Annual Anti-Money Laundering & Terrorist Financing Training - PowerPoint Presentation

Slide1

Annual Anti-Money Laundering & Terrorist Financing Training

May 2021

Slide2

Important

Members should note this is a template presentation and must be personalised by the firm to reflect their own policies and procedures.

Slide3

Legislation

The Irish AML/CTF legislative framework is set out in the Criminal Justice (Money Laundering and Terrorist Financing) Act 2010, the Criminal Justice (Money Laundering and Terrorist Financing) (Amendment) Act 2018 and the Criminal Justice (Money Laundering and Terrorist Financing) (Amendment) Act 2021.

The key changes in the 2021 Act include:

 Creation of new categories of Designated Person; the expansion of the PEP definition;

new triggers for conducting customer due diligence and the inclusion of a list of enhanced due diligence measures to be taken when dealing with customers residing or established in high risk third countries.  

Slide4

What is Anti-Money Laundering & Terrorist financing?

It is the process by which criminals conceal the true origin and ownership of the proceeds of drug trafficking or other criminal activity.

A common misconception in relation to Money Laundering is that it only relates to theft, drug or similar offences.

It might also be:Tax evasionFinancial fraud and deception

Theft

Slide5

To be guilty of money laundering a person must know or believe the property involved is or probably is the proceeds of criminal conduct or be reckless as to whether the property is the proceeds of criminal conduct.

Terrorist Financing

Funds intended to finance an act of terrorism.

Links between terrorist groups and organised criminal gangs.

Includes converting, transferring, handling, acquiring, possessing or using the property that is the proceeds of criminal conduct.There must be intention or knowledge in providing or collecting funds for the purposes of financing terrorism, in order for there to be an offence.

5

Slide6

Stages of Money Laundering

There are three stages in the money laundering process:

Placement – this is the physical disposal of cash;

Layering – the creation of complex layers which make tracking transactions difficult;Integration – absorbing the money back into the economy as legitimate money.

6

Slide7

Designated Persons

Mortgage Intermediaries and intermediaries by virtue of their registration as Insurance Intermediaries who provide Life Assurance or other investment related services are deemed to be “Designated Persons”.

Note:

Intermediaries only operating in the General Insurance market are not subject to the AML legislation. However they are expected to be mindful of other legislation that would apply such as Financial Sanctions and to have controls and procedures in place to detect and prevent financial crime, and as a result, to report suspicious transactions. Staff would need to be trained in this regard. (See Appendix 6 in Brokers Ireland AML Guidance notes for further information)

7

Slide8

Designated Persons must have internal policies and procedures to reflect the requirements of the legislation in relation to the following areas

:

Customer due diligence

Reporting Record keeping

Internal procedures & training (All staff including executive & non-executive directors are required to receive annual training in relation to AML & combating terrorist financing.)

8

Slide9

What does Customer Due Diligence mean?

Identify & verify the customer.

Identify & verify the beneficial owner (An individual who ultimately owns or controls the customer and/or on whose behalf a transaction or activity is conducted).

Establish purpose & intended nature of business relationship (a business, professional or commercial relationship between the designated person and the customer that the designated person expects to be ongoing).Monitor customer dealings on an on-going basis.

Slide10

Beneficial Owner

Company An Individual holding 25% or more of shares or voting rights.

PartnershipAn Individual holding 25% or more of profits or capital or voting rights, Trusts

An individual who is entitled to a vested interest in the trust property may be considered a beneficial owner. Additionally, settlors, trustees and protectors of a trust may now also be considered beneficial owners. The threshold of 25% ownership no longer applies. EstateExecutor.

Slide11

Beneficial Owner Contd.

Where the beneficial owner identified is the senior managing official, firms are required to take the necessary reasonable measures to verify the identity of the natural person who holds the position of senior managing official and shall keep records of the actions taken as well as any difficulties encountered during the verification process.

A designated person is obliged by virtue of any enactment or rule of law, including the European Union (Administrative Cooperation in the Field of Taxation) Regulations 2012 (S.I. No. 549 of 2012), to contact a customer for the purposes of reviewing any relevant information relating to the beneficial owner connected with the customer.

Slide12

Beneficial Owner Cross-checking

Prior to the establishment of a business relationship with a customer to which the European Union (Anti-Money Laundering: Beneficial Ownership of Corporate Entities) Regulations 2019 (S.I. No. 110 of 2019) (modified by the European Union (Modifications of Statutory Instrument No. 110 of 2019) (Registration of Beneficial Ownership of Certain Financial Vehicles Regulations 2020) (S.I. No. 233 of 2020) apply:

a designated person shall ascertain that information concerning the beneficial ownership of the customer is entered in the Central Register of Beneficial Ownership of Companies and Industrial Provident Societies or, as the case may be, the Central Register of Beneficial Ownership of Irish Collective Asset-management Vehicles, Credit Unions and Unit Trusts.

Slide13

Purpose & intended nature of the business relationship

In most cases this will be self evident e.g. Investing in a life policy Opening bank account

Ongoing monitoringScrutinise transactions: Source of wealth or funds

Consistent with knowledge of customer and the customer’s business and pattern of transactions

Slide14

Customer Due Diligence Requirements

Legislation allows designated persons to apply aspects of the customer due diligence requirements on a risk-sensitive basis depending on: a) The nature of the product being sold;

b)The delivery mechanism or distribution channel used to sell the product;c) The profile of the customer; and d) The customer’s geographical location and source of funds.

