Final Notice

On , the Financial Conduct Authority issued a Final Notice to Barclays Bank plc

FINAL NOTICE

To:


Barclays Bank plc

E14 5HP

1
ACTION

1.1
For the reasons given in this Notice, the Authority hereby imposes on Barclays

Bank plc (“BB PLC” or “the Firm”) a financial penalty of £37,745,000.

1.2
BB PLC agreed to settle at an early stage of the Authority’s investigation. BB PLC

therefore qualified for a 30% (stage 1) discount under the Authority’s executive

settlement procedures. Were it not for this discount, the Authority would have

imposed a financial penalty of £53,921,619 on BB PLC.

2
SUMMARY OF REASONS

2.1
It is of fundamental importance that firms providing safe custody services ensure

that they:

a)
take reasonable care to organise and control their affairs responsibly and

effectively, with adequate risk management systems;

b) arrange adequate protection for clients’ safe custody assets when they are

responsible for them; and

c)
maintain books and records and perform regular reconciliations of those safe

custody assets.

2

2.2
BB PLC failed to do so in relation to £16.5 billion of safe custody assets belonging

to its clients, the majority of which belonged to its Affiliates (£13.5 billion) and its

Affiliates’ clients (£2.7 billion). On the basis of the facts and matters set out below,

BB PLC breached Principle 3 (Management and Control) and Principle 10 (Clients’

Assets) of the Authority’s Principles for Businesses (“the Principles”) and associated

CASS Rules between 1 November 2007 and 24 January 2012 (“the Relevant

Period”) by failing to:

a)
take reasonable care to establish adequate and effective organisational, control

and risk management systems in relation to the opening, on-going operation

and monitoring of external accounts in which safe custody assets were held

with sub-custodians outside the Barclays Group (“third-party sub-custodians”)

(Principle 3); and

b) arrange adequate protection for, maintain its own books and records and

perform its own reconciliations in relation to approximately £16.5 billion of safe

custody assets for which it was responsible as custodian and/or sub-custodian

(Principle 10).

2.3
The failings in this case occurred within BB PLC’s Investment Banking Division. No

customers of BB PLC’s other business operations, including Personal and Corporate

Banking (including Wealth) and Barclaycard, were impacted by the breaches or

failings in this case.

2.4
BB PLC’s breaches arose from significant weaknesses in its systems and controls

and a historical focus on business lines and products traded, rather than giving

adequate consideration to which legal entity was conducting the relevant business.

Specifically, during the Relevant Period BB PLC, in relation to its Investment

Banking Division, failed to:

a)
ensure that it implemented and maintained adequate policies, procedures,

monitoring and controls in relation to the opening and naming of external

custody accounts;

b) make adequate arrangements to ensure that it maintained a complete and

accurate record of its role in the custodial chain and of external custody

accounts;

c)
ensure that account details were captured in BB PLC’s static data and sub-

ledgers accurately and in a manner consistent with the way in which the assets

were held;

3

d) in respect of approximately £16.5 billion of safe custody assets held in 95

external accounts with third-party sub-custodians:

i.
make adequate arrangements so as to safeguard clients’ ownership rights;

ii.
ensure adequate protection for the safe custody assets;

iii.
ensure all necessary legal agreements were in place;

iv.
adequately consider the arrangements for the holding and safekeeping of

the safe custody assets, in particular, restrictions over the third-party sub-

custodian’s right to claim a lien, rights of retention or sale over the assets;

v.
ensure that all the accounts were appropriately named;

vi.
maintain its own records and accounts in a way that ensured they

corresponded to how the safe custody assets were held; and

vii.
conduct its own internal and external reconciliations in relation to those

accounts.

2.5
As a consequence of these failings BB PLC also failed to submit:

a)
an accurate valuation to the Authority in January 2011 of the highest total

value of safe custody assets held during 2010; and

b) accurate Client Money and Assets Returns (“CMAR”) from their inception in

October 2011 until the end of the Relevant Period.

2.6
Details of the relevant Principles and Rules breached by BB PLC (and other relevant

regulatory provisions) are set out in Annex A to this Notice.

2.7
BB PLC did not detect that it was in breach of the Authority’s Rules for over three

years. During this period the Authority repeatedly stressed in its publications,

including Final Notices, the importance of protecting clients’ safe custody assets

and complying with the CASS Rules.

2.8
Following discovery of the breaches, BB PLC promptly notified the Authority, but it

took around eight months and the application of significant resource for it to

identify how many accounts were in breach. This was despite the fact that BB PLC’s

Affiliates maintained books and records and conducted reconciliations directly with

the third-party sub-custodians in relation to the safe custody assets held in the 95

external safe custody accounts.

2.9
BB PLC had a responsibility to manage and protect safe custody assets, but its

failings meant that safe custody assets within the 95 external accounts were not

adequately protected in accordance with the Authority’s Principles and CASS Rules.

There was no record in BB PLC’s own sub-ledgers of the fact that it held the assets

and often no written agreement setting out the basis on which the assets were

held. There was also inadequate consideration of whether it was appropriate to

restrict a third-party sub-custodian’s right to claim a lien, right of sale or right of

set off. These failings were often compounded by other weaknesses such as the

lack of clarity in relation to some account names which did not always clearly

reflect the use of the account or BB PLC’s static data which suggested that the

assets belonged to BB PLC when in fact they were BB PLC’s clients’ assets.

2.10 As a result of the matters described above, had BB PLC become insolvent at any

point during the Relevant Period, it is likely that an Insolvency Practitioner would

have had to seek the resolution of a court before assets in the 95 external

accounts could be distributed. This would have exposed BB PLC’s clients, including

its Affiliates and BB PLC’s Affiliates’ clients, to a risk of delay in the return of their

safe custody assets, costs associated with the delay and a possible risk of loss of

their safe custody assets over and above that which might otherwise have been

expected in an insolvency of the size and complexity of BB PLC.

