The Importance of Being Trained

tindalldawn-1-e1454075780950After a very busy couple of months dealing with political issues – some good, some bad and some very sad – I turn my attention back to my interest in all things AML.  The 8th June saw the publication of the Commission’s report on its thematic review on training which they undertook in 2015.   Whilst I am pleased to note that the GFSC concluded firms broadly had good awareness, there were some interesting findings worth further consideration.

The basic aim of the Review was to look at the who, what, when and why of AML/CFT Training as required by the Regulations; the first question being who needs the training. This is usefully set out in the Glossary to the Report namely the definition of a relevant employee which is:

  • member of the Board
  • member of the management of a firm
  • employees whose duties relate to the regulated business of a firm; or
  • other employees who are exposed to the risk of money laundering and terrorist financing.

I have found that people often mistake this to exclude employees who don’t “get involved” in client business, those who are not client-facing.  However, many such employees should “receive training as they may be in positions whereby they see or review information which could lead to them forming a suspicion about activity within the business.”  My preference is to train all staff in some type of AML/CFT training to ensure they feel included, so they take an interest in the work of the firm and are prepared if they do spot something suspicious.

To me, the content of the training (or the “what”) is probably the most important of the four as there is little point teaching the wrong stuff.  The list of the what includes

  • the CDD requirements;
  • the requirements for the internal and external reporting of suspicion;
  • the criminal and regulatory sanctions in place for failing to report information in accordance with policies, procedures and controls; and
  • the principal vulnerabilities of the Firm’s products and services.

On the face of it, some generic training provided on-line, in-house or by external consultants can satisfy the requirements. However, the Commission point out that the content must be relevant both to the business of the firm and the wider environment in which the firm operates.  The staff must also be “cognisant of both the risks posed to the business and the controls established by the firm to counter the threat of financial crime.”

To be able to provide quality, targeted training, it must, therefore, be informed by the firm’s business risk assessment with the risks identified flowing through into the training.  The trainer should also be familiar with the policies and procedures used by the firm so they can train the staff on the means identified for preventing the risks.

When training should take place is another important aspect which seems to be misunderstood.  The Handbooks require regular training to take place at least biannually but, as the Report notes, some firms acknowledge the need to provide training when there are changes to the regulatory regime, new trends and typologies emerge specific to the business of the firm or new procedures are implemented by the firm.  As this happens often, regular training should really just be a refresher.

It is also quite clear that the Handbooks require the introductory AML/CFT training be “delivered prior to an employee becoming involved in the day-to-day operations of the firm”.

The Report states that

“In this regard, 65% of firms surveyed indicated that they provide induction training within a fortnight of an individual commencing employment, with 34% providing said training within the first week. Conversely, 14% of the firms sampled provide induction training within three months of an employee starting.”

In my experience, most employees are involved in the day-to-day operations of a firm fairly quickly, even if supervised, and certainly in some small way within the first week.    I, personally, like to set up a meeting between the employee and the MLRO and Compliance Officer on Day One to introduce them to each other, discuss the employee’s role, their understanding of AML/CFT and their previous training.  This will inform the remainder of the employee’s Induction programme and ensure that, in the unlikely event they do see something suspicious in those first few days, they know who to report to and feel able to do so.  I also ensure that the employee’s supervisor knows what training is required before their staff member begins their proper job.

So why do we have to provide training?  The Report starts by stating that one of the most important tools to fight financial crime is to have staff who are alert to the potential risks and identifiers of suspicious activity.

Staff can only be alert to these risks and identifiers if they know them, they know what to do when they see them and they know what happens if they don’t.

Therefore, in my mind, the responsibility of the Board to assess the training to ensure it is appropriate and effective is paramount.  However, in order to do so, the Board must have timely and complete information not only on what training has been given and to whom but also whether it is relevant in the light of its risks and its policies.

It is also worth noting that a member of the Board would find it difficult to make such an assessment without being fully versed in all aspects of the regulatory requirements and the external environment in which the firm is trading. In other words, they need to be a fit and proper person.