Slide15

Intermediaries are required to carry out Customer Due Diligence

Prior to establishing a business relationship with the customer.

Prior to carrying out for/with the customer any transaction which appears linked to another transaction or prior to assisting the customer in carrying out a single transaction if:

(i) You do not have a business relationship with the customer; and (ii) The total amount of money paid by the customer in the single transaction or series of transactions is greater than €10,000.

Slide16

Intermediaries are required to carry out Customer Due Diligence (contd.)

Prior to carrying out any service for the customer, if you have reasonable grounds to believe that there is a real risk that the customer is involved in money laundering/terrorist financing(ML/TF).

If you have grounds to doubt the veracity of documents provided by the client. At any time, including situations where the relevant circumstances of a customer have changed, where the risk of money laundering/terrorist financing warrants its application.

A client risk assessment form is recommended to be completed to assess the risk per transaction – See Appendix 3 BI Guidance notes

Slide17

Three categories of Customer Due Diligence (CDD)

Simplified Customer Due Diligence

applies where the customer or business area is considered to be low risk.

Enhanced Due Diligence now applies to high risk third countries, higher risk relationship/transactions and resident and non-resident ‘Politically Exposed Persons’ deemed to be high risk.

Standard Due Diligence must be applied to all remaining customers and products.

Slide18

Simplified Customer Due Diligence

Designated persons will be allowed to carry out Simplified Customer Due Diligence where the customer or business area is considered to be low risk.

Simplified Customer Due Diligence can only be applied where a designated person has identified in its business risk assessment, an area of lower risk into which the relationship or transaction falls, and the relationship or transaction concerned can reasonably be considered to be low risk. Please see Appendix 4 and Appendix 5 in BI AML Guidance notes for a list of factors suggesting potentially lower and higher risk.

Slide19

Simplified Customer Due Diligence contd.

Where a firm has applied Simplified Customer Due Diligence, it is required to:

Retain record of the reasons for its determination and evidence upon which is was based; and

Carry out sufficient monitoring of the transactions and business relationships to enable the firm to detect unusual or suspicious transactions.

Slide20

Simplified Customer Due Diligence contd.

Examples of products which may fall into the simplified customer due diligence category are:

Protection policies with annual premium of less than €1000

Pension business (except ARF and AMRF)  Note: Intermediaries must at all times take into account the type of customer, countries or geographical areas, transactions and delivery channels and document the rationale for categorising these products as lower risk for the purposes of applying CDD.

Slide21

Enhanced Due Diligence (EDD)

High risk third countries

A designated person is required to apply enhanced customer due diligence measures when dealing with a customer established or residing in a high-risk third country.

Slide22

Enhanced Due Diligence

High risk third countries

At present there are 22 countries* that have been identified as 'high risk third countries’. These are listed in the table below:

*Please note this list is continuously updated

Slide23

Enhanced Due Diligence contd.

High risk third countries

A designated person shall apply the following measures to manage and mitigate the risk of money laundering and terrorist financing when dealing with a customer established or residing in a high-risk third country:

  (a) obtaining additional information on the customer and on the beneficial owner; (b) obtaining additional information on the intended nature of the business relationship;

(c) obtaining information on the source of funds and source of wealth of the customer and of the beneficial owner; (d) obtaining information on the reasons for the intended or performed transactions; (e) obtaining the approval of senior management for establishing or continuing the business relationship; (f) conducting enhanced monitoring of the business relationship by increasing the number and timing of controls applied and selecting patterns of transaction that need further examination.

Slide24

Enhanced Due Diligence contd.

Relationship/transaction presents a higher risk

Firms should examine the background and purpose of all transactions that:(a) are complex,

(b) are unusually large, (c) are conducted in an unusual pattern, or (d) do not have an apparent economic or lawful purpose.

Slide25

Enhanced Due Diligence contd.

Enhanced due diligence measures apply to PEPs resident in Ireland and non-resident PEPs. Examples of PEPs include:

Senior official of a major political party

Senior official in the executive, legislative, administrative, military, or judicial branch of a governmentSenior Member of Defence Forces

Directors, deputy directors or member of the board/equivalent function for an international organisationSenior executive of a government owned commercial enterprise or corporation.Any individual known to be a personal or professional associate of a PEP

An immediate family member of a PEP; e.g. spouse, parents, siblings, children.  

Slide26

Enhanced Due Diligence contd.

P

EPsFirms should note that PEP status itself is intended to apply higher vigilance to certain individuals and put those individuals that are customers or beneficial owners into a higher risk category. It is not intended to suggest that such individuals are involved in suspicious activity.

Life Assurance Policies/PEPsAdditional requirements are imposed regarding the identification of the beneficiaries of life assurance policies and other investment-related assurance policies

Slide27

Enhanced Due Diligence contd.

