In the aftermath of the fourth mutual evaluation of Switzerland's dispositive to combat money laundering and terrorist financing by the Financial Action Task Force (FATF), on September 4 2017 the Swiss Financial Markets Supervisory Authority (FINMA) published a draft amendment to its Anti-money Laundering Ordinance. The proposed regulations will introduce:
- enhanced verification duties in relation to establishing beneficial owners;
- a requirement to review and update know-your-customer (KYC) information regularly (including client relationships not involving particular risks);
- new monitoring duties encompassing operations abroad; and
- new criteria for classifying a relationship or transaction as high risk.
Enhanced follow-up procedure
While recognising the generally high quality of the Swiss system for combating money laundering and terrorist financing, the FATF report (published on December 7 2016) pointed to a number of deficiencies regarding the legislation in place and its effectiveness. Recommendations for improvement include:
- the extension of KYC and diligence duties to specific non-financial intermediary activities;
- measures to increase transparency of associations;
- tightened rules on control and reporting;
- verification of beneficial owners; and
- regular updating of client information.
Consequently, Switzerland is in a follow-up process and must report to the FATF in February 2018 regarding the progress made. The shortcomings found in the legislation are to be eliminated within three years. In addition, Switzerland will be subject to a follow-up review with respect to improving effectiveness after five years.
The amendment of the FINMA Anti-money Laundering Ordinance is thus one element of a more comprehensive set of measures envisaged by the government to ensure that Switzerland will successfully pass the follow-up procedure.
Proposed ordinance amendment
Global monitoring and management of legal and reputational risks
Whereas the ordinance presently in effect already stipulates that the financial intermediaries must ensure that their subsidiaries and branches abroad comply with the basic rules of Swiss anti-money laundering legislation, the draft amendment introduces a set of new rules on global monitoring and management of legal and reputational risks, including:
- periodic risk analysis by the Anti-money Laundering Competence Centre or another independent unit of the financial intermediary on a consolidated, group-wide basis;
- at least annual reporting in a standardised format by group companies and branches providing statistical information (eg, number of relationships with politically exposed persons, decrease or increase of assets under management, open transaction alerts and number of files under review for enhanced risks), as well as qualitative information (eg, political, legal or economic developments calling for a review of the risk classification of existing clients or groups of clients, background of important transactions and insights regarding patterns of potentially unlawful or inappropriate transactions occurring in a jurisdiction), enabling the financial intermediary to evaluate legal and reputational risks on a consolidated basis;
- timely and pro-active ad hoc reporting by subsidiaries and branches on customer relationships involving particular risks from a consolidated perspective (ie, key mandates of the group) and significant changes relating to the risk exposure of the reporting subsidiary or branch; and
- regular on-site audits of subsidiaries and branches by the group compliance function, including sample testing of individual customer relationships.
Tightening general diligence duties
Under the existing regime, financial intermediaries may, as a matter of principle, rely on the truthfulness of information received from a contracting partner regarding the identity of the beneficial owner. Once the KYC due diligence process is completed, financial intermediaries are not obliged to update their records unless there are indicia suggesting that information is outdated or inaccurate. The draft amendment proposes changes that will require the implementation of new policies and processes, namely:
- verification of the information furnished by the contracting party about the beneficial owner for all relationships (including low-risk relationships) by appropriate means (eg, by plausibility checks against information contained in the customer profile, consultation of public registers and databases, internet research, negative news checks or obtaining of certifications from independent parties such as tax advisers or employers) – the depth of research conducted will depend on the risks associated with a particular relationship;
- documentation of the verification process;
- clarification by default (without there being any particular indicia of augmented risks) of the reasons for the use of domiciliary companies; and
- updating KYC information on a regular basis for all relationships, regardless of the risk classification.
Risk classification of relationships and specific transactions
With a view to promoting the systematic application of risk classification criteria throughout the industry, the draft amendment introduces a number of new criteria which must be considered by financial intermediaries when assessing the risks associated with a relationship, in particular:
- domicile or business activities of the contracting party located in or connected with a country classified by the FATF as high risk or non-cooperative;
- a relationship introduced or managed by a third-party service provider (eg, introducing agents, lawyers, fiduciaries or external asset managers);
- use of a domiciliary company in combination with:
- other domiciliary companies;
- an operation business; or
- nominee shareholders;
- use of a non-operating entity domiciled in an offshore jurisdiction;
- the absence of a plausible, legitimate reason to employ a legal entity or arrangement;
- the use of a domiciliary company for the short-term placing of assets; and
- frequent transactions involving augmented risks.
In addition, the draft amendment obliges financial intermediaries to determine and document, on the basis of periodic analysis of the structure of their business and associated risks, each risk criterion set out in the ordinance, regarding whether such criterion is of significance to their activities.
In respect of transactions, the draft amendment introduces new criteria to assess risks regarding the jurisdiction of origin or destination of payments.
In order to minimise the undue influence of relationship managers and front units on decision making regarding suspicious transactions reports, the draft amendment demands that respective tasks be assigned to the most senior executive function of the financial intermediary. Delegation to a member of the executive board who is not involved with the business relationship concerned, the Anti-money Laundering Competence Centre or another independent unit is possible.
No grandfathering for existing relationships
The proposed changes to the ordinance are expected to enter into force at the beginning of 2019. As a consequence of the new obligation of financial intermediaries to review and update their KYC documentation for all relationships regularly (regardless of the risk classification), the grandfathering rule that traditionally exempted existing business relationships from new standards unless the KYC process needed to be repeated for a particular reason will no longer apply in the field of due diligence. Plausibility testing of beneficial owner information will need to be undertaken not only for relationships opened after the coming into force of the amendment, but – within the frame of the mandatory periodical update – also for existing relationships. Moreover, the existing exemption of relationships that existed before January 1 2016 from the duty to establish the controlling person will be abolished.
The amendment will result in a significant increase of compliance work for all financial intermediaries, particularly for those who have thus far been profiting from regulatory discounts due to the low risk of their business (eg, institutions servicing long-standing and stable clientele or the retail sector).
This article was first published by the International Law Office, a premium online legal update service for major companies and law firms worldwide. Register for a free subscription.