Final Notice
On , the Financial Conduct Authority issued a Final Notice to Macquarie Bank Limited
FINAL NOTICE
To:
Macquarie Bank Limited, London Branch
Reference
Number:
170934
Address:
Ropemaker Place
28 Ropemaker Street
London
EC2Y 9HD
UNITED KINGDOM
Date:
18 November 2024
1.
ACTION
1.1.
For the reasons given in this Final Notice, the Authority hereby imposes on
Macquarie Bank Limited, London Branch (“MBL”) a financial penalty of
£13,031,400 pursuant to section 206 of the Act for breaches of Principle 3 of the
Authority’s Principles for Businesses.
1.2
MBL agreed to resolve this matter and qualified for a 30% (Stage 1) discount
under the Authority’s executive settlement procedures. Were it not for this
discount, the Authority would have imposed a financial penalty of £18,616,400 on
MBL.
2.
SUMMARY OF REASONS
2.1.
MBL is a company incorporated in Australia which forms part of a global financial
services group. It operates in the UK through its London Branch and has been
authorised by the Authority since December 2001.
2.2.
MBL is organised globally into a number of operating groups including the
Commodities and Global Markets group (“CGM”), which includes the Commodity
Markets and Finance (“CMF”) division. The CMF division incorporates different
trading areas, including the Metals and Bulks Trading Desk.
2.3.
In February 2022, MBL discovered that a trader on the Metals and Bulks Trading
Desk based in the London Branch (“the Trader”) had recorded a large number of
fictitious trades on MBL’s internal systems in order to conceal trading losses he
had incurred. These fictitious trades had been recorded over a period of 20
months from 17 June 2020 through to 23 February 2022 (“the Fictitious Trading”).
Upon discovery of the Fictitious Trading, MBL uncovered the Trader’s hidden
trading losses and unwound the positions incurring a loss to MBL of approximately
USD 57.8 million.
2.4.
The Fictitious Trading had not been prevented or detected earlier due to
deficiencies in MBL’s systems and controls relating to oversight and monitoring of
trader positions. These systems and controls were relevant to trading on the
Metals and Bulks Trading Desk and thereby gave rise to the same risk across
significant areas of trading activity.
2.5.
Principle 3 of the Authority’s Principles for Businesses states as follows:
A firm must take reasonable care to organise and control its affairs
responsibly and effectively, with adequate risk management systems.
2.6.
MBL did not take reasonable care to organise and control its affairs responsibly
and effectively, with adequate risk management systems. In particular:
3
a.
The Product Control Team’s (“PC Team”) daily profit and loss (“P&L”)
reporting process, which was in place to detect and investigate discrepancies
between daily trading book positions and a trader’s daily P&L estimate, was
ineffective and failed to appropriately identify and deal with discrepancies.
b.
The End of Day (“EOD”) futures reconciliation process failed to ensure that
breaks (i.e., discrepancies) in the reconciliation process were adequately
managed. The design of the control was also deficient because it excluded
trades with future-dated clearing dates, with the result that such trades
avoided scrutiny by this process.
c.
The cancelled, amended and backdated trades (“CABs”) post-trade
reporting control was deficient in its design and relied on the flawed EOD
reconciliation process as a compensating control. As a result, this control
failed to adequately report on exchange cleared futures trades. The failures
in this control were exacerbated by the poor functioning of the CAB
Committee that had been set up to manage risks associated with CABs.
d.
The process for independent verification of broker quotes was insufficient to
prevent the use of unverified and falsified quotes. The same trader
responsible for the Fictitious Trading was able to submit falsified broker
quotes against which the profitability of their positions were assessed.
2.7.
In addition to the failings set out above, the Authority considers that there were
further failings in MBL’s risk management framework, which contributed to the
continuation of the deficiencies in MBL’s systems and controls referred to in
paragraph 2.6 above. In summary:
a.
The Risk and Control Self-Assessment (“RCSA”) failed to adequately
measure and monitor the risks identified in EOD futures reconciliations, CAB
reporting, and P&L analysis in the Relevant Period. Contributing factors to
this failure included how RCSA risk entries were recorded, such as
aggregating multiple controls into one issue, and not containing detailed
descriptions of the relevant underlying activities; and
b.
In 2020, in response to a number of issues identified with the relevant
trading controls by earlier external and internal reviews, including by the
Internal Audit Division (“IAD”), a project designed to address the
recommendations from those reviews was implemented (“Project Papa”).
MBL failed to ensure that Project Papa had appropriate governance
arrangements in place to deliver the project’s outcomes effectively. In
particular, the governance structure, resourcing model and assurance
processes were not appropriate for the project. Had the recommended
enhancements to MBL’s systems and controls in Project Papa been
implemented, the ineffective systems and controls would have been
resolved and the Fictitious Trading would likely have been identified earlier.
The Authority’s view of the breaches and sanction
2.8.
Notwithstanding that the Fictitious Trading had no market impact, the Authority
considers these breaches to be serious. It is of fundamental importance that a
firm has effective oversight of its traders and can accurately assess trading
positions and corresponding P&L. The systems and controls in this case were
ineffective to the extent that a relatively junior trader was able to identify them
and take steps to avoid the Fictitious Trading being detected over a 20-month
period. The deficiencies in the systems and controls left MBL without proper
oversight and control of trading activity within the Metals and Bulks Trading Desk.
It is also of fundamental importance that firms have risk management frameworks
that appropriately identify, measure and monitor the risks a firm is exposed to.
This extends to ensuring that projects seeking to remediate systems and controls
issues have effective governance, appropriate resourcing models, and timely
assurance performed over them. MBL’s failures in its risk management framework
contributed to the continuation of the deficiencies in MBL’s systems and controls.
2.9.
The Authority hereby imposes on MBL a financial penalty of £13,031,400 pursuant
to section 206 of the Act. This action supports the Authority’s statutory objective
of protecting and enhancing the integrity of the UK financial system.
3.
DEFINITIONS
3.1.
The definitions below are used in this Notice:
“BORM” means the Business Operational Risk Management team;
“CAB/s” means trades that were Cancelled, Amended and Backdated and are a
post-trade reporting control;
“CAB Committee” means the CAB Review Committee;
“CGM” means the Commodities and Global Markets group;
“CMF” means Commodity Markets and Finance;
“DEPP” means the Authority’s Decision Procedure and Penalties Manual;
“EOD” means End of Day;
“GCS” means the MBL Global Clearing System;
“IAD” means the Internal Audit Division;
“IVT” means Independent Valuation Team;
“MBL” means Macquarie Bank Limited which is incorporated in Australia and has
a branch registered in the UK;
“MGL” means Macquarie Group Limited, listed in Australia;
“MOD” means the Market Operations team within the Operations Division;
“MTS” means Macquarie Treasury System;
“P&L” means Profit and Loss;
“PC Team” means the Product Control Team;
“Project Papa” means the MBL project designed to address the recommendations
from external and internal reviews into unauthorised trading controls and other
controls;
“RCSA” means Risk and Control Self-Assessment;
“Relevant Period” means between 17 June 2020 and 24 February 2022;
“the Act” means the Financial Services and Markets Act 2000;
“the Authority” means the Financial Conduct Authority;
“the Bulks Desk” means the Bulks trading desk within the Metals and Bulks
Trading Desk;
“the Fictitious Trading” means the recording and amending of fictitious trades, in
the manner described in this Notice, by the Trader from 17 June 2020 to 23
February 2022;
“the Metals and Bulks Trading Desk” is divided into three trading areas: Precious
Metals, Base Metals and Bulks;
“the Principles” means the Authority’s Principles for Businesses;
“the Trader” means the trader who conducted the Fictitious Trading; and
“the Tribunal” means the Upper Tribunal (Tax and Chancery Chamber).
4.
FACTS AND MATTERS
4.1.
MBL is a subsidiary of Macquarie Group Limited (“MGL”) which is a global financial
services group listed in Australia operating in 34 markets in asset management,
retail and business banking, wealth management, leasing and asset financing,
market access, commodity trading, renewables development, specialist advice,
access to capital and principal investment. MBL is incorporated in Australia and
regulated by the Australian Prudential Regulation Authority. MBL operates in the
UK through its London Branch and has been authorised by the Authority since 1
4.2.
MGL entities employ over 1,700 people in the UK with MBL London Branch having
assets of £24.3 billion.
4.3.
MBL is organised globally into a number of operating groups including CGM, which
includes the CMF division. The CMF division incorporates different trading areas,
including the Metals and Bulks Trading Desk. The Metals and Bulks Trading Desk
is divided into three trading areas: Precious Metals, Base Metals and Bulks. The
7
systems and controls relevant to this Notice apply to different trading areas within
the CMF division including all of the London based trading activities of the Metals
and Bulks Trading Desk.
4.4.
On 23 February 2022, MBL discovered that a trader on the Metals and Bulks
Trading Desk based in the London Branch had recorded a large number of fictitious
trades on MBL’s internal systems in order to conceal trading losses they had
incurred. The Trader worked on the Bulks Desk. The misconduct was detected
by MBL following an internal routine risk controls report which indicated a limit
breach caused by a trade being closed-out on 23 February 2022, and then
unclosed later that same day by the Trader. On the same day, concerns were
escalated internally and a meeting with the Trader was arranged for the following
day. During that meeting, the Trader admitted to the Fictitious Trading and taking
steps to avoid their detection. Later that day, the Trader resigned with immediate
effect.
4.5.
According to trade analysis carried out by MBL as part of the unwinding of the
Trader’s loss-making positions, the Trader recorded and amended 426 fictitious
trades over a period of 20 months from 17 June 2020 through to 23 February
2022. MBL’s ineffective systems and controls meant that the Fictitious Trading
could take place over this period of time, enabling the Trader to mask his actual
loss-making positions by giving the appearance that the Trader’s loss position had
been lowered. The Fictitious Trading comprised trades with no external impact or
economic reality and only existed as entries on MBL’s internal systems. To conceal
the Fictitious Trading, the Trader was able to circumvent the then existing trading
controls by either cancelling, amending or backdating the trades multiple times.
