Firms are being investigated for regulatory breaches, and entities face million US dollar fines. Where are vulnerable and what can you do to avoid risks?
Hugo LodgeSenior Counsel,Dispute Resolution
The UAE remains under the supervision of the Financial Task Force (FATF) in respect of Anti-money Laundering (AML) and related international standards. Recent decisions and guidance handed down by regulators in Dubai and Abu Dhabi have naturally focused on these fields. Firms are being investigated for regulatory breaches, and entities face multi-million US dollar fines. Where are you vulnerable and what can you do to mitigate your risk?
In November 2022 the DFSA published an ‘enforceable undertaking’ in respect of a supervised DIFC bank. The entity was licensed in: arranging deals in investments; advising on financial products; and related services.
Following DFSA risk assessments of the bank in 2017 and 2021, the authority issued a Decision Notice in respect of widespread and sustained AML failings, namely that the bank had not dealt adequately with any of the following requirements: assessing its own business AML risks; assessing its clients’ AML Risks;record keeping; source of wealth information and corroboration; ongoing customer due diligence; and Suspicious Activity Reports. These represent core AML responsibilities which apply to all regulated persons.
The DFSA made plain that the contraventions set out above did not mean that the regulator found instances of actual money laundering, terrorist financing or sanctions breaches. Here is the classic distinction to me made between criminality on the one hand, and regulatory breaches on the other hand (where a licensed entity fails to deal adequately with AML and related risks, e.g. it does not have proper systems and controls, policies and procedures). The chastening point for regulated firms is that even non-criminal regulatory breaches can lead to multi-million dollar fines. Advice should be taken at an early stage and not left until a regulatory investigation begins.
Regulators are taking a robust approach on AML breaches Multi-million dollar fines can be imposed by financial service regulators.
In this case the bank did not contest the case but acknowledged its shortcomings and undertook to do the following: appoint and pay for an External Compliance Expert to help identify and implement a suitable Remediation Plan.
The DFSA retains the right to seek further enforcement action (including fines) if the terms of the undertaking are not followed by the bank.
We are well placed to advise on dealing with financial service regulators, including resulting advocacy before internal tribunals with appeal / review by external courts (e.g. in DIFC and ADGM).
With effect from June 2022, the DFSA withdrew the authorised individual status from a Director and Senior Executive Officer who had day to day responsibility for a metal commodities trading desk (the Desk), and restricted him from performing any other licensed function. By way of background, Commodity Murabaha is commonly used to facilitate Shari’a-compliant cash advances to borrowers and create liquidity for banks through deposits.
The DFSA found fault with the Director in that he: knew the Desk did not find alternative Suppliers to source the commodities required to facilitate the Murabaha transactions for the Desk’s clients; knew that a Supplier was required for the Murabaha transactions, including that it satisfied the Client Banks’ Shari’a requirements; failed to stop the Desk from continuing to facilitate the Murabaha transactions over the period by reusing title to commodities which were not owned by the Desk; and failed to stop the Desk from misrepresenting to a client that the Desk had a Supplier when, in fact, it did not.
One particularly egregious feature was that in the period in which there was no Supplier, the Desk ‘recycled’ old London Metal Exchange (LME) Warrants. In other words, to facilitate Murabaha transactions, the Desk reused LME Warrants (represented by Warrant Numbers) it did not own. The Director was aware that the Desk facilitated the Murabaha transactions for the Client Banks using the recycled LME Warrants.
These findings formed the basis for the DFSA’s decision that by failing to stop the Desk from reusing the titles to commodities, and from providing false information to a client, the DFSA considered that the Director engaged in improper conduct. His conduct ‘demonstrated a lack of competence and, as a result, the DFSA considered he was not fit and proper to perform any Licensed Function in connection with the provision of Financial Services in or from the DIFC.’
The case is interesting because the DFSA did not find any breach of the laws it administers, but instead exercised a broad discretion in its interpretation in accordance with its own objectives, ‘the DFSA considers it appropriate to impose the Withdrawal and the Restriction because: it believes on reasonable grounds that the Director is not a fit and proper person to perform any Licensed Function in connection with the provision of Financial Services in or from the DIFC; and, it is necessary and proportionate to do so in support of the DFSA’s objectives’.
On 2 November 2022, the Regulator found that the Firm was not an authorised person and despite this: carried on a Regulated Activity by way of business in the Abu Dhabi Global Market (ADGM); described itself as an Authorised Person; and behaved as would an Authorised Person.
The Firm only held a commercial license to carry on non-financial business activities including “professional, scientific and technical activities” as a special purpose vehicle. It never been granted, or even applied for, a Financial Services Permission (FSP) by the Regulator. As such, the firm was never licensed or authorised by the Regulator to conduct any Regulated Activity in or from the ADGM. It maintained a registered address in ADGM but at no time had physical premises in the ADGM from which it could operate.
Nevertheless, the most serious breaches were that the Firm: marketed itself as a provider of Credit; engaged in informal introducer relationships to obtain introductions to companies and individuals in the ADGM and the UAE that were seeking Credit; represented itself as a Provider of Credit in the ADGM to at least four entities and individuals; and entered into loan agreements with at least four entities and individuals.
The case emphasises the extent to which Regulators will set fines at a level which provides a powerful deterrent effect. Another key aspect of the matter is that parallel action was taken against the Director and sole shareholder of the Firm. A financial penalty issued against him in the same amount.
The FSRA investigation also found that, during the course of an interview conducted as part of the Investigation, the Director knowingly or recklessly provided information to the Regulator that was materially false or misleading. For this reason, his authorisation was withdrawn and a restriction put in place.
As the UAE finds itself under increased supervision from FATF, regulators will take a robust approach to perceived breaches of AML laws and regulations in particular. Al Tamimi & Company is well placed to advise regulated individuals and entities on their regulatory obligations. Advice can be given as to which systems and controls (as well as policies and procedures) are required. Our Disputes team includes an experienced former financial service regulator (at the UK Financial Conduct Authority). It is important to be sure-footed and robust in dealing with regulatory investigations, to reduce exposure to reputational damage and hefty fines.
For further information,please contact Hugo Lodge
Published in February 2023