Final Notice

On , the Financial Conduct Authority issued a Final Notice to Investments Limited

FINAL NOTICE

Andoversford Business Park

1.
ACTION

1.1.
For the reasons given in this notice, the Authority hereby:

(1)
imposes, pursuant to section 206A of the Act, a restriction on Investments,

for a period of 126 days from the date this Final Notice is issued, so that

Investments is restricted during that period from appointing any AR or RI;

and

(2)
publishes, pursuant to section 205 of the Act, a statement to the effect

that Investments has contravened regulatory requirements.

1.2.
This action is in respect of breaches of Principle 3.

1.3.
Were it not for Investments’ financial position the Authority would have imposed

on Investments a financial penalty of £621,583.

Page 2 of 38

1.4.
Investments agreed to settle at an early stage of the Authority’s investigation.

Investments therefore qualified for a 30% (stage 1) discount under the

Authority’s executive settlement procedures. Were it not for this discount, the

Authority would have imposed a restriction of 180 days (six months) on

Investments.

1.5.
The public censure will be issued on 23 July 2014 and will take the form of this

Final Notice, which will be published on the Authority’s website.

2.
SUMMARY OF REASONS

2.1.
Investments is an adviser network based in Cheltenham, Gloucestershire,

currently responsible for four Appointed Representatives and six Registered

Individuals advising customers on pensions, investments including unregulated

collective investment schemes, mortgages and general insurance/protection

products. Investments also holds permission for dealing in investments enabling

it to offer discretionary investment management services to its customers. As a

result of Investments’ failures during the Relevant Period over 1,400 customers

were exposed to the real risk that its ARs and RIs would make recommendations,

including in relation to high risk products, which were unsuitable.

2.2.
Between 20 August 2008 and 30 April 2013 (the “Relevant Period”) Investments

was one of three subsidiaries of the Group. The systems and controls and risk

management framework at Investments operated at Group level so that the

advisory standards the ARs and RIs were required to meet and the operating

procedures they had to follow were identical for each subsidiary of the Group.

2.3.
During the Relevant Period Investments (through its ARs and RIs) gave advice to

over 1,400 customers, including advising on high risk transactions such as UCIS

and other structured products, pension switching and occupational pension

transfers.

2.4.
In September 2013, a Skilled Person’s Report identified systemic weaknesses in

the design and execution of Investments’ systems and controls and risk

management framework. In particular, the Skilled Person’s Report identified that

Investments had not established any specific systems and controls in respect of

the DIM activity carried out by its RIs. The DIM activity was not a focus for

compliance or risk management generally.

Page 3 of 38

2.5.
Investments’ business model had afforded ARs and RIs a high degree of flexibility

and created an environment which allowed poor standards of business to continue

without correction for a significant period of time. The Authority regards

Investments’ failings as serious because they were directly attributable to

Investments’ cultural focus which viewed the ARs and RIs, rather than the

customers of the ARs and RIs, as the end customer. As a result there was a

general failure to embrace an effective risk-based approach to its AR and RI

controls and risk management processes.

2.6.
Of significant concern to the Authority was the fact that Investments’ DIM activity

was not a focus for compliance or risk management at Group level or at all.

Investments had not established any specific systems and controls in respect of

the DIM activity carried out by its RIs. As a result, there was a significant risk of

consumer detriment in relation to unsuitable investment transactions.

2.7.
The Authority considers that this case is particularly serious because Investments

posed a high risk of consumer detriment as a result of the weaknesses identified,

and particularly exposed customers to the risk that Investments’ ARs and RIs

would make personal recommendations which were not suitable, thereby causing

loss.

2.8.
In the circumstances, the Authority imposes a restriction preventing Investments

from appointing any AR or RI for a period of 126 days from the date this Final

Notice is issued and publish a statement to the effect that Investments has

contravened regulatory requirements. The Authority considers that the nature

and seriousness of Investments’ breaches would have warranted a financial

penalty of £621,583, were it not for Investments’ financial position.

2.9.
The Authority recognises that Investments has co-operated during the course of

the investigation and has effected material changes to its senior management,

systems and controls.

2.10. The Authority recognises that Investments has co-operated during the course of

the investigation and has effected material changes to its senior management,

systems and controls.

3.
DEFINITIONS

3.1.
The definitions below are used in this Final Notice.

“the Act” means the Financial Services and Markets Act 2000;

Page 4 of 38

“AR” means Appointed Representative;

“the Authority” means the body corporate previously known as the Financial
Services Authority and renamed on 1 April 2013 as the Financial Conduct
Authority;

“Board” means Investments’ board of executive and non-executive directors;

“CEO” means Chief Executive Officer;

“CMT” means Investments’ Central Monitoring Team;

“Compliance Visits” means annual visits to Investments’ ARs and RIs conducted by

the field Supervisory Staff;

“Database” means Investments’ comprehensive web-based management
information database;

“Desk-Based Monitoring” means Investments’ periodic desk-based reviews of
adviser performance management information;

“DIM” means discretionary investment management;

“Enforcement” means the Enforcement and Financial Crime Division of the
Authority;

“File Checker” means a member of the File Checking team within Investments’ CMT
which reviewed individual files against a single generic File Check Form. They are in
addition to the Supervisory Staff who conducted the Desk-Based Monitoring and
Compliance Visits;

“Form A” means the Authority’s application form for approved status;

“General/MSA Licence” has the meaning set out in paragraph 4.20;

“Group” means Standard Financial Group plc;

“Guide to Supervision” means Investments’ guide, provided to the Supervisory
Staff, on the process and purpose of supervision;

“Handbook” means the Authority’s Handbook of Rules and Guidance;

“Investments” means Investments Limited;

“KPIs” means Key Performance Indicators;

“MI” means Management Information;

“MSA” means Minimum Standards Achieved;

“NBR” means New Business Register;

“NRS” means Net Risk Score with the meaning set out in paragraph 4.37 (3);

“PBR” means Past Business Review;

“Relevant Period” means 20 August 2008 to 30 April 2013;

Page 5 of 38

“Retail Distribution Review” means the Authority’s rules, effective from 1 January
2013, governing the sale of investment products to retail customers;

“RI” means Registered Individual, a natural person employed by an AR and
approved by the Authority under s.59 of the Act as a CF30 of Investments in
relation to investment business;

“RMF” means Risk Management Framework;

“Risk Register” has the meaning set out in paragraph 4.37;

“Skilled Person’s Report” means the report, dated 11 September 2013, referred to
at paragraph 4.7 of this Notice;

“Specialist Licence” has the meaning set out in paragraph 4.20;

“Statement of Professional Standing” means the accreditation introduced by the
Retail Distribution Review for independent advisers, and required by the
Authority since 1 January 2013;

“Supervisory Staff” means Investments’ supervisory oversight team;

“TCF” means Treating Customers Fairly;

“the Tribunal” means the Upper Tribunal (Tax and Chancery Chamber); and

“UCIS” means unregulated collective investment scheme (as defined in Part XVII,
Chapter I and II of the Act).

4.
FACTS AND MATTERS

4.1.
Investments is an adviser network based in Cheltenham with four ARs and six

RIs. Investments is a subsidiary of the Group, a holding company which is not

authorised and does not trade.

4.2.
Investments was authorised on 2 June 2004 and during the Relevant Period was

authorised to carry out regulated activities:

(1)
advising, advising in relation to pension transfers/opt outs, arranging deals

in investments, making arrangements in relation to designated investment

business, since 2 June 2004;

(2)
advising on and arranging regulated mortgage contracts, and making

arrangements in relation to regulated home finance, since 31 October

2004;

(3)
arranging, safeguarding and administration of assets, the separate

authorisation of safeguarding and administration of assets, managing

investments and dealing in investments as agent, since 1 August 2005;

Page 6 of 38

(4)
dealing in investments as principal and establishing, operating and winding

up both regulated and un-regulated collective investment schemes, since

30 November 2006; and

(5)
establishing, operating and winding up personal pensions and making

arrangements for home purchase plans and home reversion plans, since 6

April 2007.

