Money Laundering Directive 4 and the impact of AML on Consumer Credit. It’s the law!
In the last edition of the CCTA magazine, we wrote about the imminent implementation of the EC Money Laundering Directive 4. The article in CCTA magazine can be found here. Below Paul Wycherley discussed more details that have been released and how this will affect Consumer Credit Businesses in the UK.
The United Nations has organized a number of international conventions on money-laundering used to finance terrorism. One such convention is the 1988 Vienna Convention against drug trafficking and the UN Convention for the suppression of terrorist financing. The EU has also been an enthusiastic legislator against money-laundering with the third money laundering directive being the latest major initiative along with its many amendments. The UK has implemented its own AML and counter-terrorist financing legislation and has created it under the authority of the Joint Money Laundering Steering Group (JMLSG) and its guidance notes. This guidance provides a comprehensive level of help:
Firms should create internal infrastructure that prevents money laundering. Such measures include staff training and proper reporting of suspicious activity.
Establish requirements for Know Your Client (KYC) that everyone in the firms should use in respect to customers and transactions.
The guidance elements of the JMLSG are comprehensive and should not be ignored. The FCA stated that it observes the JMLSG guidance notes as an indicator that a firm complies with the FCA’s own anti-money laundering requirements. The AML requirements are applied broadly across many industries as well as under the FSMA regime. All companies must have a general awareness of the rules and update periodically. If you take on the FCA Controlled Function 11 position this will be even more important.
The legislation you need to be aware of are:
- The Anti-Terrorism, Crime and Security Act 2001
- The Money Laundering Regulations 2007
- Bribery Act 2010
- The Proceeds of Crime Act 2002
- The Serious Organised Crime and Police Act 2005
- The Terrorism Act 2000 (as amended by the Anti-Terrorism, Crime and Security Act 2001).
- The Terrorism Act 2006
- The Terrorism (United Nations Measures) Order 2006
- Trade and Financial Sanctions Legislation
Moving Forward With Money Laundering
During the last two years, the FCA has shown an increased interest in tackling financial crime. A number of thematic reviews have been conducted within the banking, insurance and asset management sectors aimed at assessing a firm’s approach and management of financial crime risk, with a particular emphasis on anti-money laundering and anti-bribery and corruption systems and controls. These thematic reviews were swiftly followed by enforcement actions against a number of financial institutions.
The FCA have stated that they will also devote more resources to ensuring the biggest retail and investment banks are complying with their legal and regulatory obligations through their Systematic Anti-money Laundering Programme. “Firms that take unacceptable risks will be made an example of.”
Fines to date:
- BNP Paribas $9n 2014
- HSBC $1.92bn in 2012
- Standard Chartered $667m in 2012
- ING $619m in 2012
- Credit Suisse $536 in 2009
- RBS $500m in 2009
- Lloyd Bank $350m in 2009
- Barclays $298 in 2010
Heard about EU Money Laundering Directive 4?
MLD4 is Largely a response to the Financial Action Task Forces (FATF) recommendations in February 2012. The Directive will replace The 3rd Money Laundering Directive (MLD3)
It was noted that parts of MLD3 were overly lenient and permissive, allowing as it does some blanket exemptions to justify simplified due diligence (SDD). The directive aims to achieve a more risk-based approach, with greater consistency across all sectors and geographies
It affects ALL regulated companies
On the 20th February 2015, The European Council approved the bill and now the UK has two years to ready itself and install the latest legislation.
How will the newly strengthened rules affect trade?
MLD4 will require member states to develop and maintain registers of information on the ultimate owners of companies, trusts, foundations and other legal entities, with access being granted to any person with a legitimate interest. While firms may find this assists in carrying out customer due diligence (CDD). The draft directive stresses that firms should not rely exclusively on the central register to fulfil CDD obligations.
Crucial to MLD4 is the development of a risk-based approach and a departure from the most prescriptive rules found in MLD3. This will be no great shock to UK firms who are already obliged to apply a risk-based approach by virtue of the domestic regime. The Directive will harmonise the way across all member states. – MLD4 will tighten the rules in relation to simplify Customer Due Diligence and remove the outright exemptions so that firms will just have to identify a client or transaction as low risk in order to enjoy the expedited transaction time enjoyed by simplified Customer Due Diligence.
Politically Exposed Persons (PEPs)
MLD4 will remove any distinction between domestic and foreign PEPs. Hence, domestic persons holding prominent public functions will need to be categorised as such. This could include (but is not limited to) MPs, members of supreme courts, ambassadors, high-ranking military staff and managers of state-owned enterprises. The provisions will similarly file an application with close associates and family members of PEPs.
MLD4 will further clarify that PEPs will always be subject to Enhanced Due Diligence. EDD requires:
Making sure that only senior management gives approval for a new business relationship – taking adequate measures to establish where the persons wealth and the funds involved in the business relationship come from – carrying out stricter ongoing monitoring of the business relationship
– Fines of at least 1m Euro for any sanctions breach
– The 4th Directive will allow the Member States to impose sanctions on members of management any other individual who handles the breach
– Ongoing Monitoring throughout the life of the product
Responsibilities of the board and senior management:
The board of directors and senior management will ultimately be responsible for establishing sound and prudent financial crime risk governance management practices, including sound commercial practices.
In light of the roles and responsibilities incumbent upon them under the governance roles the board of directors and senior management should, among other things:
- Implement and approve strategies, policies and procedures that focus on preventing and detecting activities regarding financial crime.
- Demonstrably foster a culture of integrity, exemplary business conduct and ethical behaviour among all employees of the foundation in the performance of their duties.
- Ensure that staff and officers have appropriate training to deal with financial crime risks and that the people assigned to risk management, compliance monitoring and primarily the prevention, detection and review of suspicious activities is honest and competent.
- Make sure that the company complies with all laws, regulations and guidelines dealing with financial crime.
- The company should take financial crime risks into account within its integrated risk management framework. Its organizational structure, the nature of its activities, its information systems, its strategic orientations, its policies, the quality of its internal control including the segregation of duties and the delegation of powers (this includes outsourcing to a third party).
- The nature and characteristics of the company products, the information technology used, its business dealings, including the outsourcing of certain businesses, monitor workers who particularly have higher-risk functions.
- Show knowledge of the methods used by perpetrators of financial criminal activities and the potential for operational incidents and their potential impact.
- Monitor changes in international orientations economic politics
Customer Due Diligence:
Companies should demonstrate vigilance with respect to customers considering the extent of the risks associated primarily with pecuniary transactions, insurance products and investment products provided by the company.
Knowing clients are a critical component of financial crime risk management. It contributes to reducing the likelihood of operative events involving the budgetary company.
Review of suspicious activities:
- The financial company should respond quickly to any situation where activities associated with financial crime are suspected or detected and be able to clearly articulate exactly what falls within and what falls outside of their Risk Appetite. A lack of Suspicious Activity Reports could cause the regulator to investigate if they are being missed. – Ensure that the AML policy is fully embedded across the business. From bespoke KYC Governance policy to embed it in the T&C framework of the front line.
MLD4 is more prescriptive with respect to the:
- On-going monitoring of customers, and will be more specific in
- Outlining factors for consideration/evidencing in conducting risk
- Assessments for each customer, and how these risk assessments must be
- Need to keep up-to-date. This reinforces the requirement to undertake a risk-based approach, and from a practical perspective, will mean that obliged entities – Must be able to evidence the rationale behind the risk rating applied to each customer.
In preparation of the new legislation, it is advised you conduct (and document you have conducted):
- Training of staff
- Gap analysis on current state
- Necessary policy documents
- Customer due diligence process (including your decision process on PEPs)
- Risk appetite & logic behind it
As you know, falling foul of the Anti Money Laundering rules can be an extremely expensive mistake – even accidentally! So in order to help companies ensure they are steering the right path through the latest legislation, we are offering a free telephone consultation to help you ensure your business is fully compliant. Contact us today for more help and advice: Call us on 01255 861697 or email: email@example.com