Legal development

Key Takeaways from the FCA's Multi-Firm Review – Wholesale Banks Supervision

By Jake Green, Tim Cant and Henry Glasford

13 August 2025

Share Share
Panels in the sunshine
Share

    On 7 August 2025, the Financial Conduct Authority (FCA) published its consolidated findings from recent multi-firm reviews into key supervisory themes affecting wholesale banks. The report brings clarity on conflicts of interest, transaction governance, market abuse, and more across the sector.

    1. Summary of the review's findings 

    The FCA's supervisory work covered several critical areas. We have summarised these areas and the FCA's key findings below:

    • Gifts & Entertainment (G&E): Reviews revealed significant discrepancies between what brokers record as given and what banks register as received. For example, while brokers logged around 500 entertainment events, one bank’s register showed only 150. Crucially, 93 events over £100 were reported by brokers, yet only 9 were declared by the bank.
    • Conflicts of interest registers & breaches: Some firms have not updated their conflict scenarios for years; others report no breaches - either scenario could indicate weak control frameworks. This is an area where we have seen far more efficient and useable approaches to conflicts monitoring being introduced by firms. 
    • Off-channel communications: Despite improvements by firms, breaches persist, including misuse of personal devices. Notably, 41% of policy breaches involved staff at director level or above, which the FCA suggests could indicate wider culture issues. The FCA's expectations as to challenging and tracking the use of off-channel communications have demonstrably increased here.
    • CASS compliance: The FCA found improvements in this area but highlighted areas where issues persist, particularly in relation to the use of TTCAs. 
    • Inside information controls: Several firms failed to manage insider lists effectively - IT staff with access to confidential folders were not tracked, and wall-crossed committee members were not always added to insider lists. The FCA intends to follow up on possible systemic issues.
    • Transaction governance: Among six reviewed banks, the FCA noted variability in frameworks. While no widespread deficiencies were found, some firms lacked robust risk appetite frameworks - especially around reputational risk - or process transparency seen in strong governance models.
    • Share buybacks: Utilising data from FTSE-350 issuers (Jan 2023 - June 2024), the FCA examined how banks structure and execute buybacks. No material concerns were found, but firms should take care to clearly explain complex, “structured” share buyback mechanisms.

    2. Focused analysis

     In our view, the findings in relation to CASS, G&E and off-channel communications are likely to be of most interest to firms given the FCA's clear recommendations for potential remediation actions. We have provided further focused analysis of the FCA's findings on these topics below.

    CASS

    The inclusion of CASS in the review reflects a continuing supervisory focus on this critical area. CASS obligations are fundamental to safeguarding client money and assets, and any weakness - whether in segregation, reconciliation, or record-keeping - can have serious regulatory and reputational consequences.

    The FCA found that, while processes are generally in place, firms should not assume that an absence of reported breaches equates to full compliance. A number of issues were identified, including:

    • Misuse of TTCAs - including holding all client funds/assets under TTCA without corresponding client obligations, failing to monitor client obligations, and holding funds/assets under TTCA without appropriate agreements in place.
    • Breach of CASS rules due to change management (e.g. due to corporate transactions or technology changes).
    • Failures in allocating client money interest and ensuring firms' policies are aligned with regulatory rules (including CASS rules, COBS 2.1 and the Consumer Duty).
    • Reconciliation failures, such as difficulties in identifying discrepancies, excluding accounts with zero balances and misunderstanding internal reconciliation rules.

    Firms should be prepared to conduct thorough end-to-end reviews of their CASS frameworks, testing the accuracy and timeliness of processes and assessing whether breach registers and scenario planning are fully up to date with the firm’s current business activities. Governance remains a central consideration: regular reporting to senior managers should provide clear, actionable insight into CASS compliance trends, enabling resources to be directed to higher-risk areas. Building a culture of awareness is also important, with training that goes beyond the technical rules to highlight the importance of client asset protection to the integrity of the wider market.

    Gifts & entertainments 

    The FCA scrutinised the alignment between broker-reported offerings and firms' internal declarations, uncovering significant inconsistencies in firms' registries.

    Notably, while brokers recorded approximately 500 instances of entertainment, one bank’s own register captured only 150. Disparities were especially pronounced for higher-value events: brokers reported 93 instances exceeding £100, yet the firm logged just 9. Some individuals received multiple entertainments - one instance even involved 19 separate instances from the same broker - without any being captured in the firm’s log, despite the firm issuing 39 policy reminders during that period. We wonder if this is because some institutions have such low thresholds that logging becomes problematic.

    These findings underscore the need for clear, consistently applied policies, accurate and timely record-keeping, and focused oversight to ensure that gifts and entertainment - or any related conflicts - are managed effectively. The FCA has advised firms to review their G&E policies and procedures and consider:

    • Are firms' policies clear or realistic enough?
    • Do firms have certain groups of employees which are failing to adhere to G&E policies? If so, what does this indicate?
    • Where breaches are focused on specific areas, has this (or could this) give rise to negative outcomes for clients?

    Off-channel communications 

    The FCA’s multi-firm review confirms that, despite considerable investment in policy enhancements and monitoring technologies, off-channel communications remain a challenge for wholesale banks. Persistent breaches - many by senior staff - suggest that technical controls alone are insufficient without cultural reinforcement and effective enforcement. The FCA suggested that in at least one instance, poor compliance with off-channel communications policies may have been indicative of poor front-office culture.

    The FCA observed that firms have made progress, for example by prohibiting the use of personal devices, issuing company-approved phones, and deploying more sophisticated surveillance tools capable of detecting non-standard formats such as emojis and voice notes. However, gaps remain in the completeness of monitoring, particularly when third-party service providers are involved, and in the quality of management information used to detect patterns of non-compliance.

    The findings underscore the need to maintain policies that are regularly updated to reflect emerging technologies and communication behaviours, and to ensure that surveillance tools are both accurate and resilient. Oversight of external monitoring vendors should include rigorous testing of data capture and escalation processes. Just as importantly, management information should be capable of highlighting repeat or high-risk offenders, with clear escalation pathways to senior leadership. Targeted training for client-facing and senior staff can help reinforce expectations and signal that compliance in this area is non-negotiable.

    3. What are the next steps / actions?

    Benchmark controls and practices 

    Use these insights to compare your firm's processes against aggregated benchmarks, especially surrounding G&E, conflict registers, and off-channel policies. 

    Review and strengthen internal controls

    • Review CASS compliance frameworks and the use of TTCAs.
    • Ensure gift and entertainment policies are clear, accessible, and consistently enforced.
    • Regularly update conflict-of-interest registers to reflect new business activities.
    • Enforce strict controls for off-channel communications, especially among senior staff. Consider whether policies and monitoring frameworks need renewing.

    Enhance transparency and governance 

    • Maintain robust transaction governance processes with well-defined reputational risk parameters.
    • Monitor and update insider lists rigorously, particularly when sensitive information is circulated.

    4. Final Thought 

    The FCA's newly published review reinforces that, while the sector broadly performs adequately, supervisory expectations continue to evolve - especially around date integrity, behavioural controls, and governance. The review provides valuable insight as to the behaviours which meet FCA expectations and, conversely, where certain practices may now be considered out-dated.

    Now is a strategic moment to revisit frameworks, close gaps, and future-proof compliance. 

    The information provided is not intended to be a comprehensive review of all developments in the law and practice, or to cover all aspects of those referred to.
    Readers should take legal advice before applying it to specific issues or transactions.

    Key Contacts