Bank of Scotland fined £45 million for failing to report suspicions of fraud at HBOS

The Financial Conduct Authority (FCA) has fined Bank of Scotland £45,500,000 for failures to disclose information about its suspicions that fraud may have occurred at the Reading-based Impaired Assets (IAR) team of Halifax Bank of Scotland.

The FCA found that Bank of Scotland failed to be open and co-operative and also failed to disclose information appropriately to the then regulator, the Financial Services Authority (FSA).

Mark Steward, executive director of enforcement and market oversight at the FCA, said: “Bank of Scotland failed to alert the regulator and the police about suspicions of fraud at its Reading branch when those suspicions first became apparent.​​​​​ Bank of Scotland’s failures caused delays to the investigations by both the FCA and Thames Valley Police. There’s no evidence anyone properly addressed their mind to this matter or its consequences. The result risked substantial prejudice to the interests of justice, delaying scrutiny of the fraud by regulators, the start of criminal proceedings and the payment of compensation to customers.”

Bank of Scotland identified suspicious conduct in the IAR team in early 2007. The director of the Impaired Asset Team at the Reading branch, namely Lynden Scourfield, had been sanctioning limits and additional lending facilities beyond the scope of his authority undetected for at least three years. Bank of Scotland knew by 3 May 2007 that the impact of these breaches would result in substantial losses for Bank of Scotland.

Clear warning signs

Over the next two years, and on numerous occasions, Bank of Scotland failed to properly understand and appreciate the significance of the information that it had identified despite clear warning signs that fraud might have occurred. There was insufficient challenge, scrutiny or inquiry across the organisation and from top to bottom. At no stage was all the information that had been identified properly considered.

There’s also no evidence anyone realised – or even thought about – the consequences of not informing the authorities, including how that might delay proper scrutiny of the misconduct and prejudice the interests of justice.

It wasn’t until July 2009 that Bank of Scotland provided the FSA with full disclosure in relation to its suspicions, including the report of the investigation it had conducted in 2007. Bank of Scotland also did not report its suspicions to any other law enforcement agency. The FSA reported the matter to the National Crime Agency (then the Serious Organised Crime Agency) on 26 June 2009.

In 2017, following an investigation by Thames Valley Police, six individuals including Lynden Scourfield and another Bank of Scotland employee, Mark Dobson, were sentenced for their part in the fraud committed through the IAR.

Largely unregulated

Commercial lending was – and still is – largely unregulated in the UK which meant that the activities of IAR were not subject to specific rules imposed by the FSA. For example, conduct of business rules and complaints handling rules didn’t apply. However, Bank of Scotland was required to be open and co-operative with the FSA, and the FSA would reasonably have expected to have been notified of Bank of Scotland’s suspicions that a fraud may have been committed in May 2007.

If Bank of Scotland had communicated its suspicions to the FSA in May 2007, as it should have done, then the criminal misconduct could have been identified much earlier. The delay also risked prejudice to the criminal investigation conducted by Thames Valley Police. Full disclosure would also have allowed the FSA, at an earlier opportunity, to assess Bank of Scotland’s response to the issue and its approach to customers and complaints.

Bank of Scotland agreed to resolve the matter and qualified for a 30% (Stage 1) discount. Were it not for this discount, the FCA would have imposed a financial penalty of £65,000,000 on Bank of Scotland.

The FCA has also banned four individuals from working in financial services due to their role in the fraud at HBOS Reading. Those individuals are Lynden Scourfield, Mark Dobson, Alison Mills and David Mills.

About the Author
Brian Sims BA (Hons) Hon FSyI, Editor, Risk UK (Pro-Activ Publications) Beginning his career in professional journalism at The Builder Group in March 1992, Brian was appointed Editor of Security Management Today in November 2000 having spent eight years in engineering journalism across two titles: Building Services Journal and Light & Lighting. In 2005, Brian received the BSIA Chairman’s Award for Promoting The Security Industry and, a year later, the Skills for Security Special Award for an Outstanding Contribution to the Security Business Sector. In 2008, Brian was The Security Institute’s nomination for the Association of Security Consultants’ highly prestigious Imbert Prize and, in 2013, was a nominated finalist for the Institute's George van Schalkwyk Award. An Honorary Fellow of The Security Institute, Brian serves as a Judge for the BSIA’s Security Personnel of the Year Awards and the Securitas Good Customer Award. Between 2008 and 2014, Brian pioneered the use of digital media across the security sector, including webinars and Audio Shows. Brian’s actively involved in 50-plus security groups on LinkedIn and hosts the popular Risk UK Twitter site. Brian is a frequent speaker on the conference circuit. He has organised and chaired conference programmes for both IFSEC International and ASIS International and has been published in the national media. Brian was appointed Editor of Risk UK at Pro-Activ Publications in July 2014 and as Editor of The Paper (Pro-Activ Publications' dedicated business newspaper for security professionals) in September 2015. Brian was appointed Editor of Risk Xtra at Pro-Activ Publications in May 2018.

Related Posts