Upload
nicolette-seddon
View
212
Download
0
Tags:
Embed Size (px)
Citation preview
ACOI Welcomes our Members to the 2nd seminar in the ACOI lunch time CPD seminar series January - June 2012. CPD Reference: 2012-0437
Our Event: The development of the AML Guidelines and the challenges for implementation
Chaired: Ms. Amanda Berry, Chairperson of the AML Working Group and AML Manager, GlobeOp Financial Services (Ireland) Limited
Speakers: Mr. Sean Smith, Senior Manager Enterprise Risk Services, Deloitte & Mrs. Sinead Ovenden, Director, Enterprise Risk Services
Development of the AML Guidelines and the Challenges for Implementation
20 March 2012
©Copyright ACOI 2012
DEVELOPMENT OF THE AML GUIDELINES
Sean Smith
Senior Manager
Deloitte
©Copyright ACOI 2012 3
Development of the AML Guidelines Dates
• April 2010 – Submitted to the Central Bank
• April to July 2010 – Public consultation
• July 2010 to February 2011 – Consultation with drafting committee on Core Guidance Notes
• Public Consultation – 23 February 2011 over 30 responses received including comments from:
• Industry Bodies
• Public bodies and national agencies
• Law Firms
• Draft Guidelines and cover letter detailing issues submitted to the Department of Justice and the Department of Finance - 4 May 2011
• Response received - 9 December 2011
• Guidelines published – 10 February 2012
©Copyright ACOI 2012 4
©Copyright ACOI 2012 5
Development of the AML GuidelinesStakeholders
APRIL
2010
NOVEMBER
2010
FEBRUARY
2011
MAY
2011
FEBRUARY
2012
Brendan Nagle
Terry Donavan
Hilary Griffey
Finance/Justice
Development of the AML GuidelinesCover letter – May 2011
• Lead in time for implementation
• Sought confirmation that the obligation to remediate documentation and information held on Existing Customers would only arise on the occurrence of a trigger event
• Sought confirmation that there is no obligation under the CJA 2010 or the Guidelines to proactively review and remediate the identification and verification information or documentation held on Existing Customers
• Definition of discontinuation of a business relationship under Section 33(8) of the CJA 2010 which requires that services shall not be provided and the business relationship discontinued where there is a failure on the part of the customer to provide required documentation or information. Proposed to deal with this in the sectoral notes
©Copyright ACOI 2012 6
Development of the AML GuidelinesCover letter – May 2011
• Sought clarification in respect of the definition of the terms “source of wealth” and “source of funds”. Suggested that source of funds is the bank account etc. from where the money has come whilst source of wealth is what has given rise to the money e.g. savings, inheritance, house sale etc.
• In the context of pooled accounts, it was suggested that where nominees and intermediaries are named on the shareholder register/list, they may be treated as clients and the beneficial owner of the nominee or intermediary (rather than the underlying investor) must be identified and verified
• It was noted that while pooled accounts may pose a higher risk of money laundering and terrorist financing in certain circumstances, there are numerous instances where such structures are used for legitimate reasons and where the account is owned or controlled by a regulated financial entity/designated person. In those circumstances confirmation was sought that less onerous obligations would be appropriate
©Copyright ACOI 2012 7
Development of the AML GuidelinesCover letter – May 2011
• Where there is third party reliance on an entity in a banking secrecy jurisdiction we proposed that making documentation available on request could be satisfied by that entity agreeing to deliver the documents on foot of a court order
• We proposed a risk based approach to reliance on third parties in a non-prescribed jurisdiction
• Obligation on relevant third party to provide identity of beneficial owners upfront
• Retention of documentation in the State and reliance on letters of assurance to meet this requirement when relying on a relevant third party
• Use of ML-10
• AML vs. Data Protection
©Copyright ACOI 2012 8
Development of the AML GuidelinesMaterial Amendments to the Guidelines
©Copyright ACOI 2012 9
May Submission Accepted Final Guidelines
Existing Customers – documents that do not meet dating requirements are not automatically inadequate
Partial Reference to dating requirements replaced with reference to precise requirements in Appendix
Existing Customers - Conduct CDD where there are reasonable grounds to doubt adequacy or veracity of documentation
No Designated persons should assess whether a doubt arises prior to carrying out any service and if so, conduct CDD
Existing Customers – Delay discontinuing a business relationship - allow time to collate documentation, number of attempts will vary
Partial Delay discontinuing a business relationship - facilitate customer in rectifying failure, reasonableness of delay will depend on circumstances
Development of the AML GuidelinesMaterial Amendments to the Guidelines
©Copyright ACOI 2012 10
May Submission Accepted Final Guidelines
Senior Management – Independent assurance of controls, risk methodology and processes relative to size of entity
