SMCR+ View – A Massive Q3 Round-up 2025

It’s been a while, but with the Leeds Reforms and flurry of Consultation Papers (here, here, here and here) and the extensive engagement we’ve had with clients, the PRA, and the FCA, we have been prioritising our responses to these. It does mean this is a mammoth edition, particularly given the FCA didn’t seem to take much of a summer break this year! One thing’s for sure; this edition is a good reminder of why we typically publish monthly – we won’t be leaving it so long again!

Before you make a strong cup of coffee and tuck into this edition, there are a couple of immediate asks from us:

1. I and a number of our cross-practice SMCR / “regulated people” team will be in New York the week commencing 6 October. If any of our readers would like to discuss the content from any of our recent SMCR+ Views or broader UK employment and investigation trends when we’re out there, we’d be delighted to come and see you and/or your US colleagues. Do get in touch.

2. Please take some time to complete this short survey, which will form part of our response to the SMCR Consultation Papers. All responses will be aggregated and anonymised. If you’d like us to share the results with you, please leave your name and email at the end. It’s only 5 questions long, so it should be speedy!

This round-up of updates covers the following – if there’s anything of particular interest, please reach out – we’d love to help.

• The FCA removing the requirement to submit nil returns for REP008 notifications, effective 1 August 2025.
• Examples from the FCA of good practice and areas of improvement when it comes to authorisation and registration applications.
• The FCA’s consultation paper bringing regulated cryptoasset activities in scope of the FCA Handbook, including the SMCR.
• FCA and PRA whistleblowing disclosure metrics and operating metrics.
• Key findings from the FCA’s multi-firm review of wholesale banks across gifts and entertainment, off-channel communications and transaction governance.
• Other updates, including the latest Market Watch, observations from the FCA’s review of algorithmic trading controls across Principal Trading Firms, and some SMF-specific updates, including one for MLROs in relation to the treatment of Politically Exposed Persons (“PEPs”), one for SMF 24s in relation to the PRA’s 2024 cyber stress test, and one for SMF 2s in relation to supervisory expectations regarding significant risk transfer (“SRT”) transactions.
• The latest enforcement actions, including a Final Notice for breaches of the Individual Conduct Rules and Senior Manager Conduct Rules resulting from providing incorrect and misleading information to the FCA, and a Decision Notice in relation to failures to act with due skill, care and diligence.

1. FCA - Removal of requirement to submit a nil return REP008 and RMAR changes

Hurrah! The requirement to submit nil REP008 returns has been removed. Firms will still see the REP008 form appear in RegData annually, but if firms have no Conduct Rule breaches to report then it will be removed from the firm’s schedule and will not show as overdue. This change follows the publishing of the FCA’s Handbook Notice 132, and the FCA webpages on this are here and here.

In the FCA’s Quarterly Consultation Paper (CP25/24), the FCA is proposing to reduce the frequency by which certain sections of the Retail Mediation Activities Return (“RMAR”) have to be submitted. Of note for SMCR+ View is that Section G regarding Training & Competence will only need to be submitted annually.

2. FCA – Authorisation and registration applications

The FCA has published examples of good practice, and areas for improvement when it comes to applications they have seen. Of note for SMCR+ View is the emphasis placed on firms to ensure that the firm has staff with appropriate skills, experience, and capacity to provide the relevant financial service. In particular, firms need to have a clear ownership structure chart, recognise gaps in their resourcing and be upfront about how they will be filled and when. The FCA state that some firms have included plans for recruitment, while others provided their skills gaps analysis, with detailed plans to upskill existing staff in a reasonable period after authorisation or registration. The FCA states that firms need to demonstrate how individuals holding multiple responsibilities will have time to competently perform their roles, and how their time will be split. Firms need to also prove that they have a meaningful commitment to doing business in the UK and evidence the eligibility of staff to work in the UK. Finally, the FCA highlight the importance of demonstrating clear reporting lines and explaining in policies how their decisions are made in the UK when operations are located overseas.

We support many firms with their authorisation applications and applications for varying their permissions. If we can support you with this, please let Amy Sumaria (Managing Associate) know.

3. Cryptoasset Firms – Welcome to the SMCR!

We’re about to have a whole new set of readers! Last week the FCA published its much anticipated consultation paper (CP 25/25) on the application of the FCA Handbook to regulated cryptoasset activities. For a full debrief please see Crypto View here. Of note for SMCR+ View, the FCA are proposing to apply the Systems and Control (“SYSC”) sourcebook to cryptoasset firms, as well as related regulatory frameworks, which means new governance, whistleblowing, conflicts of interest and SMCR requirements will apply.

