During 2021/22, the IFA conducted reviews and assessed firms’ compliance with the Money Laundering Regulations 2017 (MLR). Our approach to AML supervision ensures we effectively monitor our firms and take measures to secure compliance with the MLR. Some 38% of firms reviewed were deemed non-compliant. Here, we detail key findings and solutions.
Regulation 18
Regulation 18 requires firms to have a written firm-wide risk assessment, which has been approved by senior management and is reviewed annually. Nine out of 10 (89%) non-compliant firms did not have a written risk assessment or the document provided was inadequate.
Documents provided included blank client risk assessments as well as documents from third parties that had been copied and not tailored to the firm.
Regulation 19
This requires firms to have adequate written policies, controls and procedures in place. Four in five (79%) non-compliant firms did not have appropriate policies and procedures in place and/or they were not reviewed on a regular basis.
Firms either had no written policies and procedures or had copied documents from other sources.
Regulation 21
This regulation requires firms to have appropriate internal controls. This is the responsibility of the Money Laundering Reporting Officer (MLRO) or Money Laundering Compliance Principal (MLCP) who is required to attend appropriate AML training and to complete an annual AML compliance review of their firm’s policies and procedures to ensure they are appropriate to the firm and its client base, and that the firm has appropriate resources including training requirements.
Nine in 10 (91%) non-compliant firms had no annual AML compliance review and/or had not completed training.
Regulation 24
This requires all relevant employees to undertake regular AML training to recognise and deal with transactions which may be related to money laundering, as well as to identify and report anything that gives grounds for suspicion. Nine out of ten (87%) non-compliant firms were unable to demonstrate that relevant employees had undertaken appropriate and regular training.
Regulations 27 and 28
These relate to customer due diligence and client risk assessments. Most firms understood this requirement, however 46% of non-compliant firms had issues here.
The most common failing was a lack of written client risk assessments where firms stated that they did not require them. Other issues included inadequate client risk assessments that did not reflect the services provided or nature of the client.
Help is at hand
The IFA is running a series of three AML Matters webinars in April, May and June to provide assistance to small practitioners.
The practical webinars will help build understanding of anti-money laundering requirements as a member and accounting professional.
The IFA AML Matters webinar series will be led by IFA Head of Practice Standards Tim Pinkney and two members of the AML Review team, Karolina Kowalczyk and David Erichsen.
- 26 April: Preparing and conducting your firm’s AML Annual Compliance Review
- 24 May: How to create policies and procedures
- 22 June: How to conduct a risk assessment for your firm and your clients