4.3.
Historically, the Group’s ARs and RIs were split across three subsidiaries, but

following a Group restructuring in February 2010 the majority of ARs and RIs

were transferred to another of the subsidiaries, with the exception of those RIs

who wanted to be able to offer DIM activity, who remained as RIs of Investments.

Risk Assessment and UCIS Thematic Review

4.4.
Since February 2010, Investments has been the subject of an assessment by the

Authority relating to its pension-switching advice, a routine risk assessment and a

further visit by the Authority as part of a thematic review. Specifically, in April

2012, as a follow-up to its previous visit relating to Investments’ pension

switching advice, the Authority reviewed a random sample of Investments’

pension switching recommendations. A risk assessment visit was conducted in

May 2012 and in June 2012 Investments was visited in connection with the

Authority’s thematic review of firms’ practices in respect of the promotion and

sale of UCIS.

4.5.
The assessment and each of the visits raised serious concerns about weaknesses

in Investments’ systems and controls and risk management framework.

4.6.
In response to the Authority’s feedback on the UCIS thematic review, on 3 August

2012, Investments immediately imposed a ban on its ARs and RIs selling UCIS.

Following discussions with the Authority this ban was lifted by Investments in

August 2013 to enable ARs and RIs to provide ‘independent’ advice in the

regulatory environment following the Authority’s Retail Distribution Review.

4.7.
The Authority required the Group to commission the Skilled Person’s Report under

section 166 of the Act to review the effectiveness of Investments’ systems and

controls and risk management framework.

4.8.
The Skilled Person’s Report identified:

Page 7 of 38

(1)
material deficiencies with both the design and implementation of

Investments’ systems and controls and the application of appropriate

standards; and

(2)
that Investments had not implemented a robust risk management

framework that enabled Investments’ senior management proactively to

identify and manage risk.

4.9.
The Skilled Person’s Report attributed this to:

(1)
the inherent risks of Investments’ business model which afforded ARs and

RIs a high degree of flexibility; and

(2)
the cultural focus at Investments which resulted in the ARs and RIs being

treated as the customers rather than the end customers who received the

advice.

4.10. The Authority considered that Investments posed a high risk of consumer

detriment as a result of the weaknesses identified, namely that Investments’ ARs

and RIs would make personal recommendations to customers which were not

suitable, and it was referred to Enforcement for investigation.

Remedial Action by Investments

4.11. Subsequent to the 2012 Risk Assessment and prior to the requirement of the

Skilled Persons Report, Investments commenced a wide-ranging review and

improvement of its senior management and systems and controls and has since

proactively engaged with the Authority and the Skilled Person to remedy

weaknesses identified by the Authority, the draft Skilled Person’s Report and

Investments itself in its systems and controls and risk management framework.

Conduct in issue: Systems and controls and compliance

Determining whether prospective ARs and RIs were suitable to act for Investments

4.12. The decision whether or not to permit a new AR to join Investments was based

primarily on the outcome of Investments’ limited AR recruitment process.

Investments’ procedures set out a list of documentation that needed to be

submitted by applicants (e.g. bank statements, credit reports, employment and

character references, and an assets and liabilities statement) but did not provide

any defined criteria or standards for assessing a prospective ARs’ and RIs’ fitness

and propriety. Investments required prospective ARs and RIs to complete Form A

Page 8 of 38

together with an internal RI/AR application form and to provide the supporting

documentation.

4.13. As part of the recruitment process prospective RIs were required to take and pass

a technical knowledge test before Form A was submitted to the Authority. The

application and supporting documentation was reviewed by Investments and if

there were no concerns regarding the prospective RI’s fitness and propriety, and

the RI had passed the technical knowledge test, Form A was submitted to the

Authority. Following submission of Form A, the prospective RI was invited to

attend Investments’ one-day induction course. A review of a small sample of

Investments’ prospective recruitment files identified examples where there was

insufficient evidence to show that Investments had carried out an appropriate

critical evaluation of the information obtained in order to determine a prospective

AR’s or RI’s fitness and propriety.

4.14. On the instruction of its compliance director, Investments might in certain

situations carry out a “pre-joining visit” before allowing an AR and/or RI to join

Investments (e.g. where it was not possible to obtain all of the fitness and

propriety information needed, such as references from previous employers).

However, given its scope this was not a sufficiently rigorous risk assessment and

it did not provide sufficient insight into an AR’s or RI’s business standards. In any

event, few pre-joining visits took place in the Relevant Period.

4.15. Once Investments had received approval from the Authority for the RI to perform

a controlled function (CF30) the RI was notified that they were permitted to

advise customers without any further skills assessment (unless they were

inexperienced). They were also notified that there would be 100% pre-sale

monitoring of at least three of their new business cases in each applicable

business area and an initial visit would be conducted by the Supervisory Staff

within three months of the AR or RI joining Investments.

Determining RIs’ competence to advise customers

Initial Training and Development

4.16. Investments did not take sufficient steps to identify an RI’s training and

development needs at the outset and before an RI was permitted to provide

advice to customers. New RIs were classified as either experienced or

inexperienced. This classification was made following internal discussions as to

whether the RI had at least two year’s relevant experience but in the absence of

a detailed application form, curriculum vitae or structured interview process

Page 9 of 38

Investments did not have sufficient details of the applicant’s relevant experience

in order to make this judgment. A review of a small sample of Investments’

recruitment and training files identified that an RI’s skills were only assessed at

the outset if the RI was categorised as inexperienced.

4.17. For those new RIs categorised as experienced, the initial assessment of their

knowledge and skills was generally based upon limited information of previous

experience in the Form A, an applicant’s qualifications, two character references

and employment references for the previous five years (which did not elicit

sufficiently comprehensive information as a result of the standard reference

request template). This was insufficient to assess initial training requirements.

There was no formal documented gap analysis of the RI’s knowledge, skills and

experience and there was no evidence that Investments used the results of the

technical knowledge test to identify any initial development needs and produce a

development plan. Many RIs did not have a development plan so it was not

evident that Investments was fulfilling its regulatory obligation to provide

sufficient training to its RIs (linked to their areas of business and development

needs) before they were permitted to provide advice to customers.

4.18. Investments delivered a full day’s induction training for new RIs followed by

further training on assessing suitability. The validation of learning was insufficient

to test the RI’s knowledge and understanding of the course content and focused

on procedure rather than advisory standards. In any event, prior to February

2012, it was not compulsory for RIs to attend either course before they gave

advice, so RIs were effectively permitted to advise customers before Investments

had taken steps to ensure that they had sufficient knowledge and understanding

of the advisory standards they were required to meet and the operating

procedures to follow.

4.19. Investments’ procedures did not state clearly when an RI’s competency status

had been achieved and neither its staff nor management understood the need for

clear assessment criteria or a formal performance assessment process.

4.20. Investments operated a two-tiered internal licensing process. A General/MSA

Licence was awarded for generic product groups (i.e. Pensions, Investments,

Mortgages and General Insurance/Protection) after the first ten new business

entries had been reviewed on a pre-sale basis or the first three new business

entries in a particular product area had been reviewed on a pre-sale basis. A

Page 10 of 38

Specialist Licence was awarded for high-risk products (i.e. transfers from

occupational pension schemes, income drawdown, equity release and long-term

care) once three consecutive new pieces of business (regardless of complexity)

had been post-sale checked and graded seven or above (on a scale of one to

ten).

4.21. Investments’ Guide to Supervision indicates that its Supervisory Staff were

responsible for deciding when an RI was competent but some Supervisory Staff

accepted this responsibility more readily than others so that, in practice, it was

unclear who took responsibility for confirming that the RI was competent. As a

result, there was no clear or formal record of when an RI was considered

competent nor was the rationale for the decision given, so that prior to an MSA

licence being granted both experienced and inexperienced RIs could be providing

advice to customers without supervision from Investments.

