UK financial firms can expect more auditor challenges following FCA investigations

An FCA investigation revealed that between 2015 and 2019, Macintyre Hudson LLP (MHA) failed to prepare four client asset reports to the required standards. These reports, which are crucial for ensuring firms comply with the FCA’s client assets sourcebook (CASS) rules, were found to be deficient in several areas.

The auditor failed to identify and report 25 breaches of the CASS rules by two regulated firms.

Elizabeth Budd, financial services expert at Pinsent Masons, said: “The CASS rules are high level and lack clarity making it difficult to be 100% compliant. However, the CASS audit does provide protection to clients and indeed to firms to ensure that there is an independent review of CASS compliance. The protection of client assets after all is one of the core tenets of the regulatory system and even technical breaches need to be identified and addressed by the firm and failing that by the CASS auditor, to ensure that protection is as robust as it can be.”

The breaches identified in this instance included the co-mingling of client money with firm money, absent acknowledgment letters, insufficient documentation, and the use of ‘dummy’ counterparty accounts in live investment management systems.

The FCA decided to censure rather than fine MHA. Budd said: “This public censure of a CASS auditor is the lowest level of sanction that the FCA can impose, but that should not in any way detract from its seriousness. CASS auditors will likely be looking at toughening their processes to ensure that they are meeting their obligations fully and firms can expect an even more challenging CASS audit as a result.”

This censure was quickly followed by another significant FCA action against a major audit firm. PricewaterhouseCoopers (PwC) was fined £15 million for failing to report suspected fraudulent activity at London Capital & Finance (LCF). The FCA found that PwC had encountered significant issues during its 2016 audit of LCF, including aggressive behaviour from a senior LCF employee and the provision of inaccurate and misleading information.

However, PwC signed off on LCF’s account without reporting its suspicions to the FCA.

Anthony Harrison, financial services regulatory expert at Pinsent Masons, said: “Where firms, or other advisory businesses that fall under the FCA’s remit, decide to ‘sit’ on compliance issues about which a regulator would reasonably expect to be informed, that can sometimes stir up more trouble than the original issues themselves. Firms and other relevant businesses tend to be much better off in being up front with the regulator at an early stage, rather than sweeping things under the carpet.”

Auditors have privileged access to information and are required by law to report any suspicions of fraud or non-compliance to the FCA.

Harrison said: “The recent FCA actions emphasise the significant role auditors play in the regulatory ‘ecosystem’ and the reliance that regulators place on them to help oversee the marketplace. Taking such action lays down an important marker that auditors who fall short of their regulatory responsibilities may face significant exposure and, in some cases, hefty financial penalties.”

These enforcements are consistent with the FCA’s three-year strategy, “demonstrating its commitment to take proactive action aimed at reducing and preventing serious harm, as well as protecting wider market confidence”, said Harrison.

“It wouldn’t be surprising to see more censures and fines of this nature being issued over the remainder of this year,” he said.