The training requirements set out in the Handbooks are, therefore, yet another example of how all the cogs in the regulatory machine need to be well-oiled in order to ensure a firm is fully compliant.  In my view, it also means that, if suitably oiled, the benefits can and will be reflected in a firm’s Balance Sheet.

 

Bordeaux – Minded To Do What?

Orange man pondering and question mark.

When I heard about the Bordeaux case I thought I would be writing the fourth installment of my series of articles about the reasons for enforcement action being taken by the Commission.  To my surprise, upon reading the judgment, I realise that my concern was with the quality of the decision making instead: a theme close to my heart.

For those of you who don’t know, on May 16th this year, the judgment of the Royal Court was handed down in respect of the appeal by the three directors of Bordeaux Services (Guernsey) Limited against their 5 year prohibition orders.  It also dealt with the amount of the fine leveled at Bordeaux itself by the Commission.

After the judgment was issued, the Commission, on the 6th June, published a summary setting out the basis for the enforcement action and the findings of the Royal Court and will be following this up with a seminar on the 20th June.  As the summary sets out perfectly the issues at the heart of the action, I have chosen instead to deal with why some of the original orders made were set aside on appeal.

In July 2015, the Senior Decision Maker, who was acting on behalf of the Commission, issued a written statement [or Decision] setting out the fines and prohibition orders imposed against Bordeaux and its directors together with the findings of fact in the case and the reasons for the enforcement action taken.  The job of the Deputy Bailiff on hearing the appeal was to decide, on the basis of the contents of the Decision, whether Bordeaux’s fine and the prohibition orders imposed against the directors were reasonable.  As the appeal was partly successful, it is clear something went wrong but what was at fault?

Before looking at the outcome, the Deputy Bailiff looked at the level of review the Decision deserved.  He explained that “the availability of discretionary financial penalties as one of the sanctions that can be imposed raises such cases to a level where the process is quasi-criminal” concluding that “the Decision can properly be subjected to a level of review that would not otherwise be appropriate for a more obviously “lay” administrative decision affecting another sector of activity.”

Then, after confirming that the Decision Maker was able to make prohibition orders even though there was no proof of some lack of integrity, the Deputy Bailiff considered the appeal against those orders made under the full suite of regulatory Laws.  Whilst he found that the reasons for such orders were adequately argued in respect of the POI Law and the Fiduciaries Law, the remaining three prohibition orders were set aside.  But why?  Because, quite simply, the Senior Decision Maker did not include reasons for making prohibition orders under the other three Laws.  Without reasons, the Deputy Bailiff had to set aside those prohibition orders because:-

“[a]lthough it would only have taken a paragraph or so to make the connection between the various findings of non-fulfilment under the POI Law and the Fiduciaries Law and findings that there have similarly been failings that could be leveled against each of the Bordeaux Directors under the other Laws, this has not been done.”

It is interesting to note that the original Decision issued to Bordeaux on the 28th July 2015 omitted to mention all the regulatory Laws, only referencing the POI Law and, when spotted the next day, an amended and final Decision was issued on the 31st July 2015.  However, despite the Decision now extending the prohibition orders so that they were made under all the regulatory Laws, as can be seen, the reasons in the Decision for making such orders were not.

The next error was in relation to the length of the prohibition orders imposed on all three directors.  The problem here was not that there were no reasons given in the final Decision but the lack of cohesion between the “Minded To Notice” and the final Decision issued in July.  A “Minded To Notice” is a draft decision setting out what the Decision Maker is, literally, minded to impose.  It is intended to give an opportunity to put forward objections against the proposed penalties and this is what happened.  However, whilst some of the objections were accepted, the problem arose because the arguments set out in the “Minded To Notice” did not flow through to the final Decision.

