Anti-Money Laundering – Have you assessed the risks?

A step-by-step explanation of a firm’s responsibilities under anti-money laundering regulations.

For many insolvency practitioners, anti-money laundering (AML) compliance starts and finishes with client identification procedures. But that simply isn’t sufficient to comply with current legislative requirements, nor to adequately protect you from becoming a professional enabler – a title none of us relish acquiring!

The area is under increasing regulatory scrutiny as the Recognised Professional Bodies (your AML supervisors) now have their own oversight regulator, the Office for Professional Body Anti-Money Laundering Supervisions (OPBAS), breathing down their necks. We IPs are likely to come under closer scrutiny from our AML supervisors, with a renewed focus on meaningful AML compliance.

So, aside from Customer Due Diligence (CDD) procedures, what do you need to do?

What are the risks faced by IPs?

Money laundering and terrorist financing are significant threats to any economy, particularly those operating globally. The UK is the world’s sixth largest economy, of which our financial services sector is a key component.

HM Treasury’s 2015 National Risk Assessment judged accountancy services to be at high risk of money laundering exploitation. The Treasury re-affirmed that view in 2017, concluding that ‘the inherent risks and vulnerabilities of accountancy services remain, due to the value of these services to those engaging in high-end money laundering… Company liquidation and associated services (including insolvency practice, which may be conducted by certain accountancy professionals) also pose a risk of criminals masking the audit trail of money laundered through a company and transferring the proceeds of crime…’.

Firm-wide risk assessment

First and foremost you must have a documented firm-wide risk assessment in place. This is a mandatory requirement under the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (MLR17), placed upon all ‘relevant persons’ (which includes IPs) and your supervisor may ask for sight of it at any time. Your risk assessment should:

  • identify the risk factors that apply specifically to your business and the way in which it operates
  • consider the frequency of occurrence of these risks, as well as their potential severity
  • explain how these risks are adequately managed and mitigated by the processes and procedures employed by your firm
  • be reviewed periodically and updated with new service lines and operational models
    used to educate and inform your staff

If you don’t know where to start or are pressed for time, ISS can assist you.

Oversight

Secondly, you need to consider who within your practice is going to take responsibility for production, operational oversight and periodic review of your policies, controls and procedures and whether this is going to be a formal compliance officer role, or an informal or shared function. Depending on the size and nature of your practice, either route may be appropriate. The key requirement is that someone (individual or group) needs to oversee this area. This is not the same function as the traditional money laundering reporting officer role, although these may be combined, if that works best for your firm.

Policies, controls and procedures

Regulation 19 of the MLR17 requires you to establish and maintain policies, controls and procedures to effectively mitigate and manage the risks of money laundering and terrorist financing identified in any risk assessment undertaken by the relevant person. These must be maintained in writing and must include:

  • risk management practices
  • internal controls
  • customer due diligence
  • reliance and record keeping
  • the monitoring and management of compliance with, and the internal communication of, such policies, controls and procedures

Do you have these policies in place? If not, we can help.

CPD and staff training

Those responsible for AML oversight must receive appropriate CPD on the conduct of their functions. Additionally, your whole team should be provided with periodic training, not just about the law in this area, but also about the specific risks presented to your business and the policies, controls and procedures that your firm has in place.

ISS can supply in-house and/or online learning modules for your officers and your team members, specifically tailored for your business and the risks it faces.

Beneficial owner and manager approval

It is a criminal offence for a person to act in the capacity of a beneficial owner, officer or manager of a relevant firm without the approval of an AML supervisor. Have all relevant owners and managers of your practice registered with your AML supervisor yet?

This requirement extends to any party with a controlling interest in the business (eg a shareholding in excess of 25%) and any principal, senior manager, or member of a management committee who is responsible for setting, approving or ensuring the firm’s compliance with the firm’s anti-money laundering policies and procedures.

 

We will be examining the legal requirements and the risks presented to practices in our forthcoming Intensive CPD / CPE Catch-Up Courses and discussing how practices may manage these.

For further information about how ISS may assist you in meeting your AML obligations, contact enquiries@insolvencysupportservices.com