Last week marked 10 years since the onset of the 2007-2009 financial crisis – a time to pause to consider what has actually changed since the great banking crash.

More than any other bank, RBS is the poster child of the UK crash. It was, in 2007, the largest bank in the world, swallowing ABN-Amro at the peak of the bubble and driven on by the enormous ego of Fred Goodwin and his desire to create a plucky bank headquartered in Edinburgh to compete with global titans of commerce, such as Google and Apple.

But, as we know painfully too well, the vast profits recorded by RBS in the lead-up to the 2008 crash were illusory. Since its £45bn taxpayer bailout in 2008-09, RBS has gone on to record significant losses in each financial year since – losses which total more than £51bn, racked up by record regulatory enforcement fines which CEO Ross McEwan labels “legacy issues”.

But it’s also McEwan’s own legacy at stake here: RBS has just been slapped with an $85m fine by US financial regulator CFTC for attempting to rig ISDAfix, an interest rate swap benchmark twinned to Libor – failings which occurred under McEwan’s watch.

Donald Trump's biggest Twitter feuds

No amount of window dressing will change the fact RBS is a failing institution that has struggled to change its ways.

When McEwan arrived in the UK from the Commonwealth Bank of Australia, he was quick to observe just how bad things were, including the extent of criminal activity in UK financial services and the lack of public trust in banks and bankers.

What were the causes of the breakdown in trust between banks and the UK public?

First, PPI miss-selling, which started as a cottage industry at Lloyds/HBOS but quickly became an enormous money-spinner for the banks. Unwitting customers were sold protection insurance they never really wanted or needed in order for retail bankers to hit their sales targets to appease profit-hungry bank bosses and secure their personal bonuses. Lloyds alone has paid out more than £17bn in compensation for PPI.

Second, asset stripping. The Global Restructuring Group (GRG) within RBS, led by Derek Sach & Chris Sullivan, was ostensibly a “turnaround unit” for business where specialist RBS managers would nurse struggling organisations back to good health. In reality, and despite platitudes to the contrary from Sach and his colleagues, GRG amounted to little more than a profit centre, which in my view was designed to asset strip thousands of viable small businesses.

Around 16,000 firms were mistreated by RBS GRG between 2008 and 2014 in what became known as “the dash for cash”. The Financial Conduct Authority (FCA) refused to disclose data requested through the Freedom of Information Act for the number of complaints to the regulator about such activity prior to 2008.

Further revelations broadcast this week by the BBC alleged that RBS staff were trained to forge customer signatures on contract documents and manipulate customers’ personal data and central files – falsifications which were allegedly designed to clear the bank of legal accountability for alleged misconduct.

The potential scale and social and financial implications of RBS attempts to rewrite history are enormous – and, as with PPI, it is entirely plausible that such practices extend well beyond RBS.

In fact, the HBOS “Reading fraud” was a vast conspiracy to defraud small business customers in the run-up to the crash, between 2002 and 2007, spun out of the HBOS Reading branch by banker Lyndon Scourfield, last week sentenced to 11 years in jail.

Scourfield relied on a turnaround consultant, David Mills at Quayside Corporate Services in Reading, to work with HBOS Reading’s small and medium-sized enterprises (SME) client base, loading businesses up with more debts, then seizing control of the companies via enforced board positions, bankrupting and asset stripping the companies for profit.

Robert Jenkins – a former Bank of England regulator who now sits on the board of NGO Finance Watch – has compiled a comprehensive list of banking misdeeds. At the time of writing there were more than 120 crimes noted, and the list is growing week by week.

While the UK’s financial regulators at the Bank of England and the FCA may state that much has changed since, is this really the case? Most of the abuses in UK banking stem from the enormous advantages in access to information, skills, advice and financial power that banks enjoy over their smaller customers.

There is no “duty of good faith” in the UK to compel banks to act in the interests of their own customers, only offering and selling them those products customers actually need. The proposed removal of customer protection laws by President Donald Trump is causing an uproar in the States – but in the UK, few are even aware that we fundamentally lack such basic protection relative to our US and EU competitors.

Introducing a “duty of good faith” would go a long way to stem the abuses committed by high street UK retail banks. I also support the proposal, first set out in these pages, for funding fraud prosecutions against banks out of fines levied against the audit firms that failed to spot fraud where it existed, such as KPMG in the case of HBOS Reading.

It will only be when those at the very highest levels of banks and accountancy firms are forced to take responsibility for their failures, and legislation is enforced to protect customers, that we will begin to see improvements in banking culture.

Allowing RBS to act with impunity does nothing but foster fear and reluctance to borrow within the small business community, reinforcing citizens’ perceptions of a two-tier justice system where banks are above the law.

Lawrence Tomlinson, the former small business advisor to Vince Cable, is correct when he says RBS and Lloyds need to be broken up in order to shatter the big four cartel and introduce real competition for SME lending on the UK high street.