News release
The Prudential Regulation Authority (PRA) has censured Wyelands Bank Plc (Wyelands) for wide-ranging significant regulatory failings between 21 December 2016 and 28 May 2020, which spanned breaches relating to large exposure limits, capital reporting, governance and risk controls and PRA Own Initiative Requirements (OIREQs) and poor retention of WhatsApp messages. This is the first time the PRA has taken action against a firm for a breach of PRA Fundamental Rule 3 (requiring a firm to act in a prudent manner). The seriousness of the breaches justifies a substantial fine of £8,515,000. However, Wyelands is in wind down and the PRA accepted that it has very limited financial resources. The PRA has concluded that fining Wyelands would not advance its general objective to promote the safety and soundness of firms.
Wyelands became a member of the Gupta Family Group Alliance (GFG) in December 2016. In September 2019, the PRA required Wyelands to limit its exposures to GFG and connected parties due to concerns that Wyelands had an unacceptable concentration of risk. By March 2020, Wyelands had stopped entering into new credit transactions and commenced a wind down of its business. In March 2021, the PRA required Wyelands to repay its depositors, which has been successfully completed.
Sam Woods, Deputy Governor for Prudential Regulation and Chief Executive Officer of the PRA, said:
‘The PRA expects firms to establish and maintain effective governance and risk management controls at all times. This is particularly important where a firm engages in complex transactions or where a significant proportion of its business is introduced by its wider group. Wyelands’ wide-ranging and serious failings resulted in the PRA taking swift supervisory action to minimise the risk to depositors and issuing today’s strong censure.’
PRA investigation
Wyelands entered into several complex structured finance transactions which were introduced to it by GFG. These transactions were significantly in excess of regulatory limits on large exposures, but Wyelands did not identify this and report it to the PRA. Wyelands’ original business plan was to initially originate business from entities introduced by GFG, with a view to developing third party business over time. However, in practice Wyelands’ business was almost entirely reliant on GFG and entities originally introduced by GFG.
The PRA investigation found that Wyelands had breached the 25% large exposure limit, Fundamental Rule 3 (act in a prudent manner), Fundamental Rule 5 (effective risk strategies and risk management systems), Fundamental Rule 6 (organise and control affairs responsibly and effectively) and a number of PRA rules relating to general organisational requirements, record keeping, risk control and related party transaction risk. In particular, over a period of 21 December 2016 to 28 May 2020 Wyelands failed to:
- have sound administrative and accounting procedures and adequate internal control mechanisms for the purposes of identifying, managing and reporting large exposures, and consequently it inaccurately reported its large exposures to the PRA;
- demonstrate sound judgement, exercise sufficient caution or take due account of all risks and possible consequences before entering into transactions, and to ensure that it had appropriate resources to identify, monitor and take action to duly mitigate risks in relation to transactions and to value its assets and liabilities;
- put in place effective risk management strategies and systems to identify, assess and manage the risks presented by its business model, in particular connected party and related party risks in relation to large exposures;
- comply with internal policies which had been created to mitigate potential conflicts of interest arising from its membership of GFG;
- ensure it had adequate systems and controls supporting its capital, and consequently the firm failed to identify that certain amounts it had received as capital had been indirectly funded by itself;
- on multiple occasions, comply with OIREQs imposed by the PRA; and
- put in place effective document retention and recordkeeping policies or procedures for its business that took into account technological advances such as those relating to instant messaging platforms (e.g. WhatsApp).
As a result of the seriousness of such a wide range of breaches that resulted in the firm’s wind down and threats to its safety and soundness, the PRA considers that it is appropriate to take enforcement action against Wyelands, which has agreed to settle this matter.
Notes to editors
- PRA Final Notice to Wyelands Bank Plc
- The PRA’s Statement on Wyelands Bank, 3 March 2021
- Supervisory Statement SS3/21: Non-systemic UK banks: The PRA's approach to new and growing banks, April 2021 sets out the PRA’s supervisory expectations of ‘new and growing’ non-systemic UK-incorporated banks, including business model, governance, risk management and controls and capital management. In particular, while new banks will be developing and growing risk capabilities as they mature, their risk management framework must be fit for purpose at all times.
- The PRA’s approach to banking supervision, October 2018
- The PRA’s approach to enforcement: statutory statements of policy and procedure, September 2021
- PRA Statutory Powers and Enforcement Action 2014-2022
- PRA Fundamental Rules
- ‘Censure’ refers to a statement under section 205 of the Financial Services and Markets Act: ‘If the appropriate regulator considers that an authorised person has contravened a relevant requirement imposed on the person, it may publish a statement to that effect.’
- A “large exposure” is defined in Article 392 of Part IV of the EU Capital Requirements Regulation (No 575/2013) (CRR) as a firm’s exposure to a client or group of connected clients where the value of the exposure is equal to or exceeds 10% of the firm’s eligible capital. Article 392 is now incorporated into the PRA Rulebook.
- Large exposure limits refers to Article 395 of Part IV of the CRR which stated (so far as relevant): ‘An institution shall not incur an exposure… to a client or group of connected clients the value of which exceeds 25% of its eligible capital…’. Article 395 is also now incorporated into the PRA Rulebook.