The Trader was able to do this without the Fictitious Trading being detected until
February 2022.
4.6.
When the Fictitious Trading was identified and the positions unwound, MBL
incurred losses of approximately USD 57.8 million. No clients were impacted by
these events and it did not impact the market, but the Fictitious Trading was
sufficiently material that a statement was included in MBL’s Annual Report for the
financial year ending March 2022.
4.7.
The Fictitious Trading was not prevented or detected for the 20 month period due
to deficiencies in MBL’s systems and controls relating to oversight and monitoring
of trader positions, and failings in its risk management framework. The systems
and controls relating to oversight and monitoring of trader positions were relevant
to all trading on the Metals and Bulks Trading Desk and thereby created the same
risk across significant areas of trading activity.
The systems and controls breaches
4.8.
Collectively, MBL’s systems and controls relating to oversight and monitoring of
trader positions formed part of a suite of systems and controls intended to
mitigate the risk of unauthorised trading. MBL considered that unauthorised
trading consisted of trading activity by a firm which is not in accordance with its
internal trading policies, procedures, limits, risk tolerances and/or acceptable
losses; and/or provisions that prohibit fraud, market manipulation and insider
trading; and/or performed on a client’s account without the client’s permission.
MBL defined an example of fraudulent trading activity as creating false or
misleading records within or providing unauthorised amendments to databases,
administration systems, or accounting records. The risk of unauthorised trading
crystallised in the form of the Fictitious Trading, through the failings set out below
in MBL’s systems and controls.
The Product Control Team’s daily P&L reporting process
4.9.
The PC Team was responsible for ensuring all trading book positions are subject
to checks of daily P&L and reconciling it with a trader’s P&L estimate, which was
provided at the end of each trading day. The purpose of this control was to operate
as a check on P&L discrepancies and to mitigate the risk that any P&L
discrepancies, which may have been generated from errors or unauthorised
trading, were not detected, investigated or escalated.
4.10.
Traders were required to provide a P&L estimate to the PC Team at the end of
each trading day using Macquarie Treasury System (“MTS”) positions which was
then reconciled by the PC Team against the trader’s estimate. The PC Team were
required to ensure they understood the impact of any backdated trades on the
P&L they were reconciling and comment when necessary.
4.11.
The purpose of this control was to detect discrepancies in relation to a trader’s
P&L estimates (including unusual backdated P&L, as had occurred in the case of
the Fictitious Trading). Where discrepancies were detected, this should have
initiated further enquiries and investigation (as appropriate) by the PC Team.
4.12.
During the Relevant Period, there were the following deficiencies in this control:
a.
The control only required the PC Team to request an explanation and
investigate backdated trades greater than the threshold amount set at USD
50,000. This meant that multiple material backdated trades that netted to
a P&L amount below investigation thresholds were not required to be
analysed unless the USD 50,000 threshold was breached. This threshold was
known by the Trader and therefore risked being circumvented. For example,
regarding the Fictitious Trading, the Trader was informed of the USD 50,000
threshold by the PC Team and learnt that any PC Team challenge may be
limited if the amount was under the threshold. The Trader was able to use
this knowledge to circumvent the control and create offsetting fictitious
trades to generate false P&L and keep his desk below the USD 50,000
threshold.
b.
The PC Team were not sufficiently robust in dealing with discrepancies in
P&L. The process did not require sufficient review and escalation of P&L
issues in order to reasonably check that any discrepancies were justified.
Rather, the PC Team worked with traders to resolve issues in a way that
meant the control lacked effectiveness. For example, regarding the Fictitious
Trading, the Trader was able to pre-empt and prevent any potential
challenge from the PC Team by alerting them to backdates and providing a
brief and superficial and/or untrue explanation or justification (which the PC
Team accepted with insufficient scrutiny or follow up). Furthermore, the
Trader’s practice was to request a holdout or adjustment to P&L for a day
whilst he made an amendment signposted in the explanation, or requested
an adjustment to prevent the variance exceeding the known USD 50,000
threshold. The Trader and the PC Team, having agreed the P&L position,
would also on occasion agree for a clean email to be sent to the wider PC
Team distribution list confirming the holdout and subsequent amendment.
c.
The PC Team were also set up in a way that allowed junior members of the
PC Team to operate without due oversight, such that the control lacked
effectiveness. For example, regarding the Fictitious Trading, the Trader was
able to minimise potential challenges by contacting junior members of the
PC Team individually with an estimate of his P&L figures and request a
breakdown of the PC Team’s figures.
End of Day futures reconciliation process
4.13.
The Market Operations team within the Operations Division (“MOD”) was
responsible for the daily performance of EOD futures reconciliations between
trades in the MTS (which was populated with data by MBL traders) and the MBL
Global Clearing System (“GCS”) (which contained data direct from the relevant
exchanges).
4.14.
The EOD futures reconciliation process was designed to identify instances where
the details in MTS did not match those in GCS, with these mismatches called
‘breaks’. Where there were any breaks in the reconciliation, this control required
MOD to go to the relevant trader to resolve any breaks in the data and/or escalate
to the relevant team depending on the nature and/or duration of the break.
4.15.
There were two main design issues with this control:
a.
First, the resolution and escalation processes within this control were
manual with a reliance on judgement to be applied as to which breaks to
action and escalate. This need for human judgement to determine which
breaks to investigate and/or escalate in the EOD futures reconciliation
presented a vulnerability in the control and meant it was not set up to be
sufficiently effective. For example, in July 2020, MOD identified that a
number of the Trader’s trades were sitting in MTS without a matching
exchange entry for several days before then being closed out. While this
generated an initial discussion between MOD, the CMF Chief Operating
Officer team and a CMF supervisor, the issue was not followed up through
to resolution.
b.
Second, there was a flaw in that the control was designed to exclude
exchange cleared trades with future-dated clearing dates. There was no
separate control process to validate trades with future-dated clearing dates.
With regard to the Fictitious Trading, this weakness meant that the Trader
was able to evade detection from this control by rolling the clearing date
forward and therefore avoid appearing on the EOD futures reconciliation as
a break which would have required follow-up.
4.16.
These design failures were exacerbated by a lack of robust processes that meant
that timeframes for resolving breaks and escalation were not necessarily followed.
With regard to the Fictitious Trading, this weakness was reflected in the fact that
there was an insufficient response to probe breaks with little challenge to the
Trader either by MOD or by CMF supervisors. At least one MOD employee knew
on 11 November 2021 that certain trades were being given a future-dated clearing
date by the Trader. However, the combination of the lack of a control process to
validate trades with a future-dated clearing date and the lack of robust challenge
within the control resulted in the Trader continuing the Fictitious Trading
undetected for a further three months.
4.17.
Of further concern to the Authority is that these design issues had been identified
by MBL prior to the start of the Fictitious Trading. However, the processes were
largely unchanged and MBL failed to implement adequate systems.
CABs reporting and monitoring
4.18.
The purpose of the CABs control, operated by CGM’s Business Operational Risk
Management team (“BORM”), was to effectively monitor CABs for unusual activity.
Where unusual or recurring patterns were identified, these should have been
escalated for further investigation.
4.19.
A significantly high number of amended trading entries generated by a trader
should have led to further escalation and investigation into what was causing a
high concentration of CABs entries from them.
4.20.
During the Relevant Period, CMF supervisors would receive a weekly email from
BORM containing a report showing that week’s CABs (“the weekly CABs email”).
The cover email would break down the total number of CABs into three categories:
(i) explained by logic, (ii) explained by BORM; and (iii) requiring explanation from
a senior member of staff. A spreadsheet provided the underlying data.
4.21.
The spreadsheet in the weekly CABs email included thousands of lines of CABs
data which meant that it was not practical for the CMF supervisors to review.
They therefore relied on the summary table provided at the top of the email
breaking the CABs down into the three categories described above.
4.22.
Between April 2020 and May 2021, certain trades, including exchange cleared
futures trades, were subject to “exclusion rules” and were therefore entirely
excluded from the summary table in the weekly CABs email. From May 2021,
exchange cleared futures trades were included in the weekly CABs email
spreadsheet, but they were subject to “auto-explain rules”. These auto-explain
rules were applied according to the flawed reasoning that these trades were
thought to be subject to the MOD EOD futures reconciliation process and thereby
automatically explained as having an “internal counterparty”. As such, exchange
cleared futures trades were included in the data, but never highlighted in the
summary table.
4.23.
The summarised CABs information also failed to consider trends or concentration
in events to be able to effectively identify suspicious or unauthorised trading
activity. This meant the system was ineffective to spot any suspicious activity as
it required CMF supervisors to review thousands of lines of CABs data and look for
trends.
4.24.
Contributing to the continued ineffectiveness of this CAB reporting control during
the Relevant Period was the poorly functioning CAB Review Committee (the “CAB
Committee”). The CAB Committee was set up in June 2020 as a result of issues
being identified with CABs reporting through Project Papa. The aim of this
committee was to provide a governance forum to monitor and manage risks
associated with CABs. In accordance with its Terms of Reference, the CAB
Committee was required to meet quarterly and was required to sign off on CAB
rules annually.
4.25.
The CAB Committee did not adequately respond to issues identified above in
relation to CAB reporting. An example of an inadequate response was the fact
that it failed to meet regularly as required. In November 2020, despite there still
being outstanding action points and unanswered questions regarding the
effectiveness of the MOD EOD futures reconciliation process as a compensating
control, the CAB Committee approved a provisional set of rules which included the
CAB exclusion and auto-explain rules identified in paragraph 4.22 above as
contributing to the deficiency in CAB reporting. The CAB Committee also failed
to discuss the presentation and content of CAB reports sent to CMF supervisors.
4.26.
The poor design of this CABs control, and the failure of the CAB Committee to
mitigate the risk of the identified issues, crystallised with the Trader concealing
the Fictitious Trading. The Trader repeatedly amended the clearing date of their
fictitious trades, which generated a significantly high number of CABs; the Trader
was responsible for 9,269 CABs out of 13,311 total CABs for the entire Bulks Desk
and therefore accounted for 70% of the Bulk Desk’s total CABs between June
2020 and December 2021. However, this concentration was not noticed because
exchange cleared CABs were not in the CAB report at all until May 2021 and then,
even when they were captured, they were not highlighted. The deficiencies in the
control therefore enabled the Fictitious Trading to remain undetected for 20
months.
