and corruption risks under the control of a specific senior person and taking into account factors including the country and class of business involved.
Third Party Relationships: Due Diligence
FSA found the due diligence carried out on third parties, on the whole, very weak. In some cases only basic identity checks had been undertaken, while in others no due diligence had been carried out at all. FSA noted that third parties who provide services to refer, assist or facilitate the introduction of the client are likely to pose a higher risk of bribery and corruption. Brokers were cautioned to be on the look out for those introducing business from ‘high risk’ countries as well as any unusual requests made relating to the payment of commission.
FSA found the systems and controls relating to third party payment to be generally adequate. There were clear, risk-based payment authorisation procedures in place at ten firms visited, and there was only one firm with major shortcomings. FSA emphasised, however, that regardless of how apparently effective these systems were, they would be rendered ineffective if the underlying due diligence on third parties was of poor quality. Particular attention was drawn to the risks posed by adding new customers to the accounts payable systems, or making payments to third parties from these systems, when adequate due diligence had not been carried out. Concerns were also raised about the practice of giving and receiving gifts, especially those made in cash, in all circumstances.
Recruiting and Vetting of Staff
FSA expects firms to take a risk-based approach to recruitment and vetting, and to consider enhanced vetting of staff in higher risk positions. Examples of the positions highlighted in the Report as high risk include: brokers handling higher risk business involving third parties; accounts staff responsible for processing payments to third parties; and those responsible for approving or reviewing third party relationships. Periodic checks should also be carried out on any employment agencies used, to ensure they too are aware of the risks and complying with agreed vetting standards.
Training and Awareness
Only two of the firms visited had adequate staff training in place. FSA noticed that there was often a poor understanding of financial crime risk among senior managers and other relevant staff, as well as a poor understanding of the law. It is important for firms to focus on the supply of up to date training, with refresher courses, that gives practical examples of risk and how to comply with internal policies.
FSA found that, while these measures were not specifically employed to combat bribery and corruption, the use of balanced scorecards and bonus deferral were two remuneration structures likely to reduce risk. In particular, FSA reported that the incentive for brokers to cut corners or take risks when dealing with third parties would be reduced by deferral and claw-back schemes, regardless of the underlying motives for their use.
FSA asks firms to focus on the use of suspicious activity reports and whistleblowing procedures. Only four firms visited had ever submitted a Suspicious Activity Report, despite the FSA identifying a number of examples of high risk third party relationships that did not appear to have a clear business case during their review. Firms need to establish clear training procedures so that individuals know how to report suspicious activity relating to bribery and corruption. It is important to note that suspicions of bribery are caught by the money laundering legislation, obliging regulated businesses to report those suspicions.
Compliance and Internal Audit
The FSA views these functions as the key lines of defence against bribery and corruption. The review highlighted that some firms’ compliance and audit functions had never examined bribery and corruption or third party payment risk. Others had not carried out any routine, proactive work on anti-bribery and corruption beyond responding, in many cases inadequately, to external events such as FSA’s “Dear CEO” letter. FSA suggested that there be independent review of compliance’s operational role in approving third party relationships and accounts. In addition, when compliance and internal audit reviews are carried out these should challenge not only whether processes to mitigate bribery and corruption had been followed but the effectiveness of the processes themselves.
Overall, FSA found that improvements to anti-bribery and corruption controls following the “Dear CEO” letter had been too slow. While the Report does not have the status of formal FSA guidance, FSA has said that firms are now expected to implement and maintain more effective and appropriate controls where necessary.
The recent passing into law of the Bribery Act 2010 evidences the particular emphasis being given to anti bribery and corruption in the current climate; for our Guide to the Bribery Act click here.
Brokers and other regulated entities have additional regulatory responsibilities, however. FSA’s Report highlights responsibilities including the following:
- FSA’s Principles for Business which require firms to “conduct business with integrity” (Principle 1)
- FSA rules requiring firms to “… establish and maintain effective systems and controls … for countering the risk that the firm might be used to further financial crime” (SYSC 3.2.6R).
In its Report, FSA confirms that it considers its regulatory powers apply where it can show that a firm’s (or related third party’s) actions overseas have negatively impacted UK market confidence, where a UK firm, or its employees, pays a bribe to an overseas person, and where a UK firm fails to take reasonable steps to satisfy itself that third parties acting on its behalf are not making illicit payments to secure or retain business or are otherwise acting corruptly.
FSA has signalled that the prevention of bribery and corruption by insurance brokers (and other regulated firms) is an important area of focus for FSA and if regulated firms do not ensure proper controls and monitoring structures are put in place, FSA has made it clear this will lead to enforcement. In the warning words of Bob Ferguson, head of financial crime at the FSA, firms “should take an appropriate, risk-based approach to anti-bribery and corruption and failure to do so will result in us taking action against them”.
To access the Anti-bribery and corruption zone, click here.