| | | Effective PR

UK regulators fine another US bank - but it's a relatively small penalty

BIScom Subsection: 
Editorial Staff

One has to ask what took so long.. after American regulators and prosecutors began attacking European banks for failures in the USA European regulators remained surprisingly reticent about taking action against foreign banks, especially American banks. While it may not be blowback (US banks have long gone their own way in London, as have German and Japanese banks but there have been occasional action against those) it is certainly time that US banks were not treated as a special case. In the latest example, Merrill Lynch has been ordered to pay a penalty that, relative to the scale of the failure and corresponding penalties in the USA, seems relatively small.

The fine is GBP34,524,000. The failure that the bank did not make required reports in relation to failing to report 68,500,000 million exchange traded derivative transactions between 12 February 2014 and 6 February 2016. The reports were required under the European Markets Infrastructure Regulation (EMIR),

The Financial Conduct Authority said "Merrill Lynch International agreed to settle at an early stage of the investigation and received a 30% reduction in their overall fine. Without this discount the fine would have been GBP49,320,000."

It's not the first time Merrills has fallen foul of UK regulators. In April 2015 it was fined GBP13,289, 900 (also discounted, this time from just under GBP19 million) . That, too, was for failing to file required reports. Between November 2007 and 2014, the company "inaccurately reported 35,034,810 transactions" and "failed entirely to report 121,387 transactions" all required under the FCA's Supervision Manual.

That was not the first time: in 2002, Merrill Lynch escaped with a "Private warning" for failure to report 300,000 under the same provisions in the Manual. In 2006, Merrills was fined GBP150,000 for making 1,200,000 "inaccurate" reports.

In the 2015 "Final Notice" which is, in effect, the judgment issued by the FCA, it said that, in 2013, the regulator wrote "it appears ... that the Firm has not carried out effective remediation work to prevent further failings occurring."

Work was done and, in its 2015 finding, it says "The Authority does not consider that MLI's conduct was deliberate or reckless." The 2017 Final Notice does not make an comment in this regard. It does, however, say that the failures were similar to the previous failures, that EMIR had been effectively communicated by the authority and that Merrills had taken steps to remedy various issues.

The case demonstrates another example of non-financial crime compliance and risk management reaching high levels of complexity and a reliance on technology provided by third parties over which the regulated body has little or no control beyond data management and queries. Someone, somewhere, needs to stand back and, in an age where people talk about proportionality, ask just how much, and how much complexity, can compliance officers be expected to cope with.

Should Merrills have been the guinea pigs for the first action under this head? There is no reason why not, especially as they were already under watch as a result of a succession of previous failings that were similar in nature, even if the specific legal provision was different. The question is more fundamental than that: it's about whether it has reached the point that it is not possible for every aspect to be complied with. The regulations could be much simpler, much better written, much more effective by being easier to understand and comply with. It is not that the purpose of the regulation is necessarily wrong (although some does seem to be a job creation scheme for regulators who now expect to receive far more reports than they can realistically handle) but it is how that purpose is achieved that should be reviewed.