Compliance News | April 2026

This month's key compliance news includes bribery at Balt and Colas, the new guidance on non-financial misconduct, the Bank of London fine, risk and the Strait of Homuz, and more.

Our pick of compliance stories this month

• Misconduct reports up 10% in financial services as new rules finalised
• Unused leave results in £400k payout
• Balt pays $1.2 million to resolve bribery investigation
• Colas Group subsidiary pays $34.4m to settle bribery case
• Bank of London Group fined £2m for failing to act with integrity and faking documents
• Global supplies strained as Middle East conflict blocks vital passage
• Report calls for better screening of illegal mining risks by banks and FIs

Misconduct reports up 10% in financial services as new rules finalised

Firms need to start preparing for the new rules and guidance to tackle non-financial misconduct (NFM) in the workplace.
The Financial Conduct Authority defines NFM as behaviour that's not of a financial nature, such as bullying, harassment and violence.

The regulator said that where NFM goes unchecked, it can harm individuals, firms and overall confidence in the financial services sector.

The new rule COCON 1.1.7FR comes into effect from 1 September 2026, extending the scope of conduct rules to around 37,000 non-banking regulated firms. It will cover bullying, harassment and violence, where there is a work-related link.
Under the fit and proper (FIT) rule, firms may already consider misconduct when assessing individuals' fitness and propriety.

While the new COCON rule focuses on conduct where there is a work-related link, the new FIT guidance includes a wider range of NFM that firms should take into account when assessing individuals.

Firms are being encouraged to start preparing now, ahead of the implementation date.

There were 4,224 reports of misconduct in the year 2024/2025, up 10% on the previous year, when there were 3,843 reports.
The new guidance follows the high-profile case of Crispin Odey, who was fined £1.84 million and banned from the industry after claims were made in the Financial Times that he sexually harassed or assaulted women "for decades".

The regulator said he showed "reckless disregard" for the governance of the hedge fund Odey Asset Management and instead sought to protect his own interests.

Odey is currently challenging his case through the courts.

Key takeaways:

• Review and update policies and procedures - ie codes of conduct, disciplinary and grievance policies, social media, and whistleblowing, to ensure they take account of the new NFM rules
• Be clear about what "serious" misconduct means - for example, conduct in private life (including social media) is relevant if there's a material risk of the individual breaching regulatory standards or it could damage confidence in financial services
• Remember, conduct covers work-related events outside the office - eg business trips, conferences, client meetings and social events
• Avoid overreaching into individuals' private lives - you don't need to look into past rule breaches, revise past FIT assessments, monitor employees' private lives or social media, investigate trivial or irrelevant allegations about their private lives, or do anything contrary to privacy or employment laws
• Arrange training - so your employees and managers know what NFM is, are aware of the changes and how they'll affect them
• Be clear about roles and accountabilities - along with channels of escalation
• Provide role-specific training so managers and decision makers take reasonable steps to prevent and address NFM (in line with the new Worker Protection legislation) - remember, failure to prevent and address NFM may be a breach of Conduct Rule 2
• Strengthen fit and proper assessments - to ensure individuals make appropriate disclosures about their private lives (including convictions) where this could affect their fitness and propriety assessment
• Improve documentation - ensuring there are adequate records of NFM along with the action that was taken, particularly where there are regulatory impacts
• Review our regulatory references process - so our overall approach to NFM is consistent and lawful, with clear justification about what is and isn't disclosed in references to prospective employers
• Strengthen reporting mechanisms - including speak up channels. Encourage psychological safety so colleagues feel confident speaking up if they experience or witness misconduct, such as bullying or harassment, and have faith that their concerns will be assessed independently and fairly, without fear of retaliation
• Improve governance and oversight - to ensure NFM is escalated. Make sure senior managers and the board receive regular risk reports on culture, including NFM metrics and whistleblowing reports.

