Sunday, 22 December 2013
Financial Conduct Authority report on JLT Specialty Limited corrupt practices
FINAL NOTICE
To: JLT Specialty Limited
Firm
Reference
Number: 310428
Address: St. Botolph Building
138 Houndsditch
London
EC3A 7AW
Date: 19 December 2013
1. ACTION
1.1 For the reasons given in this notice, the Authority hereby imposes on JLT Specialty Limited ("JLTSL") a financial penalty of £1,876,000. This penalty is in respect of breaches of Principle 3 of the Authority’s Principles for Businesses during the period 19 February 2009 to 9 May 2012 ("the Relevant Period").
1.2 JLTSL agreed to settle at an early stage of the Authority’s investigation. JLTSL therefore qualified for a 30% (stage 1) discount under the Authority’s executive settlement procedures. Were it not for this discount, the Authority would have imposed a financial penalty of £2,684,013 on JLTSL. Page 2 of 26
2. SUMMARY OF REASONS
2.1. JLTSL provides insurance broking, risk management and claims consulting services to a wide range of national and international corporate clients.
2.2. The Authority has found that JLTSL breached Principle 3 by failing to take reasonable care to organise and control its affairs responsibly and effectively, with adequate risk management systems and controls for countering the risks of bribery and corruption associated with making payments to overseas third parties that helped JLTSL win and retain business from overseas clients ("Overseas Introducers") in that:
(1) during the whole of the Relevant Period, JLTSL failed to conduct adequate due diligence before entering into a relationship with an Overseas Introducer. In particular JLTSL did not take adequate steps to assess whether the Overseas Introducer was connected with the clients it introduced and/or any public officials;
(2) during the whole of the Relevant Period, JLTSL failed adequately to assess the risk associated with each piece of new insurance business introduced by an Overseas Introducer, which meant that JLTSL could not ensure that it took sufficient steps to counter the risk of bribery and corruption prior to making payments to Overseas Introducers; and
(3) during the period 7 June 2011 to 9 May 2012 ("the Alarm Bells Period"), JLTSL failed adequately to implement its own anti-bribery and corruption policies, which resulted in the risk of JLTSL entering into higher risk relationships with Overseas Introducers without sufficient senior management oversight and approval. Moreover, JLTSL failed to carry out adequate checks, which would have enabled it to identify that its policies were not being implemented correctly.
2.3. The Authority has found no evidence to suggest that JLTSL has permitted any illicit payment or inducement to any Overseas Introducer during the Relevant Period, nor that JLT intended to permit any illicit payment or inducement to any Overseas Introducer during the Relevant Period. Page 3 of 26
2.4. However, the failings outlined at paragraph 2.2 above gave rise to an unacceptable risk that payments made by JLTSL to an Overseas Introducer could be used subsequently for corrupt purposes, including paying bribes to persons connected with the insured clients and/or public officials.
2.5. During the Relevant Period, JLTSL received almost £20.7 million in gross commission from business introduced by Overseas Introducers. Of this, JLTSL paid in excess of £11.7 million to these Overseas Introducers. The payments made to these Overseas Introducers therefore accounted for approximately 57% of the brokerage earned.
2.6. JLTSL’s conduct occurred against a backdrop of heightened awareness of bribery and corruption risk, both within JLTSL and across the insurance industry as a whole. During the Relevant Period, the Authority:
(1) visited JLTSL on three occasions to assess its systems and controls in relation to bribery and corruption. Although JLTSL had made significant efforts to improve its systems and controls framework prior to each visit, the Authority had significant concerns in relation to JLTSL’s systems and controls surrounding payments to Overseas Introducers; and
(2) issued a number of public messages in relation to bribery and corruption, including publishing guidance for commercial insurance brokers on anti-bribery and corruption in a thematic report in May 2010, and imposing financial penalties on both Aon Limited and Willis Limited in January 2009 and July 2011 respectively.
2.7. Given the Authority’s concerns about the adequacy of JLTSL’s controls, at the request of the Authority on 6 December 2012, JLTSL voluntarily varied its permissions such that it was unable to enter into new relationships with third parties without prior approval from an independent skilled person. This restriction continued until JLTSL was able to satisfy the Authority that its procedures were effective in assessing and mitigating the potential bribery and corruption risks arising from all third party relationships.
3. DEFINITIONS
3.1. The definitions below are used in this Final Notice:
"the Act" means the Financial Services and Markets Act 2000; Page 4 of 26
"the Alarm Bells Period" means the period from 7 June 2011 to 9 May 2012;
"the Authority" means the body corporate previously known as the Financial Services Authority and renamed on 1 April 2013 as the Financial Conduct Authority;
"the Authority’s Handbook" means the Authority’s Handbook of rules and guidance;
"Board" means the board of directors of JLTSL;
"DEPP" means the Decision Procedure and Penalties Manual as set out in the Authority’s Handbook;
"JLT Group" means Jardine Lloyd Thompson Group plc, of which JLTSL is a subsidiary;
"JLTSL" means JLT Specialty Limited;
"the New Penalty Regime" means the Authority’s penalty regime which was effective on and from 6 March 2010;
"OPM" means JLTSL’s Operating Procedure Manual;
"Overseas Introducer" means an overseas third party that helps JLTSL win and retain business from clients based in overseas jurisdictions;
"PEP" means politically exposed person;
"the Principles" means the Authority’s Principles for Businesses;
"the Old Penalty Regime" means the Authority’s penalty regime which was effective prior to 6 March 2010;
"the Relevant Period" means the period from 19 February 2009 to 9 May 2012 inclusive;
"Screening Software" means the software used by JLTSL to identify PEPs, individuals or organisations who presented a higher risk of money laundering or terrorist financing;
"the Tribunal" means the Upper Tribunal (Tax and Chancery Chamber); and Page 5 of 26
"the 7 Alarm Bells" means the policy introduced by JLTSL in June 2011 to assess the risk of entering into relationships with and making payments to Overseas Introducers.
