Supervision - United Kingdom
What are my obligations as a practitioner?
Click
here and
here for links to professional standards webpages with more information on supervision.
Practitioners should and indeed are obliged to consult guidance documents when considering their obligations. In the United Kingdom the CCAB has produced Anti-Money Laundering and Counter-Terrorist Financing Guidance for the Accountancy Sector 2022 (UK) (which replaces the draft guidance issued in September 2020 ).It contains detailed guidance including guidance on the summary paragraphs below. See also explanatory notes on the guidance.
The reader’s attention is also drawn to the supplementary Anti money-laundering guidance for tax practitioners which is guidance issued by CCAB for those providing tax services in the United Kingdom, on the prevention of money laundering and the countering of terrorist financing. The supplementary guidance is not standalone guidance; it must be read in conjunction with the Guidance for the Accountancy Sector (above).
Click here for UK legislation on money laundering. The Money Laundering ,Terrorist Financing, and Transfer of Funds (Information on the Payer ) Regulations 2017 are referred to on these pages as the MLR 2017 (as amended).
The Economic Crime (Anti-Money Laundering) Levy Regulations 2022 came into force in the UK on 1st April 2022. The levy is intended to fund government action and initiatives to tackle money laundering. The charge will be levied on regulated businesses under money laundering legislation and is to be based on UK revenue depending on whether the entity is considered “medium”,” large” or “very large” as defined in the Finance Act 2022.
Readers may find the Anti-money laundering and counter terrorist financing: Supervision Report 2019-20 published by HM Treasury in the UK in November 2021 of interest. This report provides information about the performance of AML/CTF supervisors in the UK between 6 April 2019 – 5 April 2020.The report shows improvement in various areas of supervision and Treasury and the AML/CTF supervisors remain committed to further strengthening their approach and tightening the UK’s defences against money laundering.
A brief review of some of the obligations is provided in the paragraphs below.
Firm wide business risk assessment
Firms must carry out and keep up to date a firm-wide business risk assessment under Regulation 18 of MLR 2017 (as amended). The assessment should include consideration of the firm’s client base and services it offers, the countries and geographical areas the firm operates in, the type of transactions carried out and the delivery channels used. For example, where the channel allows the service to be delivered without meeting the client face-to-face that might lead to a higher risk of exposure to money laundering.
The legislation also requires that firms have regard to any relevant information in national risk assessments. Click the link for the UK’s latest National Risk Assessment .They must also have regard to any guidance on risk issued by the competent authority for the designated person. In addition to the UK National Risk Assessment referred to above reference should be made to The Chartered Accountants Institute Risk Outlook January 2021 which assesses the circumstances where there might be a high risk of money laundering or terrorist financing in the accountancy sector.
Please also click the link for the first UK national risk assessment of proliferation financing published in September 2021.
The MLR 2017 (as amended) requires that a written record of the firm wide risk assessment is maintained, and that Relevant Persons should be prepared to provide this to their supervisory authority if requested. It should also be updated regularly.
Failure to comply with the obligations is an offence.
Individual risk assessments for clients
It is now a statutory requirement under MLR 2017 (as amended) , to carry out a stand-alone risk assessment on each client to whom a firm provides an AML-regulated service. This is to determine the type of client due diligence to be applied to that client. The legislation details the matters the firm should have regard to such as
its firmwide risk assessment,
any national risk assessment
guidance from a competent authority
relevant risk variables (see Regulation 28 (13)) including
the purpose of the relationship,
size and regularity of transactions
duration of the business relationship
the presence of certain factors which might suggest a lower or higher risk.
Regulation 33(6) contains a non-exhaustive list of factors suggesting potentially higher risk. For example, a customer where the ownership structure of the company appears unusual or excessively complex given the nature of the company’s business or dealings in a country identified by credible sources as having significant levels of corruption or other criminal activity might suggest a potentially higher risk.
Regulation 37(3) contains a non-exhaustive list of factors suggesting potentially lower risk. For example, public companies subject to disclosure requirements or dealings with third countries having effective anti-money laundering (AML) or combating financing of terrorism (CFT) systems might suggest a potentially lower risk.