4.22. An RI appeared to be considered competent by Investments when he/she had

passed the technical knowledge test and obtained an MSA licence. However:

(1)
the licensing process did not limit the types of product an RI could

recommend. Upon joining Investments, RIs could recommend all types of

product, provided that they held the appropriate qualifications and a

Statement of Professional Standing. The licensing process simply

determined the timing and type of file checking;

(2)
the decision to grant a licence was not based on the File Checker’s initial

assessment but on the final grade achieved after material intervention by

Investments’ CMT, by which time any remedial action had been taken. The

standard on which the licence was granted was therefore potentially

heavily influenced by the input of the CMT. Prior to the RI obtaining a

licence, they often needed to re-submit files several times before CMT

were satisfied that the advice was suitable; and

(3)
there was no defined policy which applied to those RIs who had failed to

obtain a licence, so RIs continued to make recommendations to customers

having failed to obtain a licence over a long period of time.

4.23. Prior to a Specialist Licence being granted, allowing him or her to advise on high

risk products, an RI was permitted to give advice/arrange new business without

any pre-sale checking by Investments. This was not sufficiently robust to prevent

Page 11 of 38

unsuitable advice being given, as the recommendation had already been made by

the time the case was checked.

Supervision of ARs

4.24. The Group employed eight field Supervisory Staff during the Relevant Period who

each supervised ARs and RIs within a defined geographical region.

4.25. Investments stipulated, in its Guide to Supervision, the knowledge and skills the

Supervisory Staff were required to have in order to perform their role

competently but the Supervisory Staff were not provided with any formal training

when they first joined Investments. Supervisory Staff were provided with the

Guide to Supervision workbook, which they were required to study before sitting

a supervisor validation test which comprised multiple choice questions at the back

of the workbook in order to assess their knowledge of the supervision process.

Supervisory Staff sat the test in their own time and it was not invigilated.

4.26. To ensure their ongoing competence, Investments required its Supervisory Staff

to pass an annual supervisory competency course. However, this had not been

attended by the Supervisory Staff since January 2011. A Supervisory Staff

training workshop was held in January 2012 but this only covered their

understanding of the rules for business stationery disclosure, Investments’

customer file record keeping requirements and the content of the annual visits. It

did not include any coaching or other assessment of supervisory skills.

Frequency of AR and RI Supervision

4.27. The frequency of supervision was not driven by the actual risk an AR or RI posed

to consumers. The metrics used to determine the risk rating of ARs and RIs did

not take into account all relevant performance factors and was not based on

recent performance information. For example, the results of pre-sale checking did

not influence the risk rating and post-sale file check results did not have sufficient

weighting which meant that ARs or RIs could exhibit poor results but not be rated

as high risk. Also, aspects of the risk score allocated to the AR’s or RI’s business

was calculated over the whole period since the AR or RI joined Investments.

Consequently, an AR’s or RI’s risk rating did not necessarily reflect the risk they

actually posed which meant the AR or RI might be subject to lower levels of

supervision by Investments than they should have been.

Page 12 of 38

Desk Based Monitoring and Compliance Visits

4.28. The Supervisory Staff supervised Investments’ ARs and RIs by periodic Desk

Based Monitoring and annual Compliance Visits, in addition to file checking.

4.29. Desk Based Monitoring comprised an assessment of an AR’s or RI’s performance

against KPIs, the spread of the AR’s or RI’s new business by risk and product

category and the AR’s or RI’s file checking scores. A review of a small sample of

Desk Based Monitoring conducted for high-risk ARs and RIs identified the

(1)
the frequency of Desk Based Monitoring was determined by the risk rating

of the AR or RI, the calculation of which was not sufficiently robust, as set

out in paragraph 4.26 above. The risk rating was automatically calculated

by Investments’ Database incorporating categories of KPI data from the

date the AR or RI joined Investments to the date the report was run. Each

result was given a score and the total points awarded determined the AR

or RI’s risk rating. The categories of KPI data included:

(a)
the number of breaches of Investments’ policies and procedures;

(b)
the number of complaints received;

(c)
the number of disciplinary actions taken by Investments as a result
of the breaches identified;

(d)
the number of cases classified as replacement business;

(e)
the percentage of cases conducted on an execution only basis;

(f)
persistency (calculated as a percentage of cases); and

(g)
a file check risk factor score.

(2)
the Supervisory Staff only analysed available information to identify

underlying file quality problems where the AR’s or RI’s average file check

score was below the benchmark (itself too low);

(3)
the Supervisory Staffs’ assessment record was insufficient to determine

whether the Supervisory Staff were concerned or not about AR or RI

performance and the nature of the action recorded was unclear; and

(4)
any issues noted were not fed through to an AR’s or RI’s development plan

for subsequent monitoring and completion.

Page 13 of 38

4.30. Compliance Visits, conducted annually, were designed to assess five broad areas:

AR Overview and Stability, Compliance, Training and Competence, Advice

Procedures and TCF. The visit also included a competency assessment. The

Skilled Person’s review of relevant procedural documentation and live observation

of a number of Compliance Visits identified that Investments’ methodology and

approach to Compliance Visits was not sufficiently challenging to enable the

identification, monitoring and/or management of material risks associated with

giving financial advice.

AR and RI compliance and file checking

4.31. Once an RI had obtained a relevant licence, Investments conducted post-sale file

checks at a rate of one in every eight new business transactions. Weaknesses in

the file review methodology meant that file checking would not deliver a

sufficiently robust assessment of suitability. In particular, there was inconsistency

in the guidance provided to ARs and RIs regarding the documents that needed to

be submitted for file checking and the documents requested were not sufficient to

assess fully the suitability of advice in all cases. Deficiencies in the generic file

checking form meant that file checking was not carried out to a consistent

standard and Investments’ grading system for post-sale file checks was not

effective, largely because there was no clear definition of unsuitable advice.

4.32. File checking processes did not adequately identify and assess risk:

(1)
pre-sale checking was limited to new RIs who did not hold an MSA licence,

to pension switching and occupational pension transfer files and to RIs who

held an MSA licence but for whom Supervisory Staff considered that

removal of that licence might be appropriate. Investments did not

undertake pre-sale checking for all transactions requiring a Specialist

Licence, despite Investments considering such transactions to be high risk.

(2)
where the RIs did not hold the relevant Specialist Licence, they were

required to submit the suitability report for the first advice before the

recommendation was made to the customer (a ‘pre-scrutiny check’).

Otherwise, an RI was permitted to give advice/arrange new business

without any pre-sale checking by Investments. The pre-scrutiny check:

(a)
was not sufficient to allow a comprehensive assessment of

suitability; and

Page 14 of 38

(b)
some files which should have been submitted for a pre-scrutiny

check were not submitted until after the advice had been presented

to the customer. No breach was recorded on Investments’ Database

and Investments did not impose any sanction against the RI for

failing to meet this obligation.

(3)
Investments did not follow-up pre-sale checks once the recommendation

had been made in order to establish whether the recommendation which

was approved was the same as that ultimately presented to the customer;

and

(4)
post-sale checking was determined solely by the risk presented by the

product alone, resulting in insufficient levels of checking for RIs who

performed poorly. The number of high risk transactions checked was not

sufficient to ensure that a spread of high risk business would be checked

over time for each AR and RI. The level of post-sale checking was

essentially the same for all ARs and RIs regardless of their on-going

performance. As a result, Investments did not ensure that a sufficient

spread of an AR’s or RI’s total business was monitored.

4.33. Investments’ Database automatically selected files for checking from the entries

on the AR’s or RI’s NBR. The effectiveness of the file selection process in respect

of post-sale checking was heavily dependent on the AR or RI accurately inputting

data into their NBR on the Database. Similarly, as new business was not

administratively processed by Investments, the pre-sale file checking process was

dependent on an RI submitting the advice for review before the personal

recommendation was made to the customer.

4.34. Investments had been aware for some time of material risks relating to the

accuracy and quality of the new business information input by its ARs and RIs.

This risk was material because it affected the integrity of the file checking process

and MI data. Nevertheless, Investments did not take appropriate steps to control

this risk effectively. No comprehensive training on the Database was provided to

ARs and RIs before they began to give advice and Investments did not have a

robust way of retrospectively checking that ARs’ and RIs’ entries on to the NBR

were accurate.