4. FACTS AND MATTERS
Background
4.1. JLTSL is a wholly owned subsidiary of JLT Group. JLT Group is the largest UK and European based broker quoted on the London Stock Exchange.
4.2. JLTSL has been authorised by the Authority since 14 January 2005. It provides insurance broking, risk management and claims consulting services to a wide range of national and international corporate clients.
4.3. As an insurance broker, JLTSL enters into relationships with, and makes payments to Overseas Introducers, i.e. overseas third parties that assist JLTSL in winning and/or retaining business from clients based in overseas jurisdictions. JLTSL uses these Overseas Introducers across a number of sectors (including aviation, marine and energy) and countries, all of which have differing levels of perceived risk of bribery and corruption. Overseas Introducers include companies and/or individuals that have limited or no involvement in the placement of insurance, and simply assist by introducing clients to JLTSL. JLTSL generates revenue from the commission it receives from insured clients for placing their business in the insurance market. JLTSL then pays a share of that commission to the Overseas Introducers.
4.4. Due to the nature of the services they provide, overseas third parties who assist insurance brokers in winning or retaining business from clients pose the greatest risk of bribery and corruption. There is likely to be a significant risk of such a third party being the recipient of a bribe or paying a bribe to others from commission received if the third party is connected to the client and/or a public official. As a result, it is important for JLTSL to take reasonable care to put in place systems and controls to counter the risk of bribery and corruption associated with making payments to Overseas Introducers. Indeed, throughout the Relevant Period, JLTSL recognised the increased risk posed by Overseas Introducers. Page 6 of 26
4.5. Third party relationships, and in particular relationships with overseas third parties who assist insurance brokers to win or retain business from clients in overseas jurisdictions, have been a focus for the Authority in recent years. For example, in November 2007, the Authority sent a Dear CEO letter to all wholesale insurance broker firms, including JLTSL. The letter clearly affirmed the Authority’s expectations in relation to payments to third parties and expected firms to review their business practices to ensure that they were not involved in, or associated with illicit payments. On 6 January 2009, the Authority imposed a financial penalty on Aon Limited for breaching Principle 3 for failing to take reasonable care to establish and maintain effective systems and controls to counter the risks of bribery and corruption associated with making payments to overseas firms and individuals who assisted Aon Limited in winning or retaining business. On 21 July 2011, the Authority fined Willis Limited for similar breaches relating to making payments to overseas third parties. The Authority has also published guidance for commercial insurance brokers on anti-bribery and corruption in a thematic report in May 2010.
4.6. Moreover, since the start of the Relevant Period, the Authority has visited JLTSL on three occasions to assess its systems and controls in relation to bribery and corruption. On the first visit, the Authority observed that overall JLTSL’s anti-bribery and corruption systems and controls appeared reasonably sound if the improvement work, which was still in progress, was taken into account. On the second visit however, the Authority noted that, although JLTSL’s written policies and procedures in relation to third party relationships and payments had been strengthened further since its last visit, the Authority had significant concerns about how the implementation of those policies and procedures was evidenced. On the third occasion, the Authority advised JLTSL that although JLTSL had made significant efforts to improve its systems and controls framework in the Relevant Period, the Authority had significant concerns in relation to JLTSL’s systems and controls surrounding payments to Overseas Introducers.
JLTSL’s relevant policies and procedures
4.7. Throughout the Relevant Period, JLTSL had in place policies and procedures aimed at countering the risk of bribery and corruption. For example, the Employee Handbook, which had been in place at JLTSL from prior to the start of the Relevant Period, prohibited employees from giving or receiving ‘any inducement or other unauthorised payment’ which was expressly stated to apply to ‘any form of secret payment to any person’. In March 2009, JLT Group Page 7 of 26
also introduced the Group Anti-Bribery and Corruption Policy, which applied equally to JLTSL, and which prohibited JLTSL employees from ‘the offering, the giving, the solicitation or the acceptance of any bribe, whether cash or other inducement to or from any person or company, wherever they are situated and whether they are a public official or body or private person or company… in order to gain any commercial, contractual or regulatory advantage for the Group in a way that is unethical…’.
4.8. In January 2011, the Code of Conduct in the Employee Handbook was amended to explicitly prohibit the ‘offering, giving, soliciting or accepting [of] any bribe, whether cash or other inducement to or from any person, association or company – public or private, wherever they are located in the world by any [employee], agent or other person or body acting on [JLTSL’s] behalf in order to gain any commercial, contractual or regulatory advantage for [the JLT Group] in a way which is unethical or in order to gain any personal advantage, pecuniary or otherwise, for the individual or anyone connected with the individual’. The Code of Conduct expressly prohibited engaging in bribery or any form of unethical inducement or payment, even if this resulted in the loss of a business opportunity for JLTSL.
