“Financial crime failings related to its financial sanctions screening.” That’s one of the reasons given by the Financial Conduct Authority (FCA) for imposing a £28,959,426 fine on Starling Bank in October 2024. The FCA also accused the bank of breaching “a requirement not to open accounts for high-risk customers.”
The challenger bank, known for its digital-first approach and rapid growth, now faces scrutiny over its ability to manage risks as it scales, with broader questions about its future. Since its founding in 2014, the Goldman Sachs-backed Starling had built a solid reputation for its seamless user experience and flexible approach to banking. Its growth has been nothing short of impressive, skyrocketing from 43,000 customers in 2017 to over 3.6 million by 2023. Yet, this very expansion proved to be a double-edged sword. As customer numbers soared, Starling’s ability to maintain stringent controls on financial crime didn’t keep pace, leading to a series of compliance failures that have now culminated in the hefty regulatory penalty. The FCA, as part of an investigation that concluded in just 14 months – significantly faster than its usual average – found that Starling’s screening for financial sanctions was “shockingly lax.”
The automated system meant to check customers against the full sanctions list had, since 2017, only been screening a fraction of those names. The FCA also discovered that Starling continued to open accounts for over 49,000 high-risk individuals between 2021 and 2023, despite agreeing to cease such activities until its controls had been improved.
According to the FCA findings, Starling’s leadership team was ill-prepared to manage the complexities of financial crime compliance as the bank expanded. An internal review, accepted by the bank, revealed that senior managers lacked both the experience, and the awareness needed to implement the FCA’s directives effectively, with communication breakdowns between
departments, particularly the engineering teams, also blamed. Commenting on the fine, Robin Bradley, CEO of bigspark, said, “It’s a classic case of growth outpacing governance. Starling has been so focused on onboarding new customers and innovating that the back-office functions – those that ensure safety and compliance – didn’t evolve at the same pace. The FCA’s message is clear: speed of growth is no excuse for cutting corners in financial crime controls.”
Reputational damage is as serious as the financial impact for Starling, and this could delay plans to float the business on the stock market. “Regulators and investors will be looking for assurances that a bank has a strong compliance culture,” Robin continues. “Starling needs to show that it has learned from these failings, not just by paying the fine, but by demonstrating a more proactive and preventive approach to risk management.” But Starling has moved swiftly to rectify its shortcomings. The bank has rescreened transactions, conducted a thorough review of its existing customer base, and put in place new safeguards to ensure better compliance. Its chair, David Sproul, has also issued a public apology, emphasising the banks commitment to meeting regulatory expectations moving forward.
Time will tell if this can rebuild trust, or if additional effort will be required. “The reality is that the regulatory environment is getting tougher for digital challengers, especially as their influence on the market grows,” adds Robin. “The FCA’s actions should serve as a wake-up call not only for Starling but for the entire sector. It’s no longer enough to be the new kid on the block; you have to be a responsible player too.”