2.11 The Authority has taken into account that:

a)
it has not found that BB PLC acted deliberately or recklessly;

b) BB PLC promptly reported the breaches and failings to the Authority before it

was aware of the full extent of those breaches;

c)
BB PLC has committed significant resources to investigating the extent of the

failings and to remediating them and the control weaknesses which led to

them;

d) although safe custody assets were at risk there was no actual loss of any

assets;

e)
BB PLC’s Affiliates maintained books and records and conducted reconciliations

in relation to the safe custody assets held in the 95 accounts;

f)
the assets held in the 95 accounts were segregated from BB PLC’s own assets,

and Affiliates’ assets were held with the third-party sub-custodians in separate

accounts to Affiliates’ clients’ assets;

5

g) the Authority has previously taken Enforcement action against BB PLC and an

Affiliate in relation to misconduct, including action for client money failings,

which whilst not directly related to the failings in the current case occurred

within the same division of the Barclays Group’s business, the Investment

Banking Division; and

h) this action supports the Authority’s operational objective of securing an

appropriate degree of protection for consumers and maintaining confidence in

and protecting and enhancing the integrity of the UK financial system.

3
DEFINITIONS

3.1
The definitions below are used in this Final Notice:

“the Act” means the Financial Services and Markets Act 2000;

“Affiliate” means a wholly owned subsidiary of BB PLC;

“the Authority” means the body corporate previously known as the Financial

Services Authority and renamed on 1 April 2013 as the Financial Conduct

Authority;

“BB PLC” or “the Firm” means the legal entity Barclays Bank plc;

“Barclays Group” means the global financial services group of companies of which

BB PLC is a member;

“CASS” means the Authority’s Client Assets Sourcebook;

“CMAR” means the Client Money and Assets Return;

“DEPP” means the Authority’s Decision Procedure & Penalties Manual;

“the Investment Banking Division” means the division of the Barclays Group

formerly known as Barclays Capital;

“MiFID” means the Markets in Financial Instruments Directive;

“no–lien letter” means a letter which makes clear that a third-party sub-custodian’s

right to claim a lien and/or right of retention and/or sale over the assets in an

account is restricted;

“the Principles” means the Authority’s Principles for Businesses;

6

“the Relevant Period” means the period between 1 November 2007 and 24 January

2012; and

“third-party sub-custodian” means a custodian outside the Barclays Group.

4
FACTS AND MATTERS

4.1
BB PLC is a full service bank, headquartered in London, with a strong market

presence both in the United Kingdom and globally. It has been authorised by the

Authority since 1 December 2001 to perform a number of regulated activities,

including the safeguarding and administration of assets and/or arranging the

safeguarding and administration of assets.

4.2
BB PLC provides safe custody services to its Affiliates, eligible counterparties, and

its professional clients in connection with its product offerings within its Investment

Banking Division. In addition to its international branch network, BB PLC contracts

from the United Kingdom with a global network of agents or third-party sub-

custodians to enable it to provide custody services in respect of securities traded

and settled in markets in which it does not operate and as such acts as a global

custodian for its clients.

4.3
The assets received on behalf of clients of BB PLC’s Investment Banking Division

and held with third-party sub-custodians were safe custody assets and were

subject to the relevant requirements and standards set out in the Authority’s

Principles and Rules in CASS.

4.4
The failings set out below occurred within BB PLC’s Investment Banking Division.

No customers of BB PLC’s other business operations, including Personal and

Corporate Banking (including Wealth) and Barclaycard, were impacted by the

breaches or failings in this case.

Identification, investigation and reporting of the breaches

4.5
BB PLC identified, in the first half of 2011, in the course of its own review into its

historical and current practices in respect of its client asset arrangements, that it

was common practice within its Investment Banking Division, for its Affiliates to:

a)
request external accounts be opened with third-party sub-custodians under

agreements between BB PLC and the third-party sub-custodians; and

7

b) use the accounts to hold their own and their clients’ safe custody assets.

4.6
In some instances, BB PLC’s books and records did not reflect the fact that the

accounts had been opened under an agreement in its name and that it was

responsible for the assets in them. Further, due to the lack of its own books and

records, BB PLC did not perform its own internal or external reconciliations of the

assets in the accounts. Affiliates did, however, maintain their own books and

records and did perform reconciliations in respect of their own and their clients’

assets in those accounts.

4.7
In June 2011 BB PLC sought and received external professional advice which

identified that, for any account where it did not hold its own books and records or

conduct reconciliations, it was in breach of CASS. BB PLC promptly notified the

Authority and at around the same time initiated a remediation project to identify

the number of external accounts that were in breach and implement solutions to

remediate the breaches.

Scope of the breaches

4.8
It took BB PLC approximately eight months and required significant resource to

fully identify which accounts were in breach. This was in part due to the fact that

the information held by BB PLC was not always accurate and was therefore

sometimes inconsistent with information being provided by third-party sub-

custodians. This resulted in additions to and deletions from the list of accounts

considered to be in breach.

4.9
BB PLC ultimately identified 95 external accounts where it was in breach of the

Authority’s Rules:

a)
61 of the accounts held Affiliates’ assets (including assets where title had been

transferred to the Affiliate in accordance with agreements with their clients) –

these 61 accounts held approximately £13.5 billion of safe custody assets;

b) 33 of the accounts held Affiliates’ clients’ safe custody assets – these 33

accounts held approximately £2.7 billion of safe custody assets; and

c)
1 account which held BB PLC’s own clients’ safe custody assets – this account

held approximately £0.3 billion of safe custody assets.

The accounts holding Affiliates’ and/or Affiliates’ clients’ assets were held on behalf

of 13 different Affiliates from 8 different jurisdictions.

