Uncover the sharp rise in global enforcement fines, hitting $5.65 billion in Q3 2023, as detailed in Corlytics’ latest report.
A global enforcement fines report for the third quarter of 2023 has been produced by Corlytics, a regulatory risk intelligence and regulatory compliance management company. The monetary amounts levied ($5.65 billion) have clearly increased as a result of enforcement actions in comparison to the first two quarters of this year ($1.5 billion and $2.27 billion, respectively).
Corlytics reports that US regulators imposed 85% of global fines in Q3 and $5.65 billion in 2023. Deutsche Bank subsidiary DWS Investment Management Americas was fined $25 million by the SEC for not having an AML programme and making fraudulent ESG claims. Companies have settled SEC enforcement actions.
US regulators, the Fed and DOJ, imposed the largest penalty on UBS Group.
UBS agreed to pay $1.44 billion in fines 15 years after the 2008 financial crisis to settle a civil case alleging fraud over its underwriting and issuance of 2006 and 2007 RMBS.
The RMBS Working Group of the Justice Department investigated RMBS market fraud and abuse before the 2008 financial crisis. Last case for the group. The Fed announced a consent decree and $0.27 billion fine with UBS Group AG for Credit Suisse’s misbehaviour, which UBS bought in June 2023.
The SEC has kept a close eye on how employees of regulated companies utilise off-channel communication platforms like WhatsApp. August and September saw the issuance of rounds of penalties and a mandate that those companies reassess their retention policies and processes. In light of the anticipated increase in regulatory scrutiny, businesses ought to assess their personnel compliance frameworks and practises.
Violation of UK laws
Deficits in risk management have also been the subject of regulatory attention. Credit Suisse was hit with a record fine of £87 million by the UK Prudential Regulatory Authority (PRA) in July due to inadequate risk management and governance concerning the company’s exposure to Archegos Capital Management. In addition, it was the first time that four PRA Fundamental Rules had been found to have been broken by the PRA.
The PRA fine was a component of a global enforcement operation that also included actions from the Fed and the Swiss Financial Market Supervisory Authority (FINMA), with a total of $387.5 million in fines levied in the UK and the USA.
Susie MacKenzie, head of legal and regulatory analytics at Corlytics, says, “Counterparty risk management remains firmly on the regulators’ agenda: in October this year, the Bank of England issued a letter to bank CROs stating that it was disappointed that messages communicated following the Archegos default have not been fully addressed.”
“We are also seeing the highest fines in Europe for GDPR violations, with TikTok being fined €345 million by the DPC in Ireland for processing children’s personal data.”
Prioritise data security
Another rapidly growing field is data protection, with high-profile data breaches—like the ground-breaking Q2 2023 GDPR penalties to Meta from the Irish Data Protection Commission (DPC) that exceeded €1.2 billion—influencing the general trend. Businesses should take action to guarantee adherence to data protection laws, which will increase calls for more robust data protection protocols.
In response, regulatory agencies in the US and Europe are passing and enforcing laws pertaining to data privacy.
The majority of enforcement actions have been focused on financial crime and corporate governance, with fines for fraud, money laundering, and terrorist funding being the most common types of enforcement actions in this area.
In order to combat the growing threat and complexity of money laundering, regulators emphasise the significance of having sufficient anti-money laundering (AML) systems and controls in place.
Experiencing repercussions for transgressions of ethics and compliance
The Financial Conduct Authority (FCA) in the UK fined a broker affiliate of Archer Daniels Midland to pay nearly £6.5 million for failing to promptly fix anti-money laundering (AML) systems and controls flaws that the regulator initially claimed existed in 2014.
Repercussions for transgressions in ethics, culture, and behaviour have also increased recently. Bank of America was fined $140 million by the US Consumer Protection Financial Bureau (CFPB) in the third quarter for breaking business regulation infractions. The Bank of America, N.A. was also fined $60 million by the Office of the Comptroller of the Currency (OCC) for breaking the law by charging consumers for numerous overdraft and insufficient funds penalties in connection with a single transaction.
Financial services that receive multi-million dollar fines for transgressions of ethics, compliance, or behaviour are typically subject to severe repercussions, which can include lengthy prison terms or loss of professional certification.
While ethics and behaviour are not at the top of the priority list, financial authorities have obviously been focusing more on them recently. Authorities have been creating frameworks and instruments expressly to evaluate and enhance behaviour and ethics. Additionally, this tendency is driven by the growing demand for consumer rights and protection, which calls for stricter regulations and, in turn, increased enforcement action.
Promoting a compliance-oriented culture
Financial services have begun to recognise that internal ethics and behaviour have a direct impact on the quality of services provided to customers.
“In regulatory monitoring, teams read pointless regulatory updates for seventy-five percent of their time, which is seventy-five percent of the time that could be used for things that provide value. Conversely, the complexity of the legal landscape and the usage of antiquated or nonexistent tools make it difficult to create an efficient compliance programme, according to Corlytics President Evgeny Likhoded.
Enforcement actions show that businesses are still having difficulty overcoming these obstacles, and technology must be leveraged to improve change management and regulatory compliance. In the future, intelligent regulations may be included into internal compliance initiatives to support the organization’s embedding of a compliance culture.