Why is the FCA doing this? One reason given in the paper is the FCA’s observation that cryptoasset firms often do not have clear and appropriate apportionment of responsibilities, and responsibilities are often concentrated in a few key individuals who are not constructively challenged. This then results in a failure to identify and assess risks, and the FTX and SBF’s scandal is referenced as an example of such governance and conflict of interest failings.

In terms of specifics? The FCA has suggested in CP 25/25 that the Enhanced firm categorisation will apply to the largest most significant cryptoasset firms (e.g., the top 1%) and no cryptoasset firms will be considered ‘limited scope firms’ (i.e., subject to the least onerous provisions). For ‘traditional financial services firms’, Enhanced firm categorisation will bring a firm within scope of SYSC 15A and the operational resilience requirements. The position is different for cryptoasset firms where the FCA are proposing to apply SYSC 15A regardless of the firm’s SMCR categorisation.

The FCA isn’t proposing sector specific SMF roles or Prescribed Responsibilities – rather, these will likely match those in existence currently which are meant to be business model agnostic. The Certification Regime is going to be amended such that the client dealing function, proprietary trading function, and potentially others (e.g., algorithmic trading function) include individuals performing certain regulated activities in relation to cryptoassets / stablecoins. The fitness and propriety requirements and Conduct Rules will apply in the same way that they do to other firms currently.

How does this tie in with the rest of the SMCR Consultation Papers? The FCA has said that cryptoasset firms will become subject to the SMCR requirements that exist currently, but that such firms should engage with the current consultations as final changes will be reflected in future policy updates.

Very interestingly, the FCA has said that it is considering letting cryptoasset firms submit a ‘modification by consent’ to temporarily waive Handbook requirements which the FCA considers may be shortly rescinded. We last saw modifications by consent in relation to the SMCR during the COVID era, but it will be interesting for ‘traditional financial services firms’ to consider which requirements the FCA think will be shortly rescinded and whether there is any appetite from the FCA to allow firms to waive the requirements also!

The Consultation in relation to the above topics (among others) closes on 12 November 2025, and the FCA will publish its Policy Statements in 2025, as per the Crypto Roadmap.

We have been advising firms on the implementation of the SMCR for almost a decade, and we have supported on numerous implementation projects. We have a very deep understanding of the regime and broader governance requirements and we have a ready to go SMCR Toolkit, so please do get in touch with Amy Sumaria (Managing Associate) if you’d like to discuss the regime in more detail.

4. FCA and PRA – Annual Report on Whistleblowing Disclosures

The FCA's annual report on whistleblowing disclosures for 2024/2025 indicates that the FCA received 1,131 whistleblowing reports in 2024/25. 685 related to Compliance, 478 related to fitness and propriety and 355 related to consumer detriment. The PRA and BoE also published their annual report on whistleblowing disclosures for 1 April 2024 to 31 March 2025, indicating that they received a total of 264 disclosures which were subject to assessment. 32 of the whistleblowing reports received were subject to significant regulatory or supervisory activity, and 76 are currently subject to ongoing supervisory assessment.

We have a sophisticated cross practice employment, regulatory and contentious regulatory and investigations team that regularly support firms in relation to whistleblowing matters - do reach out to Penny Miller (Partner), Amy Sumaria (Managing Associate), Andrea Finn (Partner), Olly Jones (Partner), or Emma Sutcliffe (Partner) for more details.

5. PRA and FCA - Operating Metrics (SMF Applications)

The PRA has published its second report on its secondary objectives, covering the period of June 2024 to June 2025. Buried in the report the PRA states that it received 1,120 Senior Manager applications in this period, with 100% closed within the statutory deadline of three months. There were no refusals, but 60 withdrawals. The FCA has also published its operating metrics for 2024/2025, which shows that 99.5% of approved person applications were responded to within the 3 month timeframe. While these statistics are encouraging, with the Treasury’s proposal to reduce the statutory time frame that the FCA and PRA have to process applications from 3 to 2 months, we may see those numbers start to worsen!

