The Regulator’s Regulator?

tindalldawn-1-e1454075780950Next week, the States of Guernsey will be asked to note the annual report and accounts of the Guernsey Financial Services Commission for the year ended 31st December, 2015.  Under Rule 3(24) of the Rules of Procedure this means I will not be asked to agree or disagree with the contents of the Report as “to note” is construed as a neutral motion neither approving or disapproving.  So, having read the Report and wanting to make a few comments on its contents, I thought I’d put some thoughts down in my blog as the role of Regulator is such an important function for our industry.

What struck me initially was not their stated objectives; it was what was not  – the Commission does not seek to run a zero-failure regime. To quote the Director General, William Mason,

“Were we to set ourselves up to run a zero failure regime we would unduly constrain innovation, limit growth and seek to act in a risk averse fashion which would ultimately ensure little other than the impoverishment of the people of the Bailiwick as the financial services sector became a shadow of its former self.”

From an AML perspective, this means that, with the Commission using PRISM’s risk based approach to supervision, there will still be attempts by criminals to misuse the financial system.  Naturally, therefore, it is for businesses to follow the requirements of the legislation and the Handbooks to ensure those attempts fail.

It is good to hear that innovation is very much being encouraged by the GFSC and their open-door policy is often complimented especially when talking FinTech.  However, there is still the grumble in the AML world that there is insufficient consistency in the application of CDD requirements.  So, whilst there is a focus on providing data management to collate a customer’s identification information for KYC and CRS purposes, there is still a lack of clarity of how to get the documents which verify the customer’s identity such that they satisfy not only the different country regimes but the requirements of different institutions within each country.

Some companies seek to comply with the standard which satisfies the most respected country regimes which is a good starting point.  However, I found that, when submitting the documents, the approaches of institutions varied so much that the easiest way was to deal with each institution and get agreement on what they will accept.  Quite often they asked for more than their own country’s requirements resulting in me firmly pointing out that they were not complying with their own country’s legislation, that their policies were not based on that legislation and that they should vary their requirements to accept a consistent standard in line with FATF requirements.  I am pleased to say that this proved successful on all but one occasion and that failure was with a London branch of a Swiss bank with whom I had already had success.  The branch was not for seeing the light!

You might well say – and I would agree with you – that this was a time consuming method of getting a customer’s verification documents accepted.  However, the main theme with the client facing teams I dealt with was they wanted to ask their customers to provide only one set of documents and not to have to keep going back to the client for more information just because each different institution wanted something else.  So whilst you can collate in accordance with the main countries’ requirements, there will always be differences in interpretation until we have common standards for AML.

To compliment my approach, I always thought it best to advise our clients on the expense of certain relationships before willingly embarking on a painful account opening process.  Instead, client relationship managers should recommend going with those institutions which take a pragmatic approach with whom the firm has had a good relationship and saving their client’s money (and your time!).  I also believe a comprehensive checklist covering all the information and verification required which is fully complied with, checked for accuracy and, most importantly, not signed-off until it is complete in all respects should do the trick.

Some also say that the GFSC does not adhere to such common standards quoting other countries’ different rules as being more lenient.  My response is always that, in my experience, other countries apply the FATF common standards (almost) but do not enforce those standards to the same extent the GFSC does.  So results this misunderstanding. People believe the GFSC requires higher standards than others, higher than required by FATF but actually I believe it just has the right standards (well almost) but the difference is that they are fully enforced.  As such enforcement means we received a superb MoneyVal evaluation which brings in business, the argument that we should be more lax with those requirements is, in my mind, counter-productive.

The review of the Handbooks should iron out some of those annoying differences and should bring clarity to ambiguities that exist but leniency in respect of the requirements I do not agree with as, after all, getting it right is not that difficult if you are conversant with all the legislation and guidance and take advice as appropriate.

 

Link to the annual report and accounts of the Guernsey Financial Services Commission for the year ended 31st December, 2015 is   https://www.gov.gg/CHttpHandler.ashx?id=102816&p=0