The AML Revision
The Anti-Money Laundering Regulations (2018 Revision) of the Cayman Islands (AML Regulations) have expanded the scope of the Cayman Islands’ anti-money laundering regime significantly, including its application to investment funds generally, and specifically to (i) private equity funds and other closed-ended funds (e.g. venture capital and real estate funds) which are not registered with the Cayman Islands Monetary Authority (Cima).
The AML Regulations have introduced a new risk-based approach to AML in the Cayman Islands, including requiring persons subject to the AML Regulations (which include Cayman Islands investment funds) to take steps appropriate to the nature and size of their business to identify, assess, and understand its money laundering and terrorist financing risks in relation to each investor, the country or geographic area in which each investor resides or operates, the types of individuals/entities that make up the investor base of the investment fund, source of funds (e.g. investment funds with lower minimum investment thresholds might pose a greater risk of money laundering, especially if the subscription proceeds are not coming from a regulated financial institution), and redemption terms.
APPLICATION OF THE NEW AML REGIME
The scope of the AML Regulations is still defined by reference to “relevant financial business”. Persons undertaking relevant financial business in the Cayman Islands must comply with the requirements of the AML Regulations. The definition of relevant financial business that was included in previous versions of the anti-money laundering regulations has been removed from the AML Regulations and has instead been placed in Section 2 of the Proceeds of Crime Law (2018 Revision) (PCL). The definition continues to cover “mutual fund administration or the business of a regulated mutual fund within the meaning of the Mutual Funds Law (2015 Revision)” which covers all funds registered with and regulated by Cima. The definition had also covered and continues to cover investment managers licensed by or registered with Cima (e.g. those who have applied for and obtained status as an “excluded person” under the Securities Investment Business Law for an exemption from the requirement for a licence).
However, Section 2 and Schedule 6 of the PCL now extends the meaning of “relevant financial business” to cover activities which are “otherwise investing, administering or managing funds or money on behalf of other persons”.
The net effect of expanding the meaning of “relevant financial business” to include activities of investing, administering or managing funds or money on behalf of other persons is that now all unregulated investment entities are also covered and will need to maintain AML procedures in accordance with the AML Regulations.
EXPANDED AML PROCEDURES
Going forward, all non-Cima-registered and unregulated investment funds will also be required to comply with the same AML regime as Cima registered and regulated funds.
Pursuant to regulations 3(1) and 33 of the AML Regulations, an investment fund doing business in or from the Cayman Islands must designate a natural person, at managerial level, to act as its anti-money laundering compliance officer (AMLCO), money laundering reporting officer (MLRO) and deputy money laundering reporting officer (DMLRO). Cima requires that a person acting as MLRO/ DMLRO must (i) act autonomously; (ii) be independent (have no vested interest in the underlying activity of the investment fund); and (iii) have access to all relevant material in order to make an assessment as to whether an activity is or is not suspicious. The AMLCO role should be performed by someone who will be the point of contact with the supervisory and other competent authorities.
Cima guidance to the AML Regulations requires that an AMLCO must be a person who is fit and proper to assume the role and who:
- has sufficient skills and experience;
- reports directly to the board of directors of the fund or equivalent;
- has sufficient seniority and authority so that the boardreacts to and acts upon any recommendations made;
- has regular contact with the board so that the board is able to satisfy itself that statutory obligations are being met and that sufficiently robust measures are being taken to protect the fund against money laundering/terrorist financing risks;
- has sufficient resources, including sufficient time and, where appropriate, support staff; and
- has unfettered access to all business lines, support departments and information necessary to appropriately perform the AML/CFT compliance function.
In addition to having the AMLCO, MLRO, and DMLRO officers in place, investment funds are required to have following AML procedures in place:
- identification and verification (KYC) procedures for its investors/clients;
- adoption of a risk-based approach to monitor financial activities;
- record-keeping procedures ;
- procedures to screen employees to ensure high standards when hiring;
- adequate systems to identify risk in relation to persons, countries and activities which shall include checks against all applicable sanctions lists;
- adoption of risk-management procedures concerning the conditions under which a customer may utilise the business relationship prior to verification;
- observance of the list of countries, published by any competent authority, which are non-compliant, or do not sufficiently comply with the recommendations of the Financial Action Task Force;
- internal reporting procedures (involving the MLRO and DMLRO); and
- such other procedures of internal control, including an appropriate effective risk-based independent audit function and communication as may be appropriate for the ongoing monitoring of business relationships or one-off transactions for the purpose of forestalling and preventing money laundering and terrorist financing.
In order to allow non-Cima registered unregulated investment entities (e.g. closed-ended funds such most private equity funds, venture capital funds, and real estate funds) not previously subject to the AML regime time to implement appropriate procedures (or delegation arrangements) to be in compliance with the new AML regime, the AML Regulations have been amended to provide these entities up until 31 May 2018 to assess their existing AML/ CTF procedures and to implement policies and procedures which are in compliance with the AML Regulations.
The deadline to designate an AMLCO, MLRO, and DMLRO and to notify Cima of the identity of such persons holding these roles is on or before 30 September 2018 for existing funds.
MANAGERS SHOULD BE AWARE
A Cayman fund that is already registered with and regulated by Cima will typically have delegated the maintenance of AML procedures on behalf of the fund to a fund administrator, and should therefore check that the scope of its current delegation to its administrator is sufficiently broad to cover the requirements of the AML Regulations (e.g. check (i) whether the AML regime being applied in respect of the fund is the Cayman AML regime or the regime of jurisdiction recognised as having an equivalent AML regime, and (ii) if it is the latter, whether or not the relevant administrator is actually subject to the AML regime of that jurisdiction ).
Non-Cima-registered investment funds which now fall under the new AML regime and which have delegated maintenance of AML procedures on behalf of the fund to a fund administrator should also check that the scope of delegation to its administrator or investment manager is sufficiently broad to cover the requirements of the AML Regulations. Investment entities which have not appointed a fund administrator (e.g. because the investment manager maintains the AML procedures on the fund’s behalf) should check the same matters outlined above and additionally, whether or not the delegate (e.g. the investment manager) has the requisite personnel (in terms of numbers, training, and experience) to maintain the AML procedures on the fund’s behalf. The extent to which (i) the maintenance of AML procedures on behalf of the fund, and (ii) the designation of AMLCO, MLRO, and DMLRO functions, has been or is to be delegated to a third party service provider should also be considered within the context of Cima’s guidance on outsourcing.
The Monetary Authority Law (2018 Revision) gives Cima the power to impose administrative fines for non-compliance on entities and individuals who are subject to Cayman Islands regulatory laws and/or the AML Regulations. For a breach prescribed as minor fine would be KYD5,000 (approximately US$6,000). For a breach prescribed as minor, Cima also has the power to impose one or more continuing fines of KYD5,000 each for a fine already imposed for the breach (the “initial fine”) at intervals it decides, until the earliest of the following to happen: (a) the breach stops or is remedied; (b) payment of the initial fine and all continuing fines imposed for the breach; or (c) the total of the initial fine and all continuing fines for the breach reaches KYD20,000. For a breach prescribed as serious, the fine is a single fine not exceeding: (a) KYD50,000 for an individual; or (b) KYD100,000 for a body corporate. For a breach prescribed as very serious, the fine is a single fine of not exceeding: (a) KYD100,000 for an individual; or (b) KYD1m for a body corporate.