Life Assurance Policies/PEPs

Specific steps must be taken where the PEP is a beneficiary of a life assurance policy.  If a designated person knows or has reasonable grounds to believe that a beneficiary of a life assurance or other investment-related assurance policy or a beneficial owner of the beneficiary concerned, is a politically exposed person, or an immediate family member or a close associate of a politically exposed person, it shall:

inform senior management before pay-out of policy proceeds andconduct enhanced scrutiny of the business relationship with the policyholder

Slide28

Enhanced Due Diligence contd.

 

PEP Identification Firms should put appropriate policies and procedures in place to determine:If a customer or beneficiary is a PEP at on boarding; or

If a customer becomes a PEP during the course of the business relationship with the firm.Firms should note that new and existing customers may not initially meet the definition of a PEP, but may subsequently become one during the course of a business relationship with the firm.

Slide29

Enhanced Due Diligence contd.

 

Firms should undertake regular and on-going screening of their customer base and the customers’ beneficial owners (where relevant), to ensure that they have identified all PEPs. The frequency of PEP screening should be determined by firms commensurate with their business wide risk assessment.

Firms policies and procedures should address how any PEP relationship identified will be managed by the firm including:Application of EDDObtaining Senior Management approval

Enhanced on-going monitoring

Slide30

Enhanced Due Diligence contd.

 

Firms should continue to apply the measures referred to in the previous slide to a politically exposed person for as long as it is reasonably required to take into account the continuing risk posed by that person, and until such time as that person is deemed to pose no further risk specific to politically exposed persons.

Each Member State and any international organisation accredited to it will be required to keep an up-to-date list of exact functions which qualify as prominent public functions. A single list of all prominent public functions will be assembled by the Commission and will be made public.  

Slide31

Enhanced Due Diligence contd.

 

Where firms are purchasing politically exposed persons (PEP) lists, they should check how their provider is using the information published to support the production of the PEP list.

Firms should also ensure the PEP lists that they maintain are kept up to date.

Slide32

Standard Customer Due Diligence (SCDD)

Applied on a risk based approach

Profile of the customerNature of product or service

Distribution channelGeographical area of operation

Slide33

Standard Customer Due Diligence

Factors which indicate lower risk

Customer Risk Factors:

public companies listed on a stock exchange and subject to disclosure requirements (either by stock exchange rules or through law or enforceable means), which impose requirements to ensure adequate transparency of beneficial ownership; public administrations or enterprises;

Customers that are resident in geographical areas of lower risk as set out in subparagraph (3).

Slide34

Standard Customer Due Diligence

Factors which indicate lower risk

Product, service, transaction or delivery channel risk factors:

Life assurance policies for which the premium is low; Insurance policies for pension schemes if there is no early surrender option and the policy cannot be used as collateral;

A pension, superannuation or similar scheme that provides retirement benefits to employees, where contributions are made by way of deduction from wages, and the scheme rules do not permit the assignment of a member’s interest under the scheme;

Slide35

Standard Customer Due Diligence

Factors which indicate lower risk

Product, service, transaction or delivery channel risk factors contd

: (d) financial products or services that provide appropriately defined and limited services to certain types of customers, so as to increase access for financial inclusion purposes; (e) products where the risks of money laundering and terrorist financing are managed by other factors such as purse limits or transparency of ownership (e.g. certain types of electronic money).

Slide36

Standard Customer Due Diligence

Factors which indicate lower risk

Geographical risk factors- registration, establishment, residence in

: EU Member States; third countries having effective anti-money laundering (AML) or combating financing of terrorism (CFT) systems;

Third countries identified by credible sources as having a low level of corruption or other criminal activity;

Slide37

Standard Customer Due Diligence

Factors which indicate lower risk

Geographical risk factors- registration, establishment, residence in

contd: Third countries which, on the basis of credible sources such as mutual evaluations, detailed assessment reports or published follow-up reports, have requirements to combat money laundering and terrorist financing consistent with the revised Financial Action Task Force (FATF) recommendations and effectively implement these requirements.”.

Slide38

Standard Customer Due Diligence

Lower risk

There are products due to their inherent features which are unlikely to be used as a vehicle for money laundering purposes.

The following features would indicate low risk:Only pays out on death or diagnosis of terminal illness of policy holder.Only pays out on medical evidence and proof is required as to loss of income.

No surrender value.Small, regular premiums: additional payments by customer not possible.Large premiums will normally require medical evidence.

No investment element.Once term of policy is finished no payout and policy ceases.

Slide39

Standard Customer Due Diligence

Generally, for protection products with annual premium of less than €1000, due diligence requirements are satisfied by the Name, Address and Date of Birth information collected on the application form in conjunction with the fact that the payment is made from an account in the customer’s name (i.e. personal cheques and other payment instruments drawn on policy owner’s own account such as Direct Debits/Standing Orders)

 

If payment is made by bank draft for the products above Brokers Ireland would recommend that the client is requested to request confirmation from the bank confirming where the money is coming from and request completion of the source of funds form. Appendix 7 BI Guidance

Slide40

Standard Customer Due Diligence

Medium Risk

The medium risk level is given to products whose inherent features pose some risk for the purposes of money laundering or terrorist financing. These may be products which have a facility for “top up” payments. Examples:

Life assurance savings planWith premium under €5000Investment Bonds with premium under €5000

Post Retirement pension products: ARF & AMRFs 

Slide41

Standard Customer Due Diligence

Medium Risk

Due Diligence requirements: Name, address and date of birth collected on the application form in conjunction with the fact that the payment is made from an account in the policy owner’s name (i.e. personal cheques and other payment instruments drawn on policy owner’s account such as Direct Debits/Standing Orders)

 If payment is not by way of Direct Debit/personal cheque drawn on policy owners own account, complete source of funds form (Appendix 7

BI Guidance)  Certified copies of identification and proof of address for policy owner and third party if applicable.