4.35. Investments’ procedures stated that it would carry out a quarterly assessment of

a sample (one for each business area) of post-sale file checks for each individual

File Checker (i.e. 16 quality checks per year). However, no quality assurance

Page 15 of 38

assessment of file checking had been carried out between May 2012 and April

2013 and prior to that quality assurance assessments had focused on post-sale

checking only.

Conduct in issue: Risk management processes

4.36. The governance structure at Investments consisted of the Board and three Sub-

Committees (a Risk Committee, an Audit & Compliance Committee and a

Nominations and Remunerations Committee) which focused on dealing with

incidents and issues that had already materialised rather than proactively

identifying and monitoring on-going risks.

4.37. Following a review of information and documentation relating to Investments’

RMF, including the RMF document, the Risk Register and MI and interviews with

senior management, the Skilled Person’s Report identified that the scope and

quality of MI provided to the Board and its sub-committees was not sufficient to

enable its senior management to identify and monitor risk effectively. In

particular:

(1)
the MI did not adequately summarise the risks to Investments and its

customers. MI provided to the Risk Committee did not contain any

information which would allow it to consider consumer risks directly. Key

analytical information contained in a Consumer Outcomes Report (a

detailed report which focused on the main areas of consumer risk) was

reviewed at a monthly Risk & Compliance Managers’ meeting but not

escalated to the Sub-Committees/Board. The Compliance Report provided

to the Audit & Compliance Committee contained some information relevant

to consumer risks but this was still too high level to enable it to

understand fully the root cause of consumer risks effectively;

(2)
Investments’ risk ratings (High, Medium and Low) as recorded in the Risk

Register were not defined or quantified (i.e. no KPIs had been set,

providing a benchmark against which risk can be monitored) and

Investments had not identified its top risks (comprising both risks to

Investments and all risks to its consumers);

(3)
Investments’ assessment of how well a risk was being controlled was

unreliable and misleading. The Risk Register included a Net Risk Score

(“NRS”) for each risk to reflect how well that risk was being controlled. The

NRS was not set following an objective assessment of the quality and

Page 16 of 38

effectiveness of the internal systems and controls in place. Consequently,

the NRS for most risks (particularly customer risks) was too low resulting

in risks being understated and therefore not being given the appropriate

degree of attention by senior management;

(4)
it was unclear how certain systems and controls linked to risks in the Risk

Register were capable of controlling that risk; and

(5)
the length of the reporting period used to compile data meant there was

little change in the information provided to the Sub-Committees or Board

from month to month. For example, the MI for file check scores was based

on a rolling 12-month period which did not enable senior management to

identify emerging issues promptly and information provided in a Critical

Success Factors report (part of the Board pack) was too high level to

provide the Board with sufficient insight into the root causes of the issues

identified to enable them to decide what action, if any, should be taken.

4.38. In addition to the above, and contrary to what the RMF states, although

Investments engaged external contractors to perform issue-specific audits

(September 2008 - August 2009 and March – November 2010), Investments did

not have an internal audit function during the Relevant Period, so that there was

no robust mechanism for assessing the effectiveness of its internal controls.

5.
FAILINGS

5.1.
The regulatory provisions relevant to this Final Notice are referred to in Annex A.

5.2.
On the basis of the facts and matters above, the Authority considers that

Investments failed to take reasonable care to organise and control its affairs

reasonably and effectively, with adequate risk management systems, in breach of

Principle 3.

5.3.
Of significant concern to the Authority was the fact that Investments’ DIM activity

was not a focus for compliance or risk management at Group level or at all.

Investments had not established any specific systems and controls in respect of

the DIM activity carried out by its ARs and RIs. As a result, there was a significant

risk of consumer detriment in relation to unsuitable investment transactions.

Page 17 of 38

Systems and controls and compliance

5.4.
Investments failed to establish, implement and maintain effective systems and

controls sufficient to ensure that Investments’ ARs and RIs met applicable

requirements and standards under the regulatory system. Specifically:

Determining whether prospective ARs and RIs were suitable to act for Investments

5.5.
Investments failed to take sufficient steps as part of the recruitment process, to

assess appropriately prospective ARs’ business models and business practices to

determine whether they were suitable to act for Investments, in particular:

(1)
Investments did not routinely carry out any structured due diligence

and/or risk assessment which would have enabled them to assess the

prospective AR’s business model and business practices and in turn

identify whether there were any unusual or particular risks which needed

to be considered or addressed. The decision to permit a new AR to join

Investments was based primarily on the outcome of the AR and RI

recruitment process. This meant that, upon joining Investments, ARs were

effectively permitted to follow their own sales process and use their own

adviser tools (e.g. fact finds, risk profile questionnaires and research

systems) which Investments had not assessed and deemed fit for purpose;

(2)
Investments placed undue reliance on the background checks carried out

by the Authority. The Authority’s factsheet issued in August 2011

concerning control over ARs stated that “under no circumstances should

the firm rely on the background checks we carry out to determine whether

the prospective AR is suitable to act for the firm”. Investments required

ARs and RIs to complete Form A and an internal RI/AR form (which

captured details of assets, liabilities and referees). These forms did not

capture sufficient details of an RI’s previous role(s), responsibilities and

relevant experience. Investments did not have a detailed application form,

did not require RIs to submit a full curriculum vitae and did not operate a

structured interview process for assessing an applicant’s knowledge and

skills. Although Investments obtained two character references and

employment references for the previous five years, it adopted a standard

reference request template, which did not elicit sufficiently comprehensive

information. As a result, Investments did not have sufficient details of the

applicant’s relevant experience in order to assess robustly his/her

knowledge and skills. Once RIs had been approved by the Authority as

Page 18 of 38

CF30, they were permitted to advise customers without further skills

assessment (unless they were classified as inexperienced); and

(3)
Investments did not take sufficient steps to ensure the integrity of the

technical knowledge test they required RIs to undertake. RIs were

permitted to complete the test remotely in their own time. It was not

invigilated and might not, therefore, provide a true indication of the RI’s

actual knowledge. In any event it did not test the RI’s knowledge of higher

risk products.

Determining RIs’ competence to advise customers

5.6.
Upon an RI joining Investments, Investments did not carry out a suitable

assessment of their knowledge and skills in order to determine their competence

before they began advising customers. In particular:

(1)
Investments’ process for determining an RI’s competence was unclear and

unreliable;

(2)
Investments did not take sufficient steps to identify the RI’s training and

development needs at the outset and before the RI was permitted to

provide advice;

(3)
Investments did not provide timely and comprehensive training to ensure

that its new ARs and RIs understood the minimum standards Investments

expected them to meet. RIs were effectively permitted to advise

customers before Investments had taken steps to ensure that they had

sufficient knowledge and understanding of the standards they must meet

and the processes to follow; and

(4)
Investments did not specify any specific training and competence

arrangements for RIs who carried out DIM activity.

5.7.
Potentially training and development needs might be identified over time, as a

result of file checking (including initial pre-sale monitoring) and annual visits from

the Supervisory Staff, but due to Investments’ failings in those areas there was

an increased risk of consumer detriment as a result of Investments’ failure to

carry out a suitable assessment at the outset.

Page 19 of 38

Supervision of ARs and RIs

5.8.
Investments failed to ensure that its ARs and RIs were appropriately and

effectively supervised at all times. In particular:

(1)
there was insufficient contact between ARs and RIs and the Supervisory

Staff to ensure effective supervision;

(2)
Investments did not adequately analyse information on RI performance

sufficient to conduct an effective review of competence, identify training

needs and take appropriate action to ensure that those RIs remained

competent for their role. Specifically:

(a)
as a result of the insufficiently robust benchmark for an RI’s

average file check score, Investments’ minimum standards did not

effectively provide an indication of an RI’s competence;

(b)
Desk Based Monitoring was ineffective in identifying an individual

RI’s development needs and failed to initiate appropriate and

effective remedial action; and

(c)
Investments’ minimum standards for measuring an individual RI’s

on-going competence did not include an assessment of the RI’s

skills or technical knowledge.

