It is very clear that anti-money laundering is on the FCA’s radar and a good example of this is the watchdog’s recently published AML annual report. However, AML requirements are nothing new for the financial services industry and have been with us for quite some time.
The key piece of legislation that firms need to pay attention to is the Money Laundering Regulations 2007. The MLR 2007 is supplemented by Principle 3 of the FCA’s Principles for Businesses, the rules contained in the Senior Management Arrangements, Systems and Controls sourcebook and guidance provided by the Joint Money Laundering Steering Group. Firms also have an explicit legal requirement under the terms of the Proceeds of Crime Act 2002 to maintain vigilance in respect of any evidence that a transaction is linked with the proceeds of criminal activity. Firms are required by the MLR 2007 and the FCA’s requirements to implement and maintain systems and controls to prevent and detect money laundering.
In particular, a firm must be able to demonstrate to the FCA that the extent of its due diligence and ongoing monitoring measures are appropriate to the risks of money laundering and terrorist financing it faces. The rules in SYSC detail the controls firms must have in place to prevent financial crime and money laundering.
An important part of the AML regime is customer due diligence, which comprises checks that firms should apply to new customers whether or not they are high risk. The MLR 2007 states that a firm must typically conduct CDD for all business relationships, with such measures including identifying and verifying a customer’s identity and obtaining information on the purpose and intended nature of the business relationship.
An important point is that CDD is not just a requirement to gather documents. Firms must give active consideration of the documents they receive and seek further explanation from the new customer regarding any inconsistencies or omissions. Where a firm fails to make further enquiries regarding incomplete or missing information, the FCA may take that as a sign the firm treats CDD as a box-ticking exercise rather than a meaningful assessment of the risks posed by customers.
Another important part of the AML regime is enhanced due diligence. The purpose of EDD is to ensure a firm has a better understanding of the risks associated with particular customers, which will allow it to decide whether to establish or continue a business relationship and, where necessary, mitigate risk of money laundering. It is crucial a firm takes active EDD as the information it gathers also forms the basis for its understanding of the customer’s affairs so that it may properly undertake enhanced ongoing monitoring of transactions.
A particular aspect of EDD that some firms have difficulty with is the task of establishing a customer’s source of wealth and funds. Like CDD, firms need to be proactive in EDD. They should not accept the customer’s responses at face value and obtain documentary evidence as necessary.
The MLR 2007 also states that a firm must conduct ongoing monitoring of all business relationships. Where the customer is considered to be higher risk, that monitoring must be enhanced.