Slide42

Standard Customer Due Diligence

Factors which indicate higher risk

Customer risk factors:

the business relationship is conducted in unusual circumstances; customers that are resident in geographical areas of higher risk as set out in subparagraph (3);

non-resident customers; legal persons or arrangements that are personal asset-holding vehicles;

Slide43

Standard Customer Due Diligence

Factors which indicate higher risk

Customer risk factors contd:

(e) companies that have nominee shareholders or shares in bearer form; (f) businesses that are cash intensive;

(g) the ownership structure of the company appears unusual or excessively complex given the nature of the company’s business.(h) the customer is a third country national who applies for residence rights or citizenship in the State in exchange for capital transfers, purchase of property or government bonds or investment in corporate entities in the State.

Slide44

Standard Customer Due Diligence

Factors which indicate higher risk

Product, service, transaction or delivery channel risk factors:

Private banking; Products or transactions that might favour anonymity;

Non-face-to-face business relationships or transactions without certain safeguards, such as electronic identification means, relevant trust services as defined in the Electronic Identification Regulation or any other secure, remote or electronic, identification process regulated, recognised, approved or accepted by the relevant national authorities;

Slide45

Standard Customer Due Diligence

Factors which indicate higher risk

Product, service, transaction or delivery channel risk factors contd

:(d) Payment received from unknown or unassociated third parties; (e) New products and new business practices, including new delivery mechanism, and the use of new or developing technologies for both new and pre-existing products.

(f) transactions related to oil, arms, precious metals, tobacco products, cultural artefacts and other items of archaeological, historical, cultural and religious importance, or of rare or scientific value, as well as ivory and protected species.

Slide46

Standard Customer Due Diligence

Factors which indicate higher risk

Geographical risk factors:

Countries identified by credible sources, such as mutual evaluations, detailed assessment reports or published follow-up reports, as not having effective AML/CFT systems; Countries identified by credible sources as having significant levels of corruption or other criminal activity;

Countries subject to sanctions, embargos or similar measures issued by organisations such as, for example, the European Union or the United Nations;

Slide47

Standard Customer Due Diligence

Factors which indicate higher risk

Geographical risk factors contd:

(d) Countries (or geographical areas) providing funding or support for terrorist activities, or that have designated terrorist organisations operating within their country.

Slide48

Standard Customer Due Diligence

Higher risk

These products have the facility for third party and/or “top up” payments and therefore an enhanced level of due diligence

(by asking for more information) is appropriate. It is to this risk level that the majority of a designated person’s AML resource will normally be directed. The majority of products in this range are found in the investment category which reflects the higher value premium that can be paid into them.

Slide49

Standard Customer Due Diligence

Higher risk Due Diligence Requirements:

Name, address and date of birth collected on the application form in conjunction with the fact that the payment is made from an account in the policy owner’s name (i.e. personal cheques and other payment instruments drawn on policy owner’s account such as Direct Debits/Standing Orders)

Certified copies of identification and proof of address for policy owner and third party if applicable.

Complete source of Wealth form (Appendix 8).

Slide50

Identification

1. Personal customers:

Identification of a personal customer is the process whereby adesignated person obtains from a customer the information necessaryfor it to identify who the customer is. The identity of an individual has anumber of aspects at any point in time, all of which must be obtained

by the designated person:name (which may change due to particular events);

address (which is likely to change from time to time); anddate of birth (which is a constant).

Slide51

One plus One approach

Obtain one item from the list of photographic IDs (to verify name and date of birth) and one item from the list of non-photographic IDs (to verify address) at the outset of the business relationship.

Where available, this should include electronic identification processes regulated, recognised, approved and accepted by the relevant national authorities.

Slide52

One plus One approach

Sources which can be used to

verify identity are: Current valid Passport.

Current valid driving licence. Current valid National Identity Card. In the absence of the above documents, written or otherwise documented, assurances from persons or organisations that have dealt with the customer for some time may suffice.

A designated person might consider it appropriate to adopt an alternative approach of identification such as seeking a social welfare card, National Immigration Bureau Card off an individual who has recently immigrated into the State.

Slide53

Verify address

Current official documentation/cards issued by the Revenue Commissioners. Current official documentation/cards issued by the Department of Social and Family Affairs. Instrument of a court appointment (such as liquidator or grant of probate).

Current local authority document e.g. refuse collection bill. Current statement of account from a credit or financial institution. Current utility bills (including those printed from the internet). Current household/motor insurance certificate and renewal notice

Slide54

Legal persons and arrangements

Directors or the equivalent, for example: Partnerships and unincorporated businesses, Clubs, Societies, Public Sector bodies.

