Biggest Compliance Fines in 2020

Posted by

David Mangion

on 26 Jan 2021

Penalties for regulatory breaches can be eye-watering. We examine the trends in compliance fines in 2020 and explain how they could have been avoided.

Key compliance fines in 2020

Don't forget to read our summary of key compliance fines in 2020

AML Fines in 2020

The penalties for money laundering range from eye-watering fines to prison sentences. The biggest fine was over £30 million. A pretty big incentive not to do it? Not everyone seemed to agree...

Read about the most significant cases in our Biggest AML Fines of 2020 blog.

How could these fines have been avoided?

  • Conduct initial and ongoing client due diligence using a risk-based approach with no exceptions.
  • Look out for anything about any customer or transaction that is unusual or suspicious - pay particular attention to high-risk customers and jurisdictions.
  • Report any knowledge or suspicion of money laundering to the relevant authorities immediately, and take no further action until authorised to do so.
  • Avoid tipping off anyone who has been reported for money laundering or terrorist financing.

MLRO Responsibilities Checklist

Bribery fines in 2020

In 2020 we saw some huge financial penalties for bribery and corruption. But one, in particular, ran into billions of dollars. We examined the biggest settlements to find out the root causes and how they could have been avoided.

Read about the most significant cases in our Biggest Bribery Fines of 2020 blog.

You may wonder why we describe bribery settlements rather than simply fines. Because of the nature of the financial gains from bribery, often the disgorgement is the most significant penalty. Dwarfing the actual fines by an enormous amount.

How could these penalties have been avoided?

  • Never offer money or anything of value in return for improper performance of any function.
  • Ensure that gifts, hospitality, donations, sponsorship and expenses are proportionate and in line with industry-standard policies and thresholds.
  • Never make facilitation payments to speed up processes or 'jump the queue'.
  • Make sure you report any suspicion or knowledge of bribery to the relevant authorities immediately.

Competition Fines in 2020

Competition law fines in 2020 did not reach the billion-dollar heights of earlier years. But the penalties were still huge. So what went wrong?

Read about the key cases in our Biggest Competition Law Fines of 2020 blog.

How could these fines have been avoided?

Competition law is a complex area covering many different types of anti-competitive behaviour. So here a just a few basic tips to stay compliant.

  • Never discuss or enter into agreements with competitors - regarding prices, margins, market shares or production volumes.
  • Never discuss future pricing plans and promotions with suppliers - or discuss RRPs with retailers.
  • Don't impose price, territorial or online sales restrictions on suppliers or distributors - unless you are certain that it is legally permissible to do so in that instance.
  • Don't act in a way that restricts competition in markets where you enjoy a dominant position - by, for instance, refusing to supply, prohibiting discounting, imposing exclusive obligations or entering "pay-for-delay" deals.
  • Don't discuss anything that is commercially sensitive with competitors - including prices, markets, territories, strategies or - as it is illegal.

We have an extensive list of dos and don't of competition law compliance and a rundown of the biggest Competition Law Fines of 2020 in our blog.

Competition Law Training Presentation

FCA Fines in 2020

The Financial Conduct Authority (FCA) exists with the aim to protect consumers, promote fair competition and enhance market integrity. However, as you're about to witness, getting on their wrong side can cost any UK company dearly.

In 2020, nearly £200 million in FCA fines were handed out to UK companies. That meant less of a bumper year than 2019 (a record £392 million). Notably many of the biggest fines related to PRIN 3 breaches. That is a failure in terms of management and control.

You can read more about the top 10 fines in our FCA Fines 2020 blog.

How could these fines have been avoided?

The FCA's 'Principles for Business' (PRIN) set out the fundamental obligations for firms under the regulatory regime.

According to the FCA principle 3, a firm "must take reasonable care to organise and control its affairs responsibly and effectively, with adequate risk management systems". This refers to a firm's:

  • Robust governance arrangements - rules, practice and processes.
  • Skills, knowledge and expertise of staff - in other words, train people!
  • Outsourcing responsibilities - know your suppliers and make sure they are compliant.
  • Record-keeping - keep records, and make sure they are accurate and up-to-date.
  • Conflicts of interest - again keep a compliance register to avoid issues.

The FCA will identify potential or actual consumer harm caused by the actions of firms or markets and take action to address that conduct. These penalties should act as a clear warning to any companies who aren't taking financial compliance as seriously as they should be.

New call-to-action

GDPR Fines in 2020

Since the General Data Protection Regulation (GDPR) came into effect in 2018 it has completely transformed how companies deal with their clients’ personal data. It brought about reforms that are tailor-made for the world of today and promised to come down hard on any companies which failed to respect them.

Fines totalling €272.5 million have been imposed for a wide range of GDPR infringements. Most have these were related to breaches of GDPR articles 5 and 6.