4.27.
Within the Metals and Bulks Trading Desk (and other MBL business areas), broker-
provided volatility curves quotes were required to value trading positions. If
working effectively, the Independent Valuation Team’s (“IVT”) independent
broker quotes control should have ensured that market quotes were either
independently sourced, or independently tested by the IVT where the quotes were
sourced by the traders.
4.28.
The objective of this control was to ensure the integrity of production marks and
prevent key risks including valuation error or fraud and financial or risk
misstatement.
4.29.
A lack of robust processes in place to ensure the independent verification of broker
quotes by the IVT led to certain members of the IVT obtaining volatility curves
quotes directly from the Trader without subsequent verification. The Trader was
able to submit false market quotes to the IVT to further facilitate the Fictitious
Trading by making his positions appear more profitable than they were and further
conceal his loss-making positions.
4.30.
Certain members of the IVT did not source all the rates independently and did not
always independently test or review the rates provided by traders. In relation to
the Trader, this resulted in the falsification of quotes going undetected throughout
the Relevant Period. From June 2020 to January 2022, the Trader was able to
circumvent the independent testing requirement by simply providing 46 falsified
quotes directly to the IVT (this was 63% of the total quotes provided by the
Trader). The falsification took the form of altering the figures to give a false
impression of the market prices for that period of time. On some occasions in
addition to this, the Trader manually changed the date the quote had been
received from the broker and removed months of data manually before forwarding
on to the IVT. As a direct result of falsifying the quotes, the book was incorrectly
valued. On detection, when the Trader’s positions were closed out in February
2022, differences between some recorded marks and the actual market rates
resulted in a loss to MBL of USD 1.3million.
Risk management and assurance framework - Risk and Control Self-Assessment
4.31.
If functioning effectively, the RCSA process should identify, measure and monitor
risks consistently and comprehensively to facilitate prioritisation and management
of risks within MBL’s risk management framework.
4.32.
Prior to the discovery of the Fictitious Trading, weaknesses in controls relevant to
unauthorised trading had been identified in the RCSA process. These included
weaknesses relevant to the EOD futures reconciliation process, CAB reporting and
P&L analysis in the Relevant Period.
4.33.
There were issues with how RCSA risk entries were recorded, such as aggregating
multiple controls into one issue and not containing detailed descriptions of the
relevant underlying activities, which reduced MBL’s ability to measure and monitor
the risks adequately. The RCSA process was ineffective in ensuring the identified
risks were effectively measured, prioritised and managed. This contributed to the
delay in the detection of the Fictitious Trading.
Risk management and assurance framework – Governance of Project Papa
4.34.
Project Papa was implemented in response to two external reviews which
concluded in December 2019 and January 2020 (the latter being a Skilled Person
Review) that raised issues in relation to MBL’s controls to prevent and detect
unauthorised trading. Each review made recommendations for enhancements to
MBL’s trading controls and Project Papa was designed to address those
recommendations.
4.35.
Part of the role of the IAD aspect of MBL’s risk framework is to provide
independent and objective risk-based assurance on the compliance with, and
effectiveness of, MBL’s financial and risk management framework. This includes
assessing whether key internal controls have been properly designed and are
operating effectively and sustainably to mitigate material risks. In February
2020, as part of a wider audit process, IAD identified issues relevant to those
identified in MBL’s investigation into the Fictitious Trading. These included Front
Office trading supervision issues which referenced supervisory oversight, CABs
and P&L reviews. IAD also identified gaps in CAB reporting resulting in a lack of
effective oversight, including the absence of trending analysis being provided to
CMF supervisors to assist with identifying unauthorised trading. A number of
these issues corresponded with findings from the earlier reviews. As a result, the
findings from IAD were taken up into Project Papa.
4.36.
However, there were multiple issues with the governance arrangements for
Project Papa including that the governance structure and resourcing model was
inappropriate for a highly complex project of that type. Examples include the
project having limited dedicated resources, an absence of resources from diverse
skill sets, an underutilisation of project management disciplines, and a lack of
clearly defined terms of reference to set out the holistic overall plan including the
primary objective of the project, decision making arrangements and escalation
criteria.
4.37.
Further, there was a lack of assurance activities for Project Papa, including a lack
of a clear methodology on how IAD would approach active monitoring of the
progress of the project. IAD did not undertake formal assurance work of Project
Papa until September 2021, which culminated in a report in January 2022. As a
result, it failed to identify key risks to the project at a critical stage of its
establishment.
4.38.
As a result of the inappropriate governance, resourcing and assurance
arrangements, actions within Project Papa relevant to the Fictitious Trading were
not prioritised or delivered to the required depth and breadth to adequately
mitigate the risk of unauthorised trading, including preventing or detecting the
Fictitious Trading. Had the actions been adequately prioritised and delivered, it is
likely that the Fictitious Trading would have been detected much earlier than it
ultimately was.
Events post discovery of the Fictitious Trading
4.39.
Following an internal investigation by MBL and reviews of the relevant systems
and controls environment, several senior members of staff had their profit share
reduced and remediation activity was initiated by MBL. Remediation processes
included, but were not limited to:
a.
Implementing a tactical exchange trade monitoring process within the CMF
division and the Fixed Income and Currencies division specifically to address
the deferred clearing date vulnerability in MTS;
b.
Materially reducing market risk limits for the assets in question;
c.
the IVT re-affirming its processes to ensure all broker rates are sourced
directly from brokers with exceptions escalated to the Business Rates
Committee; and
d.
the CAB Committee reconvening in March 2022..
5.
FAILINGS
5.1.
The regulatory provisions relevant to this Notice are referred to in Annex A.
5.2.
Principle 3 of the Authority’s Principles for Businesses states as follows:
A firm must take reasonable care to organise and control its affairs
responsibly and effectively, with adequate risk management systems.
5.3.
MBL breached Principle 3 because it did not take reasonable care to organise and
control its affairs responsibly and effectively, with adequate risk management
systems. In particular:
a.
The PC Team’s daily P&L reporting process which was in place to monitor
and investigate discrepancies in a trader’s P&L estimates, was ineffective
and failed to identify and deal with discrepancies.
b.
The EOD futures reconciliation process failed to ensure that breaks in the
reconciliation process were adequately managed. The design of the control
was also deficient as it excluded trades with future clearing dates, with the
result that such trades avoided scrutiny by this system.
c.
The CAB reporting control was deficient in its design and relied on a flawed
EOD reconciliation process as a compensating control. As a result, this
control failed to adequately report on exchange cleared futures trades. The
failures in this control were exacerbated by the poor functioning of the CAB
Committee that had been set up to manage risks associated with CABs.
d.
The process in place for independent verification of broker quotes was
insufficient to prevent the use of unverified and falsified quotes. The same
Trader responsible for the Fictitious Trading was able to submit falsified
broker quotes against which the profitability of their positions was assessed.
5.4.
In addition to the failings set out above, the Authority considers that there were
further failings in MBL’s risk management framework that contributed to the
continuation of the deficiencies in MBL’s systems and controls referred to in
paragraph 5.3 above. In summary:
a.
RCSA failed to adequately measure and monitor the risks identified in EOD
futures reconciliations, CAB reporting and P&L analysis in the Relevant
Period. Contributing factors to this failure included how RCSA risk entries
were recorded, such as aggregating multiple controls into one issue and not
containing detailed descriptions of the relevant underlying activities; and
b.
MBL failed to ensure that Project Papa had appropriate governance
arrangements in place to deliver the project’s outcomes effectively. In
particular, the governance structure, resourcing model and assurances
processes were not appropriate for the project. Had the recommended
enhancements to MBL’s systems and controls in Project Papa been
implemented, the ineffective systems and controls would have been
resolved and the Fictitious Trading would likely have been identified earlier.
The Authority’s view of the breaches
5.5.
Notwithstanding that the Fictitious Trading had no market impact, the Authority
considers these breaches to be serious. It is of fundamental importance that a
firm has effective oversight of its traders and can accurately assess trading
positions and corresponding P&L. The systems and controls in this case were
ineffective to the extent that a relatively junior trader was able to identify them
and take steps to avoid the Fictitious Trading being detected over a 20-month
period. The deficiencies in the systems and controls left MBL without proper
oversight and control of trading activity within the Metals and Bulks Trading Desk.
It is also of fundamental importance that firms have risk management frameworks
that appropriately identify, measure and monitor the risks a firm is exposed to.
This extends to ensuring that projects seeking to remediate systems and controls
issues have effective governance frameworks and appropriate resourcing models,
with timely assurance performed over them. MBL’s failures in its risk management
framework contributed to the continuation of the deficiencies in MBL’s systems
and controls.
6.
SANCTION
Financial penalty
6.1.
The Authority’s policy for imposing a financial penalty is set out in Chapter 6 of
DEPP. In respect of conduct occurring on or after 6 March 2010, the Authority
applies a five-step framework to determine the appropriate level of financial
penalty. DEPP 6.5A sets out the details of the five-step framework that applies in
respect of financial penalties imposed on firms.
Step 1: disgorgement
6.2.
Pursuant to DEPP 6.5A.1G, at Step 1 the Authority seeks to deprive a firm of the
financial benefit derived directly from the breach where it is practicable to quantify
this.
6.3.
The Authority has not identified any financial benefit that MBL London Branch
derived directly from this breach.
6.4.
Step 1 is therefore £0.
Step 2: the seriousness of the breach
6.5.
Pursuant to DEPP 6.5A.2G, at Step 2 the Authority determines a figure that
reflects the seriousness of the breach. Where the amount of revenue generated
by a firm from a particular product line or business area is indicative of the harm
or potential harm that its breach may cause, that figure will be based on a
percentage of the firm’s revenue from the relevant products or business area.
6.6.