Unused leave results in £400k payout

A long-serving commercial manager won nearly £400,000 after his employer refused to honour decades’ worth of unused holiday leave. The employee had worked for the company since 1987 and, due to heavy workloads and limited staff, was often unable to take his annual leave. Over time, his unused holiday days accumulated to more than 800 (over two years' worth).

To address this, he reached an agreement with the company that his unused leave could be carried forward and paid later, rather than taken. This arrangement continued for many years.

However, after new management took over, the company refused to recognise this long-standing agreement. The employee was later dismissed and denied payment for the accumulated leave.

An employment tribunal ruled in his favour, deciding that:

• The agreement to carry over and pay for the unused holiday was valid
• The company failed to honour it
• His dismissal was unfair

As a result, he was awarded around £392,000 for unpaid holiday, plus additional compensation for unfair dismissal, bringing the total to over £400,000.

Key takeaways:

• Ensure employees take the annual leave they are entitled to. This is important for employee well-being as it could help prevent burnout. If they can't take this leave , it can accumulate into a large legal liability for employers.
• Unused holiday equates to financial risk for employers. Backdated claims can stretch over years and become costly, as in this case.
• Informal agreements are still binding and will hold weight in an employment tribunal. Long-standing practices can be enforced, even if undocumented.
• Poor processes increase exposure to risk for employers. Weak dismissal or HR procedures can add further compensation.
• Track and manage leave proactively. Under the Employment Rights Act (ERA) 2025, employers need to keep adequate records of workers' annual leave and pay entitlements.

Balt pays $1.2 million to resolve bribery investigation

Medical device company Balt SAS has avoided prosecution after it voluntarily disclosed an alleged bribery scheme that was uncovered during an internal review.

Over a six-year period, David Ferrera, an executive at Balt's US subsidiary, and consultant Marc Tilman allegedly paid bribes to an official at a hospital in Reims, France to influence him to purchase medical devices from Balt.

Ferrera made corrupt payments to the consultant Tilman who worked for Balt's US subsidiary at the time, knowing that some of those payments would be passed on to the official. Payments were disguised as consulting fees and bonuses and the pair allegedly used sham consulting agreements, fake invoices and personal email accounts to conceal the bribes.

Balt has agreed to pay $1.2 million to "disgorge the amount of its ill-gotten gains" and will not now face prosecution in the United States and France.

"Today's resolution - the first ever under the Department-wide Corporate Enforcement Policy - demonstrates the value of voluntarily self-reporting wrongdoing to the Department of Justice."

Meanwhile, Ferrera and Tilman are each charged with violating the Foreign Corrupt Practices Act (FCPA) and with money laundering. If convicted, they face up to five years in prison for the bribery charges and up to 20 years for the money laundering charges.

"Ferrera and Tilman allegedly conspired to pay bribes to a French physician, who in turn caused a hospital in France to purchase medical devices from their company. […] When corruption extends beyond our borders, the FBI works with our international partners to bring individuals to justice."

Colas Group subsidiary pays $34.4m to settle bribery case

A Malaysian subsidiary of Colas Group has agreed to pay $34.4 million after it reported bribery of public officials, including a member of the Malaysian royal family.

The self-disclosure and subsequent negotiated agreement means that Colas will not face prosecution under the Sapin II Act, France's anti-corruption law.

The French transportation infrastructure group undertakes roads, railways, and defence projects globally through its subsidiaries.

The Malaysian subsidiary is affiliated with Colas Rail and was involved in infrastructure projects throughout the region, including Kuala Lumpur's Klang Valley Mass Rapid Transit system.

The case is believed to relate to concerns about Colas-linked firms and contract practices going back to 2022, where high-profile figures were implicated, including royal connections.

Early settlement allows the matter to be resolved quickly without the need for a protracted court case. So far, details about the individuals involved, the amounts paid and exact projects are limited due to the confidential nature of the settlement.

