• To clarify the current designated category of smuggling by referring to: smuggling including in relation to customs and excise duties and taxes.
• To add a separate designated offence category: tax crimes – related to direct taxes and indirect taxes.

For the private sector, the key result of this change will not be the impact of this change on recommendation 1, which already states crimes punishable by over 6 months of imprisonment be included within the predicate offences, but rather to the obligation to support suspicious transactions under recommendation 13.  Thus transactions related to the laundering of the proceeds of tax crimes would have to be reported as suspicious activity.

In the UK, the accountancy sector has sometimes been reluctant to be included within the money laundering regime, in some ways understandable when comparing the requirements of recommendation 13 and the all powerful PoCA 2002 and the all crimes regime, sometimes seeming to ‘gold plate’ the EU 3rd  Directive. This can be seen from the differing approaches from some of the 16 supervisory bodies within the UK, some have more urgency than others.

After another year of advising and training accountants and tax advisors in the UK, probably almost 2,000 firms and individuals of all sizes and expertise in total, I am still surprised that most have no concept of the ‘risk based approach’ and that tax evasion is reportable under PoCA. With a lot I get, I do not deal with my clients funds, I have copied their passport, tick, and I have a copy of a utility bill, tick. I have complied in full.   

This concept of ‘transaction’ based compliance seems to have seeped down into the sector, people and firms wanting to believe that they are too small to have to report or indeed be seen or even comply. The concept of transactional limits has even been debated in the House of Lords and other Parliamentary review boards so is in any wonder then given the reluctance of the sector as a whole this is the case? This is backed up by the statistic that there are still around 25,000 firms and business in the accountancy sector who just have not registered for supervision.

However, from a point of clarification the main thrust of the FATF review is the mandatory risk based approach for all countries and regulated firms for risk assessment, risk management and mitigation and higher risk concepts. This is removal once and for all of the doubt of being too small for the Regulations, it is not size that matters rather it is the risk. Couple this with tax evasion becoming a predicate office of money laundering; I would hope finally the sector as whole embraces the UK compliance culture; apparently it is not as gold plated as people thought, just ahead of its time.

It does come as no surprise, therefore, that the Financial Services Authority (FSA) has recently censured and banned three directors from acting as senior managers for failing to meet their supervisory standards. The FSA investigation found that the directors had been relying too heavily on external consultants for advice on how to run their business.

It is equally unsurprising then that HM Revenue & Customs (HMRC) have also announced that they take the same view to the FSA in relation to businesses meeting their obligations under the Money Laundering Regulations.

HMRC also state that they have no objections to businesses getting advice from external consultants regarding their obligations under the Regulations, as long as the responsibility for complying with the Regulations remains on the business rather than any consultant.

What does come as a surprise is that some consultants, who should frankly understand the Regulations better, have recently offered their services to act as the Nominated Officer for a business. HMRC has no formally announced that it does not consider that a consultant outside the business can be appointed Nominated Officer for any of the businesses HMRC supervise under the Regulations.

For many existing clients which date from 1 March 2004 you will have obtained verification of their identity under the 2003 regulations. For those clients you will need to consider whether the information you hold is sufficient, based on your risk assessment of the client , to demonstrate your have taken appropriate steps to verify the identity of your client and whether anything has changed in the period to render that information out of date. For clients whose situation, address, name and business has not changed since you last considered their identity we would suggest you need do no more than commit your risk assessment and review to the file.

For clients where the situation has changed or who predate 2004 you may well have obtained official verification of matters such as name and address through correspondence with government offices, bank statements and similar official channels. It is suggested that you undertake these checks during the planning for the next engagement for the client.

The key issues are:

• Have you undertaken a risk assessment of the client ?
• Do you have information which supports your verification of the client’s identity and which is consistent with your risk assessment?
• Can you demonstrate what you have done if asked to evidence your customer due diligence measures?

Visit the BTC website for compliance help and support for firms in the regulated sector.

The 2007 Regulations provide an outline of the required components of CDD which is undertaken on a risk sensitive basis. Regulated firms need to ensure that these are integrated into client acceptance procedures and for the continuing monitoring of the business relationship. The three basic components are;-

(1) Identifying the client and verifying the identity of the client by obtaining evidence from documents, data or information obtained from indepenant and reliable sources.

(2) Identifying the beneficial owner(s) of a client, if there is one, so that the identity of the individual(s) who is the ultimate owner or controller is known and then verify their identities on a risk sensitive basis. Specific steps must be taken is ensure that the ownership and control structure is understood. 

(3) Information on the purpose and intended nature of the business relationship

Visit the BTC website for compliance help and support for firms in the regulated sector.

• Regulation 7 – Failure to apply appropriate risk-sensitive customer due diligence measures
• Regulation 8 – Failure to apply appropriate and risk-sensitive ongoing monitoring of a business relationship
• Regulation 9 – Failure to comply with the requirements in timing of verification of identity of clients and any beneficial owner
• Regulation 11 – Continuing with transaction/business relationship where unable to apply customer due diligence measures
• Regulation 14 – Failure to apply enhanced client due diligence and ongoing monitoring where required
• Regulation 18 – Failing to follow a direction made by HM Treasury under this Regulation
• Regulation 19 – Failure to keep the required records
• Regulation 20 – Failure to establish, maintain, monitor and manage the required risk based policies and procedures
• Regulation 21 – Failure to take appropriate measures to provide the required training
• Regulations 26, 27(4), 33 – Failure to comply with registration requirements specified by the commissioners

These breaches may attract civil or criminal procedures from your supervisor

1. Your firm must adopt appropriate policies and procedures for compliance for which the MLRO must implement into the systems of the firm.
2. Ensure that all staff have adequate training on understanding their roles and responsibilities under the UK’s AML regime, the offences for ML and procedures including client due diligence and reporting.
3. Conduct client due diligence (CDD) procedures on all clients no matter how long they have been clients, including those pre 1 March 2004 clients at an appropriate time, including risk assessment, identity and verification and ongoing monitoring. 
4. Implement a reporting regime for the reporting of Suspicious Activity Reports (SAR’s) to the Serious Organised Crime Agency (SOCA).  

You must ensure that all these policies & procedures, evidence of identity and account opening procedures, internal & external reports and any other AML procedural matters are documented correctly and records kept for a minimum of 5 years.

World-Check, in partnership with data quality specialist Datanomic, recently embarked on a project to screen the UK’s Companies House register of companies, company directors and secretaries against World-Check’s global database of high risk individuals and organisations.

The underlying aim of the project was to identify the growing number of high risk individuals registering and operating businesses in the UK. Two articles appeared in The Times newspaper you can read them directly from the newspaper.

The first article entitled ’4000 company directors listed as global terror suspects and fraudsters’ and the second one ‘Buckinghamshire firm run by Croation war crimes suspect Ivan Cermak’.

Financial institutions in the UK should give special attention to business relations and transactions with persons, including companies and financial institutions, from jurisdictions that do not adequately apply the FATF Recommendations.

The FATF is an inter-governmental body that develops national and international policies to combat anti money laundering (AML) and the financing of terrorism (CFT). It has released a public statement on several countries highlighting their concerns over deficiencies in their AML/CFT legislation.

The countries are Iran, Pakistan, Uzbekistan, Turkmenistan, Sao Tome and Principe, and the northern part of Cyprus.

More information on FATF can be viewed on their website.

If you deal with any of the countries listed you should take account of these concerns in your AML Risk Assessment