The Financial Conduct Authority (FCA) took responsibility for financial conduct regulation in April 2013. It now regulates the conduct of approximately 50,000 financial services firms in the UK and sets specific standards for 17,000 firms.
Since its establishment, the FCA has never had a year where the total fines are anything less than £1m. Its first full year of regulation in 2014 saw a record £1.47bn in fines issued. These figures indicate how vital it is to ensure your staff receive comprehensive FCA training.
Top 20 FCA fines so far
- Barclays Bank plc - £284m fine (2015)
- National Westminster Bank Plc - £264.7m fine (2021)
- UBS AG - £233.8m fine (2014)
- Deutsche Bank fined - £226.8m fine (2015)
- Citibank NA - £225.6m fine (2014)
- JPMorgan Chase Bank - £222.1m fine (2014)
- The Royal Bank of Scotland - £217m fine (2014)
- HSBC Bank plc - £216.4m fine (2014)
- Deutsche Bank AG - £163m fine (2017)
- Credit Suisse - £147.2m fine (2021)
- JPMorgan Chase Bank NA - £137.6m fine (2013)
- The Bank of New York Mellon London Branch & Intl Ltd. - £126m fine (2015)
- Lloyd's Banking Group - £117.4m fine (2015)
- Santander UK plc - £107.8m (2022)
- Lloyd's Banking Group - £105m fine (2014)
- Rabobank - £105m fine (2013)
- Standard Chartered Bank - £102m fine (2019)
- Goldman Sachs International - £97m fine (2020)
- Lloyd's Bank General Insurance - £90.7m (2021)
- The Royal Bank of Scotland plc - £87.5m fine (2013)
The biggest 20 FCA fines over nearly a decade reveal some key takeaways. Firstly, barring the National Westminster Bank Plc's fine in 2021, most hefty fines were dished out in 2014 and 2015. This indicates the severity of misconduct in operation that the FCA dealt with in its early stages of establishment.
Secondly, there's little evidence of firms learning a lesson from these penalties. There are few other repeat offenders on the list who faced multiple penalties large enough to be featured in the biggest fines of all time.
We continuously track the largest FCA fines each year. If you're interested in the full details, have a look at the highest fines in 2018, 2019, and 2020 as well as the high penalty year of 2021, the biggest fines of 2022 and the most recent fines in 2023.
The 20 biggest FCA fines in detail
1. Barclays Bank plc - £284m fine (2015)
Breaching Principle 3
The FCA imposed a fine of £284m on Barclays for failing to control business practices concerning its foreign exchange (FX) business in London. This financial penalty is the largest the FCA or its predecessor, the Financial Services Authority (FSA), has ever issued.
Barclays' controls over its FX business were ineffective as its front office failed to identify obvious risks linked to confidentiality, conflicts of interest and trader conduct. The bank engaged in collusive behaviour, and the FCA also found evidence of the inappropriate sharing of confidential information.
Barclays settled the penalty at stage two of the investigation, allowing them to qualify for a 20% discount, without which the fine would have been £355.5m.
2. National Westminster Bank plc - £264.7m fine (2021)
Money Laundering Regulations 2007 - AML failings
This case is the first where the FCA has pursued criminal charges for money laundering failings. They relate to NatWest's failure to properly monitor the activity of Fowler Oldfield between 2012 and 2016.
The Bradford-based jewellery business deposited £264m cash with Natwest.
Red flags reported included large amounts of Scottish banknotes deposited throughout England, notes carrying a prominent musty smell, and individuals acting suspiciously when depositing cash in NatWest branches.
Despite bank employees reporting suspicions to those responsible for investigating money laundering, the bank took no appropriate action.
The bank's automated transaction monitoring system recognised some cash deposits as cheques. This compounded the failure across many other customers depositing cash and Fowler Oldfield.
The bank's guilty plea reduced the fine by a third.