4.9. Prior to the coming into force of the Bribery Act 2010, in June 2011 JLT Group amended its Group Anti-Bribery and Corruption Policy (which applied equally to JLTSL) expressly to make clear that employees must ‘never engage in bribery or any form of unethical inducement or payment. This includes the offer or acceptance of ‘kickbacks’ and facilitation payments in order to gain or retain business for the [JLT Group] or to provide improper benefits to government officials, customers, agents, business partners or employees of any of these’.
JLTSL’s Operating Procedure Manual ("OPM")
4.10. Throughout the Relevant Period, JLTSL also had in place its OPM. Whilst the Employee Handbook and Group Anti-Bribery and Corruption Policy prohibited JLTSL employees from engaging in any form of bribery, the OPM contained the more detailed procedures which employees had to follow in order to establish relationships with Overseas Introducers. This included the completion of a New Business Contact Approval Form, a Business Case template (which had to be signed off by a director of the relevant business unit), and a Non-broker Introducer Questionnaire (which had to be completed and signed by the Page 8 of 26
Overseas Introducer). During the Relevant Period, the OPM and the related forms and questionnaires went through a series of updates and amendments.
4.11. Although the procedures contained in the OPM recognised that JLTSL needed to carry out due diligence in order to mitigate the risk of entering into higher risk relationships, they did not always set out the practical steps that JLTSL employees were required to take in order to fulfil the OPM requirements. For example, in May 2009, the OPM procedures were updated to include a requirement that employees had to identify whether there was a relationship between the Overseas Introducer and the client that they were introducing. However, the OPM did not provide any guidance on the steps employees had to take in order to do this.
4.12. Similarly, the Business Case template that was introduced by the OPM in July 2009 required employees to submit information about whether the Overseas Introducer had a relationship with the client. Once again, the OPM did not provide any guidance on the steps employees had to take in order to do this.
4.13. In May 2011 a further update to the OPM introduced specific guidance on anti-bribery and corruption. In particular, the guidance provided some examples of areas of the business where bribery could arise, such as entering into a relationship with an Overseas Introducer. It also provided examples of factors that may indicate a bribery risk, as well as a non-exhaustive list of red flag scenarios, which if identified by employees, would need to be reported. An example of a red flag scenario included learning that an Overseas Introducer had a reputation for having a ‘special relationship’ with foreign public officials. Although this update to the OPM provided additional guidance to help employees identify bribery and corruption, it was only provided in the context of enabling them to recognise these situations if they arose. It did not, for example, require employees to take specific steps proactively to identify whether or not an Overseas Introducer did in fact have a ‘special relationship’ with a foreign public official.
4.14. The Business Case template did require JLTSL to conduct searches against Overseas Introducers using a Screening Software. This software allowed JLTSL to search the names of proposed Overseas Introducers to check if that introducer was a PEP, or an individual or organisation that presented a heightened risk of money laundering or terrorist financing. In some circumstances, the Screening Software had the potential to identify connections Page 9 of 26
between the Overseas Introducer and public or government officials. However, the Screening Software alone would not always enable JLTSL to check comprehensively whether the Overseas Introducer was connected to the client and/or any public officials.
The 7 Alarm Bells
4.15. On 7 June 2011, JLTSL introduced a new policy to assess the bribery and corruption risk associated with entering into a relationship with an Overseas Introducer. This new policy was known as the 7 Alarm Bells, and remained in place until the end of the Relevant Period. The 7 Alarm Bells was used in conjunction with the requirements of the existing OPM, as outlined above.
4.16. The 7 Alarm Bells involved the assessment of the risk presented by the Overseas Introducer against seven key risk factors identified by JLTSL. These were:
(1) the nature of the role of the third party (for example, Overseas Introducer);
(2) the country where the insured risk was domiciled (which was assessed by reference to the relevant corruption perceptions indices produced by Transparency International);
(3) the class of business of the insured risk (which was again assessed by reference to data regarding the lists of classes of business published by Transparency International);
(4) the financial capacity and capability of the Overseas Introducer;
(5) the total commission earned by all interested parties, including JLTSL and the Overseas Introducer (expressed as a percentage of the value of the insured risk);
(6) the percentage commission division between JLTSL and the Overseas Introducer; and
(7) the country of domicile of the Overseas Introducer and the country in which its bank account was based. Page 10 of 26
4.17. Each risk factor was assigned a score in accordance with a pre-set formula, which was also outlined in the 7 Alarm Bells policy. If the score was higher than a specified level, it received an alarm bell. The number of alarm bells assigned to an Overseas Introducer determined the level of sign-off required to authorise the relationship with that Overseas Introducer. For example, if an Overseas Introducer was assigned four alarm bells, the relationship would need to be approved by two directors. Alternatively, if an Overseas Introducer was assigned six or more alarm bells, the relationship would need to be approved by the JLTSL Board.
4.18. The 7 Alarm Bells policy prescribed that if any single risk factor was ‘sufficiently of concern’ it would have to be sent back to the director who signed off the Business Case template. Although the compliance staff responsible for conducting the due diligence procedure were provided by email with an example of where a single risk factor might be ‘sufficiently of concern’, this was not set out in the 7 Alarm Bells policy itself, which did not itself provide any guidance regarding what constituted a sufficient concern for this purpose, or what further consideration or steps should be taken.
