The FCA has imposed a fine of £28,959,426 on Starling Bank Limited for deficiencies in its financial crime controls, specifically concerning its screening for financial sanctions.
Additionally, the bank has been found to have consistently breached a requirement prohibiting the opening of accounts for customers deemed high-risk.
The FCA noted that while the challenger bank's customer numbers soared from 43,000 in 2017 to 3.6 million in 2023, their measures of tackling financial crime "did not keep pace" with its growth.
During its 2021 review of financial crime controls at challenger banks, the FCA found significant deficiencies in the anti-money laundering and sanctions systems at Starling Bank (amongst others). Consequently, the bank agreed to cease opening new accounts for high-risk clients until it had significantly progressed its AML Enhancement Plan. Despite this, Starling continued to open accounts for approximately 49,000 high-risk individuals, totalling over 54,000 accounts, from September 2021 to November 2023.
Additionally, in January 2023, Starling became aware that its automated system for screening customers had been inadequately checking against only a limited segment of the complete sanctions list since 2017. The bank subsequently conducted an internal review, which uncovered fundamental problems within its sanctions handling framework. Following these discoveries, Starling has reported multiple suspected sanctions violations to the relevant authorities.
Therese Chambers, Joint Executive Director of Enforcement and Market Oversight, observed that the controls were "shockingly lax" and "left the financial system wide open to criminals and those subject to sanctions."
The bank has since implemented measures to rectify these violations and to improve its broader framework for controlling financial crime. They have rescreened transactions and conducted a thorough review of its customers' accounts, as well as introducing additional extensive safeguards to ensure compliance with the regulatory requirements.
Starling would have been fined nearly £41 million but qualified for a 30% discount under the FCA's settlement procedures.
Comment
In order to thrive and attract further rounds of investor funding, digital challenger banks and e-money firms need to generate significant levels of customer growth. This requires slick technology and a user-friendly customer journey but, as the FCA noted, there cannot be a trade-off between quick and easy account opening and robust financial crime controls. This case demonstrates the risks of financial crime controls not being fit to cope with high levels of growth.
Following the FCA's 2021 review, the regulator is devoting significant resource to scrutinising neobanks and e-money firms' financial crime controls. In many cases, action taken by the regulator (such as agreeing restrictions to the business) are not in the public domain. However, like in the case of Coinbase, where firms are not able to comply with agreed restrictions, the FCA can and will intervene in a very public way.
The FCA was keen to point out that the investigation of this case completed within 14 months, in contrast to the 42-month average for cases closed in the 2023/24 period. Readers with experience will recall that investigations leading to a settlement within 1 to 2 years were the norm in the early days of the FCA and for its predecessor, the FSA. The current Directors of Enforcement have made clear their intention to drive more expeditious outcomes to cases.