Posts Tagged ‘customer due diligence’
10.08.09 JMLSG to Update AML Best Practice
Posted by: BTC in AML Legislation updates, Professional Bodies on August 18th, 2009
Proposed amendments to key AML guidance in the UK were released on August 10th by the Joint Money Laundering Steering Group (JMLSG), a group of leading UK financial services trade associations that includes the British Bankers Association. JMLSG guidance is seen as the standard for AML compliance.
Over recent months, the JMLSG carried out a review of its Money Laundering Guidance (“Guidance”) for the financial sector. The newly released amendments cover Part 1 of the text. Further amendments to Part 2 are still under consideration.
Important revisions to the Guidance have taken place at various stages in order to reflect the implementation of AML and CTF laws and regulations. Amendments to Part 1 of the text are minor in nature and include, inter alia, the following:
- Further clarification of the MLRO’s role has been introduced and the Guidance now states that the decision over whether to make a SAR should not be subject to the review of others. It clearly sets out that any decision made must be that of the MLRO and should not be exposed to the direction or approval of other parties within the firm.
- An additional category of customer has been added to the Guidance at paragraph 4.16. It is suggested that along with PEPs and activities involving large amounts of cash, firms should also be on alert when faced with customers who are engaged in industries that might relate to proliferation activities (transfer or export of nuclear, chemical or biological weapons, their means of delivery and related materials).
- At chapter 5, a new category of customer is added to the Guidance. ‘Clients who are listed on exchanges that are not equivalent’ are still subject to some degree of accountability and transparency. The Guidance suggests that as part of their risk-based approach, firms should have regard to the listing conditions that apply in the relevant jurisdiction when deciding whether that company falls into the private company category and consequently one that is deemed to have clear and comprehensive structure, ownership, purposes and activities.
- Other amendments to this chapter comment on PEPs and make it clear that it is for each firm to decide the steps required to implement EDD in respect of higher risk customers. Examples are provided of some jurisdictions that make it illegal for (a generally defined list of) PEPs to hold foreign bank accounts, some require asset declarations to be made and others will make this information publicly available.
- The Guidance now states that the power for firms to carry out EDD is contained within section 7 of the Counter-Terrorism Act 2008. Following the Royal Assent of this piece of legislation in February 2008, section 5.8 was added to the Guidance. The Guidance sets out the circumstances in which HM Treasury has the power to issue directions to firms in the financial sector in relation to their CDD. The Guidance also sets out the types of directions that may be imposed.
Firms must remain vigilant when it comes to updating their AML/CTF policies and procedures. A constant awareness of the changing legislation and resulting amendments to the Guidance is essential. By remaining sufficiently flexible, responsive and well resourced, firms will ensure they better protect themselves from the risks associated with financial crime.
Visit the BTC website for compliance help and support for firms in the regulated sector.
03.08.09 Identity fraud soars in 2009
Posted by: BTC in General Information & FAQ's, General News & Cases on August 3rd, 2009
New Cifas stats paint bleak picture for the UK’s financial institutions and card companies.
Identity fraud surged by nearly three quarters in the first half of the year, driven by continued malicious online activity, and the economic slowdown, according to new figures from UK fraud prevention service Cifas.
The organisation was set up to facilitate the sharing of information on identified fraud between its members – which include banks, card companies and insurance firms – in an attempt to prevent further rises in all types of fraud, including online.
It said identity fraud, which includes victims of impersonation as well as the creation of fictitious identities by fraudsters, rose 74 per cent in the first six months of 2009 to over 100,000 cases.
Facility take over fraud – where the fraudster gains access to a user’s account and siphons off funds – rose 40 per cent during the period with over 11,000 cases registered.
There was some good for fraud departments however, with Cifas reporting an 11 per cent year-on-year increase in the financial losses avoided through the fraud data sharing of its members.
“The rise in the numbers of victims, and these very specific types of fraud demonstrate that fraudsters have no regard for economic, social and personal fragility,” argued Cifas chief exeutive Peter Hurst.
“While we all look for solutions to the hardships imposed by the current climate, however, these figures focus attention sharply on what responsible businesses and public sector organisations can achieve through sharing data on proven frauds to reduce losses and ease the burden of the recession upon us all. ”
Although not broken out in the survey, it’s believed that much fraudulent activity committed today is card not present (CNP), including online, fraud.
Visit the BTC website for compliance help and support for firms in the regulated sector
22.04.09 MLR – acting for family members
Posted by: BTC in General Information & FAQ's on April 22nd, 2009
If you have known somebody as a close relative for 40 years do you still need to ID him before accepting instructions?