4.19. The 7 Alarm Bells policy did outline 16 specific situations which would require further investigation. These included, for example, situations where an unusual premium route was requested, where the use of shell or holding companies obscured ownership without credible explanation, where an Overseas Introducer had an employee or family member holding a government position or situations where the Overseas Introducer was the subject of credible rumours or media reports of inappropriate payments.
4.20. In September 2011, JLTSL engaged an external adviser to review its systems and controls to assess compliance with the provisions of the Bribery Act 2010. The adviser concluded that the due diligence procedures in relation to introducer/ facilitator relationships appeared comprehensive and broadly in line with the Bribery Act. However, the external advisor did not conduct a holistic review of JLTSL’s systems and controls for compliance with the Authority’s requirements in relation to the countering of bribery and corruption risks.
Failure to conduct adequate due diligence
4.21. During the Relevant Period, JLTSL failed to conduct adequate due diligence before entering into a relationship with or making payments to an Overseas Introducer. Such due diligence would have allowed JLTSL to effectively evaluate Page 11 of 26
the risk in doing business with the Overseas Introducer. In particular, JLTSL failed adequately to assess whether or not there were any connections between:
(1) the Overseas Introducer and the client; and
(2) the Overseas Introducer and any public officials.
4.22. Although the OPM and the 7 Alarm Bells both recognised the importance of carrying out due diligence on a prospective Overseas Introducer, neither policy provided sufficient guidance to employees in order to establish whether the Overseas Introducer was connected to the client which it was introducing. Moreover, aside from conducting Screening Software searches, neither policy required employees to take any proactive steps to establish whether the Overseas Introducer was connected to any public official.
4.23. The Screening Software searches, which JLTSL began to conduct from approximately October 2009, might, in some limited circumstances, have identified connections between the Overseas Introducer and public or government officials. However, the Screening Software alone would not enable JLTSL comprehensively to check whether the Overseas Introducer was connected to the client and/or any public officials.
4.24. In any event, JLTSL failed to use the Screening Software effectively. Although JLTSL did screen the name of the Overseas Introducer, it did not consistently screen the names of directors or beneficial owners in circumstances where the Overseas Introducer was a company. A review of 17 of JLTSL’s relationships with Overseas Introducers found that, in 14 cases where that Overseas Introducer was a company, JLTSL failed to screen one or more directors or beneficial owners in 12 cases.
4.25. In addition, the Authority’s review of 17 Overseas Introducer relationships confirmed that, apart from the inadequate use of the Screening Software:
(1) no searches were conducted by JLTSL to identify whether or not the Overseas Introducer had any connections to the client; and
(2) no searches were conducted by JLTSL to identify whether or not the Overseas Introducer had any connections to a public official. Page 12 of 26
4.26. The review of the 17 Overseas Introducer relationships also confirmed that even when JLTSL became aware that an Overseas Introducer was either (i) a public official themselves, or (ii) introducing a client that was state owned (and therefore could reasonably be assumed to have connections to public bodies or public officials), it did not conduct any enhanced due diligence to counter the risk of bribery and corruption presented by this higher risk relationship.
4.27. For example, one Overseas Introducer was responsible for introducing a state owned company in Ecuador to JLTSL. Even though Ecuador is perceived to be a higher risk jurisdiction1 and the client that was introduced was a state owned company, JLTSL did not conduct adequate searches to establish whether or not the Overseas Introducer or any of its associated individuals (i) had any connections to the Ecuadorian state owned company; and/or (ii) had any connections to a public or government official in Ecuador.
1 The Authority has determined the perceived risk of bribery and corruption arising from specific countries by reference to the relevant corruption perceptions indices produced by Transparency International.
4.28. In another example, a major shareholder of the Overseas Introducer was known to JLTSL to be a Nigerian public official. The Overseas Introducer was responsible for introducing to JLTSL insurance business in West African countries. Even though these countries are all perceived to be higher risk jurisdictions, JLTSL did not conduct adequate searches to establish whether or not the Overseas Introducer or any of its associated individuals (i) had any connections to the clients; and/or (ii) had any connections to a public or government official in these West African countries. As a Nigerian public official, it could reasonably be envisaged that the shareholder of this Overseas Introducer would have connections to West African public officials. However, JLTSL did not conduct adequate searches to confirm whether this was the case, or take adequate steps to counter the risk arising from any connections which it discovered.
Failure adequately to assess bribery and corruption risk
4.29. During the Relevant Period, JLTSL failed adequately to assess the risk associated with each piece of new insurance business introduced by an Overseas Introducer. Conducting an accurate risk assessment is fundamental to countering bribery and corruption risks. Without accurately assessing the risk associated with each new piece of insurance business, JLTSL could not ensure that it took sufficient steps to counter the risk that it might become involved in bribery and corruption as a result of that relationship. Page 13 of 26
4.30. JLTSL only carried out a risk assessment at the start of each relationship with an Overseas Introducer, and not each time that Overseas Introducer introduced a new piece of business. This meant that JLTSL failed to assess the bribery and corruption risk in the context of each particular client and associated insured activity. For example, JLTSL did not establish an adequate business case for each new piece of business that was introduced after the relationship with the Overseas Introducers had been approved. An adequate business case would have demonstrated why it was necessary for JLTSL to use the Overseas Introducer to win the business, and what services JLTSL would receive from that Overseas Introducer in return for a share of its commission. This led to the risk that once an Overseas Introducer was set up and approved, subsequent higher risk business introduced to JLTSL which related to higher risk clients, insured activities and jurisdictions, was automatically approved.
4.31. For example, one Overseas Introducer based in Egypt was responsible for introducing a state owned company in Sudan, as well as two state owned companies in Egypt. However, JLTSL did not assess the risk of each of these separate business relationships to establish the level of bribery and corruption they may have presented. In this case, all of these relationships presented a higher risk of bribery and corruption, yet some of these risks were not assessed, and therefore not mitigated, by JLTSL.
4.32. Another Overseas Introducer based in the Bahamas was responsible for introducing insurance business from a number of clients in various countries, including Nigeria, China, Cameroon and Gabon. JLTSL again did not assess the risk of each of these separate business relationships to establish the level of bribery and corruption they may have presented, and therefore could not effectively mitigate the risk presented by those relationships.
4.33. JLTSL therefore failed to assess the bribery and corruption risk associated with many payments to Overseas Introducers which presented a higher risk of bribery and corruption. This created an unacceptable risk of JLTSL facilitating potentially corrupt arrangements and making payments to Overseas Introducers who may have used the funds received for inappropriate purposes, such as paying bribes to gain a business advantage. Page 14 of 26
Failure to Implement the 7 Alarm Bells Policy
4.34. During the Alarm Bells Period, JLTSL did not take reasonable care to ensure that the anti-bribery and corruption policies that it had put in place operated effectively. In particular, JLTSL failed adequately to implement the 7 Alarm Bells policy, which was designed to assess and counter the risk associated with entering into a relationship with and making payments to an Overseas Introducer.
4.35. A review of 17 Overseas Introducer relationships identified that in 16 cases, the 7 Alarm Bells policy was not implemented correctly, and in 1 case it was not implemented at all.
4.36. The completion of each of the seven risk factors considered by the 7 Alarm Bells was considered mandatory by JLTSL during the Alarm Bells Period. Despite this, in 10 of the 16 Overseas Introducer relationships reviewed by the Authority where the 7 Alarm Bells was completed, one or more of the risk factors set out in paragraph 4.16 above were noted as being ‘not applicable’, ‘unknown’ or left blank. There was no explanation as to why the particular risk factor was left blank or noted as being ‘not applicable’ and therefore no alarm bell was assigned to that risk factor. The failure by JLTSL to assess each risk factor correctly meant there was a significant risk that the correct number of alarm bells was not assigned to an Overseas Introducer and as a result, that relationship might not receive the correct level of sign-off, or consequently the correct level of oversight and scrutiny by JLTSL senior management.
4.37. One Overseas Introducer was responsible for introducing business from a client based in Argentina. In the course of assessing this relationship against the 7 Alarm Bells Policy, the ‘Country of economic activity’ risk factor was correctly noted as being Argentina. Argentina is a higher risk jurisdiction and therefore should have attracted an alarm bell but in this case, it incorrectly did not. Furthermore, the ‘Role of third party’ risk factor was also incorrectly noted. It should have been noted as being an Overseas Introducer and as such, awarded an alarm bell, but it was not. Consequently, this Overseas Introducer should have received, as a minimum, an additional 2 alarm bells, thus requiring a higher level of sign-off for approval.
4.38. The failure by JLTSL to implement the 7 Alarm Bells Policy correctly and to assign the correct number of alarm bells to an Overseas Introducer was compounded by the fact that in one relationship reviewed by the Authority, Page 15 of 26
although the right number of alarm bells were allocated to the Overseas Introducer, the relationship was still not signed off by the required level of JLTSL management.
4.39. Further, during the Alarm Bells Period, JLTSL failed to carry out adequate checks, which would have enabled it to identify that the 7 Alarm Bells was not being implemented correctly. Consequently, JLTSL senior management did not recognise that the 7 Alarm Bells was not being implemented properly and therefore took no steps to address this.
4.40. JLTSL’s failure to ensure that the 7 Alarm Bells policy was implemented correctly led to an unacceptable risk of JLTSL entering into higher risk relationships without sufficient senior management oversight and approval.
5. FAILINGS
5.1. The regulatory provisions relevant to this Final Notice are referred to in Annex A.
5.2. On the basis of the facts and matters set out above, JLTSL breached Principle 3 by failing to take reasonable care to organise and control its affairs responsibly and effectively, with adequate risk management systems, in that:
(1) during the whole of the Relevant Period JLTSL failed to conduct adequate due diligence before entering into a relationship with an Overseas Introducer. In particular, JLTSL did not take adequate steps to assess whether the Overseas Introducer was connected with the clients it introduced and/or any public officials;
(2) during the whole of the Relevant Period JLTSL failed adequately to assess the risk associated with each piece of new insurance business introduced by an Overseas Introducer, which meant that JLTSL could not ensure that it took sufficient steps to counter the risk of bribery and corruption prior to making payments to Overseas Introducers; and
(3) during the Alarm Bells Period JLTSL failed adequately to implement its own anti-bribery and corruption policies, which resulted in the risk of JLTSL entering into higher risk relationships with Overseas Introducers without sufficient senior management oversight and approval. Moreover, JLTSL failed to carry out adequate checks, which would have enabled it to identify that its policies were not being implemented correctly. Page 16 of 26
6. SANCTION
6.1. The Authority has decided to impose a financial penalty of £2,684,013 (reduced to £1,876,000 after a 30% discount for early settlement) on JLTSL because of the failings outlined above.
6.2. The failings took place to a significant extent both before and after 6 March 2010. As set out at paragraph 2.7 of the Authority’s Policy Statement 10/4, when calculating a financial penalty where the conduct straddles penalty regimes, the Authority will have regard both to the Old Penalty Regime and to the New Penalty Regime.
6.3. The Authority has adopted the following approach:
(1) calculated the financial penalty for JLTSL’s failings from 19 February 2009 to 5 March 2010 by applying the Old Penalty Regime to the failings;
(2) calculated the financial penalty for JLTSL’s failings from 6 March 2010 to 9 May 2012 by applying the New Penalty Regime to the failings; and
(3) added the penalties calculated under sub-paragraphs (1) and (2) to produce the total penalty.
Financial penalty under the Old Penalty Regime
6.4. The Authority’s policy on the imposition of financial penalties relevant to the failings prior to 6 March 2010 is set out in Chapter 6 of the version of DEPP that was in force prior to 6 March 2010. All references to DEPP in this section are references to that version of DEPP. In determining the appropriate level of financial penalty the Authority has also had regard to Chapter 7 of the Enforcement Guide.
6.5. The period of JLTSL’s breach for the purposes of calculating the financial penalty under the Old Penalty Regime is the period from 19 February 2009 to 5 March 2010.
6.6. The Authority will consider the full circumstances of each case to determine whether a financial penalty is appropriate. DEPP 6.5.2G sets out a non-exhaustive list of factors that may be relevant in determining the level of a financial penalty. Page 17 of 26
6.7. The Authority considers that the following factors are particularly relevant to this case.
Deterrence (DEPP 6.5.2G(1))
6.8. The financial penalty will deter JLTSL from further breaches of regulatory rules and Principles. In addition it will promote high standards of regulatory conduct by deterring other firms from committing similar breaches and demonstrating generally the benefit of compliant behaviour.
The nature, seriousness and impact of the breach (DEPP 6.5.2G(2))
6.9. In determining the appropriate level of financial penalty, the Authority has had regard to the seriousness of the breaches, including the nature of the requirements breached, the number and duration of the breaches and whether the breaches revealed serious or systemic weaknesses of the management systems or internal controls.
6.10. The Authority considers JLTSL’s breaches to be serious because they:
(1) involved a number of systems and controls failings which increased the risk of JLTSL making payments to Overseas Introducers which may be used for inappropriate purposes; and
(2) persisted over a significant period of time (with approximately 13 months falling within the Old Penalty Regime).
6.11. The Authority has taken into account the following factors, which serve to lessen the seriousness and impact of the breach:
(1) The Authority has found no evidence to suggest that JLTSL has permitted any illicit payment or inducement to any Overseas Introducer during the Relevant Period;
(2) The Authority has not identified any loss caused to consumers, investors or other market users; and
(3) JLTSL’s breaches did not have an adverse effect on markets.
The extent to which the breach was deliberate or reckless (DEPP 6.5.2G(3) Page 18 of 26
6.12. The Authority has not found that the breach was intentional or reckless on the part of JLTSL or its senior management.
6.13. There was also no attempt by JLTSL to conceal the failings. Indeed, the Authority recognises that JLTSL and its senior management made significant efforts in the Relevant Period to improve its systems and controls framework, albeit these were not sufficient to ensure that JLTSL complied with the Authority’s regulatory expectations.
The size, financial resources and other circumstances of the firm (DEPP 6.5.2G(5))
6.14. In determining the appropriate level of the financial penalty the Authority has considered JLTSL’s size and financial resources. There is no evidence to suggest that JLTSL is unable to pay the financial penalty.
Conduct following the breach (DEPP 6.5.2G(8))
6.15. The Authority recognises the following factors, which serve to mitigate the seriousness of the firm’s breach:
(1) upon the Authority making JLTSL aware of its concerns, JLTSL agreed to a voluntary variation of its permissions such that it was unable to enter into relationships or make payments to new Overseas Introducers without prior approval from an independent skilled person;
(2) JLTSL and its senior management have been open and extremely co-operative with the Authority’s investigation and have demonstrated to the Authority that they treat the matter of establishing fully robust and compliant systems and controls with the utmost seriousness. JLTSL and its senior management have worked with the Authority to ensure early resolution of the matter;
(3) JLTSL and its senior management made significant efforts in the Relevant Period to improve its systems and controls framework; and
(4) following referral to Enforcement, JLTSL’s senior management continued to take a wide range of steps to enhance its policies and procedures and improve its systems and controls, in order to mitigate the risks of bribery and corruption associated with its business activities. Page 19 of 26
6.16. In carrying out these steps, JLTSL has to date incurred significant costs, both in financial terms (including actual expenditure and opportunity cost) and in management time expended.
Disciplinary record and compliance history (DEPP 6.5.2G(9))
6.17. JLTSL has not been the subject of previous disciplinary action by the Authority.
Other action taken by the Authority (DEPP 6.5.2G(10))
6.18. In determining the level of financial penalty, the Authority has taken into account penalties imposed by the Authority on other authorised persons for similar behaviour.
