The FSA recently compiled and published a Consultation Paper that contains financial crime guidance for small firms, highlighting ways in which small firms need to protect themselves from becoming embroiled in data theft cases, fraudulent loans or corruption.
The guide is based upon all the research the FSA have carried out regarding system controls and good and poor practises within regulated financial services firms, including its 2010 ‘The Small Firms and Financial Crime Review’ – aimed at establishing the extent to which small firms across the industry addressed financial crime risks in their businesses.
The FSA, which supervises around 16,500 small firms, visited 159 of these across wholesale and retail sectors for the review. It covered three main areas – anti-money laundering/financial sanctions, data security and fraud controls – its new guidance highlights the weaknesses it found and gives guidance on improvement.
These include, among many other, simple failings such as no background checks before appointing staff, no checking of qualifications and references for staff and not knowing how to report to the Serious Organised Crime Association(SOCA).
In the first half of the year cases of identity fraud rose by 11 per cent and experts warned stealing someone’s personal and financial details was like ‘a licence to print money’.
Ray Cohen, managing director of Jackson Cohen, agrees: “Firms are being much more careful now than they were before – but that doesn’t mean attempted fraud isn’t up.
“It’s hard to measure but there is still a level of attempted fraud that comes consistently.”
Jonathan Newman, senior partner of Brighstone Law LLP, believes these types of crimes are definitely on the up, he says: “There is a significant rise in financial fraud. Downturn in the economy is one reason, but there are others. The computerisation of Land Registry records, the increase in distance transactions, the rise in non-owner-occupied properties have contributed to increased opportunity for the property-savvy fraudsters.”
Ray Cohen stresses that it may be difficult for small firms to keep up with high quality system controls as they don’t have a big fraud department, however the necessity is definitely there.
“Big issues are data protection – homeless people get paid ten pounds for any piece of data they can find in a rubbish bin or city dumpster – this is big business – ID fraud is one of the biggest growing crimes around and it doesn’t just apply to the mortgage industry, it applies across everything.”
Gavin Diamond, head of finance at Cheval, agrees these practises should be standard: “These guidelines are really just good business practises that should be adopted by all companies, whether they are FSA regulated or not.
“Each of our members of staff has a guide to our anti-money laundering prevention procedures and we run annual refresher seminars for all staff members.”
Recently there have been several high profile cases where the FSA, finding negligence, have fined companies.
They fined Willis Limited £6.895 million in July for failings in its anti-bribery and corruption systems and controls. In January it fined the Royal Bank of Scotland (RBS) and National Westminster Bank (NatWest) £2.8m for multiple failings in the way they handled customers’ complaints.
An FSA spokesperson said: “There is no cap on the amount we can fine a company or no minimum, although we do take the size of the firm into account and we look to fine proportionately to the size of the business.”
Even if firms aren’t regulated by the FSA they are still accountable to other bodies, such as the police, and the Information Commissioner’s Office (ICO).
A spokesperson for the ICO, which works alongside the FSA, outlined what they do: “The ICO has an important role in regulating the seventh data principle – security.
“The ICO has dealt with a number of companies in cases where data has been disclosed recklessly, leading to monetary penalty notices. In November 2010 a monetary penalty of £60,000 was issued to employment services companyA4e Limited for the loss of an unencrypted laptop which contained personal information relating to 24,000 people who had used community legal advice centres in Hull and Leicester.”
It is imperative, especially in times of financial unrest like these, to keep highlighting the fundamental need for a high standard of security and systems in place to protect small firms – and indeed their valuable reputations – from fines and embarrassment, not to mention legal implications, of being embroiled in very prevalent issues such as ID fraud and general financial crime.
For more advice visit the FSA’s website for the guidance in full.