In the “Minded To Notice” the imposition of 15 years prohibition for the directors, Mr Radford and Mr Meader, and a 5 year prohibition for Mr Tostevin were mooted.  In the final Decision, the 15 year orders were reduced to 5 years but Mr Tostevin’s 5 year order remained the same.  The error was not considered to be in this reduction but because there was no arguments put forward as to why the length of Mr Tostevin’s prohibition order was not also proportionately reduced.  This change of heart was not explained and, therefore, the Deputy Bailiff felt there “was insufficient reasoning given for 5 years.”

Lastly, the £150,000 fine imposed on Bordeaux was reviewed and again there was a paucity of reasons given.  One aspect was the comparison of other judgments and the Deputy Bailiff states

“The fact that the Decision is silent as to how the GFSC took into consideration the penalties imposed by it in other cases (para. (f)) is troubling.  Where there is a statutory obligation on the GFSC to take this factor into consideration, it is clearly desirable for it to demonstrate that it has done so.”

So back it must go for reconsideration as to the amount of the fine to be imposed on Bordeaux as well as the review of the prohibition orders which weren’t upheld on appeal.  Not only does this mean there is more work for the Commission to do to impose the penalties it wanted, but also some of the costs of the appeal are to be met by the Commission because the Appellants were, to a certain extent, successful.

So, whilst some reassurance can be taken to know that, despite the poor record of decisions made, those who do fail the fit and proper test will not slip through the net, one must ask at what cost?

 

The Art of Training (and not just GFAS)

Award in Education and Trainingtindalldawn-1-e1454075780950I passed!!

For those of you who don’t know, I have passed the exam “Award in Education and Training” and very pleased I am too.  I took the Award because I felt it was a great way of confirming my abilities to provide training on Anti-Money Laundering (amongst other compliance subjects) but it proved to be more valuable than I thought.  As well as giving me an insight into the way people learn, it also taught me a lot about the roles and responsibilities of teachers – a very topical subject.

When I mean topical I do not mean the Education Debate which is currently raging in Guernsey.  As this post is on my business website, I am looking at the subject from the perspective of the Commission’s training requirements.

As I am sure you noticed, the Commission’s Guidance on Training and Competency paper (originally issued on 11th November 2014) was amended again on the 16th May 2016.  The paper observes that, since 1st January 2015, Investment licensees, Insurance Managers and Intermediaries have been required to have a training and competency scheme for each employee.  It is made absolutely clear that these Schemes are not just for their Financial Advisers and Authorised Insurance Representatives but all of their employees.  Interestingly though, having trawled through the Commission’s website, I have not been able to find the same requirements for Banking and Fiduciary licensees although I am sure you would be roundly endorsed if you treated all your employees in the same way.

Each Scheme should be an easy to use means of assessing and monitoring an employee’s ongoing competence in their respective roles and identify individual training needs.   More importantly the licensee, the employee and the Commission should be able to clearly understand its aims and outcomes and, as usual, the Board is responsible for the effectiveness of any Scheme and have sufficient management information for effective monitoring and supervision.

The requirement for supervision of employees brings its own issues of course.  As well as a Scheme for their own role in the business, the person appointed as supervisor must also have a Scheme for this second role which ensures they have all the necessary skills to act as a competent supervisor.   This, of course, means that the individual needs to be technically knowledgeable with the required experience in both the subject and in the art of supervision.   

But how does a licensee work out the criteria and procedures for assessing whether an individual is competent in their respective role?  How do you make an initial assessment of a new employee’s level of competence?  How do you supervise the performance of employees?  More importantly, how do you deal with an employee who does not achieve the level of competence identified as required for the job?  As well as being a big ask, it also begs the question who assesses the assessor?  Also, after putting a great deal of effort into these Schemes, don’t forget to review all the policies and procedures regularly and when roles and people change.  We all know that a role changes depending on who is filling it.

