This month's key compliance news includes allegations of inappropriate behaviour at Foxtons, banks' unlawful Bloomberg exchanges, OKX's AML fine, the FCA's email deletion policy, GSK's LinkedIn reprimand, and more.
Foxtons is facing questions about its workplace culture following allegations of inappropriate behaviour towards junior staff at the London property broker.
During a six-month investigation, Bloomberg spoke to many current and former staff who claimed that they'd experienced or witnessed unwanted touching, drunk driving, racist or antisemitic comments and slurs, and other offensive behaviour.
"Lucy" - one of the complainants - claimed that managers and co-workers groped her, sent her explicit and suggestive messages, discussed her weight in work WhatsApp messages and told her to start an OnlyFans account. When she complained to her manager, she was told she needed thicker skin.
As the behaviour escalated, "Lucy" was subjected to unwanted kissing by the sales director, who sent her and other female colleagues explicit photos and videos, some at 3am, requesting photos in return.
When she complained about unwanted touching by a senior employee, the HR representative allegedly asked if she was sure and that the man was well-liked. Lucy was told that they would not address the complaint unless she filed a police report. Worried about the additional stress, Lucy retracted her complaint.
Lucy is not alone. Bloomberg has spoken to eleven current or former Foxtons employees who allege that colleagues repeatedly subjected them to unwanted physical contact, requests for sex or explicit and offensive comments between 2021 and 2024.
Eight of them had complained to their manager or HR. All said senior staff were aware of the inappropriateness but either ignored it or were complicit. Misconduct was excused: "That's just what he's like".
Many complainants were in their twenties, and it was their first job.
Responding to the allegations, a spokesperson for Foxtons said:
"We are concerned that colleagues have told Bloomberg of offensive behaviour and urge them to report it to the independent, confidential whistleblowing process."
Many of those interviewed by Bloomberg asked not to be identified for fear of reprisal by Foxtons or other individuals who were employed there.
A manager offered him more potential clients if he stopped speaking out about misconduct. When he declined, his pipeline of leads was turned off, and he was dismissed for poor performance.
Lawyers acting for Foxtons said Gittins "does not accept" that a complaint was made:
"He does not tolerate racism and would wish for all such allegations to be the subject of immediate investigation and appropriate disciplinary steps. Complaints of this nature are automatically referred to the HR department to ensure they are investigated in the appropriate, confidential manner."
Speaking to Bloomberg last year, Gittins said he was reenergising the company. There is evidence of Gittins' attempts to change the culture, with reduced access to alcohol and anti-sexual harassment training, but the problems have not gone away, according to those interviewed.
Some allege that "hot leads" were awarded by managers to staff they liked or found sexually attractive. A former employee also claimed that she was deprived of leads because she rejected a senior employee's sexual advances. Many were afraid to speak out for fear that potential leads would stop.
Foxtons rejects this: "The majority of leads are automatically assigned by a centralised system, not individual managers."
Nine people interviewed by Bloomberg said managers would sometimes tell female staff to wear high-heeled shoes and feminine or sexy outfits. When another employee was propositioned for sex by an area director, he later said that if she'd agreed, she "would have been promoted by now".
In a statement, a spokesperson said:
"Matters of sexual harassment or misconduct are taken extremely seriously, thoroughly investigated and in no way tolerated at Foxtons."
Heavy drinking and drug-taking were notorious at the Christmas party, according to those interviewed. At one event, a former employee was pestered so much by a senior colleague that a waiter asked if she wanted help.
Staff were sent mandatory anti-sexual harassment training ahead of last year's party, with HR reps circulating during the evening.
"The most severe harassment thrives in workplaces where so-called sexual banter is accepted by leaders. The young men witnessing this will be the same men who will make future decisions on how the workplace runs."
-Jemima Olchawski, CEO of the Fawcett Society
Shares in Foxtons dropped 5% since the report was published by Bloomberg.
A former Janus Henderson fund analyst exploited the pandemic and used confidential information on Daimler, Jet2 and THG to make a profit of £963,000, according to prosecutors.
Redinel Korfuzi, 37, used inside information that he had access to for his job as a research analyst at asset manager Janus Henderson and traded using accounts held in his sister's name and two other defendants, Rogerio de Aquino and Dema Almeziad.