Read about the key cases in our biggest GDPR fines of 2020 blog.

How could these fines have been avoided?

At the core of the GDPR are seven key principles, which are laid out in Article 5 of the legislation and have been designed to guide how people's data can be handled:

  • Lawfulness, fairness and transparency - be clear about why it’s being collected and how it’s going to be used.
  • Purpose limitation - have a specific and legitimate reason for collecting and processing personal information.
  • Data minimisation - only store the minimum amount of data required for their purpose.
  • Accuracy - regularly review information held about individuals and delete or amend inaccurate information accordingly.
  • Storage limitation - if there is no longer a need for personal data for the purpose for which it was collected, it should be deleted or destroyed unless there are other grounds for retention.
  • Integrity and confidentiality (security) - ensure that all the appropriate measures are in place to secure the personal data you hold.
  • Accountability - take responsibility for the data they hold and demonstrate compliance with the other principles.

Article 6 of the GDPR sets out the lawful basis for the processing of personal data. At least one of these must apply whenever you process personal data:

  • Consent - The individual has given clear consent for you to process their personal data for a specific purpose.
  • Contract - The processing is necessary for a contract you have with the individual, or because they have asked you to take specific steps before entering into a contract.
  • Legal obligation - The processing is necessary for you to comply with the law (not including contractual obligations).
  • Vital interests - The processing is necessary to protect someone’s life.
  • Public task - The processing is necessary for you to perform a task in the public interest or for your official functions and the task or function has a clear basis in law.
  • Legitimate interests - the processing is necessary for your legitimate interests or the legitimate interests of a third party unless there is a good reason to protect the individual’s personal data which overrides those legitimate interests.

Italy tops the rankings for aggregate fines of more than €69.3 million since the application of the GDPR on 25 May 2018. Germany and France came second and third with aggregate fines of €69.1 million and €54.4 million respectively.

While most companies have cleaned up their act when it comes to data protection, there are plenty who still fall foul of the law and are being investigated and fined accordingly. The daily rate of breach notifications in Europe experienced double-digit growth for the second year running.

GDPR Course Library

Health & Safety Fines in 2020

Fines for health and safety breaches in the UK were less substantial in 2020 than in 2019. We've examined the failings that prompted these penalties and the underlying statistics behind them.

How could these fines have been avoided?

Most health and safety-related fines handed out in 2020 were in breach of section 2 of the Health and Safety at Work Act 1974. This stipulates that it is an employer's duty to ensure, so far as is reasonably practicable, the health, safety and welfare at work of all their employees. This duty involves:

  • Providing and maintaining safe equipment, machinery and systems of work.
  • Ensuring the safe use, handling, storage or transportation of articles or substances used at work or in connection with work by their employees.
  • Providing any information, instruction, training and supervision which is necessary to ensure that employees can carry out their work safely.
  • Ensuring places of work are free from danger - premises under the employer’s control must be free from danger, with safe means of entrance and exit.
  • Making sure the working environment is safe, without risks to health and providing adequate facilities and arrangements for welfare at work.

In 2019 every health and safety fine in the top 10 was in excess of £1 million. As only 3 of the top 10 fines in 2020 were at this level, you might expect a fall in sickness and injury, however, the picture is far from clear cut. Many areas continue a downward trend with the notable exception of work-related stress!

We have examined the causes of the biggest health and safety fines in the UK in 2020, to help you understand how to avoid the substantial penalties from compliance breaches.

Workplace Accidents Training Presentation

More on Compliance Fines

As well as tracking the largest recent fines, we have also examined the largest penalties in history. From UK competition law fines to data breach fines and financial crime penalties.

We have searchable glossaries of key terms and definitions across key topics including GDPR, Equality, Financial Crime and SMCR to help you navigate these complex areas.

And finally, we explain what drives fines in specific areas, and how to avoid them across financial sanctions, the GDPR and tax evasion.

Looking for more compliance insights?

If you'd like to stay up to date with best practices, industry insights and key trends across regulatory compliance, digital learning, EdTech and RegTech news subscribe to Skillcast Compliance Bulletin.

You can follow our ongoing YouGov research into compliance issues, attitudes and risk perceptions in the UK workplace through our Compliance Insights blogs.

Last but not least, we have 60+ free compliance training aids, including assessments, best practice guides, checklists, desk-aids, eBooks, games, handouts, posters, training presentations and even e-learning modules!

If you've any questions or concerns about compliance or e-learning, please get in touch.

We are happy to help!

Compliance Essentials

Our comprehensive off-the-shelf compliance solution of 30+ in-depth courses and dozens of microlearning modules helps companies from SMEs to global corporates to achieve compliance success.

Start a Free Trial

cta-banner-placeholder