Identification can generally be satisfied by either:

obtaining a copy of the annual audited accounts listing directors (where the necessary information is publicly accessible and considered by the firm to be current and reliable); orObtaining relevant and up-to-date legal opinion from a reliable source documenting due diligence conducted, in relation to information on directors:

obtaining information from relevant company or other registry such as the CRO or known foreign equivalent; oras warranted by the risk, verify one or more directors in line with requirements for personal customers.

Slide55

Legal persons and arrangements contd.

To identify the legal arrangement:

A search of the relevant company or other registry (where the necessary information is publicly accessible and considered by the firm to be current and reliable); or

A copy, as appropriate to the nature of the entity, of the certificate of incorporation; a certificate of good standing; a partnership agreement; a deed of trust or other official documentation proving the name, form and current existence of the customer. In cases regarded by the firm as higher risk, use of more than one source of information may be warranted.

Slide56

Legal persons and arrangements contd.

2.

Acquire prescribed information at the outset of the business relationship to satisfy the additional information requirements:

a) Source of funds for the transaction e.g. an Irish bank account in own name.b)

Employment and salary details - this information could be captured in the Factfind.c) Source of wealth (e.g. inheritance, divorce settlement, property sale). This information should be captured on

the source of wealth form.

Slide57

Legal persons and arrangements contd.

Beneficial Owner

Where the beneficial owner identified is the senior managing official, firms should:verify the identity of the natural person who holds the position of senior managing official and keep records of the actions taken as well as any difficulties encountered during the verification process.

Before entering into a new business relationship with a corporate or other legal entity, or a trust or a legal arrangement having a structure similar to trust which are subject to the registration of beneficial ownership information:the firm shall collect proof of registration or an excerpt of the Register (i.e., CRO or CBI).

Firms are obliged to contact a customer for the purposes of reviewing any relevant information relating to the beneficial owner connected with the customer.

Slide58

Business Risk Assessment

The firm must undertake and document a comprehensive business risk assessment of the business, it should demonstrate that all potential Money Laundering/Terrorist Financing risks pertinent to their business have been fully considered and challenged such as :

The nature of the products being sold in the firm

The delivery mechanism or distribution channel used to sell the productThe profile of the customerThe customer’s geographical location and source of funds

The outcome of the business risk assessment should inform the firm’s risk-based approach and the design of AML/CTF controls.

Slide59

Business Risk Assessment contd.

The business risk assessment must be documented and must be available to the relevant competent authority upon request.

The business risk assessment must be reviewed and managed at regular, predefined intervals and it must be approved by senior management.

Slide60

Business Risk Assessment contd.

How the risk assessment affects customer due diligence

In deciding the level of Customer Due Diligence (CDD) to be applied, intermediaries, when undertaking a transaction/entering a business relationship, must consider a number of factors, including:

the relevant business risk assessment, the purpose of an account/relationship, the level of assets deposited/the size of the transaction and

the regularity of transactions/duration of the business relationshipSee BI Guidance notes for template Business Risk Assessment – Appendix 2

Slide61

Client Risk Assessment

Slide62

Ongoing Monitoring

Monitoring means the scrutinising of

transactions, and the source of wealth or of funds for those transactions, undertaken during the relationship in order to determine if the transactions are consistent with the designated person’s knowledge of:

(a)the customer,(b)the customer’s business and pattern of transactions, and(c)the customer’s risk profile (as determined under section 30B),and

ensuring that documents, data and information on customers are kept up to date in accordance with its internal policies, controls and procedures

Slide63

Ongoing Monitoring contd.

Designated persons should undertake monitoring

on an ongoing basis for patterns of unusual or suspicious activity to ensure that higher risk activity is scrutinised.

Transactions that are (a) are complex, (b) are unusually large, (c) are conducted in an unusual pattern, or (d) do not have an apparent economic or lawful purpose must be investigated in greater detail and monitoring increased if they appear suspicious.

Slide64

Ongoing Monitoring contd.

Employees should be adequately trained to identify such unusual business and report to the designated person’s Money Laundering Reporting Officer (MLRO)

(insert firms MLRO name). For example, employee training should cover encashment fraud attempts with the recent increase in encashment requests being made from client emails to transfer funds to a particular account, where it transpired the client had no knowledge of the encashment request

. Where an encashment request is received, it is recommended to take additional measures to ensure the request is genuine, for example:

Phone the client to confirm the details/instructionCross reference proof of ID and residency with existing proof of identity and residency on file

Slide65

Distribution Risk – may alter risk

“Face to Face” contact with no facility to take copies of ID

  Where the interaction with the customer is on a face-to-face basis, you should have sight of the original document(s) and appropriate details should be recorded. Where you visit the customer at his/her home address, you should make a detailed record of the visit. This would include, for example, taking details of passport or driving license numbers.

  Brokers Ireland recommends that in such scenarios, you request the customer to forward you a copy of the relevant ID and cross reference it with the details which were recorded at the point of sale.

Slide66

Distribution Risk – may alter risk contd.

“Non face-to-face

” The extent of the Customer Due Diligence in respect of non face-to-face customers will depend on the type of the product or service requested and the assessed money laundering risk presented by the customer.

