The Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (MLR2017) have been effective since 26 June 2017. A brief consultation period on the draft regulations ran from 15 March 2017 to 12 April 2017, MLR2017 were laid before Parliament on 22 June 2017 and became effective four days later. It is perhaps not surprising that there has not been much comment about MLR2017 – there has not been much opportunity for this.
MLR2017 affects insolvency practitioners who are as before specifically included as relevant persons to whom MLR2017 will apply. Changes introduced in MLR2017 that are of particular relevance to insolvency practitioners include:-
- The requirement for internal controls to ensure compliance with the Money Laundering Regulations, including an independent audit. Reg 21 MLR2017.
- The introduction of a supervisory authority for each relevant person. The ICAEW and IPA are the supervisory authorities for people who are regulated by them, the FCA is the supervisory authority for credit and financial institutions and HMRC is the supervisory authority for high value dealers and money businesses not supervised by the FCA. Regs 45 – 51 MLR2017.
- Supervisory authorities are to monitor, review and assess the relevant persons for whom they are responsible and ensure their compliance with the relevant anti money laundering legislation, using a risk based approach. Supervisory authorities are also to make available up to date information about money laundering legislation to the relevant persons for whom they are responsible. If a supervisory authority becomes aware of or suspects that a person is involved in money laundering or terrorist financing then the supervisory authority must report this to the National Crime Agency. Regs 45 – 51 MLR2017.
- The requirement for relevant persons not only to carry out money laundering and terrorist financing investigations but also to keep a written record of the work carried out, which is to be risk assessed. The risk factors to be assessed include customers, the countries or geographical areas in which the relevant person operates, its services and transactions. Relevant persons must also now carry out ongoing monitoring of business relationships and transactions and record this in writing. Regs 18 & 28 MLR2017.
- Relevant persons must ensure that their staff are given training about the law relating to money laundering and terrorist financing and also regular training in how to deal with such situations. A written record is to be kept of this training. Reg 24 MLR2017.
- Relevant persons entering into a business relationship with an unlisted company must now also identify its beneficial owners, those exercising ultimate control over the company, and carry out customer due diligence procedures on the beneficial owners. Regs 41 & 42 MLR2017.
- The introduction of enhanced customer due diligence. This includes a more thorough and detailed investigation of the transaction and individuals concerned and applies whenever a transaction or individual is identified as high risk, a transaction unusually large or complex or appears to have no economic purpose. Regs 33 and 35 MLR2017.
- The introduction of politically exposed persons (PEP). PEPs are people entrusted with a senior public position eg heads of state, members of parliament, judges and high ranking members of the military. Enhanced customer due diligence is automatically to be applied to PEPs, associates and members of the families of PEPs and there are additional requirements for establishing an ongoing business relationship with a PEP. Reg 35 MLR 2017.
- Relevant persons must establish and maintain policies to mitigate and manage the risk of money laundering or terrorist financing. These policies are to be in writing and approved by senior management. Reg 19 MLR2017.
- The ICAEW and IPA as supervisory authorities now have the legal responsibility for reviewing the anti money laundering policies and processes carried out by their members. Anti money laundering systems have always been reviewed by the RPBs and monitoring visits and perhaps licence renewal processes may perhaps change to include the review of some of the written records that are now to be kept. The reviews to be undertaken by relevant persons when identifying the client have been tightened by the introduction of enhanced customer due diligence, PEPs and the need for a risk based assessment.
One of the biggest changes in MLR2017 is its extremely prescriptive nature, however, and remember that all the above regulations have been effective since 26 June 2017. If you rely on completion of a bought in anti money laundering checklist for compliance this may perhaps not be enough to demonstrate that a risk assessment policy previously approved by senior management has been carried out and recorded in writing.
Please contact me on firstname.lastname@example.org or 07854 967976 if you would like to learn more about the compliance consultancy work carried out by RMCSC. This would now include an independent audit to comply with Reg 21MLR2017, together with peer and insolvency compliance reviews tailored to your specific needs.