4.10 In light of the fact that BB PLC employed a network of third-party sub-custodians

to hold the safe custody assets, the 95 external accounts were:

a)
held with 11 different third-party sub-custodians; and

b) located in 21 different jurisdictions.

4.11 The Authority’s investigation identified further significant weaknesses in BB PLC’s

arrangements to ensure adequate protection for the safe custody assets held in the

95 accounts, including the following:

a)
Legal agreements relating to the provision of custody services:

i.
by BB PLC to its Affiliates were not in place for:

a.
over half of the 61 accounts holding Affiliates’ safe custody assets until

after September 2010; and

b.
any of the 33 accounts holding Affiliates’ clients’ safe custody assets

until September 2011;

ii.
by an Affiliate to BB PLC was not in place for the account holding BB PLC’s

clients’ safe custody assets at any time during the Relevant Period.

The failure to adequately document the basis upon which assets are held could

create uncertainty as to how assets should be treated in the event of

insolvency and may lead to competing claims. The consequence of this is that

an Insolvency Practitioner would need to perform an evidential exercise in

order to establish the basis of the holdings. This could lead to significant delays

in returning safe custody assets to the affected clients and a possible risk of

loss due to the need to seek the resolution of a court.

i.
Approximately 60% of the accounts in which Affiliates’ safe custody assets

were held with third-party sub-custodians did not have a no-lien or a side

letter until October 2011; and

ii.
1 of the 33 accounts in which Affiliates’ clients’ safe custody assets were

held with third-party sub-custodians had a no-lien letter in place prior to

2009. From 2009, the majority of accounts holding Affiliates’ clients’ safe

custody assets had no-lien letters in place.

BB PLC failed to give adequate consideration to whether it was appropriate to

restrict any right of the third-party sub-custodians to claim a lien and/or right

of retention and/or sale over the assets until it discovered the breaches. Before

the letters were in place safe custody assets could have been at risk of set-off

to secure any claim of the third-party sub-custodians’ against BB PLC without

the Affiliates’ or Affiliates’ clients’ agreement. This may have created

uncertainty as to how assets should be treated in the event of insolvency with

similar consequences to those as set out at 4.11 a) above.

c)
Account naming:

i.
8 of the account names contained information that was incorrect or

misleading; and

ii.
33 of the account names omitted BB PLC, the owner of the account and/or

the name of the Affiliate using the account.

The failure to ensure that external custody account names fully described the

ownership/usage of the account and ownership of the assets deposited in the

account could have created additional uncertainty in insolvency.

d) Static data used by BB PLC was not always accurate:

i.
23 of the accounts had inconsistencies in relation to which legal entity

owned the account:

a.
21 accounts had Affiliates instead of BB PLC recorded as the owner of

the account, whereas the Affiliate was actually the user of the

account;

b.
1 account holding BB PLC’s clients’ assets had BB PLC instead of the

Affiliate recorded as the owner of the account; and

c.
1 account had an Affiliate which did not own or use the account

recorded as the owner.

ii.
11
of
the
accounts
holding
Affiliates’
safe
custody
assets
had

inconsistencies in relation to whether the account held BB PLC firm or BB

PLC client assets (i.e. assets belonging to an Affiliate). This arose through

the lack of clearly documented procedures to provide guidance in relation

to what ‘Firm’ meant within the static data field.

iii.
1 account was not recorded. While this account was not used during the

Relevant Period, it was opened some months after BB PLC had discovered

the breaches and at around the same time as BB PLC was remediating the

breaches.

In some cases, BB PLC had to change its record of the legal owner of the

account as a result of the third-party sub-custodians’ responses to BB PLC’s

validation exercise. The failure to ensure that account details were captured in

a consistent and accurate manner in internal databases could have created

additional uncertainty in relation to the ownership of the account and/or the

assets it contained.

e)
Segregation of assets:

i.
Two accounts contained both BB PLC’s own clients’ safe custody assets

and a small amount of Affiliates’ clients’ safe custody assets. For one of

these accounts the Affiliate’s clients could not be identified.

While the absence of segregation was not a breach, in the context of the other

issues identified and because BB PLC’s systems required the opening of

segregated accounts, this could have created more uncertainty in the event of

insolvency.

4.12 The investigation also found that as a consequence of its failings BB PLC submitted

incomplete and inaccurate returns to the Authority during the Relevant Period:

a) in January 2011, BB PLC’s notification of the highest total value of safe custody

assets held during 2010 was incomplete and did not include 91 of the 95

accounts; and

b) from October 2011, BB PLC submitted a monthly CMAR. The asset valuations

provided in the returns were inaccurate and contained pricing errors.

Systems and controls in relation to external custody accounts

4.13 The breaches above and BB PLC’s failure to identify them for over three years were

a consequence of significant historic deficiencies in its systems and controls in

relation to the opening, on-going operation and monitoring of external safe custody

accounts.

4.14 BB PLC’s Investment Banking Division did not have any documented policies,

procedures or controls as regards external custody account opening and

maintenance prior to October 2009, when high level account opening checklists

were introduced. However, the checklists were not accompanied by a formal

procedure guide until March 2010. Neither the checklist nor the formal procedure

guide covered account naming until August 2010. Prior to this the informal process

was for the account name to reflect account usage (e.g. that the account held

client assets as opposed to Firm assets). The naming conventions introduced in

August 2010 did not include any provision for the naming of accounts holding an

Affiliate’s own safe custody assets. This was not introduced until after the issues in

this Notice were identified in 2011.

4.15 BB PLC did not review accounts opened prior to the introduction of the policies and

procedures to ensure that they had been named appropriately and that CASS

requirements had been properly considered.

4.16 Further BB PLC did not have any clear guidance or controls to ensure that account

details were captured in a manner that was consistent with the ownership of an

account and whether the assets belonged to BB PLC, its Affiliates or clients of an

Affiliate. There was also no regular reconciliation between BB PLC’s static data and

sub-ledgers to ensure that a complete record of external accounts was maintained.