The Authority considers that the gross revenue generated by trading activity
undertaken in MBL’s London Branch by the Metals and Bulks Trading Desk is
indicative of the harm or potential harm caused by MBL’s breach. The Authority
has therefore determined that the relevant revenue is the revenue of the Metals
and Bulks Trading Desk, generated by trading activity originating from the London
Branch, during the period of the breach, June 2020 to February 2022. This is
because MBL’s breaches relates to the deficient systems and controls which did
not adequately detect and mitigate the risk of unauthorised trading within trading
on the Metals and Bulks Trading Desk, and the risk management framework
failings which contributed to the continuation of the deficiencies.
6.7.
The Authority considers the relevant revenue generated by trading activity
originating from the London Branch of MBL’s Metals and Bulks Trading Desk for
this period is £65,320,714.
6.8.
In deciding on the percentage of the relevant revenue that forms the basis of the
Step 2 figure, the Authority considers the seriousness of the breach and chooses
a percentage between 0% and 20%. This range is divided into five fixed levels
which represent, on a sliding scale, the seriousness of the breach; the more
serious the breach, the higher the level. For penalties imposed on firms there are
the following five levels:
Level 1 – 0%
Level 2 – 5%
Level 3 – 10%
Level 5 – 20%
6.9.
In assessing the seriousness level, the Authority takes into account various factors
which reflect the impact and nature of the breach, and whether it was committed
deliberately or recklessly. The Authority considers the following factors to be
relevant:
DEPP 6.5A.2G(11)(b) - Serious or systemic weaknesses in the management
systems or internal controls relating to all or part of the firm’s business
6.10.
The breach revealed serious deficiencies in the systems and controls relating to
the Metals and Bulks Trading Desk and MBL’s risk management framework.
DEPP 6.5A.2G(11)(d) - the breach created a significant risk that financial crime
would be facilitated, occasioned or otherwise occur
6.11.
MBL London Branch failed to take reasonable care to establish, implement and
maintain adequate and effective systems and controls to mitigate the risk that its
employees would undertake unauthorised trading and where such unauthorised
trading was carried out, to detect the trading in a timely manner. The failure to
mitigate the risks of unauthorised trading extended to the risks of financial crime
being occasioned.
DEPP 6.5A.2G(12)(a) - little, or no, profits were made or losses avoided as a result
of the breach, either directly or indirectly
6.12.
The Fictitious Trading was not visible externally to MBL. The fictious trades
appeared on MBL’s internal systems as exchange-listed trades but they had no
corresponding external exchange position. There was no effect on the markets
as a result of the Fictitious Trading. MBL suffered a loss as a result of unwinding
the Fictitious Trading which amounted to approximately USD 57.8 million.
6.13.
Taking all of these factors into account, the Authority considers the seriousness
of the breach to be level 4 and so the Step 2 figure is 15% of £65,320,714.
6.14.
Step 2 is therefore £9,798,107.10.
Step 3: mitigating and aggravating factors
6.15.
Pursuant to DEPP 6.5A.3G, at Step 3 the Authority may increase or decrease the
amount of the financial penalty arrived at after Step 2, but not including any
amount to be disgorged as set out in Step 1, to take into account factors which
aggravate or mitigate the breach.
6.16.
The Authority considers that the following factor aggravates the breach:
DEPP 6.5A.3G(2)(i) whether the FCA publicly called for an improvement in
standards in relation to the behaviour constituting the breach or similar behaviour
before or during the occurrence of the breach.
6.17.
The Authority informed firms of the risk of unauthorised trading in two Market
Watch Bulletins in 2008 and the importance of establishing, implementing and
maintaining adequate systems and controls to mitigate the risk that unauthorised
trading could be undertaken and where such misconduct occurred, to detect
unauthorised trading in a timely manner.
6.18.
The Authority considers that the following factor mitigates the breach:
DEPP 6.5A.3G(2)(b) the degree of cooperation the firm showed during the
investigation of the breach by the FCA, or any other regulatory authority allowed
to share information with the FCA.
6.19.
MBL has consistently displayed a high level of cooperation during this investigation
(and this has extended into how it conducted itself during settlement). It notified
the Authority immediately after discovering the Fictitious Trading; responded
promptly and fully to all the Authority’s information requirements without creating
obstacles to the provision of the information; and it proactively brought additional
information to the Authority’s attention. MBL commissioned, and promptly shared
with the Authority, internal investigation reports which looked at the root causes
of the Fictitious Trading, including a review of its unauthorised trading controls.
MBL has not asserted privilege over any material. MBL’s cooperation has saved
the Authority significant time and resource.
6.20.
Having taken into account these aggravating and mitigating factors, the Authority
considers that the Step 2 figure should be decreased by 5%.
6.21.
Step 3 is therefore £9,308,201.75.
Step 4: adjustment for deterrence
6.22.
Pursuant to DEPP 6.5A.4G, if the Authority considers the figure arrived at after
Step 3 is insufficient to deter the firm who committed the breach, or others, from
committing further or similar breaches, then the Authority may increase the
penalty.
6.23.
The Authority considers that the Step 3 figure of £9,308,201.75 is too small to
meet its objective of credible deterrence and it is likely that similar breaches will
be committed by the Firm or other firms in the future in the absence of an increase
to the penalty.
6.24.
In making this assessment, the Authority has considered the nature of the
misconduct, the impact of the misconduct, and the size and financial resources of
the Firm. In relation to the nature of the misconduct, combatting financial crime
is one of the Authority’s key priorities, and that includes the expectation that firms
defend themselves against financial crime. MBL failed to adequately mitigate the
risk of unauthorised trading, which included failing to prevent or detect the
Fictitious Trading. The Authority has published various materials on combatting
financial crime for a number of years now and, as a result, imposed substantial
penalties on regulated firms for ineffective systems and controls for preventing
financial crime. A failure to impose a significant penalty for breaches of this
nature, may cause firms to consider that having robust systems and controls, and
appropriately governed, resourced remediation programmes, with adequate
levels of assurance, are not of significant importance to the Authority.
6.25.
The Authority considers that a multiplier of two should be applied at Step 4.
6.26.
Step 4 is therefore £18,616,403.49.
Step 5: settlement discount
6.27.
Pursuant to DEPP 6.5A.5G, if the Authority and the firm on whom a penalty is to
be imposed agree the amount of the financial penalty and other terms, DEPP 6.7
provides that the amount of the financial penalty which might otherwise have
been payable will be reduced to reflect the stage at which the Authority and the
firm reached agreement. The settlement discount does not apply to the
disgorgement of any benefit calculated at Step 1.
6.28.
The Authority and MBL London Branch reached agreement at Stage 1 and so a
30% discount applies to the Step 4 figure.
6.29.
Step 5 is therefore £13,031,400 (rounded down to the nearest £100).
6.30.
The Authority hereby imposes a total financial penalty of £13,031,400 on MBL
London Branch for breaching Principle 3.
7.
PROCEDURAL MATTERS
7.1.
This Notice is given to MBL London Branch under and in accordance with section
390 of the Act.
7.2.
The following statutory rights are important.
Decision maker
7.3.
The decision which gave rise to the obligation to give this Notice was made by the
Settlement Decision Makers.
Manner and time for payment
7.4.
The financial penalty must be paid in full by MBL to the Authority no later than 2
December 2024.
If the financial penalty is not paid
7.5.
If all or any of the financial penalty is outstanding on 3 December 2024, the
Authority may recover the outstanding amount as a debt owed by MBL and due
to the Authority.
7.6.
Sections 391(4), 391(6) and 391(7) of the Act apply to the publication of
information about the matter to which this Notice relates. Under those provisions,
the Authority must publish such information about the matter to which this Notice
relates as the Authority considers appropriate. The information may be published
in such manner as the Authority considers appropriate. However, the Authority
may not publish information if such publication would, in the opinion of the
Authority, be unfair to you or prejudicial to the interests of consumers or
detrimental to the stability of the UK financial system.
7.7.
The Authority intends to publish such information about the matter to which this
Final Notice relates as it considers appropriate.
Authority contacts
7.8.
For more information concerning this matter generally, contact Hayley England-
Secker at the Authority (direct line: 020 70660832; email: Hayley.England-
Secker@fca.org.uk).
Financial Conduct Authority, Enforcement and Market Oversight Division
ANNEX A
RELEVANT STATUTORY AND REGULATORY PROVISIONS
1.
RELEVANT STATUTORY PROVISIONS
1.1
The Authority’s statutory objectives, set out in section 1B(3) of the Act, include
the integrity objective.
1.2
The Authority has the power to impose an appropriate penalty on an authorised
person if the Authority considers that an authorised person has contravened a
relevant requirement (section 206 of the Act).
1.3
Section 206(1) of the Act provides:
“If the Authority considers that an authorised person has contravened a
requirement imposed on him by or under this Act… it may impose on him a
penalty, in respect of the contravention, of such amount as it considers
appropriate.”
2.
RELEVANT REGULATORY PROVISIONS
Principles for Businesses
2.1
The Principles are a general statement of the fundamental obligations of firms
under the regulatory system and are set out in the Authority’s Handbook. They
derive their authority from the Authority’s rule-making powers set out in the Act.
The relevant Principle is as follows.
“A firm must take reasonable care to organise and control its affairs
responsibly and effectively, with adequate risk management systems”.
Other Relevant Regulatory Provisions
2.3
In exercising its powers to impose a financial penalty, the Authority has had
regard to the relevant regulatory provisions published in the Authority’s
Handbook. The Handbook provisions relevant in this matter are the Principles, the
Decision Procedure and Penalties Manual (DEPP) and the Enforcement Guide (EG).
2.4
Chapter 6 of DEPP sets out the Authority’s policy for imposing a financial penalty.
For conduct occurring on or after 6 March 2010, the Authority applies a five-step
framework to determine the appropriate level of financial penalty. DEPP 6.5A sets
out the details of the five-step framework that applies to financial penalties
imposed on firms. The conduct that is the subject matter of this Notice took place
after 6 March 2010.
2.5
EG sets out the Authority’s approach to taking disciplinary action. The Authority’s
approach to financial penalties is set out in Chapter 7 of EG.
