Posts Tagged ‘risk based approach’
10.08.10 External consultants cannot act as a Nominated Officer under Money Laundering Regulations
Posted by: BTC in AML Legislation updates, HMRC News and Guidance, Professional Bodies on August 10th, 2010
As an external consultant I am usually in the situation where systems we devise for compliance starts with a simple policy statement, which firstly details who is and how to communicate with, the nominated officer, who will be a senior member of the firm, a director, partner or owner manager. We remind firms of their responsibilities under the Money Laundering Regulations, It is after all their business and they must accept reasonability for its successful running.
It does come as no surprise, therefore, that the Financial Services Authority (FSA) has recently censured and banned three directors from acting as senior managers for failing to meet their supervisory standards. The FSA investigation found that the directors had been relying too heavily on external consultants for advice on how to run their business.
It is equally unsurprising then that HM Revenue & Customs (HMRC) have also announced that they take the same view to the FSA in relation to businesses meeting their obligations under the Money Laundering Regulations.
HMRC also state that they have no objections to businesses getting advice from external consultants regarding their obligations under the Regulations, as long as the responsibility for complying with the Regulations remains on the business rather than any consultant.
What does come as a surprise is that some consultants, who should frankly understand the Regulations better, have recently offered their services to act as the Nominated Officer for a business. HMRC has no formally announced that it does not consider that a consultant outside the business can be appointed Nominated Officer for any of the businesses HMRC supervise under the Regulations.
Ongoing Monitoring – What are the practical implementations for existing clients?
Posted by: BTC in General Information & FAQ's on January 3rd, 2009
Do the requirements to carry out ongoing monitoring of customer due diligence measures and client’s business relationships mean that you must obtain a passport and utility bill from your existing clients or that you must investigate all the business affairs of your clients?
For many existing clients which date from 1 March 2004 you will have obtained verification of their identity under the 2003 regulations. For those clients you will need to consider whether the information you hold is sufficient, based on your risk assessment of the client , to demonstrate your have taken appropriate steps to verify the identity of your client and whether anything has changed in the period to render that information out of date. For clients whose situation, address, name and business has not changed since you last considered their identity we would suggest you need do no more than commit your risk assessment and review to the file.
For clients where the situation has changed or who predate 2004 you may well have obtained official verification of matters such as name and address through correspondence with government offices, bank statements and similar official channels. It is suggested that you undertake these checks during the planning for the next engagement for the client.
The key issues are:
- Have you undertaken a risk assessment of the client ?
- Do you have information which supports your verification of the client’s identity and which is consistent with your risk assessment?
- Can you demonstrate what you have done if asked to evidence your customer due diligence measures?
Visit the BTC website for compliance help and support for firms in the regulated sector.
Q. What is Customer Due Diligence?
Posted by: BTC in General Information & FAQ's on March 3rd, 2008
Customer Due Diligence (CDD) is a key part of the anti-money laundering requirements. They ensure that businesses know who their clients are, what their clients business are and do. They help ensure that you do not accept clients unknowingly which are outside your normal risk tolerance, or whose business you will not understand with sufficient clarity to be able to form money laundering suspicions where appropriate. If businesses do not understand its client’s regular business pattern of activity it would be very difficult to identify any abnormal or suspicious activity.
The 2007 Regulations provide an outline of the required components of CDD which is undertaken on a risk sensitive basis. Regulated firms need to ensure that these are integrated into client acceptance procedures and for the continuing monitoring of the business relationship. The three basic components are;-
(1) Identifying the client and verifying the identity of the client by obtaining evidence from documents, data or information obtained from indepenant and reliable sources.
(2) Identifying the beneficial owner(s) of a client, if there is one, so that the identity of the individual(s) who is the ultimate owner or controller is known and then verify their identities on a risk sensitive basis. Specific steps must be taken is ensure that the ownership and control structure is understood.
(3) Information on the purpose and intended nature of the business relationship
Visit the BTC website for compliance help and support for firms in the regulated sector.