5
FAILINGS

5.1
Based on the facts and matters described above, the Authority concludes that BB

PLC has failed to satisfy Principles 3 and 10 and associated CASS Rules. The

regulatory provisions relevant to this Final Notice are referred to in Annex A.

5.2
Specifically, in relation to its safe custody assets arrangements in its Investment

Banking Division, during the Relevant Period BB PLC breached:

a)
Principle 3: by failing to take reasonable care to organise and control its affairs

responsibly with adequate risk management systems in order to ensure that it:

i.
had in place adequate organisational arrangements in respect of safe

custody assets; and

ii.
implemented and maintained adequate policies and procedures to detect

and manage its safe custody asset risks.

b) Principle 10: by failing to arrange adequate protection for safe custody assets

when it was responsible for them.

5.3
BB PLC breached Principle 3 and CASS 6.2.2R by failing to take reasonable care to

ensure that it put in place effective systems and controls to ensure that:

a)
a complete and accurate record of external custody accounts, the assets in the

accounts and the ownership of those assets was maintained;

b) account details were captured in BB PLC’s static data and sub-ledgers

accurately and in a manner consistent with the way in which the assets were

held;

c)
written agreements were in place throughout the custodial chain and, where

required, in respect of the safe custody assets held in the external accounts;

d) proper consideration was given at all times during the Relevant Period to

whether to restrict the right of the third-party sub-custodians to exercise rights

of lien, sale and/or retention in relation to the relevant assets;

e)
all external custody accounts were named appropriately; and

f)
its relevant returns to the Authority were complete and accurate.

5.4
BB PLC breached Principle 10 and CASS 6.2.1R, 6.3.1R, 6.5.1R, 6.5.2R and 6.5.6R

as a result of its breaches of Principle 3 and CASS 6.2.2R set out above and by

failing in respect of safe custody assets held in 95 external accounts with third-

party sub-custodians to:

a)
make adequate arrangements so as to safeguard clients’ ownership rights;

b) ensure adequate protection for the safe custody assets;

c)
record in writing the legal basis on which the safe custody assets were held;

d) fully consider the arrangements for the holding and safekeeping of the safe

custody assets, in particular the restrictions over the third-party sub-

custodian’s right to claim a lien, right of retention or sale over the assets;

e)
maintain its own records and accounts in a way that ensured they

corresponded to how the safe custody assets were held;

f)
conduct its own internal and external reconciliations;

g) submit an accurate valuation to the Authority in January 2011 of the highest

total value of safe custody assets held during 2010; and

h) submit accurate CMARs from their inception in October 2011.

5.5
Further, BB PLC’s failure to submit appropriate returns to the Authority was a

breach of CASS 1A.2.8R.

5.6
Having regard to the issues above, the Authority considers it appropriate and

proportionate in all the circumstances to take disciplinary action against BB PLC for

its breaches of the Principles and associated CASS Rules during the Relevant

Period.

6
SANCTION

6.1
The Authority has considered the disciplinary and other options available to it and

has concluded that a financial penalty is the appropriate sanction in the

circumstances of this particular case.

6.2
The Authority’s policy on the imposition of financial penalties is set out in Chapter 6

of the Authority’s Decision Procedure & Penalties Manual (“DEPP”). In determining

the financial penalty, the Authority has had regard to this guidance.

6.3
BB PLC’s failings took place both before and after 6 March 2010. As set out at

paragraph 2.7 of the Authority’s Policy Statement 10/4, when calculating a

financial penalty where the conduct occurred under both penalty regimes, the

Authority will have regard to both the penalty regime which was effective before 6

March 2010 (“the old penalty regime”) and the penalty regime which was effective

after 6 March 2010 (“the current penalty regime”).

6.4
The Authority has:

a)
calculated the financial penalty for BB PLC’s misconduct from 1 November

2007 to 5 March 2010 by applying the old penalty regime to that misconduct;

b) calculated the financial penalty for BB PLC’s misconduct from 6 March 2010 to

24 January 2012 by applying the current penalty regime to that misconduct;

and

c)
added the penalties calculated under a) and b) to produce the total penalty.

Financial penalty under the old penalty regime

6.5
All references to DEPP under this heading are to the version of DEPP in force prior

to 6 March 2010.

6.6
In determining what financial penalty is appropriate and proportionate to the

breach concerned the Authority is required to consider all the relevant

circumstances of the case. DEPP 6.5.2G identifies a non-exhaustive list of factors

that may be relevant in determining the level of financial penalty. The Authority

considers that the following factors are particularly relevant in this case.

Deterrence (DEPP 6.5.2G(1))

6.7
It is of fundamental importance that firms providing safe custody services take

reasonable care to organise, control and manage the risks arising from their affairs

and to ensure that they arrange adequate protection for clients’ safe custody

assets when they are responsible for them. The Authority considers there is a

continuing need to send a strong message to the industry that firms must handle

safe custody assets in a way that is consistent with CASS 6.

6.8
Failure to organise safe custody affairs properly and to ensure adequate processes,

records and legal documentation are in place and regularly checked and monitored

significantly increases the risk that in the event of insolvency, delivery of safe

custody assets will be delayed and that assets may be diminished.

6.9
The Authority considers that a significant financial penalty is an appropriate

sanction given the serious nature of the breaches and risks to BB PLC’s clients.