To:
Macquarie Bank Limited, London Branch
Reference
Number:
170934
Address:
Ropemaker Place
28 Ropemaker Street
London
EC2Y 9HD
UNITED KINGDOM
Date:
18 November 2024
1.
ACTION
1.1.
For the reasons given in this Final Notice, the Authority hereby imposes on
Macquarie Bank Limited, London Branch (“MBL”) a financial penalty of
£13,031,400 pursuant to section 206 of the Act for breaches of Principle 3 of the
Authority’s Principles for Businesses.
1.2
MBL agreed to resolve this matter and qualified for a 30% (Stage 1) discount
under the Authority’s executive settlement procedures. Were it not for this
discount, the Authority would have imposed a financial penalty of £18,616,400 on
MBL.
2.
SUMMARY OF REASONS
2.1.
MBL is a company incorporated in Australia which forms part of a global financial
services group. It operates in the UK through its London Branch and has been
authorised by the Authority since December 2001.
2.2.
MBL is organised globally into a number of operating groups including the
Commodities and Global Markets group (“CGM”), which includes the Commodity
Markets and Finance (“CMF”) division. The CMF division incorporates different
trading areas, including the Metals and Bulks Trading Desk.
2.3.
In February 2022, MBL discovered that a trader on the Metals and Bulks Trading
Desk based in the London Branch (“the Trader”) had recorded a large number of
fictitious trades on MBL’s internal systems in order to conceal trading losses he
had incurred. These fictitious trades had been recorded over a period of 20
months from 17 June 2020 through to 23 February 2022 (“the Fictitious Trading”).
Upon discovery of the Fictitious Trading, MBL uncovered the Trader’s hidden
trading losses and unwound the positions incurring a loss to MBL of approximately
USD 57.8 million.
2.4.
The Fictitious Trading had not been prevented or detected earlier due to
deficiencies in MBL’s systems and controls relating to oversight and monitoring of
trader positions. These systems and controls were relevant to trading on the
Metals and Bulks Trading Desk and thereby gave rise to the same risk across
significant areas of trading activity.
2.5.
Principle 3 of the Authority’s Principles for Businesses states as follows:
A firm must take reasonable care to organise and control its affairs
responsibly and effectively, with adequate risk management systems.
2.6.
MBL did not take reasonable care to organise and control its affairs responsibly
and effectively, with adequate risk management systems. In particular:
3
a.
The Product Control Team’s (“PC Team”) daily profit and loss (“P&L”)
reporting process, which was in place to detect and investigate discrepancies
between daily trading book positions and a trader’s daily P&L estimate, was
ineffective and failed to appropriately identify and deal with discrepancies.
b.
The End of Day (“EOD”) futures reconciliation process failed to ensure that
breaks (i.e., discrepancies) in the reconciliation process were adequately
managed. The design of the control was also deficient because it excluded
trades with future-dated clearing dates, with the result that such trades
avoided scrutiny by this process.
c.
The cancelled, amended and backdated trades (“CABs”) post-trade
reporting control was deficient in its design and relied on the flawed EOD
reconciliation process as a compensating control. As a result, this control
failed to adequately report on exchange cleared futures trades. The failures
in this control were exacerbated by the poor functioning of the CAB
Committee that had been set up to manage risks associated with CABs.
d.
The process for independent verification of broker quotes was insufficient to
prevent the use of unverified and falsified quotes. The same trader
responsible for the Fictitious Trading was able to submit falsified broker
quotes against which the profitability of their positions were assessed.
2.7.
In addition to the failings set out above, the Authority considers that there were
further failings in MBL’s risk management framework, which contributed to the
continuation of the deficiencies in MBL’s systems and controls referred to in
paragraph 2.6 above. In summary:
a.
The Risk and Control Self-Assessment (“RCSA”) failed to adequately
measure and monitor the risks identified in EOD futures reconciliations, CAB
reporting, and P&L analysis in the Relevant Period. Contributing factors to
this failure included how RCSA risk entries were recorded, such as
aggregating multiple controls into one issue, and not containing detailed
descriptions of the relevant underlying activities; and
b.
In 2020, in response to a number of issues identified with the relevant
trading controls by earlier external and internal reviews, including by the
Internal Audit Division (“IAD”), a project designed to address the
recommendations from those reviews was implemented (“Project Papa”).
MBL failed to ensure that Project Papa had appropriate governance
arrangements in place to deliver the project’s outcomes effectively. In
particular, the governance structure, resourcing model and assurance
processes were not appropriate for the project. Had the recommended
enhancements to MBL’s systems and controls in Project Papa been
implemented, the ineffective systems and controls would have been
resolved and the Fictitious Trading would likely have been identified earlier.
The Authority’s view of the breaches and sanction
2.8.
Notwithstanding that the Fictitious Trading had no market impact, the Authority
considers these breaches to be serious. It is of fundamental importance that a
firm has effective oversight of its traders and can accurately assess trading
positions and corresponding P&L. The systems and controls in this case were
ineffective to the extent that a relatively junior trader was able to identify them
and take steps to avoid the Fictitious Trading being detected over a 20-month
period. The deficiencies in the systems and controls left MBL without proper
oversight and control of trading activity within the Metals and Bulks Trading Desk.
It is also of fundamental importance that firms have risk management frameworks
that appropriately identify, measure and monitor the risks a firm is exposed to.
This extends to ensuring that projects seeking to remediate systems and controls
issues have effective governance, appropriate resourcing models, and timely
assurance performed over them. MBL’s failures in its risk management framework
contributed to the continuation of the deficiencies in MBL’s systems and controls.
2.9.
The Authority hereby imposes on MBL a financial penalty of £13,031,400 pursuant
to section 206 of the Act. This action supports the Authority’s statutory objective
of protecting and enhancing the integrity of the UK financial system.
3.
DEFINITIONS
3.1.
The definitions below are used in this Notice:
“BORM” means the Business Operational Risk Management team;
“CAB/s” means trades that were Cancelled, Amended and Backdated and are a
post-trade reporting control;
“CAB Committee” means the CAB Review Committee;
“CGM” means the Commodities and Global Markets group;
“CMF” means Commodity Markets and Finance;
“DEPP” means the Authority’s Decision Procedure and Penalties Manual;
“EOD” means End of Day;
“GCS” means the MBL Global Clearing System;
“IAD” means the Internal Audit Division;
“IVT” means Independent Valuation Team;
“MBL” means Macquarie Bank Limited which is incorporated in Australia and has
a branch registered in the UK;
“MGL” means Macquarie Group Limited, listed in Australia;
“MOD” means the Market Operations team within the Operations Division;
“MTS” means Macquarie Treasury System;
“P&L” means Profit and Loss;
“PC Team” means the Product Control Team;
“Project Papa” means the MBL project designed to address the recommendations
from external and internal reviews into unauthorised trading controls and other
controls;
“RCSA” means Risk and Control Self-Assessment;
“Relevant Period” means between 17 June 2020 and 24 February 2022;
“the Act” means the Financial Services and Markets Act 2000;
“the Authority” means the Financial Conduct Authority;
“the Bulks Desk” means the Bulks trading desk within the Metals and Bulks
Trading Desk;
“the Fictitious Trading” means the recording and amending of fictitious trades, in
the manner described in this Notice, by the Trader from 17 June 2020 to 23
February 2022;
“the Metals and Bulks Trading Desk” is divided into three trading areas: Precious
Metals, Base Metals and Bulks;
“the Principles” means the Authority’s Principles for Businesses;
“the Trader” means the trader who conducted the Fictitious Trading; and
“the Tribunal” means the Upper Tribunal (Tax and Chancery Chamber).
4.
FACTS AND MATTERS
4.1.
MBL is a subsidiary of Macquarie Group Limited (“MGL”) which is a global financial
services group listed in Australia operating in 34 markets in asset management,
retail and business banking, wealth management, leasing and asset financing,
market access, commodity trading, renewables development, specialist advice,
access to capital and principal investment. MBL is incorporated in Australia and
regulated by the Australian Prudential Regulation Authority. MBL operates in the
UK through its London Branch and has been authorised by the Authority since 1
4.2.
MGL entities employ over 1,700 people in the UK with MBL London Branch having
assets of £24.3 billion.
4.3.
MBL is organised globally into a number of operating groups including CGM, which
includes the CMF division. The CMF division incorporates different trading areas,
including the Metals and Bulks Trading Desk. The Metals and Bulks Trading Desk
is divided into three trading areas: Precious Metals, Base Metals and Bulks. The
7
systems and controls relevant to this Notice apply to different trading areas within
the CMF division including all of the London based trading activities of the Metals
and Bulks Trading Desk.
4.4.
On 23 February 2022, MBL discovered that a trader on the Metals and Bulks
Trading Desk based in the London Branch had recorded a large number of fictitious
trades on MBL’s internal systems in order to conceal trading losses they had
incurred. The Trader worked on the Bulks Desk. The misconduct was detected
by MBL following an internal routine risk controls report which indicated a limit
breach caused by a trade being closed-out on 23 February 2022, and then
unclosed later that same day by the Trader. On the same day, concerns were
escalated internally and a meeting with the Trader was arranged for the following
day. During that meeting, the Trader admitted to the Fictitious Trading and taking
steps to avoid their detection. Later that day, the Trader resigned with immediate
effect.
4.5.
According to trade analysis carried out by MBL as part of the unwinding of the
Trader’s loss-making positions, the Trader recorded and amended 426 fictitious
trades over a period of 20 months from 17 June 2020 through to 23 February
2022. MBL’s ineffective systems and controls meant that the Fictitious Trading
could take place over this period of time, enabling the Trader to mask his actual
loss-making positions by giving the appearance that the Trader’s loss position had
been lowered. The Fictitious Trading comprised trades with no external impact or
economic reality and only existed as entries on MBL’s internal systems. To conceal
the Fictitious Trading, the Trader was able to circumvent the then existing trading
controls by either cancelling, amending or backdating the trades multiple times.
The Trader was able to do this without the Fictitious Trading being detected until
February 2022.
