This month's key compliance news includes hackers using ChatGPT to get personal data, Nationwide's £44m fine, the dismissal of a Met officer after being found guilty of misconduct, and more.
A Metropolitan Police sergeant, Sevket Gurgur, has been dismissed and banned from policing after a misconduct hearing found he had treated several female colleagues in a discriminatory and inappropriate way.
The most serious finding related to his behaviour towards a pregnant officer under his supervision at Edmonton police station. When she returned from pregnancy-related sick leave, Gurgur made dismissive remarks, including accusing her of "using the pregnancy card again" and commenting, "oh, now you decide to turn up." He also called her a "diva" when she asked to leave work early to attend a midwife appointment.
The officer told the misconduct panel that these comments made her feel anxious and reluctant to ask for support at work during her pregnancy.
The hearing also found that Gurgur used derogatory language towards two other female colleagues. He described one as "lazy" and told another that she was "a Muslim woman and should act like one." While he denied some of the allegations, he admitted making at least one of the comments.
The panel concluded that his behaviour was intentional, deliberate and targeted, amounting to gross misconduct. As a result, Gurgur was dismissed without notice and placed on the police barred list, preventing him from working in policing again.
A recent review by the Solicitors Regulation Authority (SRA) has found that many compliance officers at UK law firms feel undervalued, under‑resourced and overworked. The thematic review highlighted that compliance roles such as Compliance Officer for Legal Practice (COLP) and Compliance Officer for Finance and Administration (COFA) are often seen as a regulatory necessity rather than a valued part of firm leadership.
Fewer than half of compliance officers felt their role was properly acknowledged by their firms, and many reported lacking adequate time, support and resources to fulfil their duties effectively. The findings also showed issues with awareness of regulatory responsibilities and heavy workloads, suggesting that firms rely too heavily on individual officers rather than embedding compliance responsibility across the organisation.
The SRA has said it will use the review's insights to improve support for compliance officers and may consider broader changes to strengthen the effectiveness of the compliance regime
The UK's financial regulator has fined Nationwide Building Society £44 million for serious weaknesses in its financial crime controls that contributed to incorrect payments under the government's Covid‑19 furlough scheme. This is the largest penalty issued by the FCA this year, and the biggest-ever enforcement fine Nationwide has received.
The FCA found that Nationwide's systems and oversight were insufficient to identify and prevent fraudulent or erroneous claims tied to the scheme, which distributed government support during the pandemic.
"Nationwide failed to get a proper grip of the financial crime risks lurking within its customer base. It took too long to address its flawed systems and weak controls, meaning red flags were missed with serious consequences."
- Therese Chambers, joint executive director of enforcement and market oversight, the FCA
The FCA’s action highlights ongoing scrutiny of banks’ anti‑financial crime processes and signals that firms must maintain robust controls even for government‑backed emergency programmes. The fine reflects the regulator's expectation that financial institutions proactively manage risks and ensure compliance with regulatory standards.
Cybersecurity researchers have uncovered a new type of cyberattack that impersonates AI chatbots, such as ChatGPT, to steal personal information. Attackers create fake chatbot conversations that mimic the style and tone of trusted AI assistants and use targeted advertisements to lure victims to malicious links.
Once a user clicks the link, the scam engages them with seemingly helpful advice, such as instructions for solving a common technical issue. The attackers then persuade the victim to copy and paste a command into their computer terminal, which secretly installs malware known as “Amos stealer.” This malware is capable of capturing sensitive data, including passwords, browser histories, and cryptocurrency wallet information.
Experts warn that the attack is effective because it leverages users’ trust in familiar AI tools, making people feel safe following instructions that they believe come from a legitimate source. This highlights the growing need for caution and verification when interacting with digital assistants and AI-powered tools.
The UK’s financial regulator, the FCA, is stepping up efforts to support economic growth in response to government mandates. Facing pressure to move beyond traditional, jargon‑heavy regulation, the FCA has unveiled a set of pro‑growth measures aimed at helping consumers and markets flourish.
These include proposals to make investment communications clearer and more engaging for retail investors by removing overly technical language, and to clarify who qualifies as a professional investor to ease compliance burdens on firms.
The regulator hopes these changes will help revive a culture of investment among UK savers and unlock capital that has been sitting in low‑yield cash accounts, potentially boosting participation in markets. The FCA is also advancing a broader package of reforms designed to reduce red tape and expand access to financial advice for millions of savers, as well as future initiatives to support innovative financial products and simplify rules that currently deter participation.
Overall, the FCA's recent announcements signal a shift toward more accessible, growth‑focused regulation that balances consumer protection with efforts to make UK financial markets more dynamic and competitive.
We have created a series of comprehensive roadmaps to help you navigate the compliance landscape, supported by e-learning in our Essentials Library.