AccountingWEB.co.uk 22-Apr-2009
Common sense approach
This post assumes that you are acting for your friends and relatives’ by the way of businesses and not in just a ‘family’ capacity which was never designed to be a part of the ML Regulations, for example a wife doing the books for her husband who may be a plumber
The Regulations actually state “identifying the client and verifying the client’s identity on the basis of documents, data or information obtained from a reliable and independent source;” Nowhere in the Regulations states that you must have documentary evidence on any client.
Information may be in any form, including word of mouth or personal experience etc, someone you know and trust may confirm a clients identity, your mother may confirm that the gentleman you are acting for really is your father (hopefully), and indeed you have probably visited your mothers house so you have information as to the home address.
We already know that it is not in the public interest to prosecute a regulated person who may commit a trivial or technical breach of the Regulations, this has been stated by SOCA and other law enforcement agencies, so you will should not receive any penalty for not having a copy of your mothers’ passport, so an element of common sense prevails. So document that it is your father and you been to his house, this would suffice for any Supervisory staff who may ask, if it does not then I would suggest that the supervisor gets retrained.
The problem with friends and relatives is not the knowing of who they are, but are you independent enough to effectively ‘police’ them. For example, you act for your farther and you discovered you father was involved in drugs dealing, could you file a SAR on him? If you could not, you stand a very good chance of being investigated along side your relative for those offences since you are ‘aiding and betting’ by turning a blind eye, especially if you continue to act. You can choose who you act for, who you want to be friends with, but in some respects you cannot choose your relatives.
Do not forget that a risk assessment is mandatory for all clients, including your relatives; here you would document your policy of what you would do to mitigate any potential risk of loosing your independence because of your association with the client relative. For example, your firm may be the agent, but an independent member of staff may complete most of the initial work.
Steve O’Neill
Business Tax Centre
Visit the BTC website for compliance help and support for firms in the regulated sector.
Ongoing Monitoring – What are the practical implementations for existing clients?
Posted by: BTC in General Information & FAQ's on January 3rd, 2009
Do the requirements to carry out ongoing monitoring of customer due diligence measures and client’s business relationships mean that you must obtain a passport and utility bill from your existing clients or that you must investigate all the business affairs of your clients?
For many existing clients which date from 1 March 2004 you will have obtained verification of their identity under the 2003 regulations. For those clients you will need to consider whether the information you hold is sufficient, based on your risk assessment of the client , to demonstrate your have taken appropriate steps to verify the identity of your client and whether anything has changed in the period to render that information out of date. For clients whose situation, address, name and business has not changed since you last considered their identity we would suggest you need do no more than commit your risk assessment and review to the file.
For clients where the situation has changed or who predate 2004 you may well have obtained official verification of matters such as name and address through correspondence with government offices, bank statements and similar official channels. It is suggested that you undertake these checks during the planning for the next engagement for the client.
The key issues are:
- Have you undertaken a risk assessment of the client ?
- Do you have information which supports your verification of the client’s identity and which is consistent with your risk assessment?
- Can you demonstrate what you have done if asked to evidence your customer due diligence measures?
Visit the BTC website for compliance help and support for firms in the regulated sector.
New ID card for foreign nationals being introduced from the 25 November 2008.
Posted by: BTC in General Information & FAQ's on November 30th, 2008
Documentary evidence of identity (ID) – new ID card for foreign nationals being introduced from the 25 November 2008.
The Money Laundering Regulations require relevant businesses to carry out Customer Due Diligence on their customers. This may involve asking for documentary evidence of a customer’s identity. The UK Borders Agency has announced a new ID card for foreign nationals which will begin a roll out programme starting on the 25 November 2008.
It is important that you are aware of this new ID card, its significance as documentary evidence of ID, the information it contains and how you can recognise it as a genuine document.
The card will be issued to migrants from countries outside the European Economic Area (EEA) applying for leave to remain in the UK. Initially they will only be issued to migrants in the category of a student or on the basis of marriage or partnership from the 25 November 2008 though it will be rolled out to other categories of migrants in the future.
Over time, the card will replace vignettes (stickers) and stamps in passports and will act as a standalone grant of leave to stay in the UK, but is not a travel document and therefore holders who wish to travel abroad must still have a valid passport.
The card can be accepted as a form of identification though there is no requirement that holders of the card must carry their ID card on them at all times. The card will contain the following information relevant to the holder:
• digital image of the holder
• name
• valid until date
• place and date of issue
• type of permit – the immigration category of the holder
• immigration entitlements for the length of the holders stay
• unique card number
• signature
• microchip that contains the biometric features of the holder (a facial image and two fingerprints)
• gender
• date and place of birth
• nationality
Although the card can be used as a form of identification, it is important in these circumstances to be aware of the security features of the card.
Some of the features are that:
• the card number is unique and consists of two letters followed by seven numbers
• the back of the card has a raised design and has an image incorporating from left to right a shamrock, daffodil, thistle and rose which can be seen by shining a light across the card
• as you tilt the card, various designs can be seen showing distinctive colour changes and large amounts of fine detail
You can get further advice or assistance on verifying the cards security features by telephoning the UK Border Agency card verification helpline on 0300 123 4699 or you can view images of the card by visiting the UKBA website.