4.6.
When the Fictitious Trading was identified and the positions unwound, MBL
incurred losses of approximately USD 57.8 million. No clients were impacted by
these events and it did not impact the market, but the Fictitious Trading was
sufficiently material that a statement was included in MBL’s Annual Report for the
financial year ending March 2022.
4.7.
The Fictitious Trading was not prevented or detected for the 20 month period due
to deficiencies in MBL’s systems and controls relating to oversight and monitoring
of trader positions, and failings in its risk management framework. The systems
and controls relating to oversight and monitoring of trader positions were relevant
to all trading on the Metals and Bulks Trading Desk and thereby created the same
risk across significant areas of trading activity.
The systems and controls breaches
4.8.
Collectively, MBL’s systems and controls relating to oversight and monitoring of
trader positions formed part of a suite of systems and controls intended to
mitigate the risk of unauthorised trading. MBL considered that unauthorised
trading consisted of trading activity by a firm which is not in accordance with its
internal trading policies, procedures, limits, risk tolerances and/or acceptable
losses; and/or provisions that prohibit fraud, market manipulation and insider
trading; and/or performed on a client’s account without the client’s permission.
MBL defined an example of fraudulent trading activity as creating false or
misleading records within or providing unauthorised amendments to databases,
administration systems, or accounting records. The risk of unauthorised trading
crystallised in the form of the Fictitious Trading, through the failings set out below
in MBL’s systems and controls.
The Product Control Team’s daily P&L reporting process
4.9.
The PC Team was responsible for ensuring all trading book positions are subject
to checks of daily P&L and reconciling it with a trader’s P&L estimate, which was
provided at the end of each trading day. The purpose of this control was to operate
as a check on P&L discrepancies and to mitigate the risk that any P&L
discrepancies, which may have been generated from errors or unauthorised
trading, were not detected, investigated or escalated.
4.10.
Traders were required to provide a P&L estimate to the PC Team at the end of
each trading day using Macquarie Treasury System (“MTS”) positions which was
then reconciled by the PC Team against the trader’s estimate. The PC Team were
required to ensure they understood the impact of any backdated trades on the
P&L they were reconciling and comment when necessary.
4.11.
The purpose of this control was to detect discrepancies in relation to a trader’s
P&L estimates (including unusual backdated P&L, as had occurred in the case of
the Fictitious Trading). Where discrepancies were detected, this should have
initiated further enquiries and investigation (as appropriate) by the PC Team.
4.12.
During the Relevant Period, there were the following deficiencies in this control:
a.
The control only required the PC Team to request an explanation and
investigate backdated trades greater than the threshold amount set at USD
50,000. This meant that multiple material backdated trades that netted to
a P&L amount below investigation thresholds were not required to be
analysed unless the USD 50,000 threshold was breached. This threshold was
known by the Trader and therefore risked being circumvented. For example,
regarding the Fictitious Trading, the Trader was informed of the USD 50,000
threshold by the PC Team and learnt that any PC Team challenge may be
limited if the amount was under the threshold. The Trader was able to use
this knowledge to circumvent the control and create offsetting fictitious
trades to generate false P&L and keep his desk below the USD 50,000
threshold.
b.
The PC Team were not sufficiently robust in dealing with discrepancies in
P&L. The process did not require sufficient review and escalation of P&L
issues in order to reasonably check that any discrepancies were justified.
Rather, the PC Team worked with traders to resolve issues in a way that
meant the control lacked effectiveness. For example, regarding the Fictitious
Trading, the Trader was able to pre-empt and prevent any potential
challenge from the PC Team by alerting them to backdates and providing a
brief and superficial and/or untrue explanation or justification (which the PC
Team accepted with insufficient scrutiny or follow up). Furthermore, the
Trader’s practice was to request a holdout or adjustment to P&L for a day
whilst he made an amendment signposted in the explanation, or requested
an adjustment to prevent the variance exceeding the known USD 50,000
threshold. The Trader and the PC Team, having agreed the P&L position,
would also on occasion agree for a clean email to be sent to the wider PC
Team distribution list confirming the holdout and subsequent amendment.
c.
The PC Team were also set up in a way that allowed junior members of the
PC Team to operate without due oversight, such that the control lacked
effectiveness. For example, regarding the Fictitious Trading, the Trader was
able to minimise potential challenges by contacting junior members of the
PC Team individually with an estimate of his P&L figures and request a
breakdown of the PC Team’s figures.
End of Day futures reconciliation process
4.13.
The Market Operations team within the Operations Division (“MOD”) was
responsible for the daily performance of EOD futures reconciliations between
trades in the MTS (which was populated with data by MBL traders) and the MBL
Global Clearing System (“GCS”) (which contained data direct from the relevant
exchanges).
4.14.
The EOD futures reconciliation process was designed to identify instances where
the details in MTS did not match those in GCS, with these mismatches called
‘breaks’. Where there were any breaks in the reconciliation, this control required
MOD to go to the relevant trader to resolve any breaks in the data and/or escalate
to the relevant team depending on the nature and/or duration of the break.
4.15.
There were two main design issues with this control:
a.
First, the resolution and escalation processes within this control were
manual with a reliance on judgement to be applied as to which breaks to
action and escalate. This need for human judgement to determine which
breaks to investigate and/or escalate in the EOD futures reconciliation
presented a vulnerability in the control and meant it was not set up to be
sufficiently effective. For example, in July 2020, MOD identified that a
number of the Trader’s trades were sitting in MTS without a matching
exchange entry for several days before then being closed out. While this
generated an initial discussion between MOD, the CMF Chief Operating
Officer team and a CMF supervisor, the issue was not followed up through
to resolution.
b.
Second, there was a flaw in that the control was designed to exclude
exchange cleared trades with future-dated clearing dates. There was no
separate control process to validate trades with future-dated clearing dates.
With regard to the Fictitious Trading, this weakness meant that the Trader
was able to evade detection from this control by rolling the clearing date
forward and therefore avoid appearing on the EOD futures reconciliation as
a break which would have required follow-up.
4.16.
These design failures were exacerbated by a lack of robust processes that meant
that timeframes for resolving breaks and escalation were not necessarily followed.
With regard to the Fictitious Trading, this weakness was reflected in the fact that
there was an insufficient response to probe breaks with little challenge to the
Trader either by MOD or by CMF supervisors. At least one MOD employee knew
on 11 November 2021 that certain trades were being given a future-dated clearing
date by the Trader. However, the combination of the lack of a control process to
validate trades with a future-dated clearing date and the lack of robust challenge
within the control resulted in the Trader continuing the Fictitious Trading
undetected for a further three months.
4.17.
Of further concern to the Authority is that these design issues had been identified
by MBL prior to the start of the Fictitious Trading. However, the processes were
largely unchanged and MBL failed to implement adequate systems.
CABs reporting and monitoring
4.18.
The purpose of the CABs control, operated by CGM’s Business Operational Risk
Management team (“BORM”), was to effectively monitor CABs for unusual activity.
Where unusual or recurring patterns were identified, these should have been
escalated for further investigation.
4.19.
A significantly high number of amended trading entries generated by a trader
should have led to further escalation and investigation into what was causing a
high concentration of CABs entries from them.
4.20.
During the Relevant Period, CMF supervisors would receive a weekly email from
BORM containing a report showing that week’s CABs (“the weekly CABs email”).
The cover email would break down the total number of CABs into three categories:
(i) explained by logic, (ii) explained by BORM; and (iii) requiring explanation from
a senior member of staff. A spreadsheet provided the underlying data.
4.21.
The spreadsheet in the weekly CABs email included thousands of lines of CABs
data which meant that it was not practical for the CMF supervisors to review.
They therefore relied on the summary table provided at the top of the email
breaking the CABs down into the three categories described above.
4.22.
Between April 2020 and May 2021, certain trades, including exchange cleared
futures trades, were subject to “exclusion rules” and were therefore entirely
excluded from the summary table in the weekly CABs email. From May 2021,
exchange cleared futures trades were included in the weekly CABs email
spreadsheet, but they were subject to “auto-explain rules”. These auto-explain
rules were applied according to the flawed reasoning that these trades were
thought to be subject to the MOD EOD futures reconciliation process and thereby
automatically explained as having an “internal counterparty”. As such, exchange
cleared futures trades were included in the data, but never highlighted in the
summary table.
4.23.
The summarised CABs information also failed to consider trends or concentration
in events to be able to effectively identify suspicious or unauthorised trading
activity. This meant the system was ineffective to spot any suspicious activity as
it required CMF supervisors to review thousands of lines of CABs data and look for
trends.
4.24.
Contributing to the continued ineffectiveness of this CAB reporting control during
the Relevant Period was the poorly functioning CAB Review Committee (the “CAB
Committee”). The CAB Committee was set up in June 2020 as a result of issues
being identified with CABs reporting through Project Papa. The aim of this
committee was to provide a governance forum to monitor and manage risks
associated with CABs. In accordance with its Terms of Reference, the CAB
Committee was required to meet quarterly and was required to sign off on CAB
rules annually.
4.25.
The CAB Committee did not adequately respond to issues identified above in
relation to CAB reporting. An example of an inadequate response was the fact
that it failed to meet regularly as required. In November 2020, despite there still
being outstanding action points and unanswered questions regarding the
effectiveness of the MOD EOD futures reconciliation process as a compensating
control, the CAB Committee approved a provisional set of rules which included the
CAB exclusion and auto-explain rules identified in paragraph 4.22 above as
contributing to the deficiency in CAB reporting. The CAB Committee also failed
to discuss the presentation and content of CAB reports sent to CMF supervisors.
4.26.
The poor design of this CABs control, and the failure of the CAB Committee to
mitigate the risk of the identified issues, crystallised with the Trader concealing
the Fictitious Trading. The Trader repeatedly amended the clearing date of their
fictitious trades, which generated a significantly high number of CABs; the Trader
was responsible for 9,269 CABs out of 13,311 total CABs for the entire Bulks Desk
and therefore accounted for 70% of the Bulk Desk’s total CABs between June
2020 and December 2021. However, this concentration was not noticed because
exchange cleared CABs were not in the CAB report at all until May 2021 and then,
even when they were captured, they were not highlighted. The deficiencies in the
control therefore enabled the Fictitious Trading to remain undetected for 20
months.