Yes
CDD - Keeping information current and valid – this does involve repeatedly updating passports, utility bills over course of business relationship
No Deleted
Pooling – accounts owned or controlled by regulated entities pose less risk than unregulated entities
No Designated persons must exercise their own judgement in each case
Development of the AML GuidelinesMaterial Amendments to the Guidelines
©Copyright ACOI 2012 11
May Submission Accepted Final Guidelines
Pooling – greater degree of due diligence required beyond retail and corporate business
No Deleted
SCDD – No obligation to identify or verify the identity of a beneficial owner
No Deleted
PEPs – Deleted reference to senior management approval not meaning line management approval
No Reinserted
PEPs – Deleted reference to domestic PEPs being considered in the AML/CTF assessment
Yes
Development of the AML GuidelinesMaterial Amendments to the Guidelines
©Copyright ACOI 2012 12
May Submission Accepted Final Guidelines
Reliance on relevant third parties – good practice to name the legislation applied in the relevant agreement
Yes
Reliance on relevant third parties – is it appropriate to rely on a third party that is relying on another third party
Yes
Reliance on relevant third parties – deleted reference to identify each beneficial owner to designated person as part of the initial information supplied
Yes
Development of the AML GuidelinesMaterial Amendments to the Guidelines
©Copyright ACOI 2012 13
May Submission Accepted Final Guidelines
Documentation in the State – capable of being reproduced in the State and no undue delay in retrieving it
No Deleted
Photographic ID – Inclusion of ML-10
No Deleted
Development of the AML GuidelinesFinal Guidelines - Commentary
• Inclusion of Data Protection Principles
• The test for “reasonable grounds to doubt the veracity or adequacy of documents” is an objective test. In other words it is not the subjective opinion of the designated person which is important, rather it is a question of whether there are, on objective consideration, grounds to doubt the veracity or adequacy of CDD information
• “adequacy” is a relative concept and in this case it relates to the purpose of identifying the customer in the overall context of reducing the risk of money laundering;
• Non-Face to Face – Reference to additional CDD replaced with reference to enhanced CDD
©Copyright ACOI 2012 14
Development of the AML GuidelinesFinal Guidelines - Commentary
• Section 35(3) of the Act refers to “source of funds”. When scrutinising the source of funds a designated person should seek to discover the origin and the means of transfer for funds that are involved in the transaction (for example, occupation, business activities, proceeds of sale, corporate dividends)
• Section 35(3) of the Act refers to “source of wealth”. When scrutinising the source of wealth a designated person should seek to discover the activities that have generated the total net worth of the customer (that is, the activities that produced the customer’s funds and property)
©Copyright ACOI 2012 15
Development of the AML GuidelinesFinal Guidelines - Commentary
• It is recommended that designated persons should pay particular attention to complex or unusually large transactions and all unusual patterns of transactions which have no apparent economic or visible lawful purpose. As designated persons should be in a position to demonstrate compliance, it is recommended that the background and purpose of such transactions should, as far as possible, be examined and the findings established in writing – see also paragraph 71
• Where an existing customer or beneficial owner becomes a PEP, immediate family member, or close associate, then the measures required by section 37 should be applied. Although not explicitly required by section 37 (4), it would be advisable to obtain senior management approval to the continuation of a business relationship in light of the provisions of section 37 (8)
• AML training should include reference to the Data Protection requirements and how they are relevant to the AML requirements
©Copyright ACOI 2012 16
Development of the AML GuidelinesCentral Bank Communication - IFIA
• CDD during establishment of a business relationship and the meaning of “as soon as practicable” – designated person must decide and must be able to demonstrate how approach meets requirements. Probably does not mean on redemption but less clear in respect of subsequent subscriptions
• Central Bank will not issue advice on whether further subscriptions should be permitted after the initial subscription is made where documentation is not forthcoming
• Relevant third parties in permitted jurisdictions can apply their local AML legislation
• Outsourcing / agency arrangements should be treated differently to reliance situations
• Applicability of SCDD depends on customer’s status and status of customer’s parent has no bearing
• Relevant third parties must make documentation available as soon as practicable after a request and arrangement may not be made subject to a clause where permission from another party is required (Court order) and must be provided directly to the designated person (not via a regulator etc.)
