The FSA Policy Statement on Enforcement Penalties
Introduction
In March 2010, the FSA issued Policy Statement (PS10/4) regarding changes to its approach on Enforcement Penalties for both individuals and firms. This followed a consultation paper (CP09/19) in July 2009. The rules have been implemented with effect from 6 March 2010 and are contained in the DEPP FSA sourcebook, primarily at DEPP 6. The full Policy Statement can be obtained by following the link below.
http://www.fsa.gov.uk/pubs/policy/ps10_04.pdf
Summary of new penalties process
The approach reflects the FSA’s more intrusive approach to regulation and its focus on enforcement rather than just supervision. Enforcement is intended to act as deterrence for any future similar activity.
The policy statement introduces a 5 step process regarding applying enforcement penalties which includes:
Step 1 – The penalty imposed will strip the individual/firm of any benefits they received directly from the breach.
Step 2 – A penalty figure is determined taking into account the seriousness, nature and impact of the breach. Further details are provided below on the type of levels of penalties that can be incurred.
Step 3 – Step 2 can be increased or decreased to take into account other mitigating factors.
Step 4 – If the figure in Step 3 is considered an insufficient deterrence, the penalty may be increased.
Step 5 – the settlement scheme is applied in the usual way, however consideration needs to be given regarding tighter application of the ‘hardship’ provisions.
Key points to note from the policy statement include:
- Firms should not consider regulatory fines as the cost of doing business.
- The new rules provide guidance on the type of conduct that will be considered when assessing Step 2. This includes the firm’s or individual’s intentions when the breach was caused and whether the breach was repeated.
- There will be greater emphasis on financially penalising individuals responsible for the matters causing enforcement.
- Under the new framework, fines will be linked more closely to revenue. For firms, this will be based on up to 20% of a firm’s ‘relevant’ business revenue relating to the breach, and covering the period of the breach subject to a minimum of one year. For individuals, this will be up to 40% of an individual’s ‘relevant income‘ e.g. salary and benefits for the period of the breach and arising from that employment as a whole, again subject to a minimum of one year.
- The penalties will be based on a sliding scale with higher penalties being applied where the breach caused, for example, significant loss or risk to consumers, or it showed systematic issues in relation to the firm’s systems and controls, or if financial crime was involved.
- Market abuse cases will have a minimum starting point of £100,000 for fines to individuals.
- The ability to claim and evidence financial hardship is harder. The FSA has the power to require individuals to sell assets including homes or properties to pay for fines.
- There is a higher likelihood of public censure to deter future similar activities by others.
Additional points to consider on associated enforcement issues include:
- It used to be considered that if a new regulatory issue was identified and dealt with appropriately, no further action was normally taken by the FSA. Now it is more likely that such cases may still be referred to Enforcement primarily to act as a warning to other firms.
- The FSA is increasingly targeting senior management and other individuals. Before 2007 there was no action against senior management, but this is on the increase.
- The new Financial Services Act 2010 includes the power to suspend approved persons and firms.
The FSA has produced a ‘One Minute’ Guide on these powers on its website which can be reached by following the link below.
http://www.fsa.gov.uk/smallfirms/resources/one_minute_guides/73_fin_penalties.shtml