"NatWest is responsible for a catalogue of failures in the way it monitored and scrutinised transactions that were self-evidently suspicious. Combined with serious systems failures, like the treatment of cash deposits as cheques, these failures created an open door for money laundering...Anti-money laundering controls are a vital part of the fight against serious crime, like drug trafficking, and such failures are intolerable ones that let down the whole community, which, in this case, justified the FCA’s first criminal prosecution under the Money Laundering Regulations."
3. UBS AG - £233.8m fine (2014)
Failure to control business practice in G10 spot F.X. trading operations
UBS AG was one of five banks to receive a share of the penalty amount of £1.1bn for failing to control business practices in their G10 spot FX trading operations. The Swiss bank received the highest proportion of this fine.
UBS AG failed to adequately identify, manage and assess the risks linked to its G10 spot FX trading business. These risks were associated with confidentiality, conflicts of interest and trading conduct.
This behaviour saw UBS, along with the other banks, sharing information about client activities and attempting to manipulate G10 spot FX currency rates. These actions would disadvantage both those clients and the market.
4. Deutsche Bank AG - £226.8m fine (2015)
Breaching Principles 5, 3 and 11
The FCA fined Deutsche Bank AG £226.8m for IBOR misconduct. This is the largest penalty it has imposed for LIBOR and EURIBOR misconduct. The fine is so large due to the bank misleading the regulator.
Upon investigation, it was found that Deutsche trading desks manipulated its IBOR submissions across all major currencies. This misconduct was not identified due to the bank's inadequate systems and controls.
Furthermore, Deutsche Bank provided the FCA with misleading information which insinuated that the German regulator, BaFin, prevented a report from being shared. They also provided the FCA with false attestation which delayed the investigation. The bank proceeded to settle at an early stage of the investigation.
5. Citibank NA - £225.6m fine (2014)
Failure to control business practice in G10 spot F.X. trading operations
Citibank was one of five banks to receive a part of the penalty amount of £1.1bn for failing to control business practices in their G10 spot FX trading operations.
Citibank failed to adequately identify, manage and assess the risks linked to its G10 spot FX trading business. These risks were associated with confidentiality, conflicts of interest and trading conduct.
This behaviour saw Citibank, along with the other banks, sharing information about client activities and attempting to manipulate G10 spot FX currency rates. These actions would disadvantage both those clients and the market. Citi agreed to settle at an early stage which allowed them to qualify for a 30% discount.
6. JPMorgan Chase Bank - £222.1m fine (2014)
Failure to control business practice in G10 spot FX trading operations
JPMorgan Chase Bank was one of five banks to receive a share of the fine amount of £1.1bn for failing to control business practices in their G10 spot FX trading operations.
JPMorgan Chase Bank failed to adequately identify, manage and assess the risks linked to its G10 spot FX trading business. These risks were associated with confidentiality, conflicts of interest and trading conduct.
This behaviour saw JPMorgan Chase Bank, along with the other banks, sharing information about client activities and attempting to manipulate G10 spot FX currency rates. These actions would disadvantage both those clients and the market.
7. The Royal Bank of Scotland - £217m fine (2014)
Failure to control business practice in G10 spot FX trading operations
The Royal Bank of Scotland was one of five banks to receive part of the financial penalty of £1.1bn for failing to control business practices in their G10 spot FX trading operations.
The Royal Bank of Scotland failed to adequately identify, manage and assess the risks linked to its G10 spot FX trading business. These risks were associated with confidentiality, conflicts of interest and trading conduct.
This behaviour saw the Royal Bank of Scotland and the other banks sharing information about client activities and attempting to manipulate G10 spot FX currency rates. These actions would disadvantage both those clients and the market.
8. HSBC Bank plc - £216.4m fine (2014)
Failure to control business practice in G10 spot F.X. trading operations
HSBC Bank plc was one of five banks to receive a part of the financial penalty totalling £1.1bn for failing to control business practices in their G10 spot FX trading operations.
HSBC Bank plc failed to adequately identify, manage and assess the risks linked to its G10 spot FX trading business. These risks were associated with confidentiality, conflicts of interest and trading conduct.