4.27.
Within the Metals and Bulks Trading Desk (and other MBL business areas), broker-
provided volatility curves quotes were required to value trading positions. If
working effectively, the Independent Valuation Team’s (“IVT”) independent
broker quotes control should have ensured that market quotes were either
independently sourced, or independently tested by the IVT where the quotes were
sourced by the traders.
4.28.
The objective of this control was to ensure the integrity of production marks and
prevent key risks including valuation error or fraud and financial or risk
misstatement.
4.29.
A lack of robust processes in place to ensure the independent verification of broker
quotes by the IVT led to certain members of the IVT obtaining volatility curves
quotes directly from the Trader without subsequent verification. The Trader was
able to submit false market quotes to the IVT to further facilitate the Fictitious
Trading by making his positions appear more profitable than they were and further
conceal his loss-making positions.
4.30.
Certain members of the IVT did not source all the rates independently and did not
always independently test or review the rates provided by traders. In relation to
the Trader, this resulted in the falsification of quotes going undetected throughout
the Relevant Period. From June 2020 to January 2022, the Trader was able to
circumvent the independent testing requirement by simply providing 46 falsified
quotes directly to the IVT (this was 63% of the total quotes provided by the
Trader). The falsification took the form of altering the figures to give a false
impression of the market prices for that period of time. On some occasions in
addition to this, the Trader manually changed the date the quote had been
received from the broker and removed months of data manually before forwarding
on to the IVT. As a direct result of falsifying the quotes, the book was incorrectly
valued. On detection, when the Trader’s positions were closed out in February
2022, differences between some recorded marks and the actual market rates
resulted in a loss to MBL of USD 1.3million.
Risk management and assurance framework - Risk and Control Self-Assessment
4.31.
If functioning effectively, the RCSA process should identify, measure and monitor
risks consistently and comprehensively to facilitate prioritisation and management
of risks within MBL’s risk management framework.
4.32.
Prior to the discovery of the Fictitious Trading, weaknesses in controls relevant to
unauthorised trading had been identified in the RCSA process. These included
weaknesses relevant to the EOD futures reconciliation process, CAB reporting and
P&L analysis in the Relevant Period.
4.33.
There were issues with how RCSA risk entries were recorded, such as aggregating
multiple controls into one issue and not containing detailed descriptions of the
relevant underlying activities, which reduced MBL’s ability to measure and monitor
the risks adequately. The RCSA process was ineffective in ensuring the identified
risks were effectively measured, prioritised and managed. This contributed to the
delay in the detection of the Fictitious Trading.
Risk management and assurance framework – Governance of Project Papa
4.34.
Project Papa was implemented in response to two external reviews which
concluded in December 2019 and January 2020 (the latter being a Skilled Person
Review) that raised issues in relation to MBL’s controls to prevent and detect
unauthorised trading. Each review made recommendations for enhancements to
MBL’s trading controls and Project Papa was designed to address those
recommendations.
4.35.
Part of the role of the IAD aspect of MBL’s risk framework is to provide
independent and objective risk-based assurance on the compliance with, and
effectiveness of, MBL’s financial and risk management framework. This includes
assessing whether key internal controls have been properly designed and are
operating effectively and sustainably to mitigate material risks. In February
2020, as part of a wider audit process, IAD identified issues relevant to those
identified in MBL’s investigation into the Fictitious Trading. These included Front
Office trading supervision issues which referenced supervisory oversight, CABs
and P&L reviews. IAD also identified gaps in CAB reporting resulting in a lack of
effective oversight, including the absence of trending analysis being provided to
CMF supervisors to assist with identifying unauthorised trading. A number of
these issues corresponded with findings from the earlier reviews. As a result, the
findings from IAD were taken up into Project Papa.
4.36.
However, there were multiple issues with the governance arrangements for
Project Papa including that the governance structure and resourcing model was
inappropriate for a highly complex project of that type. Examples include the
project having limited dedicated resources, an absence of resources from diverse
skill sets, an underutilisation of project management disciplines, and a lack of
clearly defined terms of reference to set out the holistic overall plan including the
primary objective of the project, decision making arrangements and escalation
criteria.
4.37.
Further, there was a lack of assurance activities for Project Papa, including a lack
of a clear methodology on how IAD would approach active monitoring of the
progress of the project. IAD did not undertake formal assurance work of Project
Papa until September 2021, which culminated in a report in January 2022. As a
result, it failed to identify key risks to the project at a critical stage of its
establishment.
4.38.
As a result of the inappropriate governance, resourcing and assurance
arrangements, actions within Project Papa relevant to the Fictitious Trading were
not prioritised or delivered to the required depth and breadth to adequately
mitigate the risk of unauthorised trading, including preventing or detecting the
Fictitious Trading. Had the actions been adequately prioritised and delivered, it is
likely that the Fictitious Trading would have been detected much earlier than it
ultimately was.
Events post discovery of the Fictitious Trading
4.39.
Following an internal investigation by MBL and reviews of the relevant systems
and controls environment, several senior members of staff had their profit share
reduced and remediation activity was initiated by MBL. Remediation processes
included, but were not limited to:
a.
Implementing a tactical exchange trade monitoring process within the CMF
division and the Fixed Income and Currencies division specifically to address
the deferred clearing date vulnerability in MTS;
b.
Materially reducing market risk limits for the assets in question;
c.
the IVT re-affirming its processes to ensure all broker rates are sourced
directly from brokers with exceptions escalated to the Business Rates
Committee; and
d.
the CAB Committee reconvening in March 2022..
5.
FAILINGS
5.1.
The regulatory provisions relevant to this Notice are referred to in Annex A.
5.2.
Principle 3 of the Authority’s Principles for Businesses states as follows:
A firm must take reasonable care to organise and control its affairs
responsibly and effectively, with adequate risk management systems.
5.3.
MBL breached Principle 3 because it did not take reasonable care to organise and
control its affairs responsibly and effectively, with adequate risk management
systems. In particular:
a.
The PC Team’s daily P&L reporting process which was in place to monitor
and investigate discrepancies in a trader’s P&L estimates, was ineffective
and failed to identify and deal with discrepancies.
b.
The EOD futures reconciliation process failed to ensure that breaks in the
reconciliation process were adequately managed. The design of the control
was also deficient as it excluded trades with future clearing dates, with the
result that such trades avoided scrutiny by this system.
c.
The CAB reporting control was deficient in its design and relied on a flawed
EOD reconciliation process as a compensating control. As a result, this
control failed to adequately report on exchange cleared futures trades. The
failures in this control were exacerbated by the poor functioning of the CAB
Committee that had been set up to manage risks associated with CABs.
d.
The process in place for independent verification of broker quotes was
insufficient to prevent the use of unverified and falsified quotes. The same
Trader responsible for the Fictitious Trading was able to submit falsified
broker quotes against which the profitability of their positions was assessed.
5.4.
In addition to the failings set out above, the Authority considers that there were
further failings in MBL’s risk management framework that contributed to the
continuation of the deficiencies in MBL’s systems and controls referred to in
paragraph 5.3 above. In summary:
a.
RCSA failed to adequately measure and monitor the risks identified in EOD
futures reconciliations, CAB reporting and P&L analysis in the Relevant
Period. Contributing factors to this failure included how RCSA risk entries
were recorded, such as aggregating multiple controls into one issue and not
containing detailed descriptions of the relevant underlying activities; and
b.
MBL failed to ensure that Project Papa had appropriate governance
arrangements in place to deliver the project’s outcomes effectively. In
particular, the governance structure, resourcing model and assurances
processes were not appropriate for the project. Had the recommended
enhancements to MBL’s systems and controls in Project Papa been
implemented, the ineffective systems and controls would have been
resolved and the Fictitious Trading would likely have been identified earlier.
The Authority’s view of the breaches
5.5.
Notwithstanding that the Fictitious Trading had no market impact, the Authority
considers these breaches to be serious. It is of fundamental importance that a
firm has effective oversight of its traders and can accurately assess trading
positions and corresponding P&L. The systems and controls in this case were
ineffective to the extent that a relatively junior trader was able to identify them
and take steps to avoid the Fictitious Trading being detected over a 20-month
period. The deficiencies in the systems and controls left MBL without proper
oversight and control of trading activity within the Metals and Bulks Trading Desk.
It is also of fundamental importance that firms have risk management frameworks
that appropriately identify, measure and monitor the risks a firm is exposed to.
This extends to ensuring that projects seeking to remediate systems and controls
issues have effective governance frameworks and appropriate resourcing models,
with timely assurance performed over them. MBL’s failures in its risk management
framework contributed to the continuation of the deficiencies in MBL’s systems
and controls.
6.
SANCTION
Financial penalty
6.1.
The Authority’s policy for imposing a financial penalty is set out in Chapter 6 of
DEPP. In respect of conduct occurring on or after 6 March 2010, the Authority
applies a five-step framework to determine the appropriate level of financial
penalty. DEPP 6.5A sets out the details of the five-step framework that applies in
respect of financial penalties imposed on firms.
Step 1: disgorgement
6.2.
Pursuant to DEPP 6.5A.1G, at Step 1 the Authority seeks to deprive a firm of the
financial benefit derived directly from the breach where it is practicable to quantify
this.
6.3.
The Authority has not identified any financial benefit that MBL London Branch
derived directly from this breach.
6.4.
Step 1 is therefore £0.
Step 2: the seriousness of the breach
6.5.
Pursuant to DEPP 6.5A.2G, at Step 2 the Authority determines a figure that
reflects the seriousness of the breach. Where the amount of revenue generated
by a firm from a particular product line or business area is indicative of the harm
or potential harm that its breach may cause, that figure will be based on a
percentage of the firm’s revenue from the relevant products or business area.
6.6.