Visit the BTC website for compliance help and support for firms in the regulated sector.
FSA fines firm and MLRO for money laundering controls failings
Posted by: BTC in General News & Cases, Professional Bodies on October 29th, 2008
FSA fines firm and MLRO for money laundering controls failings
The Financial Services Authority (FSA) has today fined Sindicatum Holdings Limited (SHL) £49,000 and its money laundering reporting officer (MLRO), Michael Wheelhouse, £17,500 for not having adequate anti-money laundering systems and controls in place for verifying and recording clients’ identities. This is the first time the FSA has fined a money laundering reporting officer.
The FSA found a number of failings including:
• the firm failed to implement adequate procedures for verifying the identity of its clients;
• it failed to verify adequately the identity of a significant number of its clients;
• it failed to keep adequate records with regard to the verification of the identity of its clients; and
• Mr Wheelhouse failed to take reasonable steps to implement adequate procedures for controlling money laundering risk.
William Amos, head of retail enforcement at the FSA, said:
“It is vital to the integrity of the UK’s financial markets that regulated firms are not used by criminals to launder money. Senior management must implement and follow procedures that meet our requirements so that the risks their firms face are properly managed.”
“This fine is a warning to firms and individuals about the importance of complying with our rules in this area and we will not hesitate to clamp down on failures, where necessary.”
In deciding the penalty for SHL, the FSA took into account the limited financial resources of the firm and its ability to pay the fine. Had it not been for these factors the penalty would have been significantly larger.
SHL and Mr Wheelhouse have taken robust steps to review and improve the firm’s systems and controls in relation to financial crime.
The FSA did not find any evidence of money laundering at the firm.
Visit the BTC website for compliance help and support for firms in the regulated sector.
Q. What is Customer Due Diligence?
Posted by: BTC in General Information & FAQ's on March 3rd, 2008
Customer Due Diligence (CDD) is a key part of the anti-money laundering requirements. They ensure that businesses know who their clients are, what their clients business are and do. They help ensure that you do not accept clients unknowingly which are outside your normal risk tolerance, or whose business you will not understand with sufficient clarity to be able to form money laundering suspicions where appropriate. If businesses do not understand its client’s regular business pattern of activity it would be very difficult to identify any abnormal or suspicious activity.
The 2007 Regulations provide an outline of the required components of CDD which is undertaken on a risk sensitive basis. Regulated firms need to ensure that these are integrated into client acceptance procedures and for the continuing monitoring of the business relationship. The three basic components are;-
(1) Identifying the client and verifying the identity of the client by obtaining evidence from documents, data or information obtained from indepenant and reliable sources.
(2) Identifying the beneficial owner(s) of a client, if there is one, so that the identity of the individual(s) who is the ultimate owner or controller is known and then verify their identities on a risk sensitive basis. Specific steps must be taken is ensure that the ownership and control structure is understood.
(3) Information on the purpose and intended nature of the business relationship
Visit the BTC website for compliance help and support for firms in the regulated sector.
financial criminals and disqualified directors in UK Companies House Register
Posted by: BTC in General Information & FAQ's, General News & Cases on February 28th, 2008
World-Check exposes terrorists, financial criminals and disqualified directors in UK Companies House Register
World-Check, in partnership with data quality specialist Datanomic, recently embarked on a project to screen the UK’s Companies House register of companies, company directors and secretaries against World-Check’s global database of high risk individuals and organisations.
The underlying aim of the project was to identify the growing number of high risk individuals registering and operating businesses in the UK. Two articles appeared in The Times newspaper you can read them directly from the newspaper.
The first article entitled ‘4000 company directors listed as global terror suspects and fraudsters’ and the second one ‘Buckinghamshire firm run by Croation war crimes suspect Ivan Cermak’.
Financial Action Task Force (FATF) statement
Posted by: BTC in AML Legislation updates, General Information & FAQ's, HMRC News and Guidance on February 28th, 2008
Financial Action Task Force (FATF) statement
Financial institutions in the UK should give special attention to business relations and transactions with persons, including companies and financial institutions, from jurisdictions that do not adequately apply the FATF Recommendations.
The FATF is an inter-governmental body that develops national and international policies to combat anti money laundering (AML) and the financing of terrorism (CFT). It has released a public statement on several countries highlighting their concerns over deficiencies in their AML/CFT legislation.
The countries are Iran, Pakistan, Uzbekistan, Turkmenistan, Sao Tome and Principe, and the northern part of Cyprus.
More information on FATF can be viewed on their website.
If you deal with any of the countries listed you should take account of these concerns in your AML Risk Assessment
