The Isle of Man Financial Services Authority has imposed a civil penalty on just over £1m on the Royal Bank of Scotland International.
In a statement on 15 February, the island's regulator said between June and July 2021, it had conducted an inspection of elements of RBSI’s Isle of Man non-personal customer book under section 15 of the Financial Services Act 200.
"The Inspection identified that RBSI had contravened paragraph 7 of the Anti-Money Laundering and Countering the Financing of Terrorism Code 2015 . Compliance with the Code, or any successor, is a regulatory requirement under the Financial Services Rule Book 2016, made under section 18 of the Act. The Authority has deemed it appropriate, necessary and proportionate, in all the circumstances, that RBSI be required to pay a civil penalty imposed under the Regulations and the Act."
The statement further acknowledged the constructive dialogue between RBSI and the regulator.
"RBSI continues its customer outreach work, which will remediate any remaining cases in the population affected by the breach with the Authority having been made fully aware of the steps it has put in place."
The civil penalty is the sum of £1,440,481, which is discounted by 30% to £1,008,337.
"The level of the Civil Penalty reflects the fact that RBSI co-operated with the Authority and agreed settlement at a relatively early stage. It is also noted by the Authority that there were mitigating factors in this case, and that this has been taken into consideration by it, when determining both the level and the actual amount of the Civil Penalty".
RBSI is licensed under the Act to undertake Class 1 (Deposit Taking) and Class 2 (Investment Business), as well as being registered with the Authority as a ‘general insurance intermediary’ under the Insurance Act 2008.
The inspection was conducted by the regulator between June and July 2021 in relation to elements of RBSI’s deposit taking business and this identified contraventions of paragraph 7 of the Code by RBSI across its non-personal client base.
The final inspection report was issued to RBSI by the Authority on 23 November 2021.
RBSI has engaged promptly and positively with the Authority throughout this matter in a timely and constructive manner.
Among the key findings from the investigation, "RBSI was unable to demonstrate that its up to date Customer Risk Assessment process was brought into use in a timely manner following the introduction of the Code. This resulted in 2,239 non-personal customers, on-boarded between 2015 and 2018 (and not rated high risk), having inadequate documented Customer Risk Assessments taking into account the applicable requirements of the Code (paragraph 7 of the Code), albeit these customers were still subjected to a risk rating to a pre-2015 standard during that period".