This behaviour saw HSBC Bank plc, along with the other banks, sharing information about client activities and attempting to manipulate G10 spot FX currency rates. These actions would disadvantage both those clients and the market.
9. Deutsche Bank AG - £163m fine (2017)
PRIN 3 breaches - financial crime
The FCA fined Deutsche Bank AG an amount of £163m for failure to maintain an adequate anti-money laundering (AML) framework from the beginning of 2012 to the end of 2015.
Due to the bank's failings in properly overseeing new customer relationships and booking global business in the UK, it exposed the UK financial systems to financial crime risks.
“Financial crime is a risk to the UK financial system. Deutsche Bank was obliged to establish and maintain an effective AML control framework. By failing to do so, Deutsche Bank put itself at risk of being used to facilitate financial crime and exposed the UK to the risk of financial crime.”
10. Credit Suisse (fined £147.2m)
Prin 2 & Prin 3 breaches - Financial crime
The FCA fined Credit Suisseover £147 million for serious financial crime due to diligence failings related to loans worth over $1.3 billion, which the bank arranged for the Republic of Mozambique. The bank had arranged these loans, and a bond exchange, for the Republic of Mozambique. Due to this corruption, Credit Suisse has agreed to forgive US$200 million of debt owed by the Republic of Mozambique.
Over the period from October 2012 to March 2016, Credit Suisse failed to properly manage the risk of financial crime within its emerging markets business. An unacceptable risk of bribery was associated with the two Mozambican loans and a bond exchange relating to government-sponsored projects. Furthermore, Credit Suisse has sufficient information to this end.
The risk of government officials being corrupt in Mozambique was high, and the projects were not subject to public scrutiny or formal procurement processes. Credit Suisse was aware of this. The contractor engaged by Mozambique on the projects was described as a "master of kickbacks".
In order to secure the loans at more favourable terms, this contractor secretly paid significant kickbacks, estimated at over US$50 million, to members of Credit Suisse's deal team. This includes two Managing Directors.
Despite the fact that these Credit Suisse employees concealed the kickbacks, warning signs of potential corruption should have been clear to Credit Suisse's control functions and senior committees.
Repeatedly, there was insufficient scrutiny and inquiry within the company despite important risk factors and warnings. The Republic of Mozambique has subsequently claimed that the minimum total of bribes paid in respect of the two loans is around US$137 million.
The FCA fine is part of an approximate US$475 million global resolution agreement involving the U.S. Department of Justice, the U.S. Securities and Exchange Commission, and the Swiss Financial Market Supervisory Authority (FINMA).
"The FCA’s fine reflects the impact of these tainted transactions which included a debt crisis and economic harm for the people of Mozambique. The fine would have been higher if not for Credit Suisse agreeing to provide the debt write-off of US$200 million. The FCA will continue to pursue serious financial crime control failings by regulated firms."
11. JPMorgan Chase Bank NA - £137.6m fine (2013)
Breaching Principles 2, 3, 5 & 11
The FCA issued a fine of £137.6m to JPMorgan Chase Bank NA for serious failings connected to its Chief Investment Office's (CIO) "London Whale" trades. The breaches relate to the CIO's $6.2 billion trading loss in 2012. These losses arose as a result of what became known as the "London Whale" trades. Essentially, they were caused by a high-risk trading strategy, weak trading management and an inadequate response to important information.
When the scale of the problems at JPMorgan became apparent, it sent a shock-wave through the markets. Maintaining the integrity of markets is a key part of our wholesale conduct agenda. We consider JPMorgan's failings to be extremely serious such as to undermine the trust and confidence in UK financial markets.
12. The Bank of NY Mellon London Branch - £126m fine (2015)
Breaching Principle 10 & some rules in Chapter 6 of Client Assets Sourcebook
The FCA fined the Bank of New York Mellon London branch (BNYMLB) and the Bank of New York Mellon Internation Limited (BNYMIL) £126m for failure to comply with Custody Rules. These rules protect safe custody assets if a firm is deemed insolvent.