The nature, seriousness and impact of the breach (DEPP 6.5.2G(2))

6.10 The Authority considers BB PLC’s breaches to be particularly serious for the

following reasons:

a)
the total value of the assets at risk was significant;

b) the failings continued undetected for a number of years;

c)
the failings were the result of not just serious, but also widespread weaknesses

in the Firm’s internal processes and controls relating to the opening, on-going

monitoring and maintenance of external safe custody accounts which

continued for a prolonged period; and

d) BB PLC’s breaches meant that had it become insolvent at any point during the

Relevant Period it is likely that an Insolvency Practitioner would have had to

seek the resolution of a court before assets in the 95 accounts could be

distributed. This could have exposed clients of BB PLC’s Investment Banking

Division, including its Affiliates and BB PLC’s Affiliates’ clients, to delay in

return of their safe custody assets, costs associated with the delay and a

possible risk of loss of their safe custody assets over and above that which

might otherwise have been expected in an insolvency of the size and

6.11 The Authority has also had regard to the following:

a)
there were no actual losses resulting from BB PLC’s breaches;

b) the Affiliates maintained books and records and conducted reconciliations in

relation to the safe custody assets held in the 95 external safe custody

accounts; and

c)
whilst it was not a specific requirement of the Rules to have separate

segregated accounts for each client, BB PLC maintained a system of opening

segregated accounts with third-party sub-custodians in relation to assets held

for each client.

The extent to which the breach was deliberate or reckless (DEPP 6.5.2G(3))

6.12 The Authority does not consider that BB PLC committed the breaches deliberately

or recklessly.

The size, financial resources and other circumstances of the firm (DEPP 6.5.2G(5))

6.13 In deciding on the level of financial penalty, the Authority has considered BB PLC’s

size and its financial resources. The Authority has no evidence to suggest that BB

PLC is unable to pay the financial penalty.

The amount of benefit gained or loss avoided (DEPP 6.5.2G(6))

6.14 The Authority has not identified any financial benefit or avoidance of loss that BB

PLC may have derived directly or indirectly from its breaches.

Conduct following the breach (DEPP 6.5.2G(8))

6.15 For the greater part of the Relevant Period, BB PLC failed to identify or act upon

the failings set out in this Notice.

6.16 Since identifying the breaches and promptly notifying the Authority, BB PLC has

committed significant resources to remediating the breaches and the control

weaknesses which led to them.

Disciplinary record and compliance history (DEPP 6.5.2G(9))

6.17 The Authority took enforcement action against BB PLC in August 2009, imposing a

penalty of £2.45 million for breaches of Principles 2 and 3 arising out of failures in

transaction reporting which occurred between 1 October 2006 and 31 October

2008.

6.18 Whilst the subject matter of this previous case is not directly related to the current

action, the failings occurred within the same Investment Banking Division of BB

Other action taken by the Authority (DEPP 6.5.2G(10))

6.19 This is the first safe custody assets case that the Authority has brought under the

old penalty regime. As such there are no comparable cases to be taken into

account.

Conclusions in relation to the old penalty regime

6.20 The Authority considers that the seriousness of BB PLC’s failings merits a

significant financial penalty. In determining the financial penalty the Authority has

considered the need to send a clear message to the industry of the need to ensure

that safe custody assets are properly protected and that failure to do so will result

in severe consequences.

6.21 The Authority therefore imposes a financial penalty under the old penalty regime of

£12,702,600 (£18,146,699 pre-discount) on BB PLC for its breaches of Principles 3

and 10 and CASS. This amount is equal to 0.2% of the value of the safe custody

assets held in the 95 external safe custody accounts as at 24 January 2012

(£16,526,457,764) adjusted to take into account that 28 months of the Relevant

Period was before 6 March 2010.

6.22 The Authority would usually calculate a financial penalty by reference to the

average value of safe custody assets over the Relevant Period. Prior to the

introduction of CMAR reporting in 2011 the Authority did not require firms to

routinely value the assets they held for clients. BB PLC was not required to, and did

not, routinely value its safe custody holdings during the Relevant Period. The

Authority does not consider it proportionate to require BB PLC to retrospectively

value the assets in this case in order to determine the average due to the length of

the Relevant Period and the number of different lines of stock held in multiple

jurisdictions and currencies. In coming to this conclusion the Authority has had

regard to movements in relevant market prices. The Authority has concluded that

the value of the safe custody assets held in the 95 external accounts as at 24

January 2012 is a suitable proxy for the average value of safe custody assets in the

accounts during the Relevant Period.

Financial penalty under the current penalty regime

6.23 All references to DEPP under this heading are to the version of DEPP implemented

on 6 March 2010 and currently in force.

6.24 Under the current penalty regime, the Authority applies a five-step framework to

determine the appropriate level of financial penalty. DEPP 6.5A sets out the details

of the five-step framework that applies to financial penalties imposed on firms.

Step 1: disgorgement

6.25 Pursuant to DEPP 6.5A.1G, at Step 1 the Authority seeks to deprive a firm of the

financial benefit derived directly from the breach where it is practicable to quantify

this.

6.26 The Authority has not identified any financial benefit that BB PLC may have derived

directly from its breaches.

6.27 Step 1 is therefore £0.

Step 2: the seriousness of the breach

6.28 Pursuant to DEPP 6.5A.2G(1), at Step 2 the Authority determines a figure that

reflects the seriousness of the breach. Where the amount of revenue generated by

a firm from a particular product line or business area is indicative of the harm or

potential harm that its breach may cause, that figure will be based on a percentage

of the firm’s revenue from the relevant products or business area.

6.29 The Authority considers that the revenue generated by BB PLC is not an

appropriate indicator of the harm or potential harm caused by its breach in this

case. This is because its revenue could increase or decrease without the value of

the safe custody assets it is holding (and therefore the associated risks) being

directly affected.

6.30 The Authority usually considers that the appropriate indicator in a safe custody

asset case is the average value of safe custody assets over the Relevant Period.

However, for the reasons set out at paragraph 6.22 above, is not practical to

determine the average value during the Relevant Period. The Authority has

therefore determined that the appropriate indicator in this case is the value of the

safe custody assets held in the 95 external safe custody accounts as at 24 January

2012.

