The Criminal Justice (Money Laundering and Terrorist Financing) Act 2010 (the "2010 Act") came into effect on 15 July 2010 and was amended by the Criminal Justice Act 2013 (the "2013 Act") (together the "Act"). The Act transposes the Third Money Laundering Directive (2005/60/EC) and it's Implementing Directive (2006/70/EC) into Irish Law. Designated persons under the Act, including all credit and financial institutions (as defined in the Act) are required to comply with their obligations under the Act.
On 25 February 2014, the Central Bank of Ireland (the "Central Bank") published its planned series of Themed Reviews and Inspections, along with its Enforcement Priorities. This included the Central Bank's intention to conduct a further round of themed inspections in the area of anti-money laundering and counter terrorist financing ("AML/CTF") and the controls which designated persons are required to put in place to mitigate against the risk of AML/CTF.
The Central Bank commenced its themed AML/CTF inspections during the summer of 2014 and is due to issue a Dear CEO letter shortly setting out its key observations. In the meantime, Dillon Eustace has seen a number of findings letters and we have noted the following general observations.
The following are the general observations noted from the recent round of Central Bank themed AML/CTF inspections.
- Firms must ensure that an appropriate detailed, documented, AML/CFT risk assessment of the business is carried out and that supporting evidence of decisions made is available for review by the Central Bank during any follow-up inspection of the Firm. This risk assessment should be reviewed and regularly updated if necessary to address new or emerging risks.
- The Board at the Firm must ensure appropriate engagement and challenge by the Board, and that this is satisfactorily evidenced to demonstrate to the Central Bank that it is meeting the requirements of the Act.
- The Board at the Firm must ensure that it can demonstrate to the Central Bank that staff undertaking AML/CFT duties on behalf of the Firm have received appropriate AML/CFT training.
- Specifically relevant to Fund Boards –
- They must ensure they implement measures to obtain appropriate oversight of the Administrator's policy, procedures and practices to ensure that they appropriately mitigate the AML/CFT risks of the Fund; and
- Management information reported to the Board should be comprehensive to provide the Board with appropriate oversight of all activities being conducted by the Administrator on their behalf.
Customer Due Diligence
- The Firm must ensure that it has a robust process in place to ensure compliance with the requirements of Section 33 of the Act including Section 33(4) of the Act, which deals with non-face to face customers that are individuals. This should be supported by appropriate policies and procedures.
- The Firm must ensure that appropriate CDD records are maintained for all customer files and should consider reliability testing to ensure adherence to CDD Procedures.
- The Firm must ensure that it has appropriate procedures and controls in place to ensure compliance with Section 33(8) of the Act for any customers that have failed to provide adequate CDD documentation. The Central Bank reminds Firms that they are obliged to complete CDD as soon as practicable and that Firms need to define what they mean by as soon as practicable so that they have a clear understanding as to when the point of failure has been reached and consequently when Section 33(8) of the Act applies.
- The Firm must ensure that it has effective policies and procedures in place for the management of PEPs, including a process for carrying out enhanced customer due diligence and obtaining senior management sign off of PEP relationships. The Central Bank's focus here is that where a Fund delegates PEP sign-off to the senior management of the Administrator, then this needs to be clearly documented in the Fund's AML/CTF policy.
- The Firm is only permitted to enter arrangements with a relevant third parties where it is satisfied that the letter of reliance provided by the relevant third party meets the requirements of Section 40 of the Act.
- The Firm should review reliance letter arrangements to determine if any arrangements require remediation. In any cases where deficiencies are identified the Firm must take the necessary steps to ensure compliance with the Act.
Suspicious Transaction Reports ("STRs")
- The STR procedures should be updated to provide clarity, for all staff of the Firm, regarding their reporting obligations. Procedures should outline what constitutes a suspicion and outline the steps a staff member should take if they identify a suspicion.
- Firms must ensure they have effective on-going monitoring policies and procedures in place to identify STRs.
- Firms must review and validate any monitoring systems and/or reports to ensure that they are meaningful and effective.
- The AML Policy for Fund Boards must include the procedure to identify and report suspicious activity independent of the Administrator. This should include –
- The process to raise and escalate STRs to the Firm's MLRO;
- A timeframe within which reports should be made to the authorities;
- The offences and penalties for failure to report and the definition of 'tipping off and the penalties associated with this offence and measures to be taken to avoid 'tipping off'; and
- The Firm should be in a position to demonstrate that it has given due consideration to its own reporting obligations and that a mechanism is in place to follow up investigation with the Administrator to enable the Firm to reach its own determination.
- The Firm must confirm that all persons involved in the conduct of the business are instructed on the law relating to money laundering and terrorist financing and are provided with on-going training.
- Adequate training records for all staff need to be retained.
- The Firm must ensure that all staff adhere to the procedures of the Firm.
Investment Funds and their service providers should note the above general observations and determine if amendments are required to their respective AML/CTF policy and procedures. In any event it should be noted that the AML/CTF policy and procedures should be reviewed at least on an annual basis. There is also a duty to conduct training at least on an annual basis.
The Regulatory and Compliance team in Dillon Eustace can assist you in reviewing and updating your AML/CTF policy and procedure where necessary. We can also assist you by delivering the annual AML/CTF training either at your premises or at Dillon Eustace's premises. Please see our contacts details on the covering page.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.