Regulated firms must have systems and controls to ensure these assets are returned to clients as quickly as possible. The Bank of New York Mellon Group, which the firms are a part of, is the world's largest custody bank.
The safe custody assets held by BNYMLB and BNYMIL totalled £1.3tn and £236bn, respectively. The size of the penalty reflects the value of the safe custody assets and the severity of the firms' failings.
13. Lloyd's Banking Group - £117.4m fine (2015)
Breaching Principle 6 of Principles for Business
Lloyd's Banking Group was fined an amount of £117.4m for failure to handle Payment Protect Insurance (PPI) complaints fairly. This is the largest retail fine ever issued by the FCA. Over the period from March 2012 to May 2013, Lloyds rejected 37% of 2.3m customer PPI policy complaints.
The FCA also found that Lloyds didn't notify complaints handlers of known failings in its PPI sales processes. These processes were used to dismiss customers' personal accounts or not fully investigate the complaint. Due to this misconduct, complaints handlers unfairly rejected many customer complaints.
14. Santander UK plc - £107.8m (2022)
Breaches of PRIN 3
The FCA has fined Santander UK £107.7m after it discovered serious and persistent gaps in its anti-money laundering (AML) controls, affecting its Business Banking clients. The FCA found these failures to have been ongoing for almost five years.
Santander's failures led to over £298m in suspicious funds passing through the bank before it closed the accounts. The bank has not disputed the FCA's findings and has agreed to settle. This means Santander has qualified for a 30% discount. Without the settlement, the fine would have been £153.9m.
15. Lloyd's Banking Group - £105m fine (2014)
Serious LIBOR & other benchmark failings
Another year, another big fine for Lloyd's Banking Group. They were fined £105m for serious misconduct relating to the Special Liquidity Scheme (SLS), the Repo Rate benchmark and the London Interbank Offered Rate (LIBOR).
While the LIBOR misconduct was similar in many ways to that committed by other institutions, manipulating the Repo Rate benchmark was a rare type of misconduct. In fact, £70m of the fine amount relates to the attempted manipulation of the fees payable to the Bank of England for the firm's participation in the SLS.
The firms were a significant beneficiary of financial assistance from the Bank of England through the SLS. Colluding to benefit the firms at the expense, ultimately, of the UK taxpayer was unacceptable. This falls well short of the standards the FCA and the market is entitled to expect from regulated firms.
16. Rabobank - £105m fine (2013)
Rabobank were fined £105m for serious misconduct relating to LIBOR. The bank had poor internal controls leading to collusion between BIBOR submitters and traders. This opened the door to systematic attempts at benchmark manipulation.
Furthermore, Rabobank assured the FCA that they had suitable arrangements in place yet only addressed these failings in August 2012, nearly a year and a half after assuring the FCA.
Rabobank’s misconduct is among the most serious we have identified on LIBOR. Traders and submitters treated LIBOR submissions as a potential way to make money, with no regard for the integrity of the market. This is unacceptable.
17. Standard Chartered Bank - £102m fine (2019)
Breaches of the Money Laundering Regulations 2007
In April 2019, we reported on the second-largest fine ever issued by the FCA. Standard Chartered Bank received a£102m fine for breaching money laundering regulations.
The FCA found serious and sustained shortcomings in Standard Chartered's AML controls relating to customer due diligence and ongoing monitoring. Standard Chartered failed to establish and maintain risk-sensitive policies and procedures and failed to ensure its United Arab Emirates (UAE) branches applied UK equivalent AML and counter-terrorist financing controls.
The failings identified exposed Standard Chartered to the risk of breaching sanctions and increased the risk of Standard Chartered receiving and/or laundering the proceeds of crime. Examples of Standard Chartered AML failings are detailed in the FCA Decision Notice.
The FCA also found significant shortcomings in Standard Chartered's internal assessments of the adequacy of its AML controls, its approach toward identifying and mitigating material money laundering risks and its escalation of money laundering risks.