6.31 In deciding on the percentage of the safe custody asset value that forms the basis

of the Step 2 figure, the Authority considers the seriousness of the breach and

chooses a percentage that is appropriate to the relevant fixed level which

represents, on a sliding scale of 1 to 5, the seriousness of the breach; the more

serious the breach, the higher the level. The percentage levels that the Authority

applies to cases involving safe custody assets are as follows:

Level 1 – 0%

Level 2 – 0.2%

Level 3 – 0.4%

Level 4 – 0.6%

Level 5 – 0.8%

6.32 In assessing the seriousness level, the Authority takes into account various factors

which reflect the impact and nature of the breach, and considers whether the firm

committed the breach deliberately or recklessly. DEPP 6.5A.2G(11) lists factors

likely to be considered ‘level 4 or 5 factors’. Of these, the Authority considers the

following factors to be relevant:

a)
Risk of loss to clients: BB PLC’s breaches meant that had it become insolvent

at any point during the Relevant Period it is likely that an Insolvency

Practitioner would have had to seek the resolution of a court before assets in

the 95 external accounts could be distributed. This would have exposed BB

PLC’s clients, including its Affiliates and BB PLC’s Affiliates’ clients to a risk of

delay in the return of their safe custody assets, costs associated with the delay

and a possible risk of loss of their safe custody assets over and above that

which might otherwise have been expected in an insolvency of the size and

b) Systemic weaknesses in the Firm’s procedures, management systems and/or

internal controls: BB PLC’s breaches highlighted that there were inadequate

systems and controls relating to the opening, on-going monitoring and

maintenance of external safe custody accounts which continued for a

prolonged period.

6.33 DEPP 6.5A.2G(12) lists factors likely to be considered ‘level 1, 2 or 3 factors’. Of

these, the Authority considers the following factors to be relevant in this case:

a)
There was no effect on the orderliness of/confidence in the markets.

b) The Authority does not consider that BB PLC committed the breaches

deliberately or recklessly.

6.34 The Authority also considers that the following factors are relevant:

a)
BB PLC failed to identify that it was not compliant for more than three years

and the full extent of its non-compliance for even longer.

b) BB PLC’s Affiliates maintained books and records and conducted reconciliations

in relation to the safe custody assets in the 95 external accounts.

6.35 Whilst it was not a specific requirement of the Rules to have separate segregated

accounts for each client, BB PLC maintained segregated accounts with third-party

sub-custodians in relation to assets held for each client. Taking all of these factors

into account, the Authority considers the seriousness of the breach to be level 3

and so the Step 2 figure is 0.4% of the value of the 95 external accounts as at 24

January 2012 (£16,526,457,764) adjusted to take into account that 23 months of

the Relevant Period was after 6 March 2010.

6.36 Step 2 is therefore £29,812,434.

Step 3: mitigating and aggravating factors

6.37 Pursuant to DEPP 6.5A.3G, at Step 3 the Authority may increase or decrease the

amount of the financial penalty arrived at after Step 2, but not including any

amount to be disgorged as set out in Step 1, to take into account factors which

aggravate or mitigate the breach.

6.38 The Authority considers that the following factors aggravate the breach:

a)
The Authority imposed a financial penalty of £1.1 million on Barclays Capital

Securities Limited (“BCSL”), a BB PLC subsidiary, in January 2011 for breaches

of Principle 10 and CASS. Between December 2001 and December 2009 BCSL

failed to segregate client money. Whilst BB PLC is a separate legal entity, the

breaches in the present case occurred within the same division of the Barclays

Group, the Investment Banking Division;

b) The Authority has imposed significant financial penalties on BB PLC on previous

occasions in relation to misconduct:

i.
in August 2009, imposing a penalty of £2.45 million (see paragraph 6.17

above);

ii.
in January 2011, imposing a penalty of £7.7 million for breaches of

Principle 9 which occurred between July 2006 and November 2008 in

relation to the sales of Aviva's Global Balanced Income Fund and Global

Cautious Income Fund;

iii.
in June 2012, imposing a penalty of £59.5 million for breaches of

Principles 2, 3 and 5 arising from misconduct relating to the submission of

rates which formed part of the London Interbank Offered Rate (LIBOR),

and in respect of the submission of rates for the Euro Interbank Offered

Rate (EURIBOR) between January 2005 and June 2010; and

iv.
in May 2014, imposing a penalty of £26 million for breaches of Principles 3

and 8 which occurred between June 2004 and March 2013 in relation to

gold market price setting.

c)
The importance of arranging adequate protection for clients’ safe custody

assets was well publicised by the Authority during the Relevant Period,

including through numerous enforcement actions which have drawn firms’

attention to the need for improved focus on this area and the importance of

protecting client money and safe custody assets; and

d) Whilst BB PLC sought to cooperate with the Authority’s investigation into this

matter, its ability to respond to the Authority’s requests for information quickly

and accurately was at times hampered by the failings identified in this Notice.

6.39 The Authority considers that the following factors mitigate the breach:

a)
BB PLC promptly reported the breaches and failings to the Authority before it

was aware of the full extent of those breaches; and

b) BB PLC has committed significant resources to investigating the extent of the

failings and to remediating them and the control weaknesses which led to

them.

6.40 Having taken into account these aggravating and mitigating factors, the Authority

considers that the Step 2 figure should be increased by 20%.

6.41 Step 3 is therefore £35,774,920.

Step 4: adjustment for deterrence

6.42 Pursuant to DEPP 6.5A.4G, if the Authority considers the figure arrived at after

Step 3 is insufficient to deter the firm who committed the breach, or others, from

committing further or similar breaches, then the Authority may increase the

penalty.

6.43 The Authority considers that the Step 3 figure of £35,774,920 represents a

sufficient deterrent to BB PLC and others, and so has not increased the penalty at

Step 4.