(3)
Investments’ field supervision was not sufficiently risk-based. As a result

of the inadequate design and execution of its supervision activity, the

annual visits carried out by the Supervisory Staff were not sufficiently

challenging to enable the identification of material risks. Specifically:

(a)
Investments did not take sufficient steps to ensure that the

Supervisory Staff had the necessary experience, coaching and

assessment skills to act as a competent supervisor;

(b)
the timing and frequency of compliance visits was not influenced by

issues/risks associated with particular ARs or even the number of

RIs employed by an AR but were calendar driven;

(c)
the methodology and approach for reviewing key areas during the

annual visits was not sufficiently challenging to identify non-

compliance and instances where customers might not be treated

fairly; and

Page 20 of 38

(d)
the Supervisory Staff did not supervise the DIM activity carried on

by ARs and RIs of Investments, despite evidence of poor behaviour.

(4)
monitoring of the Supervisory Staff was ineffective because KPIs for the

Supervisory Staff roles were time driven rather than qualitative indicators

of performance and development points identified for the Supervisory Staff

tended to be minor and procedural in nature.

Compliance and file checking

5.9.
Investments failed to establish and maintain adequate compliance and file

checking arrangements, appropriate to the size and types of business conducted

by Investments. In particular:

(1)
file checking processes did not adequately identify and assess risks. The

methodology for file selection was not sufficiently influenced by the risk

rating of ARs and/or RIs and as a result Investments did not always ensure

that a spread of higher risk products was checked;

(2)
weaknesses in the file review methodology meant that file checking might

not deliver a sufficiently robust assessment of suitability;

(3)
no quality assurance assessment of file checking had been carried out

since May 2012. Quality assurance assessments conducted prior to that

date focused on post-sale checking only;

(4)
Investments had been aware for some time of significant risks relating to

the accuracy and quality of new business information input into the

Database but had failed to take appropriate steps to control this risk

effectively. For example, the RIs did not attend comprehensive training on

the Database before they began to give advice and Investments did not

have an effective method of retrospectively checking that ARs’ and RIs’

entries on to the NBR were accurate; and

(5)
Investments did not monitor the suitability of DIM decisions and the

management of customer portfolios.

Page 21 of 38

Risk management processes

5.10. Investments
failed
to
implement
effective
processes
to
enable
senior

management to identify, measure, manage and control the risks that Investments

was, or might, be exposed to. In particular:

(1)
the scope and quality of MI provided to the Board and its sub-committees

was not sufficient to enable senior management to identify and monitor

risk effectively;

(2)
Investments’ Board and its senior management team focussed on dealing

with incidents and issues that had already materialised rather than

proactively identifying and monitoring on-going risks;

(3)
the DIM activity of Investments was not routinely considered by

Investments’ Board or sub-committees; and

(4)
the absence of an internal audit function meant that there was no robust

mechanism for assessing the effectiveness of Investments’ internal

systems and controls.

5.11. Taking into account the potentially high risk investment management activities it

offered, the Authority considers that Investments’ systems and controls were

inadequate. The Authority considers that the failings were systemic.

5.12. As a result of these failings, the Authority considers that Investments failed to

take reasonable care to organise and control its affairs responsibly and

effectively, with adequate risk management systems, in breach of Principle 3.

6.
SANCTION

6.1.
The Authority’s policy in relation to the imposition of a financial penalty or public

censure is set out in Chapter 6 of DEPP which forms part of the Authority’s

Handbook. The regulatory provisions governing the determination of financial

penalties changed on 6 March 2010.

6.2.
The Authority’s policy in relation to the imposition of a suspension or restriction is

set out in Chapter 6A of DEPP which forms part of the Authority’s Handbook. The

regulatory provisions governing the imposition of a suspension or restriction were

introduced on 8 August 2010.

Page 22 of 38

Introduction

6.3.
The Authority considered that a financial penalty of £621,583 on Investments in

respect of its breaches of Principle 3 throughout the Relevant Period was

appropriate. However, as Investments has satisfied the Authority that payment of

such a penalty would cause it serious financial hardship, the Authority reduces

the level of the penalty to nil and instead publishes a statement that Investments

has breached Principle 3.

6.4.
In addition to publishing such a statement, the Authority considers that it is

appropriate also to impose a restriction on Investments in respect of its

misconduct between 8 August 2010 and 30 April 2013, on the basis that the

penalty would cause Investments serious financial hardship and it is appropriate

to reduce the financial penalty. The Authority believes that imposing a restriction

here alongside a statement of misconduct, as an alternative to payment of a

financial penalty, will be a more effective and persuasive deterrent than the

imposition of a statement of misconduct alone.

6.5.
Accordingly the Authority, in addition to a statement of misconduct, also imposes

a restriction on Investments for a period of 126 days from the date this Final

Notice is issued, so that Investments may not appoint any AR or RI during that

period.

Financial penalty

6.6.
The conduct in issue took place both before and after 6 March 2010. As set out at

paragraph 2.7 of the Authority Policy Statement 10/4, when calculating a financial

penalty where the conduct straddles penalty regimes, the Authority must have

regard to both the penalty regime which was effective before 6 March 2010 (the

‘old penalty regime’) and the penalty regime which was effective after 6 March

2010 (the ‘new penalty regime’).

Financial penalty under the old regime

6.7.
The Authority’s policy on the imposition of a financial penalty relevant to the

misconduct prior to 6 March 2010 is set out in Chapter 6 of DEPP that was in

force up to and including 5 March 2010. All references to DEPP in this section are

references to that version.

6.8.
The Authority has also had regard to the corresponding provisions of Chapter 7 of

the Authority’s Enforcement Guide in force at the time.

Page 23 of 38

6.9.
In determining whether a financial penalty is appropriate, the Authority is

required to consider all the relevant circumstances of the case. DEPP 6.5.2G sets

out a non-exhaustive list of factors which may be relevant to determining the

appropriate level of financial penalty. The Authority considers that the following

factors are particularly relevant in this case.

Deterrence (DEPP 6.5.2(1))

6.10. When determining the level of penalty, the Authority has regard to the principal

purpose for which it imposes sanctions, namely to promote high standards of

regulatory and market conduct.

6.11. The Authority considers that the financial penalty will deter Investments and

other similar network firms in the market from committing similar breaches. The

Authority also considers that the penalty will demonstrate generally to other

adviser network firms that a business model which affords its ARs and RIs a high

degree of flexibility is not acceptable and will reinforce the importance of collating

quality MI, embedding risk-focused systems and controls and encouraging a

consumer-focused culture.

The nature, seriousness and impact of the breach (DEPP 6.5.2(2))

6.12. There was a real risk of significant consumer detriment resulting from

Investments’ breaches of Principle 3, in that there was a real risk that its ARs and

RIs would make personal recommendations to customers which were not

demonstrably suitable. Investments did not adequately manage or mitigate that

risk during the Relevant Period.

6.13. The Authority considers Investments’ breaches to be serious in that the failings

were systemic, impacted all categories of Investments’ business, and persisted

for a significant and continuous period of time without correction.

Conduct following the breach (DEPP 6.5.2(8))

6.14. Investments has cooperated fully with the Authority’s investigation and, with a

new senior management team in place, has taken substantive action to remedy

the failings identified.

Disciplinary record and compliance history (DEPP 6.5.2(9))

6.15. The Authority has taken account of Investments’ general compliance history. In

particular, as a result of actions taken by the Authority during the Relevant

Page 24 of 38

Period, Investments had knowledge of the Authority’s concerns relating to the

weaknesses in systems and controls and the risk management framework at

Group level but failed adequately to address those concerns. In particular,

Investments was referred to Enforcement in 2009 as a result of similar concerns

identified during the Authority’s thematic review of another subsidiary of the

Group’s pension-switching recommendations. Following its investigation, in

February 2010, the Authority imposed a financial penalty on Mr Charles Palmer,

the CEO of the Group at the time and the current owner of the Group.

Past action taken by the Authority (DEPP 6.5.2(10))

6.16. In determining the level of financial penalty under the old regime, the Authority

has taken into account penalties imposed on other authorised firms for similar

behaviour.