Korfuzi is charged with conspiracy to commit insider dealing and money laundering between January 2019 and March 2021, with his sister Oerta Korfuzi.
Together, with the two other "secret proxies", the siblings netted profits of almost a million pounds, trading in 11 companies' shares, the prosecution claimed.
"The defendants took advantage of the cloak afforded by national lockdown restrictions ... to take the opportunity to execute, while some of them worked from home, their secret plan to conduct criminal trading"
- Tom Forster, prosecutor who described Korfuzi as being "at the absolute centre" of the case
Janus Henderson was not involved in the case. The asset manager said it treated misuse of confidential information with "the greatest seriousness" and has cooperated fully with the investigation, the FCA confirmed. The trial is expected to last until May.
Separately, another analyst Mohammed Zina has been ordered to repay £586,711 by the Financial Conduct Authority. Zina, a former analyst at Goldman Sachs, was convicted of insider dealing and fraud in 2023 after trading on insider information about pending acquisitions.
The order requires Zina to repay £586,711 as part of the penalty within three months. Zina could face an additional five years in prison if he does not pay on time, after which he is still liable to pay the order, with interest.
"We have confiscated the entirety of Mr. Zina's assets, demonstrating that crime does not pay. Insider dealing harms the integrity of our markets. As well as prosecuting insider dealers, we will not allow them to keep any part of their illicit profits."
-Therese Chambers, Joint Executive Director of Enforcement and Market Oversight, FCA
Four banks will pay £100 million to settle historic cases of unlawful information exchanges relating to UK government bonds, according to the Competition and Markets Authority (CMA).
Citi, HSBC, Morgan Stanley and Royal Bank of Canada will pay fines of over £100 million for sharing competitively sensitive information about the price of UK bonds, known as gilts.
Information related to the buying and selling gilts and gilt asset swaps on specific dates and was shared in private one-to-one Bloomberg chatrooms between 2009 and 2013.
The fines were levied as follows:
"The financial services sector is an integral part of the UK economy, contributing billions every year, and it's essential that it functions effectively. Only through healthy and competitive markets can we ensure businesses and investors have confidence to invest and grow – for the benefit of all in the UK,"
- Juliette Enser, Executive Director of Competition Enforcement, CMA
"The fines imposed today reflect the CMA's commitment to dealing with competition law breaches and deterring anti-competitive conduct. The fines would have been substantially higher had the banks not already taken unusually extensive steps to make sure that this doesn't happen again."
Seychelles-based cryptocurrency exchange, Aux Cayes Fintech Co. Ltd. ("OKX"), has admitted operating an illegal money transmitting business and agreed to pay penalties totalling $504 million.
OKX allowed registered users to trade over 300 cryptocurrencies, including Bitcoin and Ethereum, with billions of dollars' worth of cryptocurrency transactions taking place on its platforms. OKX knew that it was required by US law to register as a money services business (MSB) and comply with AML laws but chose not to.
Despite having an official policy preventing US persons from transacting on its exchange, OKX actively sought customers in the US. Between 2018 and 2024, it engaged in over one trillion dollars' worth of business with US retail and institutional investors, generating millions of dollars in trading fees and profits.
In addition, OKX allowed customers to create an account and place trades without completing a KYC process, blocked US-based IP addresses despite knowing its IP ban could easily be circumvented using VPN technology, and allowed customers to place trades through third-party entities (non-disclosure brokers) without requiring them to disclose any identifying information.
In addition, it sponsored the Tribeca Film Festival using affiliate marketers based in the US to promote the exchange, gave customers incentives to recruit new users, accepted false information during the KYC process, and used step-by-step instructional videos to show customers how to register with OKX using a VPN to conceal their US location.
In April 2023, one OKX employee wrote:
"I know you're in the US, but you could just put a random country and it should go through. You just need to put Name, nationality, and ID number. You could just put United Arab Emirates and random numbers for the ID number."
OKX also failed to have adequate controls to determine whether parties were subject to sanctions.
"For over seven years, OKX knowingly violated anti-money laundering laws and avoided implementing required policies to prevent criminals from abusing our financial system. As a result, OKX was used to facilitate over five billion dollars' worth of suspicious transactions and criminal proceeds. Today's guilty plea and penalties emphasize that there will be consequences for financial institutions that avail themselves of U.S. markets but violate the law by allowing criminal activity to continue."
- Acting U.S. Attorney Matthew Podolsky
The Financial Times reported that the City watchdog informed staff that any emails remaining in their inbox for over 12 months would be automatically deleted unless considered important enough.
A notice on the FCA's intranet page said the new policy, which is being introduced from April, "reduces the legal and reputational risk we face".
The FCA plans to train staff ahead of the policy change to ensure important emails are saved to its official data channels in line with data retention schedules.
However, lawyers are critical of the decision, and critics argue that the move undermines its accountability.
Charlotte Hill from Charles Russell Speechlys said its plan to delete emails "is very much at odds with what it expects the industry to do", pointing out that the watchdog has "strict rules on record keeping requirements for the firms it regulates, with at least five years for investment companies, three years for others and indefinitely for pension transfer firms".
Hill was concerned that this could also undermine any future scandals: "The FCA will be able to say, quite truthfully, that it has no record of anyone ever having raised the point - a destruction of evidence."
She also added that for some individuals the move would be welcome news: "Any individual who has had an FCA investigation into their conduct is likely to welcome the chance of all records about them being destroyed".
However, the FCA's Director of Intelligence and Digital, Ian Phoenix, insists that the regulator was not trying to avoid scrutiny or destroy evidence.
"First, what we're not doing. We're not deleting evidence. We're not hiding information. We're not reducing transparency. There is no change to our policy of what constitutes a record and how long it should be saved for."
There are currently over 70 million emails in FCA inboxes. Phoenix said the changes would help the FCA meet its obligations under GDPR and the Data Protection Act and ensure data was not kept too long.
He added, "Critics have suggested we're holding ourselves to a different standard than the firms we regulate. This isn't the case. We expect firms to take their record keeping obligations seriously and, as the regulator, we do too. Regulatory records will still be kept for 25 years..."
The Prescription Medicines Code of Practice Authority (PMCPA), the UK regulator that oversees drug promotions and advertising, has reprimanded GSK after one of its UK employees 'celebrated' a post on LinkedIn about a prescription drugs.
A complaint was made anonymously to the PMCPA about a LinkedIn post from an American medical institute. The post referred to "promising results" of a trial of GSK's PARP inhibitor niraparib in brain cancer patients. Its drug Zejula is approved as a maintenance treatment for ovarian and peritoneal cancer.
Since the post originated in the US, it was outside the scope of the Association of the British Pharmaceutical Industry (ABPI) Code of Practice, which is enforced by the PMCPA. So far, so good…
But, when one of GSK's UK employee reacted to that post (in celebration) thus sharing it with all their connections on the platform, this made it a potential form of promotion, according to the PMCPA.
GSK admitted breaching three clauses of the PMCPA's code. Namely that the employee's 'celebration' broke the UK rules on promoting a drug for an unlicensed indication and advertising a prescription-only medicine to the public.
The drug manufacturer also pleaded guilty to breaching the requirement that a medicine must not be promoted before the grant of its marketing authorisation, but GSK was not found to have breached this rule on a "technical point".
However, GSK denied that it had failed to maintain high standards and said the employee's action was an "isolated incident due to an error in judgement" that had occurred despite its robust social media systems and policies.
The panel accepted that GSK's policies and guidance warned staff not to like content referring to its prescription products and R&D assets but insisted that drugs promotions to the public were serious and high standards had not been maintained.
GSK is the latest drugs company to be reprimanded over LinkedIn likes. AstraZeneca, Novartis, and Sanofi have all faced similar scrutiny by the watchdog over UK employees' use of social media.
A law firm's compulsory retirement policy is discriminatory, according to an employment tribunal.
Martin Scott worked for Walker Morris in Leeds as its head of construction and engineering. In July 2020, Scott was granted a three-year extension to keep working beyond the age of 60 for his "exceptional contribution". But when his application for a second extension was denied, he was made to leave. He subsequently brought a claim for age discrimination.
Walker Morris said that its compulsory retirement policy was designed to ensure "intergenerational fairness" and to provide progression opportunities for younger partners. It said that Scott's application for an extension was not declined because of his age but rather because he was unable to show he would make an "exceptional contribution" for the next two years.
The tribunal found that its policy was based on "discriminatory assumptions about and attitudes towards older partners" that were "not supported by any documentary or objective evidence".
Compulsory retirement policy can be lawful where there is a legitimate and fair aim.
However, the tribunal found that different standards were applied to different age groups, and was critical of comments made by its former managing director Malcolm Simpson:
"There was a lack of objective evidence of any deterioration in performance of partners in their 50s and 60s. Mr Simpson demonstrated discriminatory assumptions about and attitudes towards older partners, which were not supported by the evidence before us.
Mr Simpson's comments about partners' performance and energy levels tailing off in their 50s and beyond are the type of assumption that the age discrimination legislation is designed to counter."
Representing Scott, Giles Ward of Milners Solicitors said the ruling should be a warning to others:
"This far-reaching judgment will be of obvious interest to law firms and other professional service firms across the UK with mandatory retirement policies."
Merkur Slots UK has been fined £95,450 by the gambling regulator for failing to meet its social responsibility obligations at one of its adult gaming centres (AGCs).
It follows an investigation by the Gambling Commission into the treatment of a customer who lost almost £2,000 in 16 hours in November 2023 at its premises, months after being diagnosed with lung cancer.
The operator failed to interact with Wendy Hughes, who was then 64, when she gambled from 1.50pm to 6.43pm on 1 November and between 1.28pm on 2 November to 00.57am on 3 November. This violated the Licence Conditions and Codes of Practice (LCCP) which requires operators to interact with customers in a way that minimises the risk of customers experiencing harms associated with gambling.
Staff knew that Hughes was going to get more money from a cash machine as her losses grew and had placed a "hold card" to reserve her machine. This practice exploits the gambler's irrational belief that there will soon be a jackpot following a long run of losses.
Despite obvious warning signs and Merkur having social responsibility measures in place, staff never ensured Hughes was in control of her gambling and they failed to follow procedures.
Hughes died before the Commission announced its findings. Her daughter Jackie Olden said:
"I'm happy they investigated Merkur but after the devastation caused to our family, the size of this fine doesn't go far enough. This case emphasises the urgent need for an independent gambling ombudsman so that customers have access to recourse when things go wrong."
She's now calling for tougher restrictions on AGCs.
"This was a clearcut case of an operator failing to follow rules aimed at keeping consumers safe from harm. All operators should make sure that not only do they have policies and procedures aimed at preventing harm in place, but also that staff are effectively trained to follow and implement them,"
- Andrew Rhodes, CEO, the Gambling Commission
Microsoft will review its pricing of Office products sold with and without Teams in a bid to avoid an antitrust fine by the European Commission, according to reports.
The offer comes as Europe's competition regulator weighs up what action to take over Microsoft's tying of Teams to Office. The software giant was accused of anti-competitive practice by the owner of Slack in 2020 and a German rival, alfaview, in 2023.
Teams was added to Office 365 at no extra cost in 2017, replacing Skype for Business. But, following complaints, Microsoft unbundled the popular collaboration tool from Office, selling Office without Teams for €2 less a month. A standalone version of Teams would be available for €5 a month.
Increasing the cost of Office with Teams may encourage users to switch products and help to 'level the playing field'. The Commission is seeking feedback before making a decision.
Microsoft has also improved its interoperability terms to increase competition.
Both parties declined to comment to Reuters. Microsoft has netted fines totalling €2.2 billion for bundling and tying products in the EU. The regulator has the power to impose fines of up to 10% of a company's global annual turnover.
The Treasury Committee has written to nine banks and building societies, following recent IT outages at Barclays, Nationwide and elsewhere that resulted in customers being locked out of their accounts.
A request for information has been sent to the CEOs of Allied Irish Bank, Bank of Ireland, Barclays, Danske Bank UK, HSBC, Lloyds Banking Group, Nationwide Building Society, NatWest, and Santander.
MPs want to know how many times and for how many hours each provider has experienced IT failures preventing customers uses their services. The Committee is also requesting data on the number of customers who were affected and how much compensation has been paid out to those affected, along with the reason for each outage.
At the start of the month, Barclays apologised after a "technical issue" resulted in a three-day outage to its services. This caused payment delays and incorrect balances being shown to customers.
The problems were exacerbated as the outage coincided with the 31 January deadline for paying tax bills and the first payday of 2025 for many.
In a statement, Barclays reassured customers concerned about late penalties for tax bills, "You will not get charged the late penalty as they do not get applied until 1 March. We will ensure no customer is left out of pocket."
Customers of Nationwide, Capital One and Citibank have also faced recent outages.
"When a bank's IT system goes down, it can be a real problem for our constituents who were relying on accessing certain services so they can buy food or pay bills. For it to happen at a major bank such as Barclays at such a crucial time of year is either bad luck or bad planning. Either way, it's important to learn what has happened and what will be done about it. The rapidly declining number of high street bank branches makes the impact of IT outages even more painful."
- Dame Meg Hillier MP, Chair of the Treasury Select Committee
Law firm Hill Dickinson has warned staff about their use of artificial intelligence tools following a "significant increase in usage" across the business.
The firm said it was blocking general access to several popular AI tools and in future will require staff to go through a request process.
Over 32,000 hits had been detected to ChatGPT in a seven-day period earlier in the year, with almost 50,000 hits to Grammarly, the writing assistant tool, and over 3,000 hits to DeepSeek, its chief technology officer said in a staff email.
Hill Dickinson was concerned that much of this usage violated its AI policy, which requires staff to verify the accuracy of outputs and prohibits uploading of client information.
"We have been monitoring usage of Al tools, particularly publicly available generative Al solutions, and have noticed a significant increase in usage of, and uploading of files to, such tools," it continued.
"Like many law firms, we are aiming to positively embrace the use of AI tools to enhance our capabilities while always ensuring safe and proper use by our people and for our clients."
Its AI policy is designed to ensure usage "will remain safe, secure and effective".
"With AI offering people countless ways to work more efficiently and effectively, the answer cannot be for organisations to outlaw the use of AI and drive staff to use it under the radar. Instead, companies need to offer their staff AI tools that meet their organisational policies and data protection obligations."
-A spokesperson, the Information Commissioner's Office
Speaking to the BBC, Ian Jeffery from the Law Society of England and Wales said that AI "could improve the way we do things a great deal" but that AI tools "need human oversight" to support those using it or affected by decisions.
A spokesperson from the Department of Science, Innovation and Technology said that AI promises "enormous benefits", including to "free workers from repetitive tasks and unlock more rewarding opportunities".
Elsewhere, Singapore's DBS Bank plans to cut 4,000 roles over the next three years as AI transforms its operations. However, it is expected to fill 1,000 new positions in AI.
The announcement was made by its chief executive Piyush Gupta who described AI as being unlike any technology he'd experienced before and described its potential as "very powerful". He said, "For the first time, I'm struggling to create jobs. I'm struggling to say how I will repurpose people to create jobs."
Gupta added, "We today deploy over 800 AI models across 350 use cases, and expect the measured economic impact of these to exceed S$1bn (£592m) in 2025".
The reduction in headcount is expected to come from contract and temporary staff and natural attrition.
Global banks may cut up to 200,000 jobs in the next three to five years as a result of AI, according to Bloomberg Intelligence . JPMorgan's Teresa Heitsenrether who oversees AI said that so far, the bank's AI was augmenting jobs rather than replacing them altogether.
Meanwhile, in the UK, over 1,000 artists - including Annie Lennox, Damon Albarn and Kate Bush - have released a silent album in protest at the UK Government's proposed changes to copyright law , that would allow AI firms to use copyrighted work to train models without a licence unless creators 'opt out'.
The tracklisting for the album, which is also supported by Billy Ocean, Hans Zimmer, Bastille's Dan Smith, The Clash and many others, spells out "The British government must not legalise music theft to benefit AI companies". They believe the move would "impoverish creators" and its organiser described the proposal as "disastrous for musicians" and "totally unnecessary".
We have created a series of comprehensive roadmaps to help you navigate the compliance landscape, supported by e-learning in our Essentials Library.
We also have 100+ free compliance training aids, including assessments, best practice guides, checklists, desk aids, eBooks, games, posters, training presentations and even e-learning modules!