Brief
Dinosaur Merchant Bank fine: the surveillance controls boards should test
The FCA has fined Dinosaur Merchant Bank Limited £338,000 for failing to implement effective systems to detect and report suspicious trading in its CFD business, highlighting critical gaps in market abuse surveillance.
Michaela Clarke
Operations & Compliance Coordinator

At a Glance
The FCA fined Dinosaur Merchant Bank Limited £338,000 after orders and trades with an approximately $3.05 billion corresponding asset value were not captured and reviewed by its automated surveillance system.
The case underscores the importance of robust surveillance systems for firms offering high-risk products like CFDs. DMBL's failure to integrate a new order system with its surveillance tools left significant gaps in monitoring, leading to potential market abuse going undetected for months.
MEMA's reading of the case is that system change and rapid volume growth should trigger renewed surveillance assurance. The primary finding remains narrower: DMBL failed to capture and review orders and trades from its new system, so potentially suspicious activity could have gone undetected.
What the Case Reveals
FCA fines Dinosaur Merchant Bank Limited for market abuse surveillance failures
The FCA imposed a £338,000 fine on DMBL after orders and trades with a corresponding asset value of approximately $3.05 billion were not captured and reviewed by the automated surveillance system. The firm identified the issue in October 2024 but took until May 2025 to fully address it, breaching UK MAR Article 16(2), SYSC 6.1.1R, and Principle 3. Firms should review system integration processes and ensure surveillance coverage aligns with trading volumes.
DMBL's compliance reports failed to provide adequate management information, missing a 42% reduction in alerts despite a 45% increase in trades. The FCA noted the absence of comparative data and alert-type breakdowns as critical weaknesses. Firms should ensure board reports include granular surveillance metrics and historical comparisons to detect anomalies promptly.
Who Faces Similar Risk
The case primarily affects firms offering contracts for difference (CFDs) or other high-risk leveraged products, particularly those with direct market access (DMA) capabilities. Investment firms, broker-dealers, and merchant banks with similar trading volumes or system upgrades should review their surveillance arrangements.
While the enforcement action targets DMBL specifically, the FCA's findings serve as a warning to all firms subject to UK Market Abuse Regulation (UK MAR). Firms with recent system changes or rapid growth in trading activity should assess whether their surveillance systems remain effective under new conditions.
Control Evidence to Test
The case reveals two critical control failures: inadequate system integration testing and insufficient management information. Firms introducing new trading platforms should validate data ingestion into surveillance systems before go-live and monitor post-implementation alert volumes against trading activity. MEMA recommends a technical review of all order routing configurations where systems have been recently updated.
Board oversight emerges as a key theme, with the FCA criticising DMBL's compliance reports for lacking historical comparisons and alert-type breakdowns. Firms should enhance board reporting to include trend analysis and segmentation by risk type, ensuring directors can spot divergences between trading volume and surveillance outputs.
Control Lessons for Firms
| Action | Owner | Status | Timing | Evidence |
|---|---|---|---|---|
| Review integration of order management systems with surveillance tools | Head of Compliance, IT | MEMA recommended action | MEMA internal target: Q3 2026 | Final Notice paras 2.1-2.7 |
| Enhance board reports with comparative alert data and type segmentation | MLRO, Board | MEMA recommended action | MEMA internal target: next quarterly report | Final Notice paras 4.37-4.41 |
| Validate STOR submission processes for all trading channels | Surveillance Team | Risk-based action | Ongoing | Final Notice paras 4.28-4.36 |
MEMA Analysis
The DMBL case demonstrates how technical implementation gaps can undermine market integrity. Boards should question whether major system changes trigger reassessment of surveillance coverage, particularly when trading volumes increase. Evidence should include pre- and post-implementation alert ratios and documented validation of data flows between trading and monitoring systems.
Management information shortcomings allowed the surveillance failure to persist for months. Directors must ensure compliance reports provide actionable insights, not just snapshot data. MEMA analysis suggests boards request trended metrics by alert type and instrument class, with clear thresholds for escalation when alert volumes diverge from trading activity.
MEMA can provide ongoing FCA compliance support for firms reviewing how the development affects their permissions, products and operating model.
For the broader supervisory context, read our assessment of the FCA's 2026 compliance priorities.
Source Evidence
| Source | Document type | Published | Why it matters |
|---|---|---|---|
| FCA fines Dinosaur Merchant Bank Limited for market abuse surveillance failures | Decision | 2026-03-27 | Primary FCA source for the fine, surveillance failure, trading period, remediation timeline, rule breaches and settlement discount. |
Plain English Glossary
- SYSC - Senior Management Arrangements, Systems and Controls. FCA Handbook section covering governance, risk management, and operational control expectations.
Disclaimer
This article is for general information only and does not constitute legal or regulatory advice. Firms should assess the application of regulatory requirements by reference to their permissions, products, customers and operating model.
How MEMA Can Help
MEMA can help firms translate regulatory change into practical controls, policies, monitoring activity and board evidence. Book a free scoping call to discuss what this development means for your firm.
Frequently asked questions
What rules did DMBL breach?
The FCA found that DMBL breached Article 16(2) of UK MAR, SYSC 6.1.1R and Principle 3. The failings concerned the detection and reporting of suspicious transactions, the adequacy of systems and controls, and the organisation and control of the firm's affairs. The Final Notice is the primary source for the FCA's legal findings.
How long did the surveillance failure last?
Orders and trades from the new system were outside automated surveillance between June and October 2024. DMBL identified the ingestion issue in October 2024, but the FCA says the wider deficiencies were not properly addressed until May 2025. The distinction matters: detecting one broken data feed did not amount to completing the control remediation.
What discount did DMBL receive on the fine?
DMBL qualified for a 30% settlement discount after fully cooperating with the FCA investigation. The FCA says the penalty would otherwise have been £482,900, compared with the imposed fine of £338,000. Those figures explain the settlement adjustment; they do not reduce the seriousness of the surveillance findings described in the Final Notice.
Need expert regulatory guidance?
Our ex-regulator team helps firms navigate complex requirements and evidence compliance with confidence.
Book a Free Scoping CallRelated insights
View all insights →
AIFM proportionality depends on operating-model evidence
CP26/28 proposes three AIFM size tiers, a new ALTS sourcebook and revised transition rules. Classification decisions will depend on reliable operating-model evidence.

FRAME reporting: the control decisions behind CP26/26
CP26/26 proposes consolidated fund returns, essential and enhanced reporting tiers, and different reporting lags. This analysis maps the proposal to fund-level data controls.

Fuenmayor decision notice: disclosure controls before the Upper Tribunal
The FCA has decided to impose a £99,600 penalty on Carlos Fuenmayor over alleged disclosure failures. The decision notice is before the Upper Tribunal, so the findings are not final.