Luckily there is some help at hand (and not just me or your HR team) – the Guernsey Training Agency have produced Training Matrices which can be found on their Services page under Advisory Groups and Qualification Pathways.  It is worth noting that the matrices deal mainly with qualifications and specifically do not cover experience.  Although the matrices (other than Investment) include a need for new entrants to have compliance knowledge, I am a little surprised they do not indicate that employees need an increasing level of knowledge of AML as their career progresses.  The preamble states that the matrix does not include compliance updates and one-off courses in anti-money laundering, but I would have thought a qualification in AML would be recommended for other employees not just those in the Compliance Department?  But then again that may be because of the nature of the qualifications available.

As to AML, the Regulations and Handbooks are clear on the requirements for training and so this will be part of a well-documented Scheme.  However, to finish with a warning, I understand that the Commission’s PRISM visits have shown that one area of concern is the lack of adequate AML training.  I suspect this is not just a reference to the standard annual update or one-off courses in anti-money laundering but also adequate training on your in-house procedures.   If I may, I suggest you check that this training is part of your Schemes and then review its content, its relevance, its effectiveness  ……..

 

Compliance – the Trusted Partner

tindalldawn-1-e1454075780950

As we all know, the Compliance function is now one of the most important tools in a firm’s fight to minimise risk.   It has been a bit of a battle to get Boards to realise that the Compliance Department should be treated as a trusted partner but, if its objectives are successfully integrated into all processes, it can be a partner which helps do business.  This is not least because of the possible reputational damage that can arise if there is non-compliance but also because there are, for example, benefits of having a smooth, efficient and speedy CDD collection service as it can enhance customer relationships.

However, as there are more and more areas a Compliance Department should be looking at, what is the role of Compliance now?

Compliance is defined as “the conformity in fulfilling official requirements” but considering the vast array of official requirements this could be so many things.  When I started my career in law in the late 1980’s, we did not think of compliance as a distinct department but just a general responsibility.  We had to comply with all necessary legislation no matter what law we were advising on and that included compliance in respect of, amongst other things, confidentiality and data protection, insurance, health and safety and employment.  It wasn’t until April 1994 when it started to be a question of whether we needed to see a client’s passport or not and that’s when to me the Compliance Department became a reality.

More than 20 years later, the Compliance Department has evolved from just looking at the AML requirements to looking at the many new threats and concerns which need to be addressed daily.  To mention a few issues, we have the EU General Data Protection Regulations, the OECD Common Reporting Standard for the exchange of tax information, and all the changes that may come along after the 23rd June with a possible BREXIT.

The EU General Data Protection Regulations come into force in 2018 and bring in the new concepts of the right to be forgotten, data portability and data breach notification.  As to the CRS, so far 55 countries have committed for the first exchange of information by 2017 and, of course, this includes the Crown Dependencies; Guernsey’s regulations came into force on the 1st December 2015.  If the UK decides to leave the EU, then Protocol 3 will need to be renegotiated and this may not be on such favourable terms.

But should it be the Compliance Department that is responsible or should other departments be dealing with the issues?  I think that depends on the model in your firm and the resources you have but, whatever they be, clear lines should be drawn to ensure each person and each department knows their responsibilities so nothing falls between the cracks.

To me, the most pressing and important area which must not fall foul of blurry lines of responsibility is the EU General Data Protection Regulations.  Whilst 2018 seems a long time away, due to the extent of its coverage, work must begin now.  Firms need to review their operations, risks and controls to be ready not only to protect themselves from threats but to stand out from the crowd.  The role of Compliance as a trusted partner, in my mind, is to get together as many other Departments as possible to discuss your firm’s response.   That’s, of course, if it hasn’t happened already.

There are opportunities and work has already begun in earnest to put Guernsey in a great position.  As PWC said in its 2015 report – let’s establish the Island as a ‘Trusted Location’ for international data.  Why not?  By having the right components in place it will enable the finance industry and Guernsey to embrace these opportunities.  And if successful, we will all see the benefits.

 

The Politics of Compliance

tindalldawn-1-e1454075780950Sitting here, as proud as punch to be elected as a Deputy and member of Guernsey’s States of Deliberation, the mind starts thinking of the compliance aspects of our success at the polls.