©Copyright ACOI 2012 17
Development of the AML GuidelinesFinal Guidelines - Status
• Not issued under Section 107
• Published by the Department of Finance but no apparent legislative mechanism for them to do so
• While these guidelines have not been approved under Section107 of the Act, the Central Bank will have regard to these guidelines in assessing compliance by designated persons with the Act
• The guidelines do not constitute secondary legislation and designated persons must always refer directly to the Act when ascertaining their statutory obligations
• “a court may have regard to any guidelines applying…….but nothing in this section limits the matters that a court may have regard to in determining whether a defendant took all reasonable steps and exercised all due diligence to avoid committing an offence”
• Administrative Sanction vs. Criminal Sanction
©Copyright ACOI 2012 18
Development of the AML GuidelinesWhere to next?
• Who owns the Guidelines?
• How do we amend the Guidelines in the future?
• Sectoral Guidelines?
• Legislative amendments?
©Copyright ACOI 2012 19
QUESTIONS?
©Copyright ACOI 2012 20
CHALLENGES FOR IMPLEMENTATION
Sinead Ovenden
Director
Deloitte
©Copyright ACOI 2012 21
4 simple key steps
1. Risk assessment
2. Application of risk assessment
3. Review of policy and procedures
4. Implementation strategy
…….and many challenges…
©Copyright ACOI 2012 22
1. Risk Assessment
Document and record how you assessed your business from a risk perspective including detailed analysis of:
• Your business;• Your customers;• Your geographic location and your customers
location;• The products you offer; and• Your delivery channels and payment
processes.
©Copyright ACOI 2012 23
1. Risk Assessment (ctd)
Where are you located ? Where do your customers come from ? Do you ever meet your customers? How do your customers come to you ? At what stage of the money laundering process do you think your
organisation could be exposed to money laundering ? What mitigants do you have in place to guard against these risks? Have you focused on delivery channels and payment processes,
for example cash over the counter e.g. Bureau de Change. Electronic Transfer/Wire Transfer e.g. Funds industry, Banking
Industry. Is there a chance that inappropriate assets could be placed in your
business or moved from or through it?
©Copyright ACOI 2012 24
1. Risk Assessment (ctd)
Do you deal with businesses with a complicated ownership structure that could conceal underlying beneficiaries ?
Do you monitor the controls and try to improve on their efficiency.
Have you kept records of what you did and why you did it. Is your training policy updated or are you simply asking
staff to read a manual that you know they don’t understand or have no interest in reading.
Have you monitored the type of suspicious transactions that are being reported to you as MLRO or is your business reporting any suspicious activity or transactions to the MLRO?
©Copyright ACOI 2012 25
2. Application of Risk Assessment
“reasonably warranted by the risk” –
interpreted by the Central Bank as a mandatory requirement which may require additional attention should the risk be higher.
NB. it does not allow for the requirement to be eliminated by low risk e.g. beneficial ownership verification
©Copyright ACOI 2012 26
2. Application of Risk Assessment
Simple or sophisticated – the choice is yours - High, Medium or Low to a complicated rating system.
Your efforts and resources should be focused on the areas where the risks are highest to your business.
©Copyright ACOI 2012 27
2. Application of risk assessment
• Categorise your business correctly e.g. :•Simplified•Low risk•Standard•Non face to face•Enhanced PEPs•Enhanced for Correspondent banking•Enhanced for high risk
•Identify where the act expressly provides for a risk based measures e.g. verification of beneficial owner, monitoring, identification of PEPs etc.
•Identify where the act does not provide for risk based discretion e.g. ID and verify customer , ID of beneficial owner etc.
©Copyright ACOI 2012 28
3. Review Policy & Procedures
2 choices – redraft of existing policies and procedures or start a completely new set.
The risk assessment should be reflected in your policies and procedures. If it is decided that after completing your risk assessment, that the risks to your firm are high, then your procedures should reflect requirements based on a high risk rating.
Application forms, prospecti and all sales documentation need to be updated to reflect the new Act
©Copyright ACOI 2012 29
4. Implementation Strategy
The risk assessment document needs to be approved at Board level or by the senior management team in your company.
Your new controls and procedures need to be
implemented within the Company.
All staff need to be trained on the new requirements.
The anti money laundering team should receive specialist/enhanced level of training
©Copyright ACOI 2012 30
FINAL WORD
Document everything• Your risk assessment is critical• How it was applied• How it was signed off• How you monitor transactions• How you monitor third parties• Third party agreements must be in place……
In order to facilitate declaration that your organisation complies with the Criminal Justice Act 2010 and project yourself as a Pre-Approved Control Function 15.
©Copyright ACOI 2012 31
NEED HELP…..
©Copyright ACOI 2012 32
Contact Deloitte should your organisation require assistance:
Sinead Ovenden
Director Regulatory Compliance Services
01 417 2545
Sean Smith
Senior Manager Regulatory Compliance Services
01 417 2306
©Copyright ACOI 2012 33
• Deloitte refers to one or more of Deloitte Touche Tohmatsu, a Swiss Verein, its member firms, and their respective subsidiaries and affiliates. Deloitte Touche Tohmatsu is an organization of member firms around the world devoted to excellence in providing professional services and advice, focused on client service through a global strategy executed locally in nearly 140 countries. With access to the deep intellectual capital of approximately 160,000 people worldwide, Deloitte delivers services in four professional areas—audit, tax, consulting, and financial advisory services—and serves more than 80 percent of the world’s largest companies, as well as large national enterprises, public institutions, locally important clients, and successful, fast-growing global companies. Services are not provided by the Deloitte Touche Tohmatsu Verein, and, for regulatory and other reasons, certain member firms do not provide services in all four professional areas. As a Swiss Verein (association), neither Deloitte Touche Tohmatsu nor any of its member firms has any liability for each other’s acts or omissions. Each of the member firms is a separate and independent legal entity operating under the names “Deloitte,” “Deloitte & Touche,” “Deloitte Touche Tohmatsu,” or other related names.
These materials and the information contained herein are provided by Deloitte & Touche and are intended to provide general information on a particular subject or subjects and are not an exhaustive treatment of such subject(s). Accordingly, the information in these materials is not intended to constitute accounting, tax, legal, investment, consulting or other professional advice or services. The information is not intended to be relied upon as the sole basis for any decision which may affect you or your business. Before making any decision or taking any action that might affect your personal finances or business, you should consult a qualified professional adviser. These materials and the information contained therein are provided as is, and Deloitte & Touche makes no express or implied representations or warranties regarding these materials or the information contained therein. Without limiting the foregoing, Deloitte & Touche does not warrant that the materials or information contained therein will be error-free or will meet any particular criteria of performance or quality. Deloitte & Touche expressly disclaims all implied warranties, including, without limitation, warranties of merchantability, title, fitness for a particular purpose, non-infringement, compatibility, security and accuracy.
• Your use of these materials and information contained therein is at your own risk, and you assume full responsibility and risk of loss resulting from the use thereof. Deloitte & Touche will not be liable for any special, indirect, incidental, consequential or punitive damages or any other damages whatsoever, whether in an action of contract, statute, tort (including, without limitation, negligence) or otherwise, relating to the use of these materials or the information contained therein.
• If any of the foregoing is not fully enforceable for any reason, the remainder shall nonetheless continue to apply.
• © 2012 Deloitte & Touche. All rights reservedMember of Deloitte Touche Tohmatsu