18. Goldman Sachs International - £97m fine (2020)
PRIN 2 and PRIN 3 breaches – Risk management failures
Goldman Sachs International (GSI) was slapped with a £97m fineby the FCA and the Prudential Regulation Authority (PRA). The amount was part of a US$2.9 billion globally coordinated settlement reached between GSI and various other authorities, including the US Department of Justice and the Monetary Authority of Singapore.
This relates to risk management failures connected to 1Malaysia Development Berhad (1MDB) and GSI's role in three fundraising transactions for the Malaysian state-owned development company.
In a statement, the FCA and PRA said GSI had "failed to assess and manage risk to the standard that was required given the high-risk profile of the 1MDB transactions, and failed to assess risk factors on a sufficiently holistic basis". GSI had also "failed to address bribery allegations in 2013 and failed to manage allegations of misconduct in connection with 1MBD in 2015".
19. Lloyds Bank General Insurance - £90.7m (2021)
PRIN 3 & PRIN 7 breaches – Communications with customers
The FCA fined LBGI for failing to ensure that language was clear, fair and not misleading within millions of home insurance renewals communications.
LBGI sent 9m renewal communications to home insurance customers from January 2009 and November 2017 with language that they were receiving a 'competitive price' at renewal.
They did not substantiate the 'competitive price' language used by checking that it was accurate. Around 87% received the letters renewed. In 2009 the 'competitive price' wording was amended, but the language remained in many renewals communications despite repeated missed opportunities to address it.
This caused a risk of harm as it was likely that the premium quoted to them at renewal would have increased versus their prior premium. Renewal premiums would also likely have been higher than the premium quoted to new customers or those switching. Particularly for customers who renewed repeatedly.
Separately, LBGI informed half a million customers they would receive a discount based on their 'loyalty', they were a 'valued customer', or another promotional or discretionary basis. The discount wasn't applied and was never intended to. It affected around 1.2m renewals, with approximately 1.5m communications sent by LGBI. It was only identified and rectified by LBGI during the FCA's investigation.
The FCA did not require LBGI to pay redress to customers who received a renewal letter, including the 'competitive' renewal premium claim.
LBGI made voluntary payments of approximately £13.5 million to customers who received communications that erroneously referred to the application of a discount when none was applied, which was taken into account in the financial penalty. LBGI is contacting customers proactively, meaning customers do not have to take any steps to receive payment.
In its General Insurance pricing practices market study conducted between 2018 and 2020, the FCA found that, typically, insurance premiums increased each year on renewal as insurers sought to recover any losses that may have been incurred by the insurer offering an introductory discount. This is because existing policyholders will likely have paid more at renewal than a new customer presenting an equivalent insurance risk unless they shopped around.
"Firms must ensure their communications with customers are clear, fair and not misleading. LBGI failed to ensure that this was the case. Millions of customers ended up receiving renewal letters that claimed customers were being quoted a competitive price which was unsubstantiated and risked serious consumer harm."
Under new FCA rules, from 1 January 2022, insurers will be required to offer customers a renewal price no higher than they would pay as a new customer. The FCA estimates it will save consumers £4.2 billion over ten years.
20. The Royal Bank of Scotland plc - £87.5m fine (2013)
The FCA handed the Royal Bank of Scotland plc an £87.5m fine in 2013 for breaching Principles 3 and 5 of FSA's Principles for Business from October 2006 to November 2010.
In an attempt to benefit its derivatives trading books, the bank manipulated LIBOR in connection with its submission rates that formed part of the calculation of the Japanese yen and Swiss franc. Ultimately, the Royal Bank of Scotland's misconduct undermined the integrity of LIBOR.
Want to learn more about FCA Compliance?
We also have over 100 free compliance training aids, including assessments, best practice guides, checklists, desk aids, eBooks, games, posters, training presentations and even e-learning modules!
Finally, the SkillcastConnect community provides a unique opportunity to network with other compliance professionals in a vendor-free environment, priority access to our free online learning portal and other exclusive benefits.