Old Regime Conclusion

6.17. Having considered all the circumstances set out above, the Authority considers

that £200,000 is an appropriate financial penalty to impose on Investments under

the old regime. In the event, Investments has provided verifiable evidence to

establish that imposing any financial penalty would cause it serious financial

hardship.

Financial Penalty under the new regime

6.18. Under the new regime, in force after 6 March 2010, the Authority applies a five-

step framework to determine the appropriate level of financial penalty. DEPP 6.5A

sets out the details of the five-step framework that applies in respect of financial

penalties imposed on firms.

6.19. Pursuant to DEPP 6.5A.1G, at Step 1 the Authority seeks to deprive a firm of the

financial benefit derived directly from the breach where it is practicable to

quantify this. The Authority’s investigation did not seek to determine the extent

of any actual detriment and it has not therefore identified any financial benefit

that Investments derived directly from the breaches of Principle 3.

6.20. Investments is currently undertaking PBRs and an internal review in relation to its

pension switching and UCIS recommendations in order to address the

Page 25 of 38

weaknesses previously identified by the Authority. The final outcome of this

exercise is as yet unknown, but may result in redress being paid to consumers.

6.21. The Step 1 figure is therefore nil.

Step 2: Seriousness of breach

6.22. Pursuant to DEPP 6.5A.2G, at Step 2 the Authority determines a figure that

reflects the seriousness of the breach. Where the amount of revenue generated

by a firm from a particular product line or business area is indicative of the harm

or potential harm that its breach may cause, that figure will be based on a

percentage of the firm’s revenue from the relevant products or business area.

6.23. The Authority considers that the revenue generated by all ARs and RIs within

Investments’ network (“the Network Revenue”) to be indicative of the potential

harm caused by the breach. The Authority has therefore determined a figure

based on a percentage of the total Network Revenue during the period of the

breach. The period of Investments’ breach in relation to the new penalty regime

was from 6 March 2010 to 30 April 2013. The total Network Revenue for this

period is £2,555,050.

6.24. In deciding on the percentage of the relevant revenue that forms the basis of the

Step 2 figure, the Authority considers the seriousness of the breach and chooses

a percentage between 0% and 20%. This range is divided into five fixed levels

which represent, on a sliding scale, the seriousness of the breach; the more

serious the breach, the higher the level. For penalties imposed on firms there are

the following five levels:

(1)
Level 1 – 0%

(2)
Level 2 – 5%

(3)
Level 3 – 10%

(4)
Level 4 – 15%

(5)
Level 5 – 20%

6.25. In assessing the seriousness level, the Authority takes into account various

factors which reflect the impact and nature of the breach, and whether it was

committed deliberately or recklessly.

6.26. The Authority has determined the seriousness of Investments’ breaches to be

Level 4 for the purposes of Step 2, having taken into account the following:

Page 26 of 38

(1)
DEPP 6.5A.2G(6) sets out factors relating to the impact of the breaches:

(a)
the Authority has not identified any direct financial benefit to

Investments as a result of the breaches of Principle 3;

(b)
Investments exposed over 1,400 customers to a risk of loss as a

result of the breaches of Principle 3, in that there was a risk that its

RIs would make personal recommendations to customers which

were not demonstrably suitable. Investments did not adequately

manage or mitigate that risk during the Relevant Period; and

(c)
loss to individual consumers has not been identified or quantified at

this stage but the Authority has required Investments to conduct

further PBRs in relation to its pension-switching recommendations

and is supervising Investments’ internal review of its promotion and

sale of UCIS (during the Relevant Period, Investments undertook 24

individual sales of UCIS funds to 22 customers). Both the ongoing

PBRs and the internal review may result in redress being paid to

consumers.

(2)
DEPP 6.5A.2G(7) sets out factors relating to the nature of the breach:

(a)
Investments’ breaches of Principle 3 revealed systemic weaknesses

in its systems and controls relating to the recruitment, monitoring

and control of its ARs and RIs; and

(b)
the weaknesses identified persisted for a significant and continuous

period of time without correction.

(3)
DEPP 6.5A.2G(8) and (9) set out factors tending to show the breach was

either deliberate or reckless. The Authority has not identified any evidence

to suggest that Investments acted deliberately or recklessly in committing

the breaches of Principle 3;

(4)
DEPP 6.5A.2G(11) sets out factors likely to be considered ‘level 4 factors’,

or ‘level 5 factors’. The Authority considers the following factors to be

relevant:

(a)
loss to individual consumers has not been identified or quantified at

this stage but the Authority has required Investments to conduct

further PBRs in relation to its pension-switching recommendations

and is supervising Investments’ internal review of its promotion and

Page 27 of 38

sale of UCIS (during the Relevant Period, Investments undertook 24

individual sales of UCIS funds to 22 customers). Both the ongoing

PBRs and the internal review may result in redress being paid to

consumers;

(b)
Investments’ breaches of Principle 3 revealed systemic weaknesses

in Investments’ systems and controls relating to the recruitment,

monitoring and control of its ARs;

(c)
no financial crime was facilitated, occasioned or otherwise

attributable to Investments’ breaches;

(d)
Investments’ breaches did not create a significant risk that financial

crime would be facilitated, occasioned or otherwise occur;

(e)
the Authority has not identified anything which suggests that

Investments failed to conduct its business with integrity; and

(f)
the Authority does not consider that Investments’ breaches were

committed deliberately or recklessly.

(5)
DEPP 6.5A.2G(12) sets out factors likely to be considered ‘level 1 factors’,

‘level 2 factors’ or ‘level 3 factors’. The Authority considers the following

factors to be relevant:

(a)
the Authority has not identified any direct financial benefit to

Investments as a result of the breaches of Principle 3;

(b)
the Authority has not identified any actual or potential effects on

the orderliness of, or confidence in, markets as a result of

Investments’ misconduct; and

(c)
the breaches appear to have been committed negligently or

inadvertently.

6.27. Because Investments’ breaches of Principle 3 amounted to gross negligence,

rather than deliberate or reckless misconduct, and because the systemic

weaknesses in Investments’ systems and controls persisted for a significant and

continuous period of time without adequate correction, exposing 1,407 customers

to a risk of loss, the Authority considers that Investments’ breaches should be

considered to be Level 4 breaches.

Page 28 of 38

6.28. A Level 4 breach equates to 15% of the Network Revenue. The new regime

penalty after Step 2 is therefore £383,258.

Step 3: mitigating and aggravating factors

6.29. Pursuant to DEPP 6.5A.3G(2), at Step 3 the Authority may increase or decrease

the amount of the financial penalty arrived at after Step 2 (but not including any

amount disgorged at Step 1) to take into account factors which aggravate or

mitigate the breach.

6.30. The Authority considers that the following factors aggravate the breach:

(1)
the failings in breach of Principle 3 occurred despite the Authority’s

concerns in relation to Investments’ inadequate systems and controls

being raised in supervisory correspondence on a number of occasions

during the Relevant Period; and

(2)
the weaknesses in Investments’ systems and controls were also brought to

the attention of Investments as a result of an investigation by the

Authority which led to the issuing of a Final Notice in February 2010 in

relation to the conduct of the CEO of the Group.

6.31. The Authority considers that the following factors mitigate the breach:

(1)
Investments now has a new Board in place. The new Board began

implementing improvements to Investments’ systems and controls and risk

management framework prior to the appointment of the Skilled Person;

and

(2)
in late 2012 and early 2013 the new Board proactively engaged with the

Authority and the Skilled Person to remedy weakness identified by the

Authority, the Skilled Person’s Report and the new Board itself, in

accordance with an agreed remedial action plan.

6.32. Having taken these aggravating and mitigating factors into account the Authority

considers that an aggregate uplift of 10% is appropriate.

6.33. The Step 3 figure is therefore 110% of £383,258 equating to £421,583.

Step 4: adjustment for deterrence

6.34. Pursuant to DEPP 6.5A.4G, if the Authority considers the figure arrived at after

Step 3 is insufficient to deter Investments who committed the breach, or others,

Page 29 of 38

from committing further or similar breaches, then the Authority may increase the

penalty.