These figures are also interesting in light of the House of Lords’ Financial Services Regulation Committee’s (“FSRC”) latest report published in June 2025 which raised slow authorisation processes as a concern. Whilst the FSRC note that the metrics published by the regulators show progress, this may not necessarily reflect the experience of firms due to the exclusion of the intervals when further information is required. The Report also focusses on the need for the Government, FCA, and PRA to reduce regulatory burdens, overlaps and duplication – we will be making a number of points in relation to the SMCR as part of our responses to the consultation papers.

We have supported many firms with their Senior Manager applications and we’ve recently seen a personal record of an individual being approved within 8 working days! Let us know if we can support you with your applications.

6. FCA - Wholesale Banks - Findings from the FCA’s multi-firm review

The FCA published a number of reports detailing its findings across a range of different topics, including gifts and entertainment, off-channel communications, and transaction governance, with a particular focus on conflicts of interest. This will primarily be of interest to Senior Managers at banks who have responsibilities relating to these areas. However, other firms and Senior Managers may also be interested in the key observations highlighted by the FCA:

• Gifts and entertainment (“G&E”): The FCA reviewed a sample of G&E registers from wholesale banks and wholesale brokers over a four-month period, together with associated gifts and entertainment policies. The FCA found that most entries on registers involved entertainment rather than gifts, with a notable discrepancy between the entertainment recorded as received by wholesale banks and that reported as given by brokers. The FCA asks firms to consider whether their G&E policies and procedures are clear and effective, why groups of employees are failing to record G&E, whether breaches are concentrated in specific areas, and whether undeclared G&E has given rise to negative outcomes for clients or markets.

• Conflict of Interest Registers: From the FCA’s review of a sample of conflict of interest registers and breach data, it found that one firm had not updated the register to reflect changes to the business in three years and suggested “senior management” may wish to challenge this. Breach data primarily involved internal policy violations. The FCA suggests that if a firm has not recorded any breaches for a prolonged period of time (e.g., 3 years) then this may suggest weaknesses in controls and might be something to consider and challenge.

• Off-Channel Communications: The FCA published its off channel communication findings. While all firms reviewed had made improvements, breaches of internal policies continue to occur across all staff grades, with 41% involving individuals at the director grade or above (i.e., senior individuals). The FCA’s findings focus on four key areas: (1) systems and controls – good practices identified include updating policies to include new technologies, streamlining processes for employees to self-disclose off-channel messages, having a prohibition on personal numbers being put in out-of-office replies, and establishing a dedicated helpline to guide staff on off-channel communications with common questions incorporated into training programmes, (2) surveillance – good practices include updating surveillance terminology to ensure things like “channel hopping” are identified, and using trend analysis across employees to identify any unusual behaviour, (3) third party vendors – strong oversight of vendors and the quality of services provided is critical, and (4) management information (“MI”) – comprehensive MI needs to enable oversight bodies to analyse the root causes of trends and issues. Poorer MI focussed only on breach metrics.

• Transaction Governance: The FCA’s review did not identify any widespread weaknesses. Most firms had a good understanding of their transaction governance structure, but the FCA found that some banks demonstrated more robust processes than others in relation to risk appetite statements (and financial risks were more comprehensively covered than non-financial risks and reputational risk, particularly). In relation to reputational risk appetite, best practice involved firms setting out their appetite in detail, defining it qualitatively and quantitatively, with clear escalation thresholds and risk appetite monitoring. This avoids, in the FCA’s view, a risk of inconsistent decision making and ineffective oversight by senior management. The pre-committee stage was identified as often being critical for deal screening and deal rejections, for identifying risks, mitigants, and conditions, among other things. The FCA observed early-stage discussions and informal processes were often poorly documented and that Senior Managers may wish to consider this carefully, as records of these discussions can provide valuable reference points for future decisions.

  Committee chairs were either independent first-line, or second-line representatives, thus avoiding conflicts of interest. Better deal memos did not act as a checklist, but included a thorough risk assessments conducted by the first line that was subject to robust challenge by the second line. Senior Managers should consider what data should be included in email approvals and which transaction types are suitable for offline review, given the benefits of committee discussions for challenge and documentation. MI provided to senior executives and the Board should be timely and cover reputational risk.

Please do reach out to Alex Ainley (Partner), Penny Miller (Partner) or Amy Sumaria (Managing Associate) if you have any questions.