Old Penalty Regime financial penalty
6.19. The Authority considers that a financial penalty is an appropriate sanction in this case, given the seriousness of the breach and the need to send out a strong message of deterrence to others. Applying those factors here, the appropriate level of financial penalty to be imposed under the Old Penalty Regime is £1,000,000 (reduced to £700,000 for early settlement at Stage 1).
Financial penalty under the New Penalty Regime
6.20. The Authority’s policy on the imposition of financial penalties relevant to the failings from 6 March 2010 is set out in Chapter 6 of the version of DEPP that was in force from 6 March 2010. All references to DEPP in this section are references to that version of DEPP. Under the New Penalty Regime, the Authority applies a five-step framework to determine the appropriate level of financial penalty. DEPP 6.5A sets out the details of the five-step framework that applies in respect of financial penalties imposed on firms.
Step 1: disgorgement
6.21. Pursuant to DEPP 6.5A.1G, at Step 1 the Authority seeks to deprive a firm of the financial benefit derived directly from the breach where it is practicable to quantify this.
6.22. The Authority has not identified any financial benefit that JLTSL derived directly from its breach.
6.23. Step 1 is therefore £0. Page 20 of 26
Step 2: the seriousness of the breach
6.24. Pursuant to DEPP 6.5A.2G, at Step 2 the Authority determines a figure that reflects the seriousness of the breach. Where the amount of revenue generated by a firm from a particular product line or business area is indicative of the harm or potential harm that its breach may cause, that figure will be based on a percentage of the firm’s revenue from the relevant products or business area.
6.25. The Authority considers that the revenue generated by JLTSL is indicative of the harm or potential harm caused by its breach. The Authority has therefore determined a figure based on a percentage of JLTSL’s relevant revenue. JLTSL’s revenue from this business area is the commission it receives from the client that has been introduced. This includes both the commission subsequently paid to the Overseas Introducer for introducing the insurance business to JLTSL, and the commission retained by JLTSL for placing the insurance business in the market.
6.26. The period of JLTSL’s breach for the purpose of calculating the financial penalty under the New Penalty Regime is the period from 6 March 2010 to 9 May 2012. The Authority considers JLTSL’s relevant revenue for this period to be £14,000,115.
6.27. In deciding on the percentage of the relevant revenue that forms the basis of the step 2 figure, the Authority considers the seriousness of the breach and chooses a percentage between 0% and 20%. This range is divided into five fixed levels which represent, on a sliding scale, the seriousness of the breach; the more serious the breach, the higher the level. For penalties imposed on firms there are the following five levels:
Level 1 – 0%
Level 2 – 5%
Level 3 – 10%
Level 4 – 15%
Level 5 – 20% Page 21 of 26
6.28. In assessing the seriousness level, the Authority takes into account various factors which reflect the impact and nature of the breach, and whether it was committed deliberately or recklessly. The Authority considers the following factors to be relevant.
Impact of the breach
6.29. JLT’s failings resulted in an unacceptable risk that payments made by JLTSL to an Overseas Introducer could be used subsequently for corrupt purposes, including paying bribes to persons connected with the insured clients and/or public officials.
6.30. JLTSL’s breaches did not have an adverse effect on markets.
6.31. The Authority has found no evidence to suggest that JLTSL has permitted any illicit payment or inducement to any Overseas Introducer during the Relevant Period.
6.32. The Authority has not identified any loss caused to (individual or corporate) consumers, investors or other market users.
Nature of the breach
6.33. The breach occurred over a sustained period (of which approximately 26 months fell within the New Penalty Regime), during which JLTSL had relationships with 35 Overseas Introducers.
6.34. The breach revealed serious and systemic weaknesses in JLTSL’s procedures relating to the mitigation of bribery and corruption risks associated with making payments to Overseas Introducers.
6.35. The breach significantly increased the scope for financial crime to be facilitated. However, the Authority has found no evidence to suggest that JLTSL has permitted any illicit payment or inducement to any Overseas Introducer during the Relevant Period.
6.36. JLTSL and its senior management made significant efforts in the Relevant Period to improve its systems and controls framework, albeit these improvements were not sufficient to ensure that JLTSL complied with the Authority’s regulatory expectations. Page 22 of 26
Whether the breach was deliberate and or reckless
6.37. The Authority has not found that the breach was intentional or reckless on the part of JLTSL’s senior management, or that JLTSL and its senior management, compliance staff and other employees intended to permit any illicit payment or inducement to any Overseas Introducer during the Relevant Period. There was also no attempt by JLTSL to conceal the failings.
6.38. Taking all of these factors into account, the Authority considers the seriousness of the breach to be level 3 and so the Step 2 figure is 10% of £14,000,115.
6.39. Step 2 is therefore £1,400,011.
Step 3: mitigating and aggravating factors
6.40. Pursuant to DEPP 6.5A.3G, at Step 3 the Authority may increase or decrease the amount of the financial penalty arrived at after Step 2, but not including any amount to be disgorged as set out in Step 1, to take into account factors which aggravate or mitigate the breach.