My first thought is AML – of course!  High risk I may be but am I a PEP?  Does the automatic requirement for enhanced due diligence apply to me because I am a Deputy?

For those of you who don’t know PEP stands for politically exposed person. The definition, which is the same in both sets of Regulations that apply in Guernsey, starts by saying that a politically exposed person means “a person who has, or has had at any time, a prominent public function or who has been elected or appointed to such a function in a country or territory other than the Bailiwick …” (My emphasis)

So, having read that, I see that it’s not me then ?  ….. Oh yes it is! Because, as always, it is never as simple as it seems.

As I have been elected to a political position in the Bailiwick, I am considered a “domestic” PEP and the extra due diligence does not automatically apply here.   However, if I want to open a bank account, say, in the UK, I am a “non-domestic” PEP and so caught by their Money Laundering Regulations 2007.  Their Regulation 14(5)(a)(i) states that a PEP “is an individual who is or has, at any time in the preceding year, been entrusted with a prominent public function by ..  a state other than the United Kingdom”.

As we have many banks here that are branches of UK banks or, indeed, branches of other countries’ banks, their approach needs to be considered.  Their policies and procedures may require that the highest standard of AML which applies in the jurisdictions in which they operate is followed or they may not even differentiate between “domestic” and “non-domestic” PEP.   So whilst we are not caught by the legislation which applies to those branches, which is the Guernsey legislation, we are probably caught by the policies imposed on them by “head office”.

As Guernsey intends to update its legislation and the Handbooks to follow the FATF (Financial Action Task Force) Recommendations 2012, that distinction should no longer be as relevant and I will have PEP status both here and abroad … but not yet.

Whether or not we are automatically PEPs does not mean the story ends there.  As I have said, it is highly likely that, if we are not treated as PEPs, the business relationships or occasional transactions we undertake will be assessed as high risk anyway under the firm’s policy and procedures.

However, whilst the definition of PEP in legislation invariably includes the PEP’s immediate family and close associates as it does in Guernsey, what is interesting to note is that the FATF Recommendations do not call these people PEPs.  All that the Recommendations state is that “the requirements for all types of PEP should also apply to family members or close associates of such PEPs.” (My emphasis again).

So whatever you want to call us, come Tuesday, I expect businesses to be queuing up at the doors of new Deputies’ for those extra pieces of information or documentation to comply with the Handbooks.

If you have not checked (or had not even thought to check) your database to see if we (or our family members or close associates) are your clients, then may I politely suggest you contact me.  I can help you review your procedures to make sure you don’t miss anyone’s change of status which results in the need to undertake further enhanced due diligence.

Willow, Confiànce and Provident – what lessons can we learn?

guernsey-compliance-services

LESSONS FROM THOSE NAMED AND SHAMED – PART 3

In Part 1, I noted the three reoccurring themes why the GFSC took enforcement action against these three firms.  In Part 2, I discussed the first theme namely risk assessments.  In this Part, I will consider the question of ongoing and effective monitoring and enhanced due diligence for high risk relationships.

I will start with enhanced due diligence the meaning of which is set out in Regulation 5. The Regulation contains a list setting out what steps you should take but is it really that simple in practice?

For example, the first two actions require senior management approval for establishing a business relationship or occasional transaction or continuing a PEP relationship.  This seems straightforward, however, most businesses involve senior management in approving new relationships so what should they do to demonstrate a different method? It is important that whatever is chosen, perhaps involving more than one member of senior management or a director, provides for a greater scrutiny of the relationship.

If it is important, when taking the extra EDD steps, to have different treatment between high and medium risks then, when it comes to source of wealth (SOW) and source of funds (SOF), why has this recently been blurred?  I am, of course, referring again to the recent MoneyVal report and also the GFSC endorsement of the good practice in establishing SOW and SOF for both such risk rated relationships.  Perhaps, if a difference is needed, it will be in how the SOW and SOF is evidenced?

