One of the UK’s largest banks has been fined £57.4m by the Prudential Regulation Authority (PRA) for failing to meet the Bank of England’s Depositor Protection Rules (DPR).
HSBC, both the HSBC Bank plc (HBEU) group and HSBC UK firm, was issued the fine this week by the regulator for shortcomings occurring between 2015-2022 in the case of the former and 2018-2022 in the case of the latter.
Under the BofE rules, banks are required to enact adequate systems, controls and governance procedures, and ensure the integrity of critical information for the Financial Services Compensation Scheme (FSCS).
The PSR noted that the FSCS is reliant upon this information in order to make prompt payments to bank depositors in the event of a firm failure, such as in the event of a bank becoming insolvent.
This influenced the regulator’s decision to implement the high-cost fine, which it noted is the second largest regulatory enforcement charge it has ever issued. The largest fine was issued to TSB Bank back in 2022, the result of IT issues in 2018 which affected 5.2 million of the firm’s customers.
Sam Woods, Deputy Governor for Prudential Regulation and Chief Executive Officer of the PRA, said: “The serious failings in this case go to the heart of the PRA’s safety and soundness objective. It is vital that all banks comply fully with our requirements around preparedness for resolution.
“HBEU fell far short of its obligations in this area, and failed to disclose its failings to us in a timely manner. These failures led to today’s action, including the significant fine.”
HSBC’s breaches of the DPR include failure to ‘assign clear ownership’ for the rules’ processes and to assign a senior manager with responsibility for these processes and integrity of required information.
The PRA also found HSBC to have incorrectly marked 99% of beneficiary deposits as ineligible for FCSC protection and to have incorrectly asserted to the regulator that its systems met DPR requirements.
Lastly, the PRA stated that HSBC had not met its requirement to provide finalised versions of annual reports signed by the Board of Directors conforming DPR compliance. These reports had not been provided ‘for multiple years’.