7. Other updates:

• Market Watch 83: This covers market soundings, and personal account dealing (“PAD”). In this edition, the FCA has observed in its reviews that in some cases staff trade before receiving approval, compliance do not do sufficient checks before granting approval or following up on PAD breaches, or firm holding periods. The FCA states that this sometimes occurred with the consent of senior members of the business. It’s worth Senior Managers and senior members of the business noting this and ensuring that adequate arrangements are in place and that the tone from the top is sufficiently strong in order to embed a good compliance culture.

• FCA Handbook Notice 131: Minor amendments in this FCA Notice remove the requirement for UK special purpose vehicles to allocate the Compliance Oversight Function (SMF 16). The FCA has also made minor amendments to the Training and Competence Sourcebook to update the qualifications table and the definition of an “accredited body” to reflect that two organisations (CBI and CFA UK) will cease to be recognised as accredited bodies. Both of these changes came into force on 27 June 2025.

• FCA – Multi-firm review of algorithmic trading controls: As anticipated in the FCA’s Dear CEO letter to Principal Trading Firms (“PTFs”) back in August 2023, the FCA published its high level observations from its multi-firm review of algorithmic trading controls. Key points include that policies and procedures should by up to date (with key policies linked/referenced to in self-certification), compliance needs to have the technical understanding to be able to provide effective challenge, comprehensive inventories should be maintained; firms should have formalised procedures for deploying trading algorithms. All firms subject to the review by the FCA received individual feedback, with the FCA using attestations in some cases to ensure progress is made against the requirements (another example of the FCA increasingly turning back to attestations after what felt like, to us at least, a lull). The FCA encourages firms (and by extension responsible Senior Managers) to consider the findings in light of their own algorithmic control frameworks, noting that this is an area the FCA will continue to focus on. If you have any questions, please reach out to Darren Fox (Partner) and Amy Sumaria (Managing Associate).

• For MLROs - FCA Finalised Guidance (FG 25/3) on the treatment of politically exposed persons (“PEPs”) for AML purposes: Following the FCA publishing its findings back in July 2024 on the treatment of PEPs for AML purposes (you can find a recap in our SMCR+ View here), the FCA has now published its finalised guidance. Amongst other things, this makes changes to the senior management approval process for signing off business relationships with PEPs, family members or known close associates and clarifies the role of the MLRO in the opening of PEP accounts. FG 25/3 notes that while lower-risk situations could be signed off by a suitably senior person other than the MLRO, the MLRO must retain oversight of the overall process, including awareness of any PEPs onboarded or rejected by the firm and ensuring appropriate policies and procedures are in place.

• For SMF 24s - PRA letter setting out thematic findings from its 2024 cyber stress test: The PRA's letter outlines its findings from the cyber stress test held in 2024. This was a voluntary test which asked providers and users of wholesale services to model the impact of a suspected cyber-attack affecting transaction settlement. The PRA outlined a number of areas of focus, including the impact of decisions on financial stability, mitigating operational, confidence and financial impacts on financial stability, impact of disconnection and best practice reconnection processes. The PRA expects relevant firms to consider the implications of the findings on their business and reflect on how planning and preparation for potential financial stability scenarios can be improved within a cycle of continuous improvement.

• For E-Money and Payments Firms – FCA Multi-Firm Review of Risk management and wind-down planning: This new webpage contains a number of findings and notes that no firms fully met the FCA’s expectations. The FCA therefore expects firms to compare the findings with their internal arrangements to establish whether they are meeting existing expectations – you can find a full summary of the findings in our Payments View here. If you have any questions please contact Oliver Irons (Partner) or Elizabeth Blair (Supervising Associate).

• For SMF 2s – PRA Policy Statement (PS 12/25) on Restatement of CRR and Solvency II requirements in PRA Rulebook: The PRA in its Consultation Paper CP 13/24 proposed to strengthen supervisory expectations regarding senior management’s role in overseeing significant risk transfer (“SRT”) transactions, by specifying that the SMF 2 or the Senior Manager holding the relevant Prescribed Responsibilities should be accountable for the oversight and approval of features affecting risk transfer and capital reduction, with SRT notifications including attestations from these Senior Managers regarding the accuracy and completeness of the information provided and that SRT had been achieved. Following feedback received, the PRA in its Policy Statement clarifies that a Senior Manager, while retaining accountability for oversight and approval of these transactions, can rely on expert input and / or delegate the act of signing and submitting notifications, where this is consistent with the PRA’s expectations on reasonable steps and delegation. This will come into force on 1 January 2026.