6.44 Step 4 is therefore £35,774,920.

Step 5: settlement discount

6.45 Pursuant to DEPP 6.5A.5G, if the Authority and the firm on whom a penalty is to be

imposed agree the amount of the financial penalty and other terms, DEPP 6.7G

provides that the amount of the financial penalty which might otherwise have been

payable will be reduced to reflect the stage at which the Authority and the firm

reached agreement. The settlement discount does not apply to the disgorgement of

any benefit calculated at Step 1.

6.46 The Authority and BB PLC reached agreement at Stage 1 and so a 30% discount

applies to the Step 4 figure.

6.47 Step 5 is therefore £25,042,400.

Conclusion as to financial penalty

6.48 The Authority therefore imposes on BB PLC a financial penalty of £37,745,000

(£53,921,619 pre-discount).

7
PROCEDURAL MATTERS

Decision maker

7.1
The decision which gave rise to the obligation to give this Notice was made by the

Settlement Decision Makers.

7.2
This Final Notice is given under, and in accordance with, section 390 of the Act.

Manner of and time for Payment

7.3
The financial penalty must be paid in full by BB PLC to the Authority by no later

than 7 October 2014, 14 days from the date of the Final Notice.

If the financial penalty is not paid

7.4
If all or any of the financial penalty is outstanding on 8 October 2014, the Authority

may recover the outstanding amount as a debt owed by BB PLC and due to the

Authority.

7.5
Sections 391(4), 391(6) and 391(7) of the Act apply to the publication of

information about the matter to which this Notice relates. Under those provisions,

the Authority must publish such information about the matter to which this Notice

relates as the Authority considers appropriate. The information may be published

in such manner as the Authority considers appropriate. However, the Authority

may not publish information if such publication would, in the opinion of the

Authority, be unfair to you or prejudicial to the interests of consumers or

detrimental to the stability of the UK financial system.

7.6
The Authority intends to publish such information about the matter to which this

Final Notice relates as it considers appropriate.

Authority contact

7.7
For more information concerning this matter generally, contact Guy Wilkes (direct

line: 020 7066 7574) of the Enforcement and Financial Crime Division of the

Authority.

Financial Conduct Authority, Enforcement and Financial Crime Division

ANNEX A

RELEVANT STATUTORY AND REGULATORY PROVISIONS

1
RELEVANT STATUTORY PROVISIONS

1.1
The Authority’s operational objectives are set out in section 1B (3) of the Act and

include the objective of securing an appropriate degree of protection for

consumers.

1.2
Section 206(1) of the Act provides:

“If the Authority considers that an authorised person has contravened a

requirement imposed on him by or under this Act… it may impose on him a

penalty, in respect of the contravention, of such amount as it considers

appropriate."

2
RELEVANT REGULATORY PROVISIONS

Principles for Businesses (“Principles”)

2.1
The Principles are a general statement of the fundamental obligations of firms

under the regulatory system and are set out in the Authority’s Handbook. They

derive their authority from the Authority’s rule-making powers set out in the Act.

The relevant Principles are as follows.

2.2
Principle 3 (management and control) states that:

‘A firm must take reasonable care to organise and control its affairs responsibly

and effectively, with adequate risk management systems’

2.3
Principle 10 (client assets) states that:

‘A firm must arrange adequate protection for clients’ assets when it is responsible

for them.’

Client Assets sourcebook (“CASS”)

2.4
CASS is the part of the Authority’s Handbook which sets out the Authority’s

requirements in relation to holding client assets and client money.

2.5
CASS 1A.2.8R provided from 1 January 2011 to 31 December 2012 that:

‘In relation to the calendar year ending on 31 December 2011, a firm must notify

the FSA in writing:

(1) by 31 January 2011 of the highest total amount of client money and the

highest total value of safe custody assets held during the previous calendar year, if

it held client money or safe custody assets in that previous year; or

(2) by 31 January 2011 of the highest total amount of client money and the

highest total value of safe custody assets that the firm projects that it will hold

during 2011, if it did not hold client money or safe custody assets in the previous

calendar year but at the date of its notification to the FSA projects that it will do so

in 2011; or

(3) in any other case, before the date on which the firm begins to hold client

money or safe custody assets, of the highest total amount of client money and the

highest total value of safe custody assets that the firm projects that it will hold

during the remainder of 2011; and

(4) in every case, of its 'CASS firm type' classification.’

2.6
In respect of all the rules and guidance within CASS 6 set out below:

a)
they were in force throughout the Relevant Period unless otherwise made

clear; and

b) where they now refer to “safe custody assets”, before 1 January 2009 they

referred to “financial instruments”. Both terms are defined in the Authority’s

Handbook, but the Authority does not consider the differences between the

definitions to be material in the current case.

2.7
CASS 6.1.10G stated that:

‘The fact that a client is an affiliated company … does not affect the operation of

the custody rules in relation to that client.’

2.8
CASS 6.1.22G stated that:

‘Principle 10 (Clients’ assets) requires a firm to arrange adequate protection for

clients’ assets when it is responsible for them. As part of these protections the

custody rules require a firm to take appropriate steps to protect safe custody

assets for which it is responsible.’

2.9
CASS 6.2.1R stated that:

‘A firm must, when holding safe custody assets belonging to clients, make

adequate arrangements so as to safeguard clients' ownership rights, especially in

the event of the firm's insolvency, and to prevent the use of safe custody assets

belonging to a client on the firm's own account except with the client's express

consent.’

2.10 CASS 6.2.2R stated that:

‘A firm must introduce adequate organisational arrangements to minimise the risk

of the loss or diminution of clients' safe custody assets, or the rights in connection

with those safe custody assets, as a result of the misuse of the safe custody

assets, fraud, poor administration, inadequate record-keeping or negligence.’

