News | SteelEye

Metro Bank Fine - £16.7m - Inadequate Transaction Monitoring - FCA - Nov 24

Written by SteelEye | Nov 25, 2024 1:36:01 PM

 

QUICK FACTS

  • Metro Bank Fine Amount: £16,675,200

  • Date: 12 November 2024

  • Violation Period: June 2016 - December 2020

  • Primary Violation: Transaction Monitoring 

Metro Bank Fine Overview

The FCA has fined Metro Bank £16.7m for failing to maintain adequate transaction monitoring systems and controls between June 2016 and December 2020. During this period, over 60 million transactions worth more than £51 billion were not properly monitored for potential money laundering activity.

Details of the Metro Bank FCA Fine

The ‘Timestamp’ Issue

Metro Bank implemented an Automated Transaction Monitoring System (ATMS) in June 2016. However, a significant technical error meant that:

  • Transactions made on the same day an account was opened were not monitored.

  • Subsequent transactions remained unmonitored until the account record was updated.

This error affected approximately 166,000 accounts and over 46.5 million transactions with a value exceeding £31.5 billion.

 

The ‘Bad Data’ Issues

A key focus of the enforcement action was Metro Bank's management of "Bad Data," which led to the rejection of approximately 10.8% of all transactions—1.6 million by March 2018. The system rejected records for several reasons, including:

  • Missing or Incorrect Address Information: Issues with address, postcode, or residence details meant the records were rejected.

  • Account Records: Rejected when corresponding customer records were incomplete or unavailable.


There were several significant issues in how rejections were handled, including:

  • Limited Access: The team responsible for resolving rejected records could access only about one-third of the problematic entries.

  • Lack of Escalation Protocols: No formal process was in place to address records deemed unfixable.

  • Inadequate Monitoring: Rejected transactions could not be retroactively monitored, leaving gaps in oversight.

     

Although junior staff raised concerns as early as 2017-2018, meaningful action was not taken until late 2018.

 

Control Failures

The FCA highlighted several critical control deficiencies:

  • Data Completeness Oversight: No checks on data completeness were conducted between June 2016 and April 2019.

  • Inadequate Rejection Handling: Processes for managing rejected transaction data were insufficient.

  • Flawed Reconciliation: The reconciliation process remained ineffective until December 2020.

  • Obscured Customer Activity: Internal transactions distorted the actual volume of unmonitored customer transactions.

     

Timeline 

  • June 2016: ATMS system implemented.

  • 2017-2018: Junior staff at Metro Bank raised concerns about unmonitored transactions.

  • April 2019: A 'timestamp' error was discovered during system upgrade testing.

  • July 2019: An initial fix was applied to address the issue.

  • December 2020: Comprehensive reconciliation process fully established.

 

Remediation

In response to these issues, Metro Bank took the following corrective actions:

  • Conducted a thorough review of previously unmonitored transactions.

  • Filed 153 additional suspicious activity reports (SARs).

  • Closed 43 customer accounts linked to suspicious activity.

  • Strengthened data controls and revamped system architecture.

  • Made substantial investments in new resources and enhanced capabilities.

Metro Bank Fines and Penalties

The FCA calculated the fine as follows:

  • Initial penalty amount: £23,821,700

  • 30% reduction for early settlement: -£7,146,500

  • Final penalty: £16,675,200

Sources: