The Financial Conduct Authority (FCA) has imposed a £29 million fine on Starling Bank for what it described as "shockingly lax" financial crime controls that left the banking system vulnerable to criminal activity.

The challenger bank, which experienced rapid growth from 43,000 customers in 2017 to 3.6 million in 2023, failed to maintain adequate measures to prevent money laundering and enforce sanctions, according to the UK financial regulator.

"Starling's financial sanction screening controls were shockingly lax," said Therese Chambers, joint executive director of enforcement and market oversight at the FCA. "It left the financial system wide open to criminals and those subject to sanctions."

The investigation revealed that Starling had breached a previous agreement with regulators by opening 54,000 accounts for 49,000 high-risk customers between September 2021 and November 2023, despite being instructed to halt such activities until its financial crime controls improved.

In January 2023, the bank discovered its automated screening system had only been checking customers against a partial list of sanctioned individuals since 2017. This revelation prompted an internal review that uncovered systemic issues in its financial sanctions framework, leading to multiple reported breaches to authorities.

David Sproul, chair of Starling Bank, issued an apology for the failings. "I would like to apologise for the failings outlined by the FCA and to provide reassurance that we have invested heavily to put things right, including strengthening our board governance and capabilities," he said. Sproul emphasised that these were "historic issues" and that the bank had learned from the investigation.

The fine would have reached £41 million, but Starling received a 30 per cent discount for cooperating with the FCA. The case was resolved in 14 months, significantly faster than the average 42-month timeline for similar cases closed in 2023/24.

The enforcement action comes as regulators increase scrutiny of challenger banks' compliance procedures, particularly their ability to scale security measures alongside rapid customer growth. The situation has been further complicated by additional due diligence requirements following sanctions imposed after Russia's 2022 invasion of Ukraine.

---