Business people in office

Financial Services

Helping businesses succeed through robust assurance and relevant advice in a regulated and changing environment.

The UK financial services sector is one of the largest contributors to UK gross value add (GVA) and is one the largest and oldest global financial centres.

With established groups, entrepreneurs and disruptors driving innovation in response to domestic and global regulatory, risk and compliance changes which are often complex, the financial service sector is in a constant state of evolution.

You need a multidisciplinary experienced team who are informed and understand the latest industry changes, to guide you through the rapidly changing sector. We can give you practical advice and support to ensure that you have the correct controls in place, manage risks effectively and create strategy that will drive business growth.

Our services

Anti-money laundering
CASS audit
Risk management reviews
Anti-money laundering

As the UK’s anti-money laundering (AML) supervisors continue to fine across businesses and sectors for poor anti-money laundering procedures, this area of compliance continues to dominate the headlines.

Over the past 12 months, supervisors have imposed a range of sanctions and corrective measures upon firms, including but not limited to, fines for both the businesses and individuals, letters of advice, reprimands, warnings and in some cases, conditions have been placed upon a firm’s authorisation.

At Crowe, our team have been helping clients with their AML audits for over 12 years.

Why do I need an Anti-Money Laundering audit?

Section 21 of The Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations (MLRs 2017) requires a firm to implement internal controls. It requires, where appropriate with regard to the size and nature of its business, firms to establish an independent audit function with the responsibility to:

  • examine and evaluate the adequacy and effectiveness of the firms’ policies, controls and procedures to ensure that they comply with the requirements of the MLRs 2017
  • make recommendations in relation to those policies and procedures
  • monitor the firm’s implementation and compliance with those recommendations.

Firms can undertake their own internal audit, however, the person undertaking the audit should not be involved in writing the firm’s policies or be involved in the day-to-day operation of the AML function, or gathering of customer due diligence etc. The individual should also be familiar with the requirements of the MLRs 2017 and associated legislation, sector guidance and be sufficiently senior within the firm, so that the board will undertake a comprehensive review of the findings and implement recommendations where required/appropriate.

What does an AML audit involve?

An independent review/GAP analysis of your firms processes and procedures, measured against the legal requirements of MRLs 2017, associated legislation and industry sector guidance. We present our findings with a traffic light system, detailing any deficiencies, if found and providing our recommendations for an AML compliant programme, for the following areas.

  • Governance framework
  • Risk assessment
  • Policies and procedures
  • Know your client / customer due diligence
  • Personnel / screening
  • Training
  • Suspicious activity reports
  • Data retention
  • Interviews with key personnel
  • Testing
CASS audit

Designated Investment Firms (DIFs) that hold client money and/or custody assets in relation to their regulated activities must have a CASS audit. As outlined by the Financial Conduct Authority (FCA), a CASS auditor must prepare a report which gives an opinion on whether the firm:

  • maintained systems adequate to enable it to comply with relevant rules throughout the period
  • was in compliance with those rules as at the end of the period.

Other FCA-regulated firms that fall into the CASS regime.

  • Firms operating a peer-to-peer lending platform.
  • Mortgage and General Insurance firms.
  • Debt management firms.
  • Claims management firms.

The CASS audit must be delivered within four months of the end of the period. Usually, it is completed at the same time as the financial statements audit, but is a separate exercise, and does not have to be completed by the same auditor.

Risk management reviews

Our team empower you to deliver your strategic goals by working with you to evaluate:

  • risk-based decision making
  • consumer duty
  • effectiveness of risk and compliance
  • technology risk and digital trust.

Industry knowledge, pragmatic
advice, tailored service

We care about your organisation. Close working relationships are at the heart of our service delivery which sees our clients stay with us year after year, trusting us for our specialist advice and open dialogue.

Making the most of innovation incentives. With extensive knowledge of regulatory requirements and experience in governance and reporting we are well placed to support your organisation.

We help you to make smart decisions that have lasting value. Working with you, we will help you understand your obligations in order to be compliant with regulatory expectations.

We're here to help

Insurance ERMInsurance ERMIERM logo