The number of enforcement actions issued to global financial institutions in 2023 “reached staggering levels that have rarely been seen in the US,” according to SteelEye’s Annual Fine Tracker.
SteelEye analyzed financial penalties issued “by the US Securities and Exchange Commission (SEC) and Commodity Futures Trading Commission (CFTC); the UK’s Financial Conduct Authority (FCA); France’s Autorite des Marches Financiers (AMF); the Netherlands’ Authority for the Financial Markets (AFM); Germany’s BaFin and Federal Office of Justice; and Singapore’s Monetary Authority of Singapore (MAS), to create a snapshot of financial services fines for compliance failures in 2023.”
The SEC and CFTC issued “a combined $9.2bn in penalties, including 32 fines for insider trading alone.”
The $4.3bn in penalties handed out “by the CFTC was an all-time high for the Commission.”
FCA fines fell for the first time in seven years “to eight fines, compared to 26 in 2022 and 10 in 2021, alongside falling in total value by 75% to £52.8m in 2023.”
Germany’s financial regulators – the Federal Financial Supervisory Authority (BaFin) and the Federal Office of Justice (FOJ) – issued 40 fines in 2023, down 13% from 46 in 2022.
France’s AMF fined firms €127.9m, “including a single fine of €26m for market manipulation.
Netherlands’ AFM issued six fines in total in 2023 worth €17.4 million.”
When compared to the 2022 total of 903 thousand, this “represents a significant increase. This can be attributed to the 12 million fine to Rabobank in December of 2023.”
The MAS issued two fines in 2023 “worth S$7.7m for breaches of anti-money laundering requirements and misconduct by relationship managers.”
In 2023, the SEC filed “a total of 784 enforcement actions, a 3% increase compared to 2022. The 96 enforcement actions filed by the CFTC also increased 17% from 2022, indicating a crackdown on smaller firms by both Commissions.”
Penalties from the SEC and CFTC “totaled $9.2bn, which included a joint fine of $549m against Wall Street banks over the use of WhatsApp employee communications and improper record keeping practices.”
For the first time in the last seven years, fines imposed “by the FCA have fallen, this year accounting for just £52.8m in 2023, totaling eight penalties. 50% of the fines imposed in 2023 cite serious, or risk of serious, financial crime.”
This drop-off in penalties comes despite “heightened scrutiny following a prominent British bank’s debanking controversy, with the tally at its lowest level since 2016, when the FCA imposed a total value of £22m.”
This year, 75% of fines (six) mentioned “PRIN 3” breaches.
Principle Three of the FCA’s Principles for Businesses relates to management and control, stating a firm “must take reasonable care to organize and control its affairs responsibly and effectively, with adequate risk management systems.”
25% of fines (two) mentioned “PRIN 2” breaches. Principle Two states a firm must conduct its business with due skill, care, and diligence.
In Germany, BaFin and the FOJ “issued 40 fines in 2023, totaling over €8.1m – a fall of 67% year on year.”
The highest penalty for a single firm “was €3m, with the majority (85%) being attributed to reporting delays.” In France, fines issued in 2023 “by the AMF reached a total sum of €127.9m, a 34.5% increase in comparison to 2022. Two of these fines cited insider trading, with one penalty imposed on 10 individuals totaling €3.6m. In addition, one fine was due to market manipulation, totaling €1.3m.”
In the Netherlands, six fines “were levied against six separate firms, including for infringement of product governance rules, notification obligations, and notification of substantial shareholding.”
In Singapore, the regulator “fined four banks and an insurer in 2023 for breaches of anti-money laundering requirements, alongside another tier-one investment bank for misconduct by its relationship managers. The fines totaled S$7.7m.”
It is evident from the SteelEye 2023 Fine Tracker that regulators “have their finger on the pulse when it comes to compliance breaches across the financial sector.”
With huge discrepancies across global regulators for year-on-year penalties, jurisdictions are having to form their own path when it comes to cracking down on violations. It is evident that regulators are enhancing their own technological capabilities to stay abreast in order to filter through extensive amounts of data to allow them to create robust, stable, and secure markets.
Matt Smith, CEO and co-founder of SteelEye, said:
“Regulators had their foot on the accelerator in 2023, led by the enforcement crackdown from the SEC and CFTC. As highlighted in SteelEye’s 2023 Compliance Health Check report, over 30% of US firms are not monitoring WhatsApp, which has been borne out in notable fines. The remaining holes in compliance practices is why the regulators have cast a wider net in 2023 and imposed tougher penalties – something I believe we can expect to continue over the coming year.”
He continued:
“While fines in Europe did not match the levels of those handed down by the SEC and CFTC, the mood music from regulators, such as the FCA, suggests they could join their US counterparts in pursuing and penalizing financial institutions for WhatsApp and other communications record keeping breaches. If this were to take place, we anticipate the fines in Europe to be higher in 2024.”
As noted in the update:
“The findings suggest watchdogs are maintaining their aggressive attitude to enforcement actions and expanding beyond the large tier-one banks and headline-grabbing fines. With fines a growing threat to firms of all sizes, it’s crucial they invest in the necessary measures – not least looking to harness machine learning and artificial intelligence – to reduce the growing due diligence skills gap and, ultimately, avoid the risk of further imposed penalties in 2024.”