• For SMF 4s of Life Insurance Firms – PRA Dear CRO letter on risks of using solvency triggered termination rights clauses in bulk purchase annuity transactions: The PRA has published a Dear CRO Letter which outlines the key findings of its review of these clauses and the PRA’s assessment of how firms are mitigating these risks. The PRA asks firms to consider the points raised in the letter, with the PRA confirming that it will engage with relevant firms on a case by case basis to understand how they intend to respond.

8. Enforcement Action

The FCA’s response to the recommendations made by the House of Lords Financial Services Regulation Committee includes some interesting nuggets as to the FCA’s current enforcement work. The FCA confirmed that in FY24/25, the FCA issued 37 Final Notices, secured 5 convictions, imposed financial penalties of over £186 million, and brought charges against 19 defendants. This comes at a similar time to the FCA’s updated Enforcement Information Guide, reflecting the changes made as a result of the new Enforcement Guide published earlier this year (see further details on our SMCR+ View in June 2025, and our Financial Markets Disputes View).

There was no lull in Final Notices over the summer - we have briefly summarised the key ones below. There’s been quite a lot of market abuse related cases recently!

• FCA Final Notice – Mr Abbasi: Another arguably obvious case of someone lacking fitness and propriety, which isn’t going to help firms with their more nuanced cases…Mr Abbasi, who previously held SMF roles, has been prohibited from holding functions in relation to regulated activities after being convicted of three counts of fraud by false representation, seven counts of forgery, and one count of making a false representation. The FCA determined in its Final Notice that Mr Abbasi lacks fitness and propriety on the basis that his convictions demonstrate a clear and serious lack of honestly and integrity.

• FCA Final Notice – Mr Alba: In this Final Notice, the FCA fined the former deputy CEO and SMF 27 of H2O AM LLP (“H2O”) £1,049,500 and prohibited him from working in the financial services industry for breaching Individual Conduct Rule 1 (act with integrity) and Individual Conduct Rule 3 (be open and co-operating with the regulator). This relates to the Final Notice published against H2O last year in relation to its investments in higher risk, illiquid assets without carrying on adequate due diligence or having risk management processes in place (you can find further details on this in our SMCR+ View here). The FCA found that Mr Alba had overseen and directed the retrospective creation of multiple records and minutes for governance and oversight committee meetings, many of which never occurred, and provided misleading due diligence reports to the FCA, which falsely appeared to be contemporaneous analysis of initial investment decisions but were actually prepared months after the investments were made. The FCA found that Mr Alba had deliberately and knowingly made multiple misleading statements, and, despite knowing the importance of due diligence timing to the FCA’s investigation, he failed to correct or amend the false and misleading statements and documents he had provided for the remainder of his employment at H2O.

• FCA - Decision Notice – Mr Woodford and Woodford Investment Management Ltd (“WIM”): The Decision Notice for Mr Woodford and the Decision Notice for WIM relate to failures in the management of the LF Woodford Equity Income Fund (“WEIF”). Mr Woodford held the CF1 (Director) and CF30 (Customer) approved persons functions for WIM, and was found by the FCA to have failed to adequately manage liquidity risk in the WEIF, holding a “defective and unreasonably narrow view of his responsibilities in terms of liquidity risk management”. The FCA alleges that Mr Woodford relied on pre-set metrics and limits without questioning their appropriateness or challenging WIM’s Risk and Compliance teams, and his investment decisions prioritised conviction over liquidity, leading to a significant deterioration in the fund’s liquidity profile, with more illiquid assets being acquired and more liquid assets being sold. The FCA also found that Mr Woodford had failed to oversee delegated administrative tasks or respond adequately to repeated warnings from Link, the fund’s authorised corporate director, about liquidity concerns. These failings ultimately led to the suspension of the WEIF on 3 June 2019, following a large redemption request, causing significant losses for investors. The FCA imposed a fine of £5,888,800 on Mr Woodford, deeming him not fit and proper and banning him from performing a senior management function or any function in relation to managing investments of a fund. The relevant period was pre-SMCR, hence no breaches of the Conduct Rules being found, but Mr Woodford was found to have breached Statement of Principle 2 (equivalent of ICR 2 (due skill, care, and diligence)) and Statement of Principle 6 (due skill care and diligence in managing the business of the firm). The FCA also imposes a fine of £40,000,000 on WIM. Both Mr Woodford and WIM have referred their respective Notices to the Upper Tribunal.

