Money laundering is the process by which the direct or indirect benefit of crime is channelled through financial institutions or other organisations in a way which is intended to conceal its true origin and ownership and appear legitimate. The Proceeds of Crime Law (2014 Revision) (the "Law") and the supporting Money Laundering Regulations (2013 Revision) (the "Regulations") are the principal pieces of legislation in the Cayman Islands aimed at combating money laundering and terrorist financing and under which those engaged in "relevant financial business" (referred to as financial service providers or "FSPs") are obliged to comply with specific administrative requirements. (Please refer to our memorandum "Proceeds of Crime Law and the Money Laundering Regulations" for further details). This memorandum is concerned with the roles and responsibilities of the "nominated officers" referred to in the Law whose job it is to look out for and report suspicious activity and who are tasked with ensuring that adequate procedures and systems are in place to "catch" suspicious activity.
The Law refers to having a "nominated officer" in place for the purpose of receiving reports relating to money laundering and the Regulations refer to the identification of an "appropriate person" to whom such reports should be made (the legislation refers to "criminal conduct" but the failing to report an offence is concerned with the reporting of money laundering, not criminal conduct more generally. Walkers takes the view that the reference to criminal conduct in this section is a mistake). It is the Guidance Notes on the Prevention and Detection of Money Laundering and Terrorist Financing in the Cayman Islands, last updated in March 2010 (the "Guidance Notes") that specifically create the role of the Money Laundering Reporting Officer ("MLRO"). The Regulations have also created a new role, that of Compliance Officer. The roles and responsibilities for both these functions are discussed in detail below.
It is worth mentioning here that although the Guidance Notes, published by the Cayman Islands Monetary Authority ("CIMA"), support the Regulations, they are regarded as mandatory by virtue of Regulation 5(4)(a) which states that CIMA can exercise any of its enforcement powers if there has been any non compliance with Regulations or any supervisory or regulatory guidance. It is prudent to approach the Guidance Notes as if they have the force of law.
The selection of the MLRO
Note 5.2 provides that "… each financial service provider should designate a suitably qualified and experienced person as MLRO at management level, to whom suspicious activity reports ("SARs") must be made by staff".
Note 5.3 states that this should be someone who is "… well versed in the different types of transaction which the institution handles and which may give rise to opportunities for money laundering".
In addition, Note 5.4 states that the MLRO should be:
- a natural person;
- autonomous (meaning the MLRO is the final decision maker as to whether to file a SAR);
- independent (meaning no vested interest in the underlying activity); and
- have unimpeded access to all relevant material in order to make an assessment as to whether the activity is or is not suspicious.
Delegating the MLRO function
The Guidance Notes do permit the delegation of the MLRO function (see Note 5.4(b)) