Willow, Confiànce and Provident – what lessons can we learn?

guernsey-compliance-services

LESSONS FROM THOSE NAMED AND SHAMED – PART 2

In Part 1, I noted there seemed to be three reoccurring themes why the GFSC took enforcement action against these three firms namely:

  • risk assessments
  • ongoing and effective monitoring
  • enhanced due diligence for high risk relationships.

 

In this Part, I am looking at risk assessments.Pyramid

Assessments come in various forms but there are three main ones for AML/CFT purposes: the National Risk Assessment (NRA), the Business Risk Assessment (BRA) and the Relationship Risk Assessment.  I believe each one builds upon the other.

In the first of FATF’s 2012 Recommendations, it states that “countries should identify, assess and understand the money laundering and terrorist financing risks for the country”.  Whilst the UK issued their NRA in October 2015, Guernsey proposes to issue their NRA this year, having received the IMF’s model and had industry input.

The idea of the NRA is that it informs the next level namely the BRA or business risk assessment.  Guernsey’s Regulations require businesses to “carry out and document a suitable and sufficient money laundering and terrorist financing business risk assessment which is specific to the … business”.  The GFSC issued a detailed answer to FAQs on its website in September 2014 advising that the BRA “should identify the potential financial crime risks to which the business could be exposed”.  They also reiterated that it is best practice to review the BRA whenever changes to the business or financial crime risks occur and at least on an annual basis.  Due to the multitude of changes in these areas, the BRA is, therefore, a living document needing almost constant review.

The third level of assessment is the relationship risk assessment which is also made up of three stages – the risk profile, the risk assessment and the risk rating.  The risk profile should set out the information regarding the specific relationship with the customer noting all financial crime risk indicators which include those that are compulsory, inherent, high or, if none, low.  The risk assessment is the method by which a business assesses the profile, considering all the risks identified including the accumulation of those risks.  If the high risk indicators are not compulsory ones, the business can decide not to assess the overall risk as high because of strong and compelling mitigating factors identified and documented.

The third step is to give the relationship a risk rating and apply the appropriate level of CDD.

MoneyVal (sorry to mention them again!) reiterated the problem highlighted by the IMF that, because non-resident customers, private banking and trusts and companies holding personal assets are not compulsory high risks in Guernsey, insufficient CDD in some instances is applied.  Whilst the GFSC noted the evaluation recommendation for these new compulsory high risks, they pointed out that many businesses already include them as best practice.

Do you?  Are your risk ratings correct?  Without effective CDD and EDD will you fall into the trap of Willow, Confiànce and Provident?

In Part 3, I will consider the question of ongoing and effective monitoring and enhanced due diligence for high risk relationships.

MoneyVal – The Road Ahead

tindalldawn-1-e1454075780950

GUERNSEY’S MONEYVAL REPORT … AGAIN

 

 

After a very informative seminar last week, I thought I would set out the timetable identified by the FIU, the GFSC and the Policy Council of the work they need to do to implement some of the recommendations of the MoneyVal Evaluation.  It also gives an idea when we can expect our workloads to be affected.

  • Spring 2016 – Publication of the FIS Annual Report for 2015 (and possibly from previous years as it was last published in 2009)
  • May 2016 – Consultation on amendments to the Wire Transfer legislation
  • September 2016 – Policy Letter to the Guernsey States of Deliberation to obtain approval for the changes to the primary AML/CFT legislation
  • Autumn 2016 – Upon receipt of the IMF model for a National Risk Assessment, Guernsey’s version will be compiled with help from industry in order to comply with the FATF 2012 Recommendations.  Recommendation 1 requires Guernsey to identify, assess and understand the money laundering and terrorist financing risks it faces, such an assessment informing a firm’s business risk assessment.
  • End of 2016 – Consultation with industry on the changes to the Handbooks for Financial Services Businesses and Prescribed Businesses
  • End of 2016 – Completion of the review of Guernsey Terrorist Financing legislation
  • 2016 or 2017 – Approval of the amendments to the Sanctions legislation to close the gap between UN designations and the EU designations
  • January or Easter 2017 – Approval of Sark Chief Pleas of amendments to primary legislation
  • September 2017 – Progress Report to MoneyVal

Richard Walker, the Director of Financial Crime and Regulatory Policy of the Policy Council, continued the list with the following work streams:

  • consideration of the inclusion of manumitted organisations on the Register of Non Profit Organisations but taking into account the treatment of trusts with long stop charitable beneficiaries
  • discussions with GAT to follow up on the recommendation of both the IMF and MoneyVal to include the requirement for non-professional trustees to maintain information on beneficial ownership
  • review of corruption and confiscation legislation.

A long list – good luck!

Willow, Confiànce and Provident – what lessons can we learn?

guernsey-compliance-services

LESSONS FROM THOSE NAMED AND SHAMED – PART 1

When reading the summaries issued by the GFSC on the enforcement action taken against these three firms, there are three reoccurring themes that jump out at you.   These are failures in respect of:

  • risk assessments
  • ongoing and effective monitoring
  • enhanced due diligence for high risk relationships.

These failures were compounded for Confiance and Provident as the issues had been raised by the GFSC at a previous visit and had not been effectively rectified.

It is very important to ensure the remediation identified by the GFSC has been implemented and I am sure much effort has been put into doing so but is it appropriate and effective?  Sometimes you can read and re-read the GFSC’s letters from the last visit and hope you’ve understood what they mean.  Although you have considered the remedial action identified, you’ve reviewed your procedures and you think it has all been covered, how can you be sure the changes will be effective?

It’s never too late, either, to ensure those Instructions have been followed. Like all compliant firms, you will have reviewed your files when the Instructions where issued in 2009 and 2010.  However, having taken on many business relationships since then, why not take this opportunity to review your files to ensure you could confirm once again that you have continued to apply the requirements in those Instructions?

You know where I am if you need help.

In Part 2, I will look at the three themes in more detail.

MoneyVal – Something For Everyone

tindalldawn-1-e1454075780950

GUERNSEY’S MONEYVAL REPORT IS OUT!

MoneyVal have finally issued the 4th Round Evaluation of Guernsey and, whilst everyone pats themselves on the back (and why not – Guernsey has done very well) there is still some aspects of concern for all licensees, the regulator and the FIU.
The headlines below could be the future…..

If you’re bad, you’ll pay more … if your suspicious and don’t report, you will be punished … no more simplified or reduced CDD for many low risk relationships … EDD compulsory for many more FSB relationships … lawyers and accountants no longer Appendix C businesses … independent audit functions needed to test compliance ….

But then the good news for FSBs …..

  • Will trusts need to have a Guernsey registered agent or TCSP trustee?
  • Will TCSPs be needed for all Guernsey companies?
  • The AGCC should provide additional guidance particularly CDD measures.
  • The FIU should provide more information in public reports.

This is just my view of the Summary and, as we know, the devil is in the detail. But I am sure we have the time to read the 322 page report whilst we wait with interest to see what the GFSC will do – looking forward to the 11th February and their Industry Presentation on the Moneyval Report Feedback.

Welcome to a new approach to AML/CFT

tindalldawn-1-e1454075780950
DAWN TINDALL INTRODUCESTRIANGLE COMPLIANCE SERVICES
PROVIDING AML/CFT SOLUTIONS

I am pleased to welcome you to my website and to introduce you to the services I can offer. I am a compliance professional and am passionate about getting things right. AML/CFT is a complex area which has many pitfalls for the unwary and the penalties for failure are increasing.
By applying my legal training and many years of experience as a practising solicitor, I can provide reasonably priced and reassuringly thorough answers to your AML/CFT concerns.

I always believe that talking through a problem can lead to a solution – call me for a chat to find out if you like my approach and if you wish me to help with those irritating issues.