The Financial Conduct Authority’s (FCA) Quarterly Consultation CP24-11 notes the introduction of criminal background checks for owners and controllers of financial institutions. This will entail obtaining DBS checks (or local equivalent for those based outside the UK) for those wishing to own or control regulated institutions. This change will help align UK standards with the Financial Action Task Force’s (FATF) recommendations to prevent criminals and their associates from owning or controlling financial institutions.
You may wonder if the FCA was not doing this already? Although the application forms have always requested information about criminal convictions, historically, the FCA did not routinely undertake criminal records checks nor require those applying for authorisation or changes in control to do so. This update seems to be prudent. There is minimal cost associated with this new requirement and criminals are wilier than ever when seeking to launder illicit funds and break international sanctions.
Indeed, in an age of disinformation where the public is exposed to illegal financial websites, social media influencers spout nonsense, founders of UK asset management companies bearing their names publicly deny culpability for misconduct, and justice is slow for financial and customer service failures, one may wonder if the Financial Services and Markets Act 2000 (FSMA) section 60 holds up to scrutiny.
FSMA Section 60 sets out requirements to be a “fit and proper” person to undertake specific roles within financial services. The FCA Handbook sets out matters for authorised firms to consider when considering the fitness status of their staff. These have always included the relevance of criminal and civil legal proceedings (whether or not convicted), and a willingness to comply with legal, regulatory, and professional standards.
The FCA FIT source book sets out the criteria for judging whether a person is fit and proper. There are three main criteria: financial soundness; competence and capability; and honesty, integrity, and reputation. The first two of these criteria are fairly easy to judge. Financial soundness relates to whether the person is associated with bankruptcy arrangements or subject to debts judgments that remain unsatisfied which can be confirmed by a county court judgment (CCJ) check. The competence test can be evaluated by exam results and evidence of satisfactory work experience. The honesty, integrity, and reputation test is far harder to quantify. Of course, there are several assessments for the last test including references and qualifications checks, internet searches for general information and disqualifications, and DBS checks.
The FCA continually tries to fine-tune firms' and personnel responsibilities with tweaks to rules to improve customer outcomes. Regulated firms have been through the introduction of the Principles (1990), the Approved Persons Regime (2000), The Walker review (2010), the Senior Managers and Certification Regimes (SMCR) (2016 and extended in 2019), The Code of Conduct (2016), vulnerable customers guidance (2021), the Consumer Duty (2022), and the clarification of non-financial misconduct in the Fitness and Properness test (2023). A myriad of conduct rules for dealing with governance standards and investment business conduct have also been implemented to ensure that firms and staff are fit and proper to deal with customers. The rule book is now weighty and complex with detailed regulations to meet these requirements.
Have these changes made any difference to bad actors? I will not argue for or against the effectiveness of the FCA in enforcing its rules or the quality of its staff in implementing those rules. I will maintain that these fitness rules are more important than ever, albeit the current complexity of overlapping regimes could be simplified.
In January 2025, the FCA's warning list shows 15,107 entities that may be targeting people in the UK who are not authorised by the FCA to conduct investment business in the UK. Many of these are FX, Crypto or pseudo-trading firms and some are clones of legitimate firms contacting people pretending to be authorised firms or other financial agencies (credit bureaus and the like) aiming to scam individuals. In the first three quarters of 2024, the FCA’s financial promotions data showed that following their intervention, 16,077 promotions by authorised firms were withdrawn or amended. The FCA also issued prohibition orders and fines totalling £176,045,385 in 2024 for all manner of breaches relating to financial crime, market abuse, failing to act with integrity, failing to be open and cooperative with regulators, failing to act with due care, skill and integrity, lack of fitness and propriety, and failing to disclose information to investors.
The DBS checks change is unlikely to be controversial and firms should see the checks as another part of their duty to maintain their fit and proper status. The new DBS check is part of the larger honesty, integrity, and reputation test, not just a "tick the box" exercise to demonstrate AML (anti-money laundering) compliance.
With all FCA regulations, it is important to look at the intention of the rule. The FCA will act so that it is in the interest of financial services for firms and their personnel to be fit and proper, providing a safe haven for customers and protecting them from criminals, fraudsters charlatans, and other bad actors. Indeed, regulated firms should realise the opportunities their fitness and properness checks provide to maintain good customer outcomes and counter the disinformation, fraud, and criminal behaviours of others.
March 2025