Where the customer is not physically present (e.g. by post, telephone or over the internet) for identification purposes additional measures should be undertaken to establish the customer’s identity

Slide67

Distribution Risk – may alter risk contd.

Examples:

Telephone the customer on a home or business number which has been verified (electronically or otherwise). Communicate at a verified address with account opening docs for example, which might have to be returned or acknowledged .

First payment by the customer through a bank in the State or other EU Member State or certain specified acceptable countries. Internet sign on with details sent by mail to a verified address.

We would also suggest firms seek to obtain an additional non-photographic ID (to verify address) due to fact that many brokers are not physically meeting clients due to the COVID 19 pandemic.

Slide68

International Financial Sanctions

It is necessary for firms to monitor their customers and transactions against both the Europe Union(EU) and United Nations(UN) Sanctions Committee lists relating to terrorism.

Financial Sanctions lists that relate to terrorism should be monitored to assist in preventing terrorist financing from occurring, including, but not limited to the following:

EU Financial Sanctions listUN Sanctions Committees list

Slide69

Procedures and Policies

Firms must adopt internal policies, controls and procedures in relation to their business to prevent and detect the commission of money laundering and terrorist financing. These requirements also apply to persons to whom AML obligations have been outsourced.

The internal policies, controls and procedures are to include:

(a) identification, assessment, mitigation and management of risk factors relating to money laundering/terror financing(b) customer due diligence measures

(c) monitoring transactions and business relationships

Slide70

Procedures and Policies contd.

(d) the identification and scrutiny of purpose of all transactions that are complex, are unusually large, are conducted in an unusual pattern, or do not have an apparent economic or lawful purpose and any other activity that the designated person has reasonable grounds to regard as particularly likely to be related to money laundering/terrorist financing

(e) measures to be taken to prevent the use for money laundering or terrorist financing of transactions or products that could favour or facilitate anonymity,

(f) measures to be taken to prevent the risk of money laundering or terrorist financing which may arise from technological developments, (g) reporting (including the reporting of suspicious transactions),

Slide71

Procedures and Policies contd.

(h) record keeping,

(i)measures to be taken to keep documents and information relating to the customers of that designated person up to date,

(j) measures to be taken to keep documents and information relating to risk assessments by that designated person up to date, (k) internal systems and controls to identify emerging risks and keep business-wide risk assessments up to date, and (l)monitoring and managing compliance with, and the internal communication of, these policies, controls and procedures.

Slide72

Procedures and Policies contd.

Policies, controls and procedures must be approved by senior management and should be kept under review in particular when there are changes to the business profile or risk profile of the firm.

Firms must ensure that they have clearly defined process in place for the formal review at least annually of the policies and procedures within the firm.

These policies, controls and procedures are to have regard to any guidelines issued by the competent authority.

Slide73

Procedures and Policies contd.

Firms must ensure that persons involved in the conduct of the business (this includes directors, other officers and employees) receive instruction and training in respect of the law and on how to identify transactions or other activity that may relate to money laundering or terrorist financing (suspicious transactions) and how to proceed once identified.

Firms should ensure that the policies and procedures are readily available to all staff and are implemented and adhered to by all staff.

Slide74

Procedures and Policies contd.

This slide(s) should be personalised to outline the firms procedures and policies

Slide75

Management Responsibilities

The Central Bank recommends that the topic of AML/CTF is a recurring agenda item at board/senior management/ownership level meetings. The firm must ensure that AML/CFT/FS issues and decision making in relation to AML/CFT/FS is evidenced in the firm’s board/management meeting minutes. A copy of these board meeting minutes should be kept on file. For Sole traders, record should be kept of issues and decisions made.

Slide76

Record Keeping

AML/CTF documents and other records relating to clients shall be kept for a period of not less than five years*.

Record keeping is an essential part of the evidence trail and sufficient processes must be put in place to ensure that records are adequately kept.

*(Please note CPC 6 year requirements in relation to client records and FSPO requirements on long term investment products or mortgages)

Slide77

Record Keeping contd.

Customer information collected to comply with the requirements of Legislation; and Information regarding transactions undertaken by customers.

Possible formats in which records can be retained include one or more of the following: Original documents

Photocopies of original documents On microfiche In scanned form In

computerised or electronic form

Slide78

Record Keeping contd.

Outline the firms internal procedures in respect of record keeping here..

Slide79

Requests from An Garda Síochána for client information/records

For the purposes of providing information to the Garda Síochána this must be requested in writing be a member of the force not below the rank of Sergeant (who may give a direction, which must also be in writing, to retain the documents/other related records for a period up to a maximum of five years.

Slide80

Staff Training

Intermediaries must ensure that all staff receive on-going training in relation to their AML and combating of terrorist financing obligations.

Intermediaries should provide appropriate training which is tailored to the nature, scale and complexity of the firm and which is proportionate to the level of AML/CTF risk faced by the firm.

Firms should ensure that the AML/CFT training provided includes an assessment or examination at the end of the training session, which should be passed by all participants in order for the AML/CFT training to be recorded as completed.

Slide81

Staff Training contd.

Firms should provide AML/CTF training which is specific to the role carried out by the member of staff.