CUSTOMER DUE DILIGENCE
Regulation 27 of MLR 2017 (as amended) sets out the requirements as to when CDD must be conducted. For example when
- a Relevant Person establishes a business relationship;
- a Relevant Person engages in an occasional transaction
- a Relevant Person suspects money laundering or terrorist financing;
- a Relevant Person doubts the veracity or adequacy of documents or information previously obtained for the purposes of identification or verification;
- Also, at other appropriate times applying a risk sensitive approach.
Trust and Company Service Providers should note that a business relationship now includes one where the Relevant Person is asked to form a company for its customer even if this is the only transaction carried out for that customer. (See Regulation 4).
Regulation 28 details the CDD measures to be taken such as identifying the customer and verifying their identity unless the identity is already known and has previously been verified and assessing and where appropriate obtaining information on the purpose and intended nature of the business relationship or occasional transaction.
Section 5 of the CCAB AML guidance provides further information on Customer Due Diligence including on beneficial owners, enhanced due diligence and politically exposed persons. Regulation 35 of the MLR 2017 (as amended ) deals with PEPs and see also FCA Guidance on PEPs.
HIGH RISK THIRD COUNTRIES
In the context of the obligation to apply enhanced customer due diligence, regulation 33(6)(a)(ii) and (c) of MLR 2017 (as amended) make reference to geographical risk factors and regulation 33(1)(b) of MLR 2017 (as amended) refers to high risk third countries .Regulations made by the UK government from time to time give the most up to date list of high risk third countries. You will find the most recent regulations from time to time by clicking the link on the advisory notice below.
Please see here for a HM Treasury Advisory Notice on High Risk Third Countries which is published and updated by HM Treasury from time to time.
POLICIES CONTROLS PROCEDURES (PCPs)
All accountancy firms are required to have up to date internal policies, controls and procedures in place to protect against money laundering and terrorist financing. Regulations 19,20 & 21 require that the policies and procedures should include risk management practices, internal controls, customer due diligence reliance and record keeping and monitoring and communication of policies and procedures. They must be approved by senior management and relevant persons must ensure that the policies and procedures are regularly reviewed and updated.
The PCPs must provide for identification and scrutiny of cases where a transaction is complex and unusually large, or there is an unusual pattern or the transaction(s) have no apparent economic or legal purpose, or any other activity or situation which the relevant person regards as particularly likely by its nature to be related to money laundering or terrorist financing.
There is a statutory obligation under Regulation 24 that the relevant person ensures that employees and agents are made aware of and given training on the law relating to money laundering and terrorist financing.
UK Reporting Obligations -Suspicious Activity Reports
Click here for more information on Professional Standards' pages on UK law and guidance and click here to go to the technical hub page on reporting requirements.
These pages are provided as resources and information only and nothing in these pages purports to provide professional advice or definitive legal interpretation(s) or opinion(s) on the applicable legislation or legal or other matters referred to in the pages. If the reader is in doubt on any matter in this complex area further legal or other advice must be obtained. While every reasonable care has been taken by the Institute in the preparation of these pages, we do not guarantee the accuracy or veracity of any resource, guidance, information or opinion, or the appropriateness, suitability or applicability of any practice or procedure contained therein. The Institute is not responsible for any errors or omissions or for the results obtained from the use of the resources or information contained in these pages.
These pages are provided as resources and information only and nothing in these pages purports to provide professional advice or definitive legal interpretation(s) or opinion(s) on the applicable legislation or legal or other matters referred to in the pages. If the reader is in doubt on any matter in this complex area further legal or other advice must be obtained. While every reasonable care has been taken by the Institute in the preparation of these pages, we do not guarantee the accuracy or veracity of any resource, guidance, information or opinion, or the appropriateness, suitability or applicability of any practice or procedure contained therein. The Institute is not responsible for any errors or omissions or for the results obtained from the use of the resources or information contained in these pages.