Subscribe

Appian Asset Management Hit With €443,000 Fine

/ 15th June 2018 /
Ed McKenna

Appian Asset Management has been fined €443,000 by the Central Bank and reprimanded for significant regulatory breaches which led to a cyber-fraud in which €650,000 of a client’s funds were stolen.

The breaches, which have been admitted by Appian, involved three regulatory regimes: client asset, anti-money laundering, and fitness and probity. The client’s stolen funds were paid back by the firm.

The Central Bank stated: “The firm’s historic regulatory failures left it exposed to a cyber-fraud by a third party where, acting on the instructions of a fraudster impersonating a client, it facilitated a series of transactions resulting in the loss of €650,000 of a client’s funds.”

The regulator said that it had regard to section 33AS(1) of the Central Bank Act and that had it not been for the poor financial position of the firm it would  have imposed a financial penalty of €825,000.

The bank’s enforcement investigation identified that the loss of client funds was caused by Appian’s failures in three areas:

In Association with

  • It had defective controls to protect client assets against fraud
  • It had inadequate policies and procedures to monitor transactions, detect and report money laundering and provide its staff with appropriate training
  • It failed to ensure that an employee performing a role that might expose the firm to financial, consumer or regulatory risk, was fit for that role.

Director of enforcement and anti-money laundering Seána Cunningham commented: “This is the first time the Central Bank has imposed a sanction on a firm where there has been a loss of client funds from cyber-fraud as a direct result of the firm’s significant regulatory breaches and failures. 

“Appian’s failures in this case demonstrated serious deficiencies in its governance arrangements, risk management, compliance oversight, and systems of internal control. These failings, combined with a culture in which clients’ instructions were given primacy over security and regulatory concerns, rendered the firm exposed to the cyber-fraud that occurred.

Fundamental Failings

“It placed client assets at heightened risk and that risk crystallised. The Central Bank views such fundamental failings as completely unacceptable. The Central Bank expects the board and senior management of all firms permitted to hold client assets to take active measures to ensure they hold such assets safely and securely.”

Cunningham added: “It is imperative that the people who run firms are vigilant as to their vulnerabilities around cybercrime and should ensure that all appropriate regulatory safeguards are in place to protect their clients’ assets. 

“The level of fine reflects the seriousness of Appian’s governance, operational, compliance and risk failures. It also reflects the importance the Central Bank places on investor protection.  Regulatory failures of this nature, especially where the failures result in financial losses to clients, will result in vigorous investigation and action by the Central Bank.”

Full details of the investigation, the details of the case, and links to resources to ensure regulatory compliance by financial services firms, are listed on the Central Bank website.

Sign up to The Business Plus Panel to help shape the business decisions of tomorrow and win vouchers for your opinions! 
linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram