The UK's Financial Conduct Authority (FCA) has sent 4,430 of its employees on compulsory cybercrime and information security courses over the past two financial years, a policy think tank has revealed.

The data, obtained under the freedom of information request by The Parliament Street think tank, revealed the threat posed by financial cybercrime and the potential shortcoming in cybersecurity skills among FCA employees.

The FCA revealed that as well as the ‘Cyber and Information Security' e-learning course, which is compulsory for all staffers to complete, 217 participants were also enrolled on locally organised security courses for more advanced training.

The intention of the training is to help combat the growing threat of financial crime, such as money laundering and fraud.

The additional training courses included Cyber Security training with a Counter Threat Unit; Software and Cyber Security development programmes, and additional courses titled ‘The Cyber Security Degree: the Next Step in Cyber', and ‘The First Byte'.

Encompass Corporation CEO and regulatory expert Wayne Johnson said that ensuring that the FCA has comprehensive cybersecurity training is paramount to the body's function.

 He said: "Investing in the latest cyber skills training is essential, especially for an organisation tasked with investigating financial crime, money laundering and upholding regulatory standards.

"With a surge in newly launched fintechs, alongside expanding traditional banks, the FCA has a complex remit that requires the highest technical skills in order to investigate and enforce.

"This data also shows the huge investment regulatory authorities are putting in place to hold organisations to account." 

Johnson added that firms must be robust on their anti-money laundering (AML) and know your customer (KYC) rules.

"For banks, financial services firms, and start-up fintech companies, a failure to follow strict AML and KYC rules could lead to severe financial penalties, so getting compliance right from the outset is a must.

"Key to this effort should be investing in the latest solutions to easily automate KYC, while understanding and adhering to evolving financial regulations, to allow the organisation to grow without fear of breaching mandatory compliance legislation."

AML is an umbrella term for the range of regulatory processes firms must have in place, whereas KYC is an individual part of AML that involves firms verifying their customers' identity. 

First published by our sister title Professional Pensions