Credit Suisse has been fined £5.95 million by the Financial Services Authority (FSA) for IT systems and control failings that meant that customers were exposed to unacceptable risk.

The risk was associated with the sales of complex structured capital at risk products (SCARPs), which were sold by the company’s private bank. Although they can bring income to customers, they also expose them to the risk of losing all or part of their initial capital.

The fine comes as UBS admits that certain internal controls were not in place at the time that rogue trader Kweku Adoboli allegedly ran up a $2 billion (£1.3 billion) loss on the bank’s derivatives desk.

Credit Suisse UK customers invested more than £1 billion in SCARPs between January 2007 and December 2009. During this period, the bank was found to have had a number of serious failings in the systems and controls around these sales, including not maintaining adequate records of the advice it gave to customers on these products.

For instance, the bank had inadequate systems and controls around the assessment of customers’ attitudes to risk.

Credit Suisse also did not monitor staff effectively to ensure that they gave advice to customers carefully, and also failed to take reasonable care to provide proper evidence of the suitability of SCARPs for customers.

The bank uses an IT tool called MICOS (Monitoring of Internal Control System) to monitor the performance of certain internal processes. This system requires management to review methods such as the one used to make sure that there is enough evidence to show that investment products are suitable to customers’ risk profiles.

However, the bank was found to have used MICOS ineffectively, which led to substandard management reviews. A poor sampling approach, limited use of documentary evidence to support the review and limited analysis of the process reviewed were the issues identified.

The FSA therefore found Credit Suisse in breach of Principle 3 of the FSA Handbook, which states: “A firm must take reasonable care to organise and control its affairs responsibly and effectively, with adequate risk management systems.”

Following the investigation that uncovered the failings, Credit Suisse UK has since made changes to its advisory processes and enhanced its systems and controls to ensure its advice makes it clear to customers the risk profile of their investments.

The bank has also agreed to carry out a past business review of SCARP purchases during the specified two-year period, overseen by an independent third party. If customers are found to have been advised to buy an unsuitable product, Credit Suisse UK has committed to pay compensation to the customer.

A review of 24 SCARP transactions has already identified that for 17 of the purchases, there was not enough evidence to show that the bank’s advisors considered the customer’s overall portfolio before deciding if the SCARP product was suitable for them.

By agreeing to settle at an early stage, Credit Suisse UK saw a 30 percent reduction on its fine, from £8.5 million.

Tracey McDermott, acting director of enforcement and financial crime, said:"We have seen all too frequently the consequences of financial services firms failing to implement proper systems and controls to ensure their customers invest in suitable products. A proper assessment of customers’ individual needs and circumstances is even more critical where firms are selling complex products like SCARPs.

"Credit Suisse UK’s systems were not up to the level we, and their customers, are entitled to expect. Our recent ‘Dear CEO’ letter to the wealth management industry made it clear that significant and widespread failings exist in this area and standards need to improve."