Financial services and regulation - Consequences of non-comp...

Learning Outcomes

This article examines the consequences of carrying on regulated activities without authorisation (or exemption) under the Financial Services and Markets Act 2000 (FSMA), covering both criminal and civil outcomes such as unenforceable agreements and restitution. It discusses the Financial Conduct Authority’s supervisory and enforcement toolkit (variation/cancellation of permission, requirements notices, financial penalties, prohibition orders, skilled person reviews and public censure) and how these measures may apply to solicitors’ practices undertaking financial services work under the Designated Professional Body (DPB) exemption. It outlines the interaction between financial services compliance and professional regulation, including the SRA Enforcement Strategy, reporting duties, and the spectrum of disciplinary outcomes (rebuke, fine, conditions, suspension, strike-off). It details the application of the Money Laundering Regulations 2017, Proceeds of Crime Act 2002 and Criminal Finances Act 2017 to practice, including customer due diligence, ongoing monitoring, politically exposed person (PEP) risks, tipping-off restrictions and the nominated officer/MLRO role. It explains how the Senior Managers and Certification Regime (SMCR) imposes individual accountability and conduct standards, and the specific risks and sanctions for senior managers and certified staff.

SQE1 Syllabus

For SQE1, you are required to understand the consequences of non-compliance with financial services regulations, especially as they relate to solicitors and law firms, with a focus on the following syllabus points:

• the criminal and civil liabilities for unauthorised regulated activities under FSMA 2000
• the enforcement powers of the FCA, including fines, prohibition orders, and withdrawal of authorisation
• the professional and disciplinary consequences for solicitors and firms
• the impact of non-compliance on client contracts and professional reputation
• how anti-money laundering (AML) and senior management accountability frameworks increase regulatory risk
• the restrictions on financial promotions and how exemptions operate in practice

Test Your Knowledge

Attempt these questions before reading this article. If you find some difficult or cannot remember the answers, remember to look more closely at that area during your revision.

1. What are the criminal penalties for carrying out regulated activities without authorisation under FSMA 2000?
2. Name two enforcement actions the FCA can take against a firm for regulatory breaches.
3. What professional consequences might a solicitor face for breaching financial services regulations?
4. True or false? A contract entered into by an unauthorised person in breach of FSMA 2000 is always enforceable by the client.

Introduction

Non-compliance with UK financial services regulations can result in severe legal, regulatory, and professional consequences for individuals and firms. The Financial Services and Markets Act 2000 (FSMA) sets out strict requirements for authorisation and conduct in regulated activities. The Financial Conduct Authority (FCA) has wide-ranging enforcement powers to protect consumers and maintain market integrity. Solicitors and law firms must also comply with professional standards set by the Solicitors Regulation Authority (SRA). Understanding the consequences of non-compliance is essential for SQE1.

FSMA’s “general prohibition” (s 19) prevents any person from carrying on a regulated activity in the UK unless authorised or exempt. The prohibition is the gateway through which criminal liability, civil remedies, and regulatory sanctions flow. For solicitors, compliance must be assessed alongside the SRA Financial Services (Scope) Rules and Financial Services (Conduct of Business) Rules, and where relevant, reliance on the DPB exemption. Compliance failures in the financial promotions regime (s 21 FSMA) also attract criminal liability unless an authorised firm approves the content or an exemption applies.

Legal Consequences of Non-Compliance

Criminal Liability

Carrying out regulated activities without the required authorisation or exemption is a criminal offence under FSMA 2000. The offence applies to both individuals and bodies corporate, and senior officers may become personally liable where the offence is committed with their consent or connivance.

Key Term: regulated activity
An activity specified in secondary legislation (the Regulated Activities Order) that requires FCA authorisation if carried on by way of business in the UK.

Key Term: authorisation
Formal permission from the FCA (or other relevant regulator) to carry out regulated activities.

• Under s 23 FSMA, a person who breaches the general prohibition may face:
  • up to two years' imprisonment
  • an unlimited fine
• Corporate officers may be liable where the offence is attributable to their consent or connivance (corporate officer liability provisions apply by analogy).
• Financial promotions: communicating an invitation or inducement to engage in investment activity without authorisation or approval of content (s 21 FSMA) is prohibited; breach is a criminal offence (enforced through s 25 FSMA). The regime captures real-time and non-real-time communications broadly, unless an exemption applies under the Financial Promotion Order 2005 (FPO).

The criminal exposure is not limited to authorisation breaches. Failure to observe the financial promotions restriction, misstatements to the FCA, and certain misconduct under the SMCR (e.g., knowing participation in contraventions) can also attract criminal or quasi-criminal sanctioning pathways.

Civil Liability

Non-compliance can also result in civil consequences:

• Unenforceable Contracts: Under s 26 FSMA, agreements made by unauthorised persons in breach of the general prohibition are generally unenforceable against the client. The client may recover money paid or property transferred.
• Extended invalidity: Related provisions (including s 27 FSMA) can render certain agreements entered into via unlawful communications unenforceable, unless a court orders otherwise to protect a third party acting in good faith.
• Restitution Orders: The FCA or the courts may order a person to pay compensation or return profits made from unauthorised activities (s 382 and s 384 FSMA).
• Private Right of Action: Clients who suffer loss due to a breach of certain FCA rules may claim damages (s 138D FSMA).

