Copyright Page
IMF Country Report No. 22/108
UNITED KINGDOM
FINANCIAL SECTOR ASSESSMENT PROGRAM
SOME FORWARD LOOKING CROSS-SECTORAL ISSUES
April 2022
This Financial Sector Assessment Program paper on United Kingdom was prepared by a staff team of the International Monetary Fund. It is based on the information available at the time it was completed on March 18, 2022.
Copies of this report are available to the public from
International Monetary Fund • Publication Services
PO Box 92780 • Washington, D.C. 20090
Telephone: (202) 623-7430 • Fax: (202) 623-7201
E-mail: publications@imf.org Web: http://www.imf.org
Price: $18.00 per printed copy
International Monetary Fund
Washington, D.C.
© 2022 International Monetary Fund
Title page
UNITED KINGDOM
FINANCIAL SECTOR ASSESSMENT PROGRAM
TECHNICAL NOTE
SOME FORWARD-LOOKING CROSS-SECTORAL ISSUES
March 18, 2022
Prepared By
Monetary and Capital Markets Department
This Note was prepared by IMF staff in the context of an IMF Financial Sector Assessment Program (FSAP) in the United Kingdom. The FSAP was led by Mr. Udaibir Das. The note contains technical analysis and detailed information underpinning the FSAP’s findings and recommendations. Further information on the FSAP can be found at http://www.imf.org/external/np/fsap/fssa.aspx
Contents
Glossary
FINANCIAL INTEGRITY, AML/CFT, AND FINANCIAL STABILITY
A. Executive Summary
B. Introduction
C. Risk Profile
D. Risk-Based AML/CFT Supervision
E. Entity Transparency
F. International Cooperation
STRENGTHENING THE OVERSIGHT OF RISKS OF CYBER THREAT
A. Executive Summary
B. Introduction
C. Institutional and Regulatory Framework
D. Supervisory Practices
ONGOING REVIEW OF THE FUTURE OF THE REGULATORY FRAMEWORK: SOME OBSERVATIONS
A. Executive Summary and Key Recommendations
B. Financial Services Future Regulatory Framework Review
BOXES
1. Post-Brexit AML/CFT Legal Framework
2. Leveraging Big Data and Data Analytics for Monitoring Cross-Border Flows
FIGURES
1. AMF/CFT: Comparison of Mutual Evaluation Report Ratings
2. Historical Comparison of ML/TF Risks of Key Sectors
3. Aggregate Financial Flows in The United Kingdom to Select Country Groupings (2019-21)
4. Aggregate Financial Flows in The United Kingdom for High-Risk Jurisdictions (2016-21)
5. Supervisory Population of Entities with AML/CFT Obligations
6. FCA On-Site and Desk-Based Inspections
7. United Kingdom’s Regulatory Framework for Cybersecurity at a Microprudential Level
8. Moving to a Comprehensive FSMA Model
TABLES
1. Main Recommendations
2. Main Recommendations
3. Main Recommendations
APPENDIX
I. Using SWIFT Data and Machine Learning for Financial Integrity Surveillance
Glossary
| AML | Anti-Money Laundering |
| ARF | Authorities’ Response Framework |
| BCBS | Basel Committee on Banking Supervision |
| BCM | Business Continuity Management |
| BCP | Basel Core Principles |
| BEIS | Department for Business, Energy, and Industrial Strategy |
| BIS | Bank for International Settlements |
| BO | Beneficial Owner |
| BOE | Bank of England |
| BOT | British Overseas Territory |
| CBA | Cost Benefit Analysis |
| CCG | Cyber Coordination Groups |
| CCP | Central Counterparties |
| CD | Crown Dependency |
| CEG | Cyber Expert Group |
| CERT | Computer Emergency Response Team |
| CFT | Combatting the Financing of Terrorism |
| CIRP | Cyber Incident Response Protocol |
| CIO | Chief Information Officer |
| CISO | Chief Information Security Officer |
| CISP | Cybersecurity Information Sharing Partnership |
| CMORG | Cross Market Operational Resilience Group |
| CMBCG | Cross-Market Business Continuity Group |
| CNI | Critical National Infrastructure |
| COO | Chief Operating Officer |
| CPMI | Committee on Payments and Market Infrastructure |
| CQUEST | Cyber Questionnaire |
| CREST | Council of Registered Ethical Security Testers |
| CSD | Central Securities Depositories |
| CSDR | Central Securities Depositories Regulation |
| CSF | NIST Cyber Security Framework |
| CTP | Critical Third Party |
| DAR | Designated Activities Regime |
| EBA | European Banking Authority |
| ECP | Economic Crime Plan |
| EEA | European Economic Area |
| EMIR | European Market Infrastructure Regulation |
| ERPC | Executive Regulation and Policy Committee |
| EU | European Union |
| FATF | Financial Action Task Force |
| FCA | Financial Conduct Authority |
| FCDO | Foreign, Commonwealth & Development Office |
| FI | Financial Institution |
| FinECC | Finance Emergency Call Cyber |
| FMI | Financial Market Infrastructure |
| FPC | Financial Policy Committee |
| FRF | Financial Services Future Regulatory Review |
| FSA | Financial Services Authority |
| FSAP | Financial Sector Assessment Program |
| FSB | Financial Stability Board |
| FSCCC | Finance Sector Cyber Collaboration Centre |
| FS-ISAC | Financial Services Information Sharing and Analysis Center |
| FSMA | Financial Services Markets Act |
| FSMA 2000 | Financial Services and Markets Act 2000 |
| G7 | Group of Seven |
| GFC | Global Financial Crisis |
| GSIB | Global Systemically Important Banks |
| HMRC | Her Majesty’s Revenue and Customs |
| HMT | Her Majesty’s Treasury |
| IBD | Inter-American Development Bank |
| ICG | Incident communication group |
| ICO | Information Commissioner’s Office |
| ICP | Insurance Core Principles |
| ICT | Information and Communication Technology |
| IMF | International Monetary Fund |
| IOSCO | International Organization of Securities Commissions |
| ISEWG | Intelligence Sharing Expert Working Group |
| ISO | International Organization for Standardization |
| IT | Information Technology |
| ITAFF | Illicit and Tax Avoidance Related Financial Flow |
| JMLIT | Joint Money Laundering Intelligence Task Force |
| LEA | Law Enforcement Agency |
| MER | Mutual Evaluation Report |
| MiFiD II | Second Markets in Financial Instruments Directive |
| ML | Money Laundering |
| MLRs | Money Laundering Regulations |
| MPR | Mid-Point Reviews |
| NCA | National Crime Agency |
| NCCU | National Cyber Crime Unit |
| NCSC | National Cyber Security Centre |
| NECC | National Economic Crime Centre |
| NFIB | National Fraud Intelligence Bureau |
| NIST | National Institute of Standards and Technology |
| NRA | National Risk Assessment |
| OFC | Offshore Financial Center |
| OFSI | Office of Financial Sanctions Implementation |
| OPBAS | Office for Professional Body Anti-Money Laundering Supervision |
| ORF | Operational Risk Framework |
| ORRD | Operational Risk and Resilience Division |
| PBS | Professional Body Supervisor |
| PFMI | CPMI-IOSCO Principles for Financial Market Infrastructures |
| PRA | Prudential Regulation Authority |
| PRC | Prudential Regulation Committee |
| PS | Policy Statement |
| PSC | People with Significant Control |
| PSM | Periodic Summary Meeting |
| SEG | Sector exercising group |
| SFO | Serious Fraud Office |
| SM&CR | Senior Management & Certification Regime |
| SMF | Senior Management Function |
| SRF | Sector Response Framework |
| SRPC | Supervision, Risk, and Policy Committee |
| SRS | Supervisory Risk Specialists |
| SS | Supervisory Statement |
| STAR-FS | Simulated Target Attack and Response – Financial Services |
| SYSC | Systems and Controls Sourcebook |
| TCSP | Trust and Company Service Provider |
| TF | Terrorist Financing |
| TN | Technical Note |
| TRC | Technology, Resilience and Cyber |
| TRS | Trust Registration System |
| TTP | Tactics, Techniques and Procedures |
| U.K. | United Kingdom |
| U.S. | United States |
| UWO | Unexplained Wealth Order |