The Financial Action Task Force (FATF) has recommended that the UK Financial Conduct Authority (FCA) consider the wider use of criminal background checks on owners and auditors of financial institutions.
This recommendation is intended to ensure that criminals and their associates cannot own or control financial institutions.
The FCA currently conducts criminal background checks based on a risk-based approach, meaning that checks are carried out when specific concerns arise about an individual’s fitness and suitability.
In line with FATF’s recommendation, the FCA now proposes to require auditors and beneficial owners to obtain criminal background checks from the Disclosure and Barring Service (or equivalent for people outside England and Wales). This requirement will apply to those applying for authorization or registration with the FCA and for notification of an intended acquisition or increase in control (‘change in control’ or ‘CIC’).
The FCA’s proposals will apply to the following people:
- potential auditors submitting a CIC notification under Part XII of the Financial Services and Markets Act 2000 (FSMA)
- auditors of firms applying to become authorized persons under FSMA (new firm approvals (NFA)) (both MiFID and non-MiFID)
- persons with qualified participation in a payment institution or an electronic money institution
- beneficial owners of Schedule 1 financial institutions and cryptocurrency businesses registered under regulation 54(1A) of the Money Laundering Regulations (MLR)
- persons who submit a CIC notification under the MLRs, the Payment Services Regulations 2017 (PSRs) and the Electronic Money Regulations 2011 (EMRs)
- auditors making an application or notification to the PRA where the FCA is required to give its consent or consultation (excluding appointed representatives (ARs))
Subject to feedback from this consultation, the FCA is proposing that this requirement will apply to all new applications or notifications made from January 2025 onwards. The change will not affect any applications or notices submitted before that date, including those not yet determined when the new requirements are introduced.
A standard DBS will contain details of both spent and unspent convictions, cautions, reprimands and cautions held on the Police National Computer (PNC), which are not subject to filtering.
From January 2025, where a person has applied/notified within the previous 6 months and had a DBS check, a new DBS check will not
required. In relation to the variation of licenses (VoP) process, where a company is already authorized or registered, the FCA would not require the company to apply for a DBS check, however, the company would still need to ensure the suitability of its auditors and owners .
More information about the proposals can be found here.