Key Term: unenforceable contract
A contract that cannot be enforced by the party in breach, often allowing the other party to recover money or property transferred.

Civil invalidity and restitution are often coupled. Where agreements are unenforceable, the court retains powers to adjust equities between parties, and the FCA may seek restitution even if the contract is voided. Practically, firms can face simultaneous claims by clients, restitutionary directions, and FCA penalties, compounding financial exposure.

Worked Example 1.1

A solicitor provides investment advice to a client without FCA authorisation. The client loses £10,000 as a result. What are the possible legal consequences?

Answer:
The solicitor may be prosecuted for a criminal offence under s 23 FSMA. The client may be able to recover the £10,000 under s 26 FSMA, and the FCA could seek a restitution order. The solicitor may also face a private claim for damages.

Worked Example 1.2

A boutique firm arranges a client’s purchase of units in a fund and takes an arranging fee. Neither the firm nor any authorised person has approved a brochure the firm circulated. The fund later collapses.

Answer:
The brochure is a financial promotion. Without authorisation or approved content (s 21 FSMA), the firm risks criminal liability (s 25 FSMA). Civilly, agreements may be unenforceable (s 26, s 27 FSMA) and the court/FCA can impose restitution (ss 382, 384 FSMA). Parallel exposure to private actions for breach of FCA rules (s 138D) is likely.

FCA Enforcement and Regulatory Actions

The FCA has broad powers to enforce compliance and penalise breaches.

Key Term: Financial Conduct Authority (FCA)
The main UK regulator for financial services, responsible for authorisation, supervision, and enforcement.

FCA Enforcement Powers

• Withdrawal of Authorisation: The FCA can revoke a firm's permission to carry out regulated activities (s 55J FSMA).
• Variation of Permission/Requirements: The FCA can restrict or limit the scope of a firm's regulated activities or impose specific requirements (ss 55L–55N FSMA), including asset restrictions, business controls, and prudential modifications.
• Financial Penalties and Public Censure: The FCA can impose substantial fines and publish statements of misconduct against firms and individuals (e.g., s 206 FSMA for authorised persons; public censure accompanies many fines).
• Prohibition Orders: Individuals can be banned from performing certain functions in regulated firms (s 56 FSMA).
• Skilled Person Reviews: The FCA can require an independent skilled person report (s 166 FSMA) into areas such as governance, client assets or financial crime controls.
• Injunctions and Restitution: The FCA can seek injunctions to prevent misconduct (s 380 FSMA), and courts/FCA can order restitution (ss 382, 384 FSMA).

FCA actions often combine tools: a variation of permission with immediate business restrictions, a skilled person review to diagnose failings, followed by financial penalties and a final notice publicising censure. Individuals may face parallel prohibition orders and personal fines in SMCR cases.

Worked Example 1.3

A law firm is found to have repeatedly breached FCA conduct rules. What actions might the FCA take?

Answer:
The FCA may impose a fine, issue a public censure, restrict the firm's permissions, or withdraw authorisation. Individuals responsible may be prohibited from working in regulated roles.

Worked Example 1.4

A solicitor’s practice relies on the DPB exemption but begins to advertise stand‑alone investment services and runs paid seminars pitching specific shares.

Answer:
The activity is unlikely to be “incidental” to legal services, so the DPB exemption may not apply. The FCA can intervene (require authorisation or cease activity), and breaches of s 21 FSMA regarding promotions can trigger criminal liability. The firm faces variation/requirements notices, fines, censure and, if persisted, prohibition of relevant individuals.

Professional and Disciplinary Consequences

Non-compliance with financial services regulations can lead to disciplinary action by professional bodies such as the SRA.

Key Term: professional misconduct
Behaviour by a solicitor or firm that breaches professional or regulatory standards, potentially leading to disciplinary action.

SRA Disciplinary Actions

• Striking Off: Removal from the roll of solicitors, ending the individual's legal career.
• Suspension: Temporary ban from practising as a solicitor.
• Conditions on Practice: Restrictions on the type or scope of work a solicitor may undertake.
• Fines: Significant financial penalties for individuals and firms.

Disciplinary routes may be triggered by FCA outcomes (e.g., a prohibition order), but the SRA assesses misconduct against its own Standards and Regulations and Enforcement Strategy. The SRA can act where conduct diminishes public trust (Principle 2), involves dishonesty or lack of integrity (Principles 4 and 5), or breaches duties regarding client money and publicity. Reporting duties to the SRA apply to serious breaches and significant external regulatory events.

Reputational and Career Impact

• Loss of Trust: Clients and business partners may lose confidence in the solicitor or firm.
• Insurance Issues: Difficulty obtaining professional indemnity insurance.
• Barriers to Employment: Regulatory findings can limit future career opportunities, especially in senior or regulated roles.
• Contractual and commercial impact: Client retainer termination, increased due diligence scrutiny, and counterparties’ refusal to transact.