The last requirement in Regulation 5 is, I believe, the least understood.  As part of CDD, it is only prudent to obtain all necessary identification data, to verify that data and to understand the nature and purpose of the business relationship.  So what more can be done?  Often this is not obvious but, to comply with the Regulation, it is essential to document what action is appropriate to that business relationship and, most importantly, take that action.

Ongoing and effective monitoring was the third theme and, if EDD applies, it must be undertaken more frequently and extensively.  Monitoring includes the review of CDD, transactions or activity.  However, no matter how often or to what extent this is undertaken, the relevance of the CDD or whether a transaction is complex or unusual must be understood.  The only way to do that is to have given the business relationship the correct risk rating in the first place and kept the risk profile and assessment up to date.

In my view, the cautionary tale of the enforcement action is that it highlights the interdependence of all the policies, procedures and controls required by the Handbooks.  It is so important that all are appropriate and they are implemented as how else can they be effective and the Board fulfil its duty?

 

Willow, Confiànce and Provident – what lessons can we learn?

guernsey-compliance-services

LESSONS FROM THOSE NAMED AND SHAMED – PART 2

In Part 1, I noted there seemed to be three reoccurring themes why the GFSC took enforcement action against these three firms namely:

  • risk assessments
  • ongoing and effective monitoring
  • enhanced due diligence for high risk relationships.

 

In this Part, I am looking at risk assessments.Pyramid

Assessments come in various forms but there are three main ones for AML/CFT purposes: the National Risk Assessment (NRA), the Business Risk Assessment (BRA) and the Relationship Risk Assessment.  I believe each one builds upon the other.

In the first of FATF’s 2012 Recommendations, it states that “countries should identify, assess and understand the money laundering and terrorist financing risks for the country”.  Whilst the UK issued their NRA in October 2015, Guernsey proposes to issue their NRA this year, having received the IMF’s model and had industry input.

The idea of the NRA is that it informs the next level namely the BRA or business risk assessment.  Guernsey’s Regulations require businesses to “carry out and document a suitable and sufficient money laundering and terrorist financing business risk assessment which is specific to the … business”.  The GFSC issued a detailed answer to FAQs on its website in September 2014 advising that the BRA “should identify the potential financial crime risks to which the business could be exposed”.  They also reiterated that it is best practice to review the BRA whenever changes to the business or financial crime risks occur and at least on an annual basis.  Due to the multitude of changes in these areas, the BRA is, therefore, a living document needing almost constant review.

The third level of assessment is the relationship risk assessment which is also made up of three stages – the risk profile, the risk assessment and the risk rating.  The risk profile should set out the information regarding the specific relationship with the customer noting all financial crime risk indicators which include those that are compulsory, inherent, high or, if none, low.  The risk assessment is the method by which a business assesses the profile, considering all the risks identified including the accumulation of those risks.  If the high risk indicators are not compulsory ones, the business can decide not to assess the overall risk as high because of strong and compelling mitigating factors identified and documented.

The third step is to give the relationship a risk rating and apply the appropriate level of CDD.

MoneyVal (sorry to mention them again!) reiterated the problem highlighted by the IMF that, because non-resident customers, private banking and trusts and companies holding personal assets are not compulsory high risks in Guernsey, insufficient CDD in some instances is applied.  Whilst the GFSC noted the evaluation recommendation for these new compulsory high risks, they pointed out that many businesses already include them as best practice.

Do you?  Are your risk ratings correct?  Without effective CDD and EDD will you fall into the trap of Willow, Confiànce and Provident?

In Part 3, I will consider the question of ongoing and effective monitoring and enhanced due diligence for high risk relationships.

MoneyVal – The Road Ahead

tindalldawn-1-e1454075780950

GUERNSEY’S MONEYVAL REPORT … AGAIN

 

 

After a very informative seminar last week, I thought I would set out the timetable identified by the FIU, the GFSC and the Policy Council of the work they need to do to implement some of the recommendations of the MoneyVal Evaluation.  It also gives an idea when we can expect our workloads to be affected.

  • Spring 2016 – Publication of the FIS Annual Report for 2015 (and possibly from previous years as it was last published in 2009)
  • May 2016 – Consultation on amendments to the Wire Transfer legislation
  • September 2016 – Policy Letter to the Guernsey States of Deliberation to obtain approval for the changes to the primary AML/CFT legislation
  • Autumn 2016 – Upon receipt of the IMF model for a National Risk Assessment, Guernsey’s version will be compiled with help from industry in order to comply with the FATF 2012 Recommendations.  Recommendation 1 requires Guernsey to identify, assess and understand the money laundering and terrorist financing risks it faces, such an assessment informing a firm’s business risk assessment.
  • End of 2016 – Consultation with industry on the changes to the Handbooks for Financial Services Businesses and Prescribed Businesses
  • End of 2016 – Completion of the review of Guernsey Terrorist Financing legislation
  • 2016 or 2017 – Approval of the amendments to the Sanctions legislation to close the gap between UN designations and the EU designations
  • January or Easter 2017 – Approval of Sark Chief Pleas of amendments to primary legislation
  • September 2017 – Progress Report to MoneyVal

Richard Walker, the Director of Financial Crime and Regulatory Policy of the Policy Council, continued the list with the following work streams:

  • consideration of the inclusion of manumitted organisations on the Register of Non Profit Organisations but taking into account the treatment of trusts with long stop charitable beneficiaries
  • discussions with GAT to follow up on the recommendation of both the IMF and MoneyVal to include the requirement for non-professional trustees to maintain information on beneficial ownership
  • review of corruption and confiscation legislation.

A long list – good luck!

Willow, Confiànce and Provident – what lessons can we learn?

guernsey-compliance-services

LESSONS FROM THOSE NAMED AND SHAMED – PART 1

When reading the summaries issued by the GFSC on the enforcement action taken against these three firms, there are three reoccurring themes that jump out at you.   These are failures in respect of:

  • risk assessments
  • ongoing and effective monitoring
  • enhanced due diligence for high risk relationships.

These failures were compounded for Confiance and Provident as the issues had been raised by the GFSC at a previous visit and had not been effectively rectified.

It is very important to ensure the remediation identified by the GFSC has been implemented and I am sure much effort has been put into doing so but is it appropriate and effective?  Sometimes you can read and re-read the GFSC’s letters from the last visit and hope you’ve understood what they mean.  Although you have considered the remedial action identified, you’ve reviewed your procedures and you think it has all been covered, how can you be sure the changes will be effective?

It’s never too late, either, to ensure those Instructions have been followed. Like all compliant firms, you will have reviewed your files when the Instructions where issued in 2009 and 2010.  However, having taken on many business relationships since then, why not take this opportunity to review your files to ensure you could confirm once again that you have continued to apply the requirements in those Instructions?

You know where I am if you need help.

In Part 2, I will look at the three themes in more detail.

MoneyVal – Something For Everyone

tindalldawn-1-e1454075780950

GUERNSEY’S MONEYVAL REPORT IS OUT!

MoneyVal have finally issued the 4th Round Evaluation of Guernsey and, whilst everyone pats themselves on the back (and why not – Guernsey has done very well) there is still some aspects of concern for all licensees, the regulator and the FIU.
The headlines below could be the future…..

If you’re bad, you’ll pay more … if your suspicious and don’t report, you will be punished … no more simplified or reduced CDD for many low risk relationships … EDD compulsory for many more FSB relationships … lawyers and accountants no longer Appendix C businesses … independent audit functions needed to test compliance ….

But then the good news for FSBs …..

  • Will trusts need to have a Guernsey registered agent or TCSP trustee?
  • Will TCSPs be needed for all Guernsey companies?
  • The AGCC should provide additional guidance particularly CDD measures.
  • The FIU should provide more information in public reports.

This is just my view of the Summary and, as we know, the devil is in the detail. But I am sure we have the time to read the 322 page report whilst we wait with interest to see what the GFSC will do – looking forward to the 11th February and their Industry Presentation on the Moneyval Report Feedback.