Brief

Dinosaur Merchant Bank fine: the surveillance controls boards should test

The FCA has fined Dinosaur Merchant Bank Limited £338,000 for failing to implement effective systems to detect and report suspicious trading in its CFD business, highlighting critical gaps in market abuse surveillance.

MC

Michaela Clarke

Operations & Compliance Coordinator

Week of 13 July 20265 min read
A hand pointing to candlestick trading charts displayed across three computer monitors

At a Glance

The FCA fined Dinosaur Merchant Bank Limited £338,000 after orders and trades with an approximately $3.05 billion corresponding asset value were not captured and reviewed by its automated surveillance system.

Enforcement case-to-control review Source-backed facts are separated from MEMA analysis stages SOURCE Primary FCA source 27 Mar 2026 MEMA Status and conduct Finding or allegation MEMA Control mapping MEMA analysis stage MEMA Remediation assurance MEMA review stage Primary-source fact MEMA analysis or control stage
MEMA visual analysis. Source anchor: FCA fines Dinosaur Merchant Bank Limited for market abuse surveillance failures. The pathway is a MEMA control-review framework and does not add findings beyond the linked primary source. On smaller screens, scroll the visual horizontally to see every stage.

The case underscores the importance of robust surveillance systems for firms offering high-risk products like CFDs. DMBL's failure to integrate a new order system with its surveillance tools left significant gaps in monitoring, leading to potential market abuse going undetected for months.

MEMA's reading of the case is that system change and rapid volume growth should trigger renewed surveillance assurance. The primary finding remains narrower: DMBL failed to capture and review orders and trades from its new system, so potentially suspicious activity could have gone undetected.

What the Case Reveals

FCA fines Dinosaur Merchant Bank Limited for market abuse surveillance failures

The FCA imposed a £338,000 fine on DMBL after orders and trades with a corresponding asset value of approximately $3.05 billion were not captured and reviewed by the automated surveillance system. The firm identified the issue in October 2024 but took until May 2025 to fully address it, breaching UK MAR Article 16(2), SYSC 6.1.1R, and Principle 3. Firms should review system integration processes and ensure surveillance coverage aligns with trading volumes.

DMBL's compliance reports failed to provide adequate management information, missing a 42% reduction in alerts despite a 45% increase in trades. The FCA noted the absence of comparative data and alert-type breakdowns as critical weaknesses. Firms should ensure board reports include granular surveillance metrics and historical comparisons to detect anomalies promptly.

Who Faces Similar Risk

The case primarily affects firms offering contracts for difference (CFDs) or other high-risk leveraged products, particularly those with direct market access (DMA) capabilities. Investment firms, broker-dealers, and merchant banks with similar trading volumes or system upgrades should review their surveillance arrangements.

While the enforcement action targets DMBL specifically, the FCA's findings serve as a warning to all firms subject to UK Market Abuse Regulation (UK MAR). Firms with recent system changes or rapid growth in trading activity should assess whether their surveillance systems remain effective under new conditions.

Control Evidence to Test

The case reveals two critical control failures: inadequate system integration testing and insufficient management information. Firms introducing new trading platforms should validate data ingestion into surveillance systems before go-live and monitor post-implementation alert volumes against trading activity. MEMA recommends a technical review of all order routing configurations where systems have been recently updated.

Board oversight emerges as a key theme, with the FCA criticising DMBL's compliance reports for lacking historical comparisons and alert-type breakdowns. Firms should enhance board reporting to include trend analysis and segmentation by risk type, ensuring directors can spot divergences between trading volume and surveillance outputs.

Control Lessons for Firms

ActionOwnerStatusTimingEvidence
Review integration of order management systems with surveillance tools Head of Compliance, IT MEMA recommended action MEMA internal target: Q3 2026 Final Notice paras 2.1-2.7
Enhance board reports with comparative alert data and type segmentation MLRO, Board MEMA recommended action MEMA internal target: next quarterly report Final Notice paras 4.37-4.41
Validate STOR submission processes for all trading channels Surveillance Team Risk-based action Ongoing Final Notice paras 4.28-4.36

MEMA Analysis

The DMBL case demonstrates how technical implementation gaps can undermine market integrity. Boards should question whether major system changes trigger reassessment of surveillance coverage, particularly when trading volumes increase. Evidence should include pre- and post-implementation alert ratios and documented validation of data flows between trading and monitoring systems.

Management information shortcomings allowed the surveillance failure to persist for months. Directors must ensure compliance reports provide actionable insights, not just snapshot data. MEMA analysis suggests boards request trended metrics by alert type and instrument class, with clear thresholds for escalation when alert volumes diverge from trading activity.

MEMA can provide ongoing FCA compliance support for firms reviewing how the development affects their permissions, products and operating model.

For the broader supervisory context, read our assessment of the FCA's 2026 compliance priorities.

Source Evidence

SourceDocument typePublishedWhy it matters
FCA fines Dinosaur Merchant Bank Limited for market abuse surveillance failures Decision 2026-03-27 Primary FCA source for the fine, surveillance failure, trading period, remediation timeline, rule breaches and settlement discount.

Plain English Glossary

  • SYSC - Senior Management Arrangements, Systems and Controls. FCA Handbook section covering governance, risk management, and operational control expectations.

Disclaimer

This article is for general information only and does not constitute legal or regulatory advice. Firms should assess the application of regulatory requirements by reference to their permissions, products, customers and operating model.

How MEMA Can Help

MEMA can help firms translate regulatory change into practical controls, policies, monitoring activity and board evidence. Book a free scoping call to discuss what this development means for your firm.

Frequently asked questions

What rules did DMBL breach?

The FCA found that DMBL breached Article 16(2) of UK MAR, SYSC 6.1.1R and Principle 3. The failings concerned the detection and reporting of suspicious transactions, the adequacy of systems and controls, and the organisation and control of the firm's affairs. The Final Notice is the primary source for the FCA's legal findings.

How long did the surveillance failure last?

Orders and trades from the new system were outside automated surveillance between June and October 2024. DMBL identified the ingestion issue in October 2024, but the FCA says the wider deficiencies were not properly addressed until May 2025. The distinction matters: detecting one broken data feed did not amount to completing the control remediation.

What discount did DMBL receive on the fine?

DMBL qualified for a 30% settlement discount after fully cooperating with the FCA investigation. The FCA says the penalty would otherwise have been £482,900, compared with the imposed fine of £338,000. Those figures explain the settlement adjustment; they do not reduce the seriousness of the surveillance findings described in the Final Notice.

Need expert regulatory guidance?

Our ex-regulator team helps firms navigate complex requirements and evidence compliance with confidence.

Book a Free Scoping Call