The Regulator’s Regulator?

tindalldawn-1-e1454075780950Next week, the States of Guernsey will be asked to note the annual report and accounts of the Guernsey Financial Services Commission for the year ended 31st December, 2015.  Under Rule 3(24) of the Rules of Procedure this means I will not be asked to agree or disagree with the contents of the Report as “to note” is construed as a neutral motion neither approving or disapproving.  So, having read the Report and wanting to make a few comments on its contents, I thought I’d put some thoughts down in my blog as the role of Regulator is such an important function for our industry.

What struck me initially was not their stated objectives; it was what was not  – the Commission does not seek to run a zero-failure regime. To quote the Director General, William Mason,

“Were we to set ourselves up to run a zero failure regime we would unduly constrain innovation, limit growth and seek to act in a risk averse fashion which would ultimately ensure little other than the impoverishment of the people of the Bailiwick as the financial services sector became a shadow of its former self.”

From an AML perspective, this means that, with the Commission using PRISM’s risk based approach to supervision, there will still be attempts by criminals to misuse the financial system.  Naturally, therefore, it is for businesses to follow the requirements of the legislation and the Handbooks to ensure those attempts fail.

It is good to hear that innovation is very much being encouraged by the GFSC and their open-door policy is often complimented especially when talking FinTech.  However, there is still the grumble in the AML world that there is insufficient consistency in the application of CDD requirements.  So, whilst there is a focus on providing data management to collate a customer’s identification information for KYC and CRS purposes, there is still a lack of clarity of how to get the documents which verify the customer’s identity such that they satisfy not only the different country regimes but the requirements of different institutions within each country.

Some companies seek to comply with the standard which satisfies the most respected country regimes which is a good starting point.  However, I found that, when submitting the documents, the approaches of institutions varied so much that the easiest way was to deal with each institution and get agreement on what they will accept.  Quite often they asked for more than their own country’s requirements resulting in me firmly pointing out that they were not complying with their own country’s legislation, that their policies were not based on that legislation and that they should vary their requirements to accept a consistent standard in line with FATF requirements.  I am pleased to say that this proved successful on all but one occasion and that failure was with a London branch of a Swiss bank with whom I had already had success.  The branch was not for seeing the light!

You might well say – and I would agree with you – that this was a time consuming method of getting a customer’s verification documents accepted.  However, the main theme with the client facing teams I dealt with was they wanted to ask their customers to provide only one set of documents and not to have to keep going back to the client for more information just because each different institution wanted something else.  So whilst you can collate in accordance with the main countries’ requirements, there will always be differences in interpretation until we have common standards for AML.

To compliment my approach, I always thought it best to advise our clients on the expense of certain relationships before willingly embarking on a painful account opening process.  Instead, client relationship managers should recommend going with those institutions which take a pragmatic approach with whom the firm has had a good relationship and saving their client’s money (and your time!).  I also believe a comprehensive checklist covering all the information and verification required which is fully complied with, checked for accuracy and, most importantly, not signed-off until it is complete in all respects should do the trick.

Some also say that the GFSC does not adhere to such common standards quoting other countries’ different rules as being more lenient.  My response is always that, in my experience, other countries apply the FATF common standards (almost) but do not enforce those standards to the same extent the GFSC does.  So results this misunderstanding. People believe the GFSC requires higher standards than others, higher than required by FATF but actually I believe it just has the right standards (well almost) but the difference is that they are fully enforced.  As such enforcement means we received a superb MoneyVal evaluation which brings in business, the argument that we should be more lax with those requirements is, in my mind, counter-productive.

The review of the Handbooks should iron out some of those annoying differences and should bring clarity to ambiguities that exist but leniency in respect of the requirements I do not agree with as, after all, getting it right is not that difficult if you are conversant with all the legislation and guidance and take advice as appropriate.

 

Link to the annual report and accounts of the Guernsey Financial Services Commission for the year ended 31st December, 2015 is   https://www.gov.gg/CHttpHandler.ashx?id=102816&p=0

The Politics of Compliance

tindalldawn-1-e1454075780950Sitting here, as proud as punch to be elected as a Deputy and member of Guernsey’s States of Deliberation, the mind starts thinking of the compliance aspects of our success at the polls.

My first thought is AML – of course!  High risk I may be but am I a PEP?  Does the automatic requirement for enhanced due diligence apply to me because I am a Deputy?

For those of you who don’t know PEP stands for politically exposed person. The definition, which is the same in both sets of Regulations that apply in Guernsey, starts by saying that a politically exposed person means “a person who has, or has had at any time, a prominent public function or who has been elected or appointed to such a function in a country or territory other than the Bailiwick …” (My emphasis)

So, having read that, I see that it’s not me then ?  ….. Oh yes it is! Because, as always, it is never as simple as it seems.

As I have been elected to a political position in the Bailiwick, I am considered a “domestic” PEP and the extra due diligence does not automatically apply here.   However, if I want to open a bank account, say, in the UK, I am a “non-domestic” PEP and so caught by their Money Laundering Regulations 2007.  Their Regulation 14(5)(a)(i) states that a PEP “is an individual who is or has, at any time in the preceding year, been entrusted with a prominent public function by ..  a state other than the United Kingdom”.

As we have many banks here that are branches of UK banks or, indeed, branches of other countries’ banks, their approach needs to be considered.  Their policies and procedures may require that the highest standard of AML which applies in the jurisdictions in which they operate is followed or they may not even differentiate between “domestic” and “non-domestic” PEP.   So whilst we are not caught by the legislation which applies to those branches, which is the Guernsey legislation, we are probably caught by the policies imposed on them by “head office”.

As Guernsey intends to update its legislation and the Handbooks to follow the FATF (Financial Action Task Force) Recommendations 2012, that distinction should no longer be as relevant and I will have PEP status both here and abroad … but not yet.

Whether or not we are automatically PEPs does not mean the story ends there.  As I have said, it is highly likely that, if we are not treated as PEPs, the business relationships or occasional transactions we undertake will be assessed as high risk anyway under the firm’s policy and procedures.

However, whilst the definition of PEP in legislation invariably includes the PEP’s immediate family and close associates as it does in Guernsey, what is interesting to note is that the FATF Recommendations do not call these people PEPs.  All that the Recommendations state is that “the requirements for all types of PEP should also apply to family members or close associates of such PEPs.” (My emphasis again).

So whatever you want to call us, come Tuesday, I expect businesses to be queuing up at the doors of new Deputies’ for those extra pieces of information or documentation to comply with the Handbooks.

If you have not checked (or had not even thought to check) your database to see if we (or our family members or close associates) are your clients, then may I politely suggest you contact me.  I can help you review your procedures to make sure you don’t miss anyone’s change of status which results in the need to undertake further enhanced due diligence.