Firms should provide an enhanced AML/CTF training tailored to the specific needs of staff who perform key AML/CTF and FS roles within the firm e.g. the firms MLRO or senior management responsible for AML/CTF oversight.

Slide82

Staff Training contd.

Training should be consistent with firms policies & procedures and should consider the outcome of the firm’s business risk assessment.

Failure by the employer to provide training is an offence under the requirements.

A formal training schedule should be developed and maintained to ensure all relevant staff are adequately trained at least annually. Firms should ensure that training is provided to new recruits upon joining the firm in a timely manner.

Adequate records in relation to staff training should be retained for all internal & external courses attended for a period of 5 years

Slide83

Reporting

Requirement to have a documented internal reporting process for staff to report a suspicious transaction - it should provide guidance on how to complete and submit such reports. There should be documented timelines set by the brokerage in relation to the filing of the Suspicious Transaction Reports (STR). Firms are required to file an STR ‘as soon as practicable’.

Staff reports must be made to the Money Laundering Reporting Officer (MLRO) when the staff member knows, suspects or has reasonable grounds to suspect that money laundering or terrorist financing is being or has been committed or attempted

Slide84

Reporting contd.

Staff reports should include appropriate details of the customer who is the subject of concern and a statement

containing as much of the information, giving rise to the knowledge or suspicion, as possible

. All reports submitted via the internal reporting process should be recorded.

The MLRO will then decide whether to make the firm’s report to the FIU via the goAML system and the Revenue Commissioners. Sufficient information should be retained in order to record the reported suspicion, and support the firms determination of whether to discount the suspicion or to proceed and file the STR with authorities

Slide85

Reporting contd.

STRs must be submitted to Revenue using the Revenue‘s Online Service (ROS) only.

To submit an STR online, the designated person must firstly be registered for ROS and have a digital certificate. You can then register for STR Reporting and request a sub user certificate for all MLROs. For further guidance on submitting STRs online, please see the

Revenue Website. The Central Bank expects that all designated persons are registered with ROS.

Slide86

Reporting contd.

* Presenter should provide practical examples of situations which staff might encounter which would warrant a report.

Firms should have written policies and procedures in relation to reporting suspicions that may arise as a result of a failure on the part of the customer to provide the required or updated CDD documentation/information.

Slide87

Reporting contd.

If the MLRO decides an external report needs to be made to the FIU via the

goAML system and the Revenue Commissioners. The following information should be contained in the report:

The information on which the designated person’s knowledge, suspicion or reasonable grounds are based;The identity of the suspected person;

The whereabouts of the property that is the subject of the money laundering or the funds that are the subject of the terrorist financing;Any other relevant information

.

Slide88

Reporting contd.

Firms should ensure that they are registered with

goAML and ROS as STRs cannot be submitted via go AML unless the firm has previously registered.

Slide89

Reporting contd.

A designated person may be directed in writing by a member of the Gardaí, not below the rank

superintendent, not to carry out a specified service or transaction for a period not exceeding seven days.

A District Court judge may order a designated person not to carry out a specified service or transaction for a period not exceeding 28 days.

Slide90

Reporting contd.

A designated person may only proceed with a suspicious transaction or service prior to the sending of the report to the FIU and the Revenue Commissioners where:

it is not practicable to delay or stop the transaction/service from proceeding; or

the designated person is of the opinion that failure to proceed with the transaction or service may result in the other person suspecting that a report may be made or that an investigation may be commenced or is in the course of being commenced.

Slide91

Reporting contd.

You must not disclose to the customer concerned or other third persons that a report has been made to the FIU in relation to suspicions of money laundering or terrorist financing.

Designated persons, employees and directors are legally prohibited from tipping off.

Designated persons, employees and director are legally indemnified, in respect of any report made to FIU or Revenue Commissioners in good faith, in relation to a suspicion of money laundering of terrorist financing.

Slide92

Role of Money Laundering Reporting Officer (MLRO)

Has a significant degree of responsibility and should be familiar with relevant aspects of the Act and these guidelines.

He/she is required to determine whether the information or other matters contained in the suspicious transaction he/she has received, via any internal reporting procedure, merit the making of a report to the FIU (Fraud Investigation Unit) and the Revenue Commissioners.

Slide93

Role of Money Laundering Reporting Officer (MLRO) contd.

Maintenance of a log of any suspicious transactions, including details where it was decided not to make a report to FIU & Revenue Commissioners. The reasons for not doing so should be recorded.

Slide94

Powers of Financial Intelligence Units

As a result of the Criminal Justice (Money Laundering and Terrorist Financing) (Amendment) Act 2021, additional investigative powers have been granted to FIUs which enable FIUs to request, obtain and use information from any entity for the purpose of detecting, preventing and effectively combating AML/CTF.

An FIU’s powers may be invoked even in the absence of a Suspicious Activity Report (SAR). FIUs must compile information related to AML/CTF risks on a centralised database. The information contained in this must be readily available to that Member States competent authority and other FIUs.

Slide95

Powers of the Central Bank of Ireland

The Central Bank of Ireland is deemed to be the competent authority responsible for monitoring compliance of designated persons with the Criminal Justice (Money Laundering and Terrorist Financing) Act 2010 and Criminal Justice (Money Laundering and Terrorist Financing) (Amendment) Act 2018 .

The Central Bank has the power under the Administrative Sanctions Regime to sanction for failure to comply with the necessary obligations.

Slide96

Powers of the Central Bank of Ireland contd.

October 2016 - Settlement with Ulster Bank Ireland DAC

The Central Bank identified significant failings in Ulster Bank Ireland’s AML/CTF framework and procedures in respect of:

governance and control of AML/CTF outsourcingassessment of AML/CTF risk specific to its business and the relevant mitigating systems and controlsidentification and verification of existing customers (CDD) who predated the Irish AML/CTF laws effected in May 1995 (pre-95 customers)

The Central Bank also identified areas of non-compliance in respect of trade finance procedure manuals, adherence to internal procedures, AML/CTF training of non-executive directors and reliance on third parties in respect of CDD

Slide97

Powers of the Central Bank of Ireland contd.

April 2017 - Settlement with Allied Irish Bank

The Central Bank identified 6 breach's of the CJA 2010 as a result of significant failings in Bank of Ireland’s AML/CTF framework controls, policies and procedures in respect of:

The breaches occurred after the enactment of the CJA 2010 in July 2010 and persisted on average for over three years. They included AIB’s failure to: Report suspicious transactions without delay to An Garda Síochána and the Revenue Commissioners.

Conduct customer due diligence (‘CDD’) on existing customers who had accounts prior to May 1995 (‘Pre-95 customers’)

Slide98

Powers of the Central Bank of Ireland contd.

The Central Bank also identified breaches in respect of AIB’s AML/CFT policies and procedures in a number of areas, including the above, and its trade finance business.

Slide99

Powers of the Central Bank of Ireland contd.

May 2017 - Settlement with Bank of Ireland

The Central Bank identified significant failings in Bank of Ireland’s AML/CTF framework controls, policies and procedures in respect of:

Risk assessment: assessment of money laundering/terrorist financing (‘ML/TF’) risks specific to its business and the relevant mitigating systems and controls. Suspicious transaction reports: reporting of six suspicious transactions to An Garda Síochána and the Revenue Commissioners without delay.

Slide100

Powers of the Central Bank of Ireland contd.

May 2017 - Settlement with Bank of Ireland contd.

Correspondent banking: conduct of enhanced customer due diligence (‘CDD’) on one correspondent bank situated outside of the EU.

The Central Bank also identified areas of non-compliance with the CJA 2010 in relation to BOI’s trade finance business, CDD measures and its reliance on third parties to conduct CDD.

Slide101

Feedback from Central Bank AML/CTF inspections

From the sample testing undertaken by the Central Bank of both new and existing customers, a number of issues were identified, including:

- Photo ID and/or address verification documents were not always available on the customer file. For corporate customers, no constitutional documentation and/or other information (e.g. audited accounts, information from Companies Registration Office, etc.) were obtained for some of the customer files reviewed.

Documented evidence to demonstrate that on-going monitoring takes place was not always maintained.

Slide102

Feedback from Central Bank AML/CTF inspections contd.

The Central Bank expects that:

All required identification and verification is obtained and retained. Where Standard or Enhanced CDD is carried out, sufficient detail must be evidenced on the customer file.

Records are maintained of the on-going monitoring conducted, including the type of and frequency of the monitoring undertaken.

Slide103

Feedback from Central Bank AML/CTF inspections contd.

A number of issues were identified in relation to training, including:

Insufficient evidence that all staff, including those in key roles relating to AML/CTF, had received appropriate training.

Training records were not always maintained to demonstrate who had received the training, when the training took place and the nature of the training received. In some of the larger retail intermediaries, staff members were provided with generic, high level AML/CTF training, but limited or no specific training related to the AML/CTF procedures and processes relating to the firm’s specific operations.

Slide104

Feedback from Central Bank AML/CTF inspections contd.

In assessing the policies and procedures in place, the Central Bank identified a number of issues, including:

Policies and procedures that are not aligned to, and reflective of, the Money Laundering/Terrorist Financing risk assessment of the retail intermediary’s specific product/service offering and its operations.

Policies and procedures were not always adhered to in practice.

Policies and procedures did not provide sufficient detail in relation to suspicious transaction reporting e.g. no timelines set in relation to the filing of suspicious transaction reports and insufficient information provided on what might be deemed a suspicious transaction.

Slide105

Feedback from Central Bank AML/CTF inspections contd.

The Central Bank also expects that retail intermediaries undertake and document a Money Laundering/Terrorist Financing business risk assessment of their business, to include all risk categories e.g. distribution channel, customer type, etc.

Such an assessment should be updated regularly and reflect any changes in products or services offered e.g. new offerings with increased risk may require Standard or Enhanced Customer Due Diligence to be carried out.

See template business risk assessment in Brokers Ireland AML/CTF Guidance notes

Slide106

Reference material

Additional information available on Central Bank website:

https://www.centralbank.ie/regulation/anti-money-laundering-and-countering-the-financing-of-terrorism

Please see Brokers Ireland guidance notes and templates on the Brokers Ireland website