The Authority considers that the gross revenue generated by trading activity
undertaken in MBL’s London Branch by the Metals and Bulks Trading Desk is
indicative of the harm or potential harm caused by MBL’s breach. The Authority
has therefore determined that the relevant revenue is the revenue of the Metals
and Bulks Trading Desk, generated by trading activity originating from the London
Branch, during the period of the breach, June 2020 to February 2022. This is
because MBL’s breaches relates to the deficient systems and controls which did
not adequately detect and mitigate the risk of unauthorised trading within trading
on the Metals and Bulks Trading Desk, and the risk management framework
failings which contributed to the continuation of the deficiencies.
6.7.
The Authority considers the relevant revenue generated by trading activity
originating from the London Branch of MBL’s Metals and Bulks Trading Desk for
this period is £65,320,714.
6.8.
In deciding on the percentage of the relevant revenue that forms the basis of the
Step 2 figure, the Authority considers the seriousness of the breach and chooses
a percentage between 0% and 20%. This range is divided into five fixed levels
which represent, on a sliding scale, the seriousness of the breach; the more
serious the breach, the higher the level. For penalties imposed on firms there are
the following five levels:
Level 1 – 0%
Level 2 – 5%
Level 3 – 10%
Level 5 – 20%
6.9.
In assessing the seriousness level, the Authority takes into account various factors
which reflect the impact and nature of the breach, and whether it was committed
deliberately or recklessly. The Authority considers the following factors to be
relevant:
DEPP 6.5A.2G(11)(b) - Serious or systemic weaknesses in the management
systems or internal controls relating to all or part of the firm’s business
6.10.
The breach revealed serious deficiencies in the systems and controls relating to
the Metals and Bulks Trading Desk and MBL’s risk management framework.
DEPP 6.5A.2G(11)(d) - the breach created a significant risk that financial crime
would be facilitated, occasioned or otherwise occur
6.11.
MBL London Branch failed to take reasonable care to establish, implement and
maintain adequate and effective systems and controls to mitigate the risk that its
employees would undertake unauthorised trading and where such unauthorised
trading was carried out, to detect the trading in a timely manner. The failure to
mitigate the risks of unauthorised trading extended to the risks of financial crime
being occasioned.
DEPP 6.5A.2G(12)(a) - little, or no, profits were made or losses avoided as a result
of the breach, either directly or indirectly
6.12.
The Fictitious Trading was not visible externally to MBL. The fictious trades
appeared on MBL’s internal systems as exchange-listed trades but they had no
corresponding external exchange position. There was no effect on the markets
as a result of the Fictitious Trading. MBL suffered a loss as a result of unwinding
the Fictitious Trading which amounted to approximately USD 57.8 million.
6.13.
Taking all of these factors into account, the Authority considers the seriousness
of the breach to be level 4 and so the Step 2 figure is 15% of £65,320,714.
6.14.
Step 2 is therefore £9,798,107.10.
Step 3: mitigating and aggravating factors
6.15.
Pursuant to DEPP 6.5A.3G, at Step 3 the Authority may increase or decrease the
amount of the financial penalty arrived at after Step 2, but not including any
amount to be disgorged as set out in Step 1, to take into account factors which
aggravate or mitigate the breach.
6.16.
The Authority considers that the following factor aggravates the breach:
DEPP 6.5A.3G(2)(i) whether the FCA publicly called for an improvement in
standards in relation to the behaviour constituting the breach or similar behaviour
before or during the occurrence of the breach.
6.17.
The Authority informed firms of the risk of unauthorised trading in two Market
Watch Bulletins in 2008 and the importance of establishing, implementing and
maintaining adequate systems and controls to mitigate the risk that unauthorised
trading could be undertaken and where such misconduct occurred, to detect
unauthorised trading in a timely manner.
6.18.
The Authority considers that the following factor mitigates the breach:
DEPP 6.5A.3G(2)(b) the degree of cooperation the firm showed during the
investigation of the breach by the FCA, or any other regulatory authority allowed
to share information with the FCA.
6.19.
MBL has consistently displayed a high level of cooperation during this investigation
(and this has extended into how it conducted itself during settlement). It notified
the Authority immediately after discovering the Fictitious Trading; responded
promptly and fully to all the Authority’s information requirements without creating
obstacles to the provision of the information; and it proactively brought additional
information to the Authority’s attention. MBL commissioned, and promptly shared
with the Authority, internal investigation reports which looked at the root causes
of the Fictitious Trading, including a review of its unauthorised trading controls.
MBL has not asserted privilege over any material. MBL’s cooperation has saved
the Authority significant time and resource.
6.20.
Having taken into account these aggravating and mitigating factors, the Authority
considers that the Step 2 figure should be decreased by 5%.
6.21.
Step 3 is therefore £9,308,201.75.
Step 4: adjustment for deterrence
6.22.
Pursuant to DEPP 6.5A.4G, if the Authority considers the figure arrived at after
Step 3 is insufficient to deter the firm who committed the breach, or others, from
committing further or similar breaches, then the Authority may increase the
penalty.
6.23.
The Authority considers that the Step 3 figure of £9,308,201.75 is too small to
meet its objective of credible deterrence and it is likely that similar breaches will
be committed by the Firm or other firms in the future in the absence of an increase
to the penalty.
6.24.
In making this assessment, the Authority has considered the nature of the
misconduct, the impact of the misconduct, and the size and financial resources of
the Firm. In relation to the nature of the misconduct, combatting financial crime
is one of the Authority’s key priorities, and that includes the expectation that firms
defend themselves against financial crime. MBL failed to adequately mitigate the
risk of unauthorised trading, which included failing to prevent or detect the
Fictitious Trading. The Authority has published various materials on combatting
financial crime for a number of years now and, as a result, imposed substantial
penalties on regulated firms for ineffective systems and controls for preventing
financial crime. A failure to impose a significant penalty for breaches of this
nature, may cause firms to consider that having robust systems and controls, and
appropriately governed, resourced remediation programmes, with adequate
levels of assurance, are not of significant importance to the Authority.
6.25.
The Authority considers that a multiplier of two should be applied at Step 4.
6.26.
Step 4 is therefore £18,616,403.49.
Step 5: settlement discount
6.27.
Pursuant to DEPP 6.5A.5G, if the Authority and the firm on whom a penalty is to
be imposed agree the amount of the financial penalty and other terms, DEPP 6.7
provides that the amount of the financial penalty which might otherwise have
been payable will be reduced to reflect the stage at which the Authority and the
firm reached agreement. The settlement discount does not apply to the
disgorgement of any benefit calculated at Step 1.
6.28.
The Authority and MBL London Branch reached agreement at Stage 1 and so a
30% discount applies to the Step 4 figure.
6.29.
Step 5 is therefore £13,031,400 (rounded down to the nearest £100).
6.30.
The Authority hereby imposes a total financial penalty of £13,031,400 on MBL
London Branch for breaching Principle 3.
7.
PROCEDURAL MATTERS
7.1.
This Notice is given to MBL London Branch under and in accordance with section
390 of the Act.
7.2.
The following statutory rights are important.
Decision maker
7.3.
The decision which gave rise to the obligation to give this Notice was made by the
Settlement Decision Makers.
Manner and time for payment
7.4.
The financial penalty must be paid in full by MBL to the Authority no later than 2
December 2024.
If the financial penalty is not paid
7.5.
If all or any of the financial penalty is outstanding on 3 December 2024, the
Authority may recover the outstanding amount as a debt owed by MBL and due
to the Authority.
7.6.
Sections 391(4), 391(6) and 391(7) of the Act apply to the publication of
information about the matter to which this Notice relates. Under those provisions,
the Authority must publish such information about the matter to which this Notice
relates as the Authority considers appropriate. The information may be published
in such manner as the Authority considers appropriate. However, the Authority
may not publish information if such publication would, in the opinion of the
Authority, be unfair to you or prejudicial to the interests of consumers or
detrimental to the stability of the UK financial system.
7.7.
The Authority intends to publish such information about the matter to which this
Final Notice relates as it considers appropriate.
Authority contacts
7.8.
For more information concerning this matter generally, contact Hayley England-
Secker at the Authority (direct line: 020 70660832; email: Hayley.England-
Secker@fca.org.uk).
Financial Conduct Authority, Enforcement and Market Oversight Division
ANNEX A
RELEVANT STATUTORY AND REGULATORY PROVISIONS
1.
RELEVANT STATUTORY PROVISIONS
1.1
The Authority’s statutory objectives, set out in section 1B(3) of the Act, include
the integrity objective.
1.2
The Authority has the power to impose an appropriate penalty on an authorised
person if the Authority considers that an authorised person has contravened a
relevant requirement (section 206 of the Act).
1.3
Section 206(1) of the Act provides:
“If the Authority considers that an authorised person has contravened a
requirement imposed on him by or under this Act… it may impose on him a
penalty, in respect of the contravention, of such amount as it considers
appropriate.”
2.
RELEVANT REGULATORY PROVISIONS
Principles for Businesses
2.1
The Principles are a general statement of the fundamental obligations of firms
under the regulatory system and are set out in the Authority’s Handbook. They
derive their authority from the Authority’s rule-making powers set out in the Act.
The relevant Principle is as follows.
“A firm must take reasonable care to organise and control its affairs
responsibly and effectively, with adequate risk management systems”.
Other Relevant Regulatory Provisions
2.3
In exercising its powers to impose a financial penalty, the Authority has had
regard to the relevant regulatory provisions published in the Authority’s
Handbook. The Handbook provisions relevant in this matter are the Principles, the
Decision Procedure and Penalties Manual (DEPP) and the Enforcement Guide (EG).
2.4
Chapter 6 of DEPP sets out the Authority’s policy for imposing a financial penalty.
For conduct occurring on or after 6 March 2010, the Authority applies a five-step
framework to determine the appropriate level of financial penalty. DEPP 6.5A sets
out the details of the five-step framework that applies to financial penalties
imposed on firms. The conduct that is the subject matter of this Notice took place
after 6 March 2010.
2.5
EG sets out the Authority’s approach to taking disciplinary action. The Authority’s
approach to financial penalties is set out in Chapter 7 of EG.