Follow your organisation’s plan/policy in response to suspected and actual financial crime

This standard is about following your organisations plan or policy when either suspected or actual financial crime activity has been identified. You must respond to suspected and actual financial crime by following the response plan or policy developed by your organisation. You will need to gather all the necessary and available information relevant to the suspected and/or actual crime and take the appropriate action to prevent furtherance of the crime and any internal disciplinary actions, as appropriate. You will need to ensure that all the necessary and relevant information is passed on to the appropriate people. This could be senior management, or external sources such as law enforcement or the regulator. This standard is relevant to roles in countering financial crime.

1. establish the remit of your authority in responding to financial crime and to whom you should report your actions
2. follow the systems and processes within the policy to identify actual or suspected financial crime
3. check the systems are in place, and followed to gather information regarding the crime
4. report immediately to the appropriate people where information is missing or incomplete, or where a breach in protocol is discovered
5. record the outcomes of the investigation into the suspected or actual financial crime
6. take appropriate disciplinary action in response to the financial crime, as necessary, and in consultation with relevant people
7. report incidences to the appropriate authorities where necessary
8. make available all relevant information for any subsequent investigation, potential prosecution or enquiry, ensuring it is complete and up to date
9. review systems and processes and make changes to prevent furtherance of the suspected or actual financial crime

1. your organisation’s strategy and approach towards countering financial crime
2. your organisation’s financial crime response plan and its content, including reporting lines
3. systems of monitoring and review of the response plan
4. the importance of maintaining confidentiality to prevent any subsequent investigation being compromised (e.g. from “tipping off”)
5. how to prevent the furtherance of financial crime and the procedures to follow
6. internal and external reporting requirements for suspected or actual financial crime
7. the information required for any subsequent investigation or enquiry
8. the rights and responsibilities of the alleged perpetrator of the financial crime
9. your organisation’s disciplinary procedures and how they apply to the situation
10. the organisational, regulatory and legal requirements for reporting your findings to others, including empowered authority
11. the legislation, regulations and codes of practice, relevant to you and your organisation and any specific obligations

"Empowered Authority
This is any individual or authority that is legally entitled to make a request of
your organisation. This most often takes the form of a request for information
and in the cases of financial crime is likely to originate from a law enforcement
agency or regulator.
Financial Crime
This includes any office involving money laundering, terrorist financing, fraud
or dishonest or market abuse. (Definition based on the FCA definition of
financial crime). This includes financial crime both internal and external to a
financial services organisation.
Legal and regulatory requirements
This refers to a range of obligations incumbent upon financial organisations
and is commonly referred to as ‘compliance requirements. The legal and
regulatory requirements of an organisations or individual/s within it (such as
‘approved persons) may differ slightly according to the type of financial
organisation and the services it offers. The regulator of all providers of
financial services in the UK oversees a number of regulated activities under
powers derived from the Financial Services and Markets Act 2000.
A number of other pieces of UK legislation are relevant to the countering of
financial crime, such as the Proceeds of Crime Act (POCA), the Serious
Organised Crime and Police Act (SOCPA, the Fraud Act 2006, for example.
UK financial institutions are also subject to European Commission legislation
enacted by the British Government such as the Market Abuse Directive and
the Basel 2 Accord (for capital adequacy).
Financial organisations, like any other employer, are also subject to a range of
legal requirements covering areas such as discrimination, equality and
diversity, Health and safety and Data protection.
Organisation
This refers to an organisation that offers financial services this could be
insurance, investment, lending and credit, pensions, securities and
derivatives. It includes organisations in both the public and private sector.
Systems and controls
The practices and procedures put in place to protect an organisation from
financial crime. In some cases it is accepted that certain (or indeed all) types
of financial crime cannot be wholly prevented, but controls can limit its extend
and impact."