6.35. The Authority considers the Step 3 figure of £421,583 represents a sufficient

deterrent to Investments and others, and so has not increased the penalty at

Step 4.

6.36. Taking into account the old regime penalty of £200,000, the total combined

penalty equates to £621,583.

6.37. The Authority considers that combining the two separate penalties calculated

under the old and new penalty regimes produces a figure which is proportionate

and consistent with the Authority’s statements that the new penalty regime may

lead to increased penalty levels.

6.38. The Step 4 figure is therefore £621,583.

6.39. The Authority would have sought to impose a total financial penalty of £621,583

on Investments for its breaches of Principle 3, were it not that Investments has

provided verifiable evidence to establish that imposing any financial penalty

would cause it serious financial hardship. The penalty is therefore reduced to nil.

Step 5: settlement discount

6.40. As the financial penalty has been reduced to nil before calculation of any discount

for early settlement, no further discount is applicable.

6.41. DEPP 6.4.2G sets out the factors that may be of particular relevance in

determining whether it is appropriate to issue a public censure. The criteria are

not exhaustive and DEPP 6.4.1G(1) provides that the Authority will consider all

the relevant circumstances of the case when deciding whether to impose a

penalty or issue a public censure.

6.42. The Authority considered the following factors to be particularly relevant in this

case:

(1)
pursuant to DEPP 6.4.2G(8)(a) the application of the Authority’s policy on

serious financial hardship has resulted in the financial penalty against

Investments being reduced to nil; and

Page 30 of 38

(2)
pursuant to DEPP 6.4.2G(8)(b) there is verifiable evidence that

Investments would be unable to meet other regulatory requirements,

particularly financial resource requirements, if the Authority had imposed a

financial penalty at the appropriate level.

6.43. Having considered all the circumstances set out above, the Authority considers

that £621,583 would be the appropriate penalty to impose on Investments.

However, taking into account Investments’ financial position and the fact the

penalty has, as a result, been reduced to nil, the Authority is publishing a

statement that Investments has contravened regulatory requirements.

Restriction

6.44. The Authority also imposes a restriction on Investments, for a period of 126 days

from the date this Final Notice is issued, so that Investments is restricted during

that period from appointing any AR or RI.

6.45. The restriction the Authority imposes is a disciplinary measure in respect of

Investments’ misconduct between 8 August 2010 (when the statutory power to

impose a restriction came in to force) and 30 April 2013.

6.46. When determining whether a restriction is appropriate, the Authority is required

to consider the full circumstances of the case. The Authority will impose a

restriction where it believes that such action will be a more effective and

persuasive deterrent than the imposition of a financial penalty alone. DEPP

6A.2.3G specifies examples of circumstances where the Authority may consider it

appropriate to impose a restriction.

6.47. The main reason why the Authority considers that a restriction is appropriate in

the circumstances of this case is because Investments has provided verifiable

evidence to establish that imposing any financial penalty would cause it serious

financial hardship, pursuant to DEPP6A.2.3G(6). The Authority believes that

imposing a restriction in this instance, in addition to a statement of misconduct

and as an alternative to payment of a penalty, would be a more effective and

persuasive deterrent than the imposition of a financial penalty reduced to nil and

a statement of misconduct alone.

6.48. In addition, the Authority considers that a restriction is appropriate because the

Authority has previously taken Enforcement action in respect of similar breaches,

including action against Mr Charles Palmer (who holds significant influence

Page 31 of 38

functions at Investments and is the current owner of the Group). Investments

failed to take appropriate steps to improve its systems and controls as a result of

this action.

6.49. Investments’ failings also suggest a poor compliance culture at Investments. In

particular, as set out at paragraph 4.8 above, the Skilled Person’s Report

attributed the failings identified to:

(1)
the inherent risks of Investments’ business model which afforded ARs and

RIs a high degree of flexibility; and

(2)
the cultural focus at Investments which resulted in the ARs being treated

as the customers rather than the end consumers who received the advice.

6.50. The Authority considers that the restriction it is imposing to be appropriate in that

it will demonstrate to other similar network firms in the market that where a firm

continues to operate with a poor compliance culture the Authority will take

disciplinary action to suspend and/or restrict that firm’s regulated activities, in

combination with a financial penalty or as an alternative sanction.

Length of restriction

6.51. When determining the length of the period of restriction that is appropriate for

the breach concerned, and is also a sufficient deterrent, the Authority will

consider all the relevant circumstances of the case. DEPP 6A.3.2G sets out factors

that may be relevant in determining the appropriate length of the period of

restriction. The Authority considers that the following factors are particularly

relevant in this case.

Deterrence (DEPP 6A.3.2G(1))

6.52. When determining the length of the period of restriction, the Authority has regard

to the principal purpose for which it imposes a restriction, namely to promote

high standards of regulatory and/or market conduct by deterring persons who

have committed breaches from committing further breaches, helping to deter

other persons from committing similar breaches, and demonstrating generally the

benefits of compliant behaviour.

6.53. The Authority considers that the restriction it is imposing will deter Investments

and other similar network firms in the market from committing similar breaches.

It will also emphasise that a firm which negligently or otherwise allows systemic

Page 32 of 38

failings in its systems and controls and risk management framework to persist for

a significant and continuous period of time without adequate correction will not

escape disciplinary action, regardless of its financial position.

The seriousness of the breach (DEPP 6A.3.2G(2))

6.54. When assessing the seriousness of the breach, the Authority takes into account

various factors (which may include those listed in DEPP 6.5A.2G (6) to (9)) which

reflect the impact and nature of the breach, and whether it was committed

deliberately or recklessly.

6.55. When considering the seriousness of the breaches, the Authority has taken into

account the following:

(1)
Investments exposed 1,407 customers to a significant risk of loss as a

result of the breaches of Principle 3, in that there was a significant risk

that its RIs would make personal recommendations to customers which

were not suitable. Investments did not adequately manage or mitigate that

significant risk during the Relevant Period (specifically 8 August 2010 to 30

April 2013);

(2)
loss to individual consumers has not been identified or quantified at this

stage but the Authority has required Investments to conduct further PBRs

in relation to its pension-switching recommendations and is supervising

Investments’ internal review of its promotion and sale of UCIS (during the

Relevant Period, Investments undertook 24 individual sales of UCIS funds

to 22 customers). Both the ongoing PBRs and the internal review may

result in redress being paid to consumers;

(3)
Investments’ breaches of Principle 3 revealed systemic weaknesses in its

systems and controls relating to the recruitment, monitoring and control of

its ARs and RIs and the weaknesses identified persisted for a significant

and continuous period of time without correction;

(4)
the Authority has not identified any evidence to suggest that Investments

acted deliberately or recklessly in committing the breaches of Principle 3;

(5)
no financial crime was facilitated, occasioned or otherwise attributable to

Investments’ breaches and Investments’ breaches did not create a

significant risk that financial crime would be facilitated, occasioned or

otherwise occur;

Page 33 of 38

(6)
the Authority has not identified anything which suggests that Investments

failed to conduct its business with integrity; and

(7)
the Authority has not identified any actual or potential effects on the

orderliness of, or confidence in, markets as a result of Investments’

misconduct.

Aggravating and mitigating factors (DEPP 6A.3.2G(3))

6.56. The Authority takes into account various factors (which may include those listed

in DEPP 6.5A.3G (2)) which may aggravate or mitigate a breach.

6.57. The Authority considers that the following factors aggravate the breach:

(1)
the failings in breach of Principle 3 occurred despite the Authority’s

concerns in relation to Investments’ inadequate systems and controls

being raised in supervisory correspondence on a number of occasions

during the Relevant Period (specifically 8 August 2010 to 30 April 2013);

and

(2)
the weaknesses in Investments’ systems and controls were also brought to

the attention of Investments as a result of an investigation by the

Authority which led to the issuing of a Final Notice in February 2010 in

relation to the conduct of the CEO of the Group.