Q. What are the Specific Breaches of the Money Laundering Regulations?
Posted by: BTC in General Information & FAQ's, HMRC News and Guidance, Professional Bodies on March 3rd, 2008
The specific failings and breaches which are clearly defined within the Money Laundering Regulations 2007 are;
- Regulation 7 – Failure to apply appropriate risk-sensitive customer due diligence measures
- Regulation 8 – Failure to apply appropriate and risk-sensitive ongoing monitoring of a business relationship
- Regulation 9 – Failure to comply with the requirements in timing of verification of identity of clients and any beneficial owner
- Regulation 11 – Continuing with transaction/business relationship where unable to apply customer due diligence measures
- Regulation 14 – Failure to apply enhanced client due diligence and ongoing monitoring where required
- Regulation 18 – Failing to follow a direction made by HM Treasury under this Regulation
- Regulation 19 – Failure to keep the required records
- Regulation 20 – Failure to establish, maintain, monitor and manage the required risk based policies and procedures
- Regulation 21 – Failure to take appropriate measures to provide the required training
- Regulations 26, 27(4), 33 – Failure to comply with registration requirements specified by the commissioners
These breaches may attract civil or criminal procedures from your supervisor
Q. What is my supervisor looking for me to do?
Posted by: BTC in General Information & FAQ's, HMRC News and Guidance, Professional Bodies on March 3rd, 2008
In simple terms there are four main things which all firms must do and be able to demonstrate compliance to a Supervisor, they are:-
- Your firm must adopt appropriate policies and procedures for compliance for which the MLRO must implement into the systems of the firm.
- Ensure that all staff have adequate training on understanding their roles and responsibilities under the UK’s AML regime, the offences for ML and procedures including client due diligence and reporting.
- Conduct client due diligence (CDD) procedures on all clients no matter how long they have been clients, including those pre 1 March 2004 clients at an appropriate time, including risk assessment, identity and verification and ongoing monitoring.
- Implement a reporting regime for the reporting of Suspicious Activity Reports (SAR’s) to the Serious Organised Crime Agency (SOCA).
You must ensure that all these policies & procedures, evidence of identity and account opening procedures, internal & external reports and any other AML procedural matters are documented correctly and records kept for a minimum of 5 years.
financial criminals and disqualified directors in UK Companies House Register
Posted by: BTC in General Information & FAQ's, General News & Cases on February 28th, 2008
World-Check exposes terrorists, financial criminals and disqualified directors in UK Companies House Register
World-Check, in partnership with data quality specialist Datanomic, recently embarked on a project to screen the UK’s Companies House register of companies, company directors and secretaries against World-Check’s global database of high risk individuals and organisations.
The underlying aim of the project was to identify the growing number of high risk individuals registering and operating businesses in the UK. Two articles appeared in The Times newspaper you can read them directly from the newspaper.
The first article entitled ‘4000 company directors listed as global terror suspects and fraudsters’ and the second one ‘Buckinghamshire firm run by Croation war crimes suspect Ivan Cermak’.
Financial Action Task Force (FATF) statement
Posted by: BTC in AML Legislation updates, General Information & FAQ's, HMRC News and Guidance on February 28th, 2008
Financial Action Task Force (FATF) statement
Financial institutions in the UK should give special attention to business relations and transactions with persons, including companies and financial institutions, from jurisdictions that do not adequately apply the FATF Recommendations.
The FATF is an inter-governmental body that develops national and international policies to combat anti money laundering (AML) and the financing of terrorism (CFT). It has released a public statement on several countries highlighting their concerns over deficiencies in their AML/CFT legislation.
The countries are Iran, Pakistan, Uzbekistan, Turkmenistan, Sao Tome and Principe, and the northern part of Cyprus.
More information on FATF can be viewed on their website.
If you deal with any of the countries listed you should take account of these concerns in your AML Risk Assessment