Key takeaways:

• Follow your Gifts and Hospitality policy - make sure you know what is and isn't acceptable, including any limits and thresholds
• Remember, many anti-bribery laws (including the UK Bribery Act) have extra-territorial reach - this means the company can be prosecuted for bribes paid anywhere in the world
• Arrange proper supervision and oversight of subsidiaries, third parties and intermediaries - the company can be found guilty of bribes paid by consultants and intermediaries without our knowledge
• Take extra care in all dealings with foreign public officials - including their relatives, close associates and government-linked entities
• Talk to Compliance or Legal first - if you feel there are legitimate reasons to accept or offer anything outside the company limits or thresholds or involving public officials.

Bank of London Group fined £2m for failing to act with integrity and faking documents

The Bank of London Group (TBOL) has been fined £2 million by the Prudential Regulation Authority (PRA) for failing to act with integrity and for misleading the PRA over its financial health.

"This included submitting to the PRA a false account of the consolidated and solo capital position in a report of the firm's capital requested by the PRA", said the PRA.

The British fintech and its parent company Oplyse Holdings repeatedly broke the rules to mislead the regulator about its actual financial position and failed to be open and cooperative with the PRA in relation to crisis talks about its deteriorating solvency position ("Project Rainbow"). In addition, it failed to maintain adequate financial resources and act in a prudent manner by failing to manage or report a large exposure resulting from a loan by TBOL to Oplyse Holdings. The relationship between the two companies was not appropriately disclosed.

It's the first time that the regulator has imposed a penalty on a company for "failing to conduct its business with integrity" and it's also the first time that the regulator has taken enforcement action against the parent financial holding company of a firm.

The violations occurred between October 2021 and May 2024. Although the breaches warranted a financial penalty of £12 million, this was reduced to £2 million after the companies demonstrated that such a penalty would cause serious financial hardship to the fintech.

The clearing bank launched in 2021 with an initial valuation of $1.1 billion but its accounts show losses of £24 million in 2024.

"Trust in banking in the UK requires integrity and open communication with the PRA from all banks, regardless of their size. The Bank of London Group Limited and Oplyse Holdings Limited fell well below our standards, resulting in today's penalty which marks the PRA's first finding against a firm for acting without integrity."

A spokesman for the Bank of London said:

"As is acknowledged in the final notice, since the change in ownership, the Bank has changed its management team and invested heavily in processes and controls and engaged third parties to assist in their remediation activity."

"The board and leadership team are confident that, with these legacy matters settled and with the backing of its investors, the Bank will continue to enhance trust and be able to return to growth in 2026."

However, for the time being, there is a client freeze and TBOL "must not, without the prior written consent of the FCA, onboard any new clients".

Global supplies strained as Middle East conflict blocks vital passage

Pressure is growing in the international community to find a way to reopen the Strait of Hormuz.

The vital shipping lane has been officially closed since 2 March amid the escalating Middle East conflict.

Around 800 vessels and their crews are trapped and are waiting to restart their journeys, resuming global supplies of oil, gas and other consumer goods. These vessels have aggregate hull values of between £20 and £32 billion, according to the Lloyd's Market Association (LMA).

Twenty-three vessels have been attacked in the waterway since the start of the war, say analysts from Lloyd's List Intelligence.
While shipping insurance has been available at the "right price", there's little appetite for traversing the strait. Most shipowners are prioritising safety, keeping their vessels anchored in the Gulf or at local ports instead.

War insurance premiums have risen 3.5-7.5% of each vessel's value since the start of the conflict, according to one broker from McGill and Partners.

But it's not the cost of insurance that is the main driver, as Silke Lehmköster - the fleet managing director of the German shipping company Hapag-Lloyd - has made clear. It currently has six vessels and 150 crew in the waterway, which have faced a barrage of drones, explosions and smoke. One of its cargo ships was recently hit by shrapnel, causing a small fire, which was dealt with by the crew.