6.41. The Authority considers that the following factors aggravate the breach.
6.42. JLTSL’s breaches were set against a backdrop of heightened awareness in the insurance broking industry of the Authority’s requirements in relation to the systems and controls required to counter the risk of bribery and corruption including:
(1) the Final Notice issued to Aon Limited on 6 January 2009, fining them £5.25 million for failing to take reasonable care to establish and maintain effective systems and controls to counter the risks of bribery and corruption associated with making payments to overseas firms and individuals that assisted Aon Limited in winning or retaining business;
(2) the Authority’s interim findings following the thematic review into anti-bribery and corruption in commercial insurance broking in September 2009;
(3) the Authority’s thematic report entitled ‘Anti-bribery and corruption in commercial insurance broking – reducing the risk of illicit payments or inducements to third parties,’ published in May 2010; and Page 23 of 26
(4) the Final Notice issued to Willis Limited on 21 July 2011, fining them £6.895 million, again for failing to take reasonable care to establish and maintain effective systems and controls to counter the risks of bribery and corruption associated with making payments to overseas third parties.
6.43. During the Relevant Period, JLTSL was visited by the Authority on three occasions to assess their systems and controls in relation to bribery and corruption. On each occasion, although JLTSL had made efforts to improve its control framework, the Authority had significant concerns in relation to JLTSL’s systems and controls surrounding payments to Overseas Introducers.
6.44. Having taken into account these aggravating factors, the Authority considers that the Step 2 figure should be increased by 20%.
6.45. Step 3 is therefore £1,680,013.
Step 4: adjustment for deterrence
6.46. Pursuant to DEPP 6.5A.4G, if the Authority considers the figure arrived at after Step 3 is insufficient to deter the firm who committed the breach, or others, from committing further or similar breaches, then the Authority may increase the penalty.
6.47. The Authority considers that the Step 3 figure of £1,680,013 represents a sufficient deterrent to JLTSL and others, and so has not increased the penalty at Step 4.
6.48. Step 4 is therefore £1,680,013.
Step 5: settlement discount
6.49. Pursuant to DEPP 6.5A.5G, if the Authority and the firm on whom a penalty is to be imposed agree the amount of the financial penalty and other terms, DEPP 6.7 provides that the amount of the financial penalty which might otherwise have been payable will be reduced to reflect the stage at which the Authority and the firm reached agreement. The settlement discount does not apply to the disgorgement of any benefit calculated at Step 1.
6.50. The Authority and JLTSL reached agreement at Stage 1 and so a 30% discount applies to the Step 4 figure.
6.51. Step 5 is therefore £1,176,000. Page 24 of 26
New Penalty Regime financial penalty
6.52. Having applied the five-step framework set out in DEPP, the appropriate level of financial penalty under the New Penalty Regime is £1,176,000.
Total financial penalty
6.53. The Authority considers that combining the two separate penalties calculated under the Old Penalty Regime and New Penalty Regime produces a figure which is proportionate. The Authority therefore proposes to impose a total financial penalty of £1,876,000 on JLTSL for breaching Principle 3.
7. PROCEDURAL MATTERS
Decision maker
7.1. The decision which gave rise to the obligation to give this Notice was made by the Settlement Decision Makers.
7.2. This Final Notice is given under, and in accordance with, section 390 of the Act.
Manner of and time for Payment
7.3. The financial penalty must be paid in full by JLTSL to the Authority by no later than 2 January 2014, 14 days from the date of the Final Notice.
If the financial penalty is not paid
7.4. If all or any of the financial penalty is outstanding on the day after due date for payment, the Authority may recover the outstanding amount as a debt owed by JLTSL and due to the Authority.
Publicity
7.5. Sections 391(4), 391(6) and 391(7) of the Act apply to the publication of information about the matter to which this notice relates. Under those provisions, the Authority must publish such information about the matter to which this notice relates as the Authority considers appropriate. The information may be published in such manner as the Authority considers appropriate. However, the Authority may not publish information if such publication would, in the opinion of the Authority, be unfair to you or prejudicial to the interests of consumers or detrimental to the stability of the UK financial system. Page 25 of 26
7.6. The Authority intends to publish such information about the matter to which this Final Notice relates as it considers appropriate.
Authority contacts
7.7. For more information concerning this matter generally, contact Kate Tuckley at the Authority (direct line: 020 7066 7086 / email: kate.tuckley@fca.org.uk).
…………………………………………………
Bill Sillett
Financial Conduct Authority, Enforcement and Financial Crime Division Page 26 of 26
ANNEX A
RELEVANT STATUTORY AND REGULATORY PROVISIONS
1. RELEVANT STATUTORY PROVISIONS
1.1 The Authority’s operational objectives, set out in section 1B(3) of the Act, include the integrity objective.
1.2 Section 206(1) of the Act provides:
"If the Authority considers that an authorised person has contravened a requirement imposed on him by or under this Act, it may impose on him a penalty, in respect of the contravention, of such amount as it considers appropriate."
2. RELEVANT REGULATORY PROVISIONS
Principles for Businesses
2.1 The Principles are a general statement of the fundamental obligations of firms under the regulatory system and are set out in the Authority’s Handbook. They derive their authority from the Authority’s rule-making powers set out in the Act.
2.2 Principle 3 provides:
"A firm must take reasonable care to organise and control its affairs responsibly and effectively, with adequate risk management systems."
3. DEPP
3.1 Chapter 6 of DEPP, which forms part of the Authority’s Handbook, sets out the Authority’s statement of policy with respect to the imposition and amount of financial penalties under the Act.
The Enforcement Guide
3.2 The Enforcement Guide sets out the Authority’s approach to exercising its main enforcement powers under the Act.
3.3 Chapter 7 of the Enforcement Guide sets out the Authority’s approach to exercising its power to impose a financial penalty.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment