Andrew Procter, FSA Director of Enforcement, said:
"The FSA requires firms to maintain records of customer identification because these records are vital to the investigation, detection and prevention of financial crime. The records can help law enforcement agencies by identifying individuals involved in money laundering and linking them with criminal funds passing through the UK financial system.
"The failure by Bank of Scotland to keep proper records of customer identification could have seriously undermined its ability to comply with the requirements of orders served by law enforcement agencies under the Proceeds of Crime Act.
"The size of the fine demonstrates that failure by firms to put in place and maintain effective systems and controls will be dealt with severely by the FSA. I note, however, that Bank of Scotland has taken prompt and effective remedial action to resolve this problem."
The FSA’s investigation confirmed weaknesses in BoS’ record keeping systems and controls across its retail, corporate and business banking divisions. In over half of the sample of accounts tested in late 2002, BoS had failed to retain either a copy of the customer identification evidence or a record of where this evidence could be obtained. These failings were made worse by BoS' inability to determine the areas in which the breakdown in its record keeping systems had occurred.
After the failings were discovered, BoS promptly and effectively implemented a robust remedial action plan across the whole of the HBOS Group. This action has caused compliance rates to improve significantly from January 2003 and the FSA is satisfied that the bank has dealt with the issue appropriately.
The failings occurred despite increased regulatory emphasis on the importance of effective anti-money laundering controls since the introduction of the FSA’s Money Laundering Rules.