2.11 CASS 6.3.1R stated that:

‘(1) A firm may deposit safe custody assets held by it on behalf of its clients into an

account or accounts opened with a third party, but only if it exercises all due skill,

care and diligence in the selection, appointment and periodic review of the third

party and of the arrangements for the holding and safekeeping of those safe

custody assets.

(2) A firm must take the necessary steps to ensure that any client's safe custody

assets deposited with a third party, in accordance with this rule are identifiable

separately from the applicable assets belonging to the firm and from the applicable

assets belonging to that third party, by means of differently titled accounts on the

books of the third party or other equivalent measures that achieve the same level

of protection.

(3) When a firm makes the selection, appointment and conducts the periodic

review referred to under this rule, it must take into account:

(a) the expertise and market reputation of the third party; and

(b) any legal requirements or market practices related to the holding of those safe

custody assets that could adversely affect clients' rights.

(4) A firm must make a record of the grounds upon which it satisfies itself as to the

appropriateness of its selection of a third party as required in this rule. The firm

must make the record on the date it makes the selection and must keep it from the

date of such selection until five years after the firm ceases to use the third party to

hold safe custody assets belonging to clients.’

2.12 Additionally from 1 January 2009 CASS 6.3.1R (1A) stated that:

‘(1A) A firm which arranges the registration of a safe custody investment through a

third party must exercise all due skill, care and diligence in the selection and

appointment of the third party’

2.13 CASS 6.3.3G stated that:

‘A firm should consider carefully the terms of its agreements with third parties with

which it will deposit safe custody assets belonging to a client. The following terms

are examples of the issues firms should address in this agreement:

(1) that the title of the account indicates that any safe custody asset credited to it

does not belong to the firm;

(2) that the third party will hold or record a safe custody asset belonging to the

firm's client separately from any applicable asset belonging to the firm or to the

third party;

(3) the arrangements for registration or recording of the safe custody asset if this

will not be registered in the client's name;

(4) the restrictions over the third party's right to claim a lien, right of retention or

sale over any safe custody asset standing to the credit of the account;

(5) the restrictions over the circumstances in which the third party may withdraw

assets from the account;

(6) the procedures and authorities for the passing of instructions to or by the firm;

(7) the procedures regarding the claiming and receiving of dividends, interest

payments and other entitlements accruing to the client; and

(8) the provisions detailing the extent of the third party's liability in the event of

the loss of a safe custody asset caused by the fraud, wilful default or negligence of

the third party or an agent appointed by him.’

2.14 CASS 6.5.1R stated that:

‘A firm must keep such records and accounts as necessary to enable it at any time

and without delay to distinguish safe custody assets held for one client from safe

custody assets held for any other client, and from the firm's own applicable assets.’

2.15 CASS 6.5.2R stated that:

‘A firm must maintain its records and accounts in a way that ensures their

accuracy, and in particular their correspondence to the safe custody assets held for

clients.’

2.16 From 1 November 2007 to 1 December 2008 CASS 6.5.4G stated that:

‘(1) SYSC 4.1.1 R requires firms to have robust governance arrangements, such as

internal control mechanisms, including sound administrative and accounting

procedures and effective control and safeguard arrangements for information

processing systems. In addition, SYSC 6.1.1 R requires firms to establish,

implement and maintain adequate policies and procedures sufficient to ensure the

firm's compliance with its obligations under the regulatory system. Carrying out

internal reconciliations of the financial instruments held for each client with the

financial instruments held by the firm and third parties is an important step in the

discharge of the firm's obligations under CASS 6.5.2 R, SYSC 4.1.1 R and SYSC

(2) A firm should perform such internal reconciliations:

(a) as often as is necessary; and

(b) as soon as reasonably practicable after the date to which the reconciliation

relates;

to ensure the accuracy of the firm's records and accounts.

(3) Reconciliation methods which can be adopted for these purposes include the

'total count method', which requires that all financial instruments be counted and

reconciled as at the same date.

(4) If a firm chooses to use an alternative reconciliation method (for example the

'rolling stock method') it needs to ensure that:

(a) all of a particular financial instrument are counted and reconciled as at the

same date; and

(b) all financial instruments are counted and reconciled during a period of six

months.’

2.17 From 1 January 2009 CASS 6.5.4G stated that:

‘(1) Carrying out internal reconciliations of the safe custody assets held for each

client with the safe custody assets held by the firm and third parties is an

important step in the discharge of the firm's obligations under CASS 6.5.2 R, and

where relevant, SYSC 4.1.1 R and SYSC 6.1.1 R.

(2) A firm should perform such internal reconciliations:

(a) as often as is necessary; and

(b) as soon as reasonably practicable after the date to which the reconciliation

relates;

to ensure the accuracy of the firm's records and accounts.’

2.18 CASS 6.5.6R stated that:

‘A firm must conduct on a regular basis, reconciliations between its internal

accounts and records and those of any third parties by whom those safe custody

assets are held.’

2.19 CASS 6.5.8G stated that:

‘A firm should perform the reconciliation required by CASS 6.5.6R:

(1) as regularly as is necessary; and

(2) as soon as reasonably practicable after the date to which the reconciliation

relates;

to ensure the accuracy of its internal accounts and records against those of third

parties by whom safe custody assets are held.’

Decision Procedure and Penalties Manual (“DEPP”)

2.20 Chapter 6 of DEPP, which forms part of the Authority’s Handbook, sets out the

Authority’s statement of policy with respect to the imposition and amount of

financial penalties under the Act.

The Enforcement Guide

2.21 The Enforcement Guide sets out the Authority’s approach to exercising its main

enforcement powers under the Act.

2.22 Chapter 7 of the Enforcement Guide sets out the Authority’s approach to exercising

its power to impose a financial penalty.


© regulatorwarnings.com

Regulator Warnings Logo