Firms risk losing legal panel positions and encountering elevated lender requirements (e.g., strict reliance on standard certificates of title only), with knock‑on effects on conveyancing and corporate mandates.

Worked Example 1.5

A solicitor is fined and suspended by the SRA for unauthorised investment advice. What further consequences might follow?

Answer:
The solicitor may struggle to find employment in regulated roles, face higher insurance premiums, and experience lasting reputational damage.

Worked Example 1.6

A firm receives an FCA warning notice about potential unauthorised activities. The COLP is unsure whether to notify the SRA.

Answer:
Material regulatory issues should be reported to the SRA under cooperation and accountability duties. Failure to report can aggravate SRA sanctions. Transparent engagement, remedial action, and documentation of decisions (aligned with the SRA Enforcement Strategy) mitigate outcomes.

Anti-Money Laundering and Senior Management Accountability

Anti-Money Laundering (AML) Regulations

Firms must comply with the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (MLR 2017).

Key Term: anti-money laundering (AML)
Laws and regulations aimed at preventing the use of the financial system for money laundering or terrorist financing.

Key requirements include:

• Customer Due Diligence (CDD): Verifying client identity and assessing risk. Triggers include establishing a business relationship, occasional transactions, suspicion of money laundering, or doubts about previously obtained identity information.
• Enhanced Due Diligence (EDD): Required for higher-risk scenarios (e.g., PEPs, high-risk third countries, complex or unusually large transactions, non-face-to-face onboarding) and where the firm’s risk assessment dictates.
• Ongoing Monitoring: Regularly reviewing client transactions to ensure they are consistent with the firm’s knowledge of the client and the business relationship.
• Suspicious Activity Reporting: Reporting suspicions to the National Crime Agency via the nominated officer/MLRO. Tipping-off is prohibited.
• Record Keeping: Maintaining due diligence and transactional records, often for at least five years from the end of the relationship or the relevant transaction.
• Firm-wide Risk Assessment and Controls: Written risk assessments, policies, training, and governance to manage money laundering and terrorist financing risks.

Non-compliance can result in criminal prosecution, FCA enforcement, and professional discipline. Primary offences (ss 327–329 POCA) carry severe penalties; failure to disclose (s 330) and tipping-off (s 333A) are also criminal offences. A “consent/DAML” defence may be available where appropriate authorised disclosures are made and consent obtained.

Further statutory obligations add to risk. The Criminal Finances Act 2017 created corporate offences of failing to prevent the criminal facilitation of tax evasion. These are strict liability offences with an “reasonable prevention procedures” defence only; penalties include unlimited fines and ancillary confiscation.

Senior Managers and Certification Regime (SMCR)

The SMCR increases individual accountability within financial services firms.

Key Term: Senior Managers and Certification Regime (SMCR)
A regulatory framework requiring firms to assess and certify the fitness and propriety of senior managers and key staff, and imposing conduct rules on all employees.

• Senior Managers: Must be FCA-approved for specified functions, have clearly allocated responsibilities, and are personally accountable for the effective control of their areas (including compliance and financial crime controls).
• Certification Staff: Firms must assess and certify their fitness and propriety at least annually; the FCA can take action where certification is deficient or responsibilities are not properly discharged.
• Conduct Rules: Apply to all staff; breaches can result in personal fines, bans, and disciplinary action.

Breaches can result in personal and corporate sanctions, including prohibition orders, fines, and censure. The FCA expects demonstrable “reasonable steps” by senior managers to prevent and remediate breaches; documentation (statements of responsibility, governance records, risk registers, training logs) is critical.

Worked Example 1.7 (AML)

A firm acting in a share sale receives £500,000 split across multiple accounts from three jurisdictions, with instructions to onward remit urgently.

Answer:
The pattern is a classic red flag. CDD/EDD should be re-performed and the MLRO notified. If suspicion exists, an internal report is required; the MLRO may submit a SAR and seek DAML if onward remittance is requested. Tipping-off must be avoided. Failure to act risks criminal liability (POCA), FCA sanctions, and SRA discipline.

Summary

Key Point Checklist

This article has covered the following key knowledge points:

• Non-compliance with financial services regulations can result in criminal prosecution, civil liability, and unenforceable contracts.
• The FCA has broad enforcement powers, including fines, bans, and withdrawal or variation of authorisation, with public censure and skilled person reviews frequently used.
• Solicitors and firms may face SRA disciplinary action, including striking off, suspension, and fines, with reporting duties to the SRA in serious cases.
• Reputational damage, loss of panel positions, and insurance difficulties often follow regulatory breaches.
• AML and SMCR frameworks increase personal and organisational accountability; failure to implement robust controls can result in criminal and regulatory sanctions.
• Financial promotions restrictions under s 21 FSMA apply widely; unless an exemption applies or content is approved, criminal liability may follow.

Key Terms and Concepts

• regulated activity
• authorisation
• unenforceable contract
• Financial Conduct Authority (FCA)
• professional misconduct
• anti-money laundering (AML)
• Senior Managers and Certification Regime (SMCR)