"We would need an end of this escalation, so that there are no drones, no missiles, no whatsoever flying, and a clear message from everyone that they would stop."

The United Nations' shipping agency is responsible for regulating international safety. It wants to see a humanitarian corridor to evacuate commercial vessels and crew from the area. But there is currently no timeline for this to happen.

Iran has said that 'non-hostile' ships can transit the waterway but it's unclear whether payment is required to do so.
Another proposal under review is the use of military escorts, which may help reduce the costs of insurance.

Meanwhile, other companies are finding workarounds. According to Reuters, Maersk is using alternative land-bridge routes, such as Jeddah in Saudi Arabia, Salalah and Sohar in Oman, and in Khor Fakkan in the United Arab Emirates to bring in critical cargo like food and medicines, before it's moved by land across the region.

As the economic fallout and disruption continues, the international community is exploring ways of opening "a safe route through the strait" and working to deliver much-needed "reassurance to merchant shipping".

Report calls for better screening of illegal mining risks by banks and FIs

Banks and financial institutions (FIs) need to do more to combat illegal mining risks, according to a new report by the World Wildlife Fund (WWF) and financial crime risk platform Themis.

The findings are based on a survey of 647 institutions in 22 countries.

Although 84% of financial institutions operate in at least one high-risk sector, such as transport or transit, the study found that:

• 40% of them do not currently screen for illegal mining risks as part of their due diligence
• 45% lack internal policies to address the risks
• 50% do not provide relevant training to their teams.

Without adequate controls, financial institutions are exposed to potential financial crime, regulatory penalties and reputational damage.

Legal mining plays a valuable role in producing vital and luxury items for society, from jet engines to jewellery.

According to the report, illegal mining generates $48 billion a year in criminal proceeds. For example, it accounts for 90% of Venezuela's gold production. It's not just a conservation matter – it's often linked to money laundering, corruption, tax and sanctions evasion, conflict financing, trafficking, forced labour, and environmental crime.

Other findings include:

• Minerals may be shipped in containers since less than 2% undergo any inspection
• The Middle East had the highest overall exposure – commodity extraction (85%), transit (70%) and end-use (67%)
• Financial institutions with internal policies were more likely to take action on illegal mining risks, eg by raising suspicious activity reports and exiting high-risk clients.

Key takeaways:

The report recommends the following:

• Provide training to your team - to raise awareness of illegal mining, predicate offences and typologies
• Assess our risk exposure - we may be exposed through trade finance, loans, mutual funds and correspondent banking to financial crime, including fraud and terrorist financing
• Look out for red flags - for example, including high-value commodities (such as gold or precious stones) being deliberately mislabelled or misclassified as 'scrap' or 'apparel', under-invoicing, cash-intensive businesses or shell companies linked to mining supply chains, dealings with brokers and refiners with weak sourcing controls, and client activity in known cobalt or gold transit hubs, such as UAE, Rwanda, and Colombia
• Expand our AML/CTF framework to explicitly incorporate illegal mining, risk factors and typologies, including specific indicators in transaction monitoring, high-risk jurisdictions, sectors and commodities

• Implement enhanced due diligence (EDD)across our supply chain exposure - to cover mining clients in high-risk areas, and also suppliers and firms in adjacent sectors, eg equipment, logistics, refining and trade

• Embed illegal mining into our ESG risk frameworks and screening tools - eg by requiring certification and third-party audits, by incorporating environmental crime exposure into risk scoring, screening and risk mapping
• Leverage certifications and tools - such as theEnvironmental Crimes Financial Toolkit, traceability platforms, and intelligence sources, such as Benchmark Mineral Intelligence and Verité
• Improve collaboration between financial crime, ESG and sustainability teams – to align detection with responsible finance goals.

Looking for more compliance insights?

Our Essentials Library contains e-learning content designed to help organisations meet fundamental compliance requirements. If you’re looking for focused training, our training packages offer a complete solution for your compliance programme.