Enforcement action

FCA fines round-up

FCA regulatory fines for 2018 now total  £4.8m. The following fines and related enforcement actions have been announced in the past month:
 

One Call Insurance Services Limited The FCA’s provisional Decision Notice in respect of One Call sets out that the FCA has decided to fine One Call £684,000 and impose a restriction on One Call for 121 days from the date the Final Notice is issued, so that One Call is restricted during that period from charging renewal fees to its customers, which is anticipated to cost the firm approximately £4.6 million.

One Call failed to arrange adequate protection for its client money, breaching Principle 10 of the FCA’s Principles for Businesses and the Client Money Rules. Between January 2005 and September 2014, One Call received money, in the course of its activities as an insurance intermediary, which was client money under the Client Money Rules. One Call was therefore required to ensure it protected that client money, by complying with these requirements. In the FCA’s view, it failed to do so because firstly, it failed to appreciate that certain Terms of Business Agreements it wrote business under did not provide effective risk transfer and failed to operate its client money account in accordance with the Client Money Rules. Secondly, from 1 December 2009, One Call failed to treat funds advanced by a third party premium finance provider in respect of years two and three of an annual motor policy with a subsequent two-year renewal price guarantee as client money.

As a result, One Call inadvertently spent client money, resulting in a substantial client money deficit of £17.3 million, (which it has subsequently repaid) and exposing customers to a significant risk of loss. The FCA believes that One Call inadvertently used sums from its client money bank account to finance its own working capital requirements and make payments to directors etc.
John Lawrence Radford Mr Radford was fined £468,600 and prohibited from having any responsibility for client money and / or insurer money in relation to regulated activity in financial services.

Mr Radford was responsible for client money at One Call between January 2005 and September 2011 and personally responsible for ensuring One Call complied with regulatory requirements in this context. He was also the Chief Executive and a director of One Call. As such he failed to ensure that One Call established robust systems and controls for assessing whether effective risk transfer agreements with insurers were in place so that if any client money shortfalls arose as a result of One Call’s failure, insurers rather than customers would bear this risk. This meant he failed to identify that One Call had placed a small volume of insurance business under agreements which did not provide for effective risk transfer and the money in question should therefore have been treated as client money.

In addition to the fine, the FCA has decided that Mr Radford is not fit and proper to have any responsibility for client money or insurer money in the context of regulated financial services. This is on the basis of his lack of competence to perform such functions.
Alistair Rae Burns A fine of £60,000 and a general prohibition from performing any senior management function and any significant influence function in relation to any regulated activities carried on by any authorised or exempt persons or exempt professional firm for breaches of APER 7 and FIT related to conflicts of interest, a lack of fitness and propriety and mis-selling in the investment adviser and pensions sector.

In a Decision Notice dated 22 July 2016, the FCA notified Mr Burns that it had decided to impose on him a financial penalty given its finding that as director of TailorMade Independent Limited (“TMI”) he had failed to take reasonable steps to ensure that TMI complied with the relevant requirements of the regulatory system (in breach of Statement of Principle 7). TMI failed to give adequate personal recommendations to customers in relation to the transfer of their pension benefits into Self Invested Personal Pensions (“SIPPs”), and failed to manage fairly and clearly disclose material conflict of interest to its customers, including on the part of Mr Burns personally.

This Final Decision Notice follows the Upper Tribunal’s written decision on the referral made by Mr Burns.

Information Commissioner’s Office (ICO) fines round-up

The ICO issued Equifax Ltd with a £500,000 fine for failing to protect the personal information of up to 15 million UK citizens during a cyber-attack in 2017. The incident, which happened between 13 May and 30 July 2017 in the US, affected 146 million customers globally.

The ICO investigation found that, although the information systems in the US were compromised, Equifax Ltd was responsible for the personal information of its UK customers. The UK arm of the company failed to take appropriate steps to ensure its American parent Equifax Inc, which was processing the data on its behalf, was protecting the information.

The investigation, carried out in parallel with the FCA, revealed multiple failures at the credit reference agency which led to personal information being retained for longer than necessary and vulnerable to unauthorised access.

charles.portsmouth@moorestephens.com