FCA consult on extending criminal checks for owners and controllers of directly authorised firms

The FCA are consulting on proposals to require criminal/DBS checks to be undertaken for owners and controllers of directly authorised firms in a bid to prevent criminals from owning or controlling regulated firms.

The proposals follow a recommendation by The Financial Action Task Force (FATF) that the FCA consider a wider use of criminal background checks to ensure that criminals and their associates are prevented from owning or controlling financial institutions.

Currently, the regulator operates a risk-based approach to criminal background checks, meaning checks are only performed when specific concerns about an individual’s fitness and propriety arise, unlike other statutory anti-money laundering (AML) and counter-terrorist financing (CFT) supervisors, such as His Majesty’s Revenues & Customs (HMRC) and the Gambling Commission, which perform routine checks.

In line with the FATF recommendation, and in agreement with the Prudential Regulation Authority, the FCA propose to require controllers and beneficial owners to obtain criminal background checks from the Disclosure and Barring Service (DBS) (or equivalent for those outside of England and Wales). This requirement will apply to those making an application for authorisation or registration with the FCA and for a notice of an intended acquisition or increase in control.

According to the proposal, when making an application for authorisation or registration and for a notice of an intended acquisition or increase in control (‘change in control’ or ‘CIC’), applicants or notice givers will be required to confirm that a DBS check for controllers has been undertaken within the last 6 months. As an individual cannot apply for a standard DBS check by themselves, an employer or firm must do so on their behalf.

The proposals apply to the following:

  • potential controllers submitting a CIC notice under Part XII of Financial Services and Markets Act 2000 (FSMA)
  • controllers of firms applying to become authorised persons under FSMA (new firm authorisations (NFA)) (both Markets in Financial Instruments Directive (MiFID) and non-MiFID)
  • individuals with a qualifying holding in a payment institution or e-money institution
  • beneficial owners of Annex 1 financial institutions and cryptoasset businesses registered under regulation 54(1A) of the Money Laundering Regulations (MLRs)
  • persons submitting a CIC notice in accordance with the MLRs, Payment Services Regulations 2017 (PSRs) and the Electronic Money Regulations 2011 (EMRs)
  • controllers submitting an application or notification made to the PRA where the FCA is required to provide its consent or consultation (excluding appointed representatives (AR))

The proposals will not apply to controllers of any AR under FSMA or agents under the PSRs and EMRs, nor replace any existing processes for Senior Management Functions’ (SMFs) holders who may propose to be a controller within these areas.

By widening DBS checks, the FCA aims to enhance future assessments of controllers and advance its operational objectives of protecting and enhancing market integrity and consumer protection, stating that checks will “require[e] controllers to be more transparent by carrying out a DBS check”, thus, “increasing market surveillance and trust”. The regulator also suggests that introducing such checks would further their secondary international competitiveness and growth objective by “reducing the negative impact of financial crime on the economy and increase trust in the controllers of financial institutions”.

The proposals suggest that a basic or standard DBS check would be required. A standard DBS contains details of spent and unspent convictions, cautions, reprimands, and warnings held on the Police National Computer (PNC), which are not subject to filtering. Whilst a basic DBS would only show details relating to unspent convictions, the regulator stated that this, alongside existing disclosure questions and checks at application, would allow effective consideration of individual’s criminal background to prevent criminals from being financial controllers”.

Subject to feedback from the consultation, the requirement is expected to apply to all new applications or notifications submitted from January 2025 onwards; it will not impact any submitted before this date, nor those yet determined when the new requirements are introduced.

 

About the author

Rebecca recently joined us in 2024 as a Senior Content Writer and has experience researching and creating multimedia content. With a keen interest in current and emerging industry affairs, Rebecca responds through a critical lens and, by promoting thought and discussion, aims to increase awareness of UKGI’s work.

Get UKGI Insight In Your Inbox

Regular business news and commentary delivered direct to your inbox each week. Sign up here