6.58. The Authority considers that the following factors mitigate the breach:

(1)
Investments now has a new Board in place. The new Board began

implementing improvements to Investments’ systems and controls and risk

management framework prior to the appointment of the Skilled Person;

and

(2)
in late 2012 and early 2013 the new Board proactively engaged with the

Authority and the Skilled Person to remedy weaknesses identified by the

Authority, the Skilled Person’s Report and the new Board itself, in

accordance with an agreed remedial action plan.

6.59. The total length of restriction the Authority is imposing on Investments is

therefore 126 days.

Impact of restriction on Investments (DEPP 6A.3.2G(4))

Page 34 of 38

6.60. When assessing the impact of the restriction on Investments, the Authority has

taken into account the following:

(1)
Investments’ expected lost revenue and profits from not being able to

recruit new ARs and RIs until the expiry of the restriction;

(2)
the cost of the measures Investments may be required to undertake in

order to comply with the restriction;

(3)
potential economic costs, for example, the payment of salaries to

employees who will not work during the period of restriction or the

payment of compensation to consumers who will suffer loss as a result of

the restriction;

(4)
the effect on other areas of Investments’ business; and

(5)
the restriction would not cause Investments serious financial hardship.

Impact of restriction on persons other than Investments (DEPP 6A.3.2G(5))

6.61. When assessing the impact of the restriction on persons other than Investments,

the Authority considers the following to be relevant:

(1)
consumers will not suffer loss or inconvenience as a result of the

restriction. The restriction does not impact existing ARs and RIs who are

permitted to carry on the relevant regulated activities within Investments’

Part 4A permission during the period of restriction; and

(2)
the restriction would not have an impact on the markets.

6.62. Having taken into account all the circumstances of the case, including the

considerations set out at DEPP 6A.3.3G, the Authority does not consider it

appropriate to delay the commencement of the period of restriction.

Settlement discount

6.63. Investments agreed to settle at an early stage of the Authority’s investigation.

Investments therefore qualified for a 30% (stage 1) discount to the length of the

restriction under the Authority’s executive settlement procedures. Were it not for

this discount, the Authority would have imposed a restriction of 180 days (six

months) on Investments.

Page 35 of 38

6.64. The Authority considered that a financial penalty of £621,583 on Investments in

respect of its breaches of Principle 3 throughout the Relevant Period was

appropriate. However, as Investments has satisfied the Authority that payment of

such a penalty would cause it serious financial hardship, the Authority has

reduced the level of the penalty to nil and instead is publishing a statement that

Investments has breached Principle 3.

6.65. In addition to publishing such a statement, the Authority considers that it is

appropriate also to impose a restriction on Investments in respect of its

misconduct between 8 August 2010 and 30 April 2013, on the basis that the

penalty would cause Investments serious financial hardship and it is appropriate

to reduce the financial penalty. The Authority believes that imposing a restriction

here, as an alternative to a financial penalty, will be a more effective and

persuasive deterrent than the imposition of a financial penalty reduced to nil

together with a statement of misconduct.

6.66. Accordingly the Authority, in addition to a statement of misconduct, also imposes

a restriction on Investments for a period of 126 days from the date this Final

Notice is issued, so that Investments may not appoint any AR or RI during that

period.

6.67. Pursuant to DEPP 6A.4.3G, the Authority considers that the combination of

sanctions is proportionate considering the nature and seriousness of the Principle

3 breaches and the fact Investments is unable to pay the financial penalty as a

result of serious financial hardship.

7.
PROCEDURAL MATTERS

Decision maker

7.1.
The decision which gave rise to the obligation to give this Final Notice was made

by the Settlement Decision Makers.

7.2.
This Final Notice is given under, and in accordance with, section 390 of the Act.

7.3.
Sections 391(4), 391(6) and 391(7) of the Act apply to the publication of

information about the matter to which this notice relates. Under those

provisions, the Authority must publish such information about the matter to which

this notice relates as the Authority considers appropriate. The information may

Page 36 of 38

be published in such manner as the Authority considers appropriate. However,

the Authority may not publish information if such publication would, in the opinion

of the Authority, be unfair to you or prejudicial to the interests of consumers or

detrimental to the stability of the UK financial system.

7.4.
The Authority intends to publish such information about the matter to which this

Final Notice relates as it considers appropriate.

Authority contacts

7.5.
For more information concerning this matter generally, contact Paul Howick

(direct line: 020 7066 7954 /email: paul.howick@fca.org.uk) of the Enforcement

and Financial Crime Division of the Authority.

Bill Sillett
Head of Department
Financial Conduct Authority, Enforcement and Financial Crime Division


Page 37 of 38

ANNEX A:


STATUTORY PROVISIONS

Statutory objectives

1.
The Authority’s strategic objective, set out in section 1B(2) of the Act, is to ensure

that the relevant markets function well.

2.
The Authority’s operational objectives, set out in sections 1B to 1H of the Act, are

as follows:

(1)
securing an appropriate degree of protection for consumers (“the consumer
protection objective”);

(2)
protecting and enhancing the integrity of the UK financial system (“the
integrity objective”); and

(3)
promoting effective competition in the interests of consumers (“the
competition objective”).

Imposition of a restriction

3.
Section 206A of the Act provides that where an authorised person has contravened

a requirement imposed on it under the Act the Authority may impose, for such

period as it considers appropriate, such limitations or other restrictions in relation

to the carrying on of a regulated activity by the person as it considers appropriate.

4.
A restriction may, in particular, be imposed so as to require the person concerned

to take, or refrain from taking, specified action. The period for which the restriction

is to have effect may not exceed 12 months.

Imposition of a financial penalty

5.
Section 206 of the Act provides that the Authority may impose a penalty on an

authorised person, of such amount as it considers appropriate, if it considers that it

has contravened a relevant requirement imposed on it.

6.
Financial is an authorised person for the purposes of section 206 of the Act. The

requirements imposed on authorised persons include those set out in the

Authority’s rules and made under section 137A of the Act.

Imposition of a public censure

7.
Section 205 of the Act provides that where an authorised person has contravened a

requirement imposed on him under the Act the Authority may publish a statement

to this effect.

Page 38 of 38

REGULATORY GUIDANCE AND POLICY

Principles for Businesses (the “Principles”)

8.
In exercising its power to issue a financial penalty, the Authority must have regard

to the relevant provisions in the Authority’s Handbook.

9.
The Principles are set out in the section of the FCA Handbook entitled ‘PRIN’. They

apply in whole or in part to every authorised firm (PRIN 1.1.1G) and are a general

statement of the fundamental obligations of firms under the regulatory system.

They derive their authority from the FCA’s rule-making powers as set out in the

Act, reflect the FCA’s regulatory objectives (PRIN 1.1.2G) and apply with respect to

the carrying out of regulated activities (PRIN 3.2.1R).

10.
The relevant Principle in this case is Principle 3 (Management and Control), which

states that a firm must take reasonable care to organise and control its affairs

responsibly and effectively, with adequate risk management systems.

Decision Procedure and Penalties Manual (DEPP)

11.
Guidance on the imposition and amount of penalties is set out in Chapter 6 of

DEPP, which came into effect on 28 August 2007. Changes to DEPP were

introduced on 6 March 2010.

12.
Guidance on the imposition of a suspension or restriction and the period for which

those suspensions or restrictions are to have effect, is set out in Chapter 6A of

DEPP, which came into effect on 6 August 2010.

13.
The relevant sections of DEPP are set out in the main body of this Notice.

Enforcement Guide (EG)

14.
The Authority’s approach to taking disciplinary action is set out in Chapter 2 of EG.

The Authority’s approach to financial penalties, suspensions and public censures is

set out in Chapter 7 of EG.

15.
EG 7.1 states that the effective and proportionate use of the Authority’s powers to

enforce the requirements of the Act, the rules and the Statements of Principles for

Approved Persons (APER) will play an important role in the Authority’s pursuit of its

statutory objectives. Imposing financial penalties, suspensions and public censures

shows that the Authority is upholding regulatory standards and helps to maintain

market confidence and deter financial crime. An increased public awareness of

regulatory standards also contributes to the protection of consumers.


© regulatorwarnings.com

Regulator Warnings Logo