• FCA – Final Notice – Mr Markou: The name Markou has become somewhat familiar to the pages of SMCR+ View, with the last update in March this year where Mr Markou requested permission to appeal the Court of Appeal decision (which upheld the FCA’s decision to fine him £25,000 and ban him from performing a role within financial services as a result of his allegedly reckless failure to provide appropriate oversight over the mortgage business for which he was an approved person) to the Supreme Court. The latest twist? The Supreme Court has now refused the application for permission to appeal, and the FCA has now published its Final Notice, fining him £10,000 and banning him from performing any function relating to any regulated activity, marking the end for this SMCR+ View soap opera…

• FCA – Insider dealing prosecution: The FCA confirmed that it secured convictions against two individuals, Redinel Korfuzi and Oerta Korfuzi, for insider dealing and money laundering offences. Mr Korfuzi worked as a research analyst in an asset management firm, through which he had obtained confidential, price sensitive information for publicly traded companies, and conspired with Ms Korfuzi to use the confidential information to deal in the shares of at least 13 companies ahead of market announcements. This was in addition to the individuals receiving cash derived from the proceeds of crime.

• FCA – Upper Tribunal upholds Decision Notices: A number of the FCA’s Decision Notices have been upheld by the Upper Tribunal over the summer:

  • The FCA has published a Final Notice in relation to Mr Staley following the Upper Tribunal’s decision which upheld the FCA’s Decision Notice (first published in May 2023; a summary of which you can find here). This concludes that Mr Staley acted recklessly in approving the letter containing misleading statements about the nature of his relationship with Mr Epstein, and as such had acted in breach of Individual Conduct Rule 1 (act with integrity), Individual Conduct Rule 2 (be open and cooperative with the regulators) and Senior Manager Conduct Rule 4 (disclose appropriately any information which the regulators would reasonably expect notice). For those of you with eagle eyes, you may have seen in the FCA’s latest consultation paper on the SMCR that they are proposing to update some of the guidance around what amounts to a Senior Manager Conduct Rule 2 (must take reasonable steps to ensure that the business of the firm for which you are responsible complies with relevant requirements and standards of the regulatory system) and Senior Manager Conduct Rule 4 (must disclose appropriately any information of which the FCA or PRA would reasonably expect notice), which we can’t help but feel is slightly driven by this Final Notice (among others, of course).

  • The Upper Tribunal has also upheld the FCA’s decision to ban three bond traders (Mr Urra (desk manager), Mr Gonzalez (a director) and Mr Sheth (an associate)) for market manipulation, agreeing that the three individuals had used their positions as traders to undermine the integrity of the market by attempting to trick the market to benefit their own positions. We first covered these Decision Notices back in December 2022 – you can find further details in our SMCR+ View here.

  • The Upper Tribunal also upheld the FCA’s Decision Notices in relation to Mr Arden and Mr Donaldson for misconduct relating to Metro Bank and breaches of the Listing Rules (see further details in our SMCR+ View here). The FCA has now published Final Notices in relation to Mr Arden and Mr Donaldson, fining them £100,950 and £167,325 respectively. Again, these relate to a relevant period that preceded the SMCR and so no Conduct Rule breaches were found.

• To avoid making this SMCR+ View even longer, we’d suggest reading Financial Markets Disputes View for more information the Final Notices issued against firms recently. There are a number that have a governance flavour – e.g., the FCA’s Final Notice in relation to Monzo’s financial crime governance framework, this Final Notice in relation to Vocalink Limited covering matters like an inadequate three lines of defence model and poor governance and escalation processes, and the PRA’s Final Notice in respect of the London Branch of Barents Reinsurance S.A., fining it £1.785 million for failures in relation to internal controls, governance and reporting failures and a breach of the PRA’s Fundamental Rule 6 (a firm must organise and control its affairs responsibly and effectively).The breach relates to the firm becoming a branch following the end of the Brexit transition period, with the PRA finding that the firm had inadequately prepared for becoming a third country branch, which resulted in the firm failing to comply with certain rules in the PRA Rulebook. The FCA also found that the firm’s management failed to ensure that certain Internal Audit recommendations were implemented in a timely manner, including those in relation to outdated, in draft or non-existent policies, the business continuity plan not being finalised and no operational due diligence procedures for material outsourcing.

If you have any questions in relation to any of these enforcement actions, please reach out to Emma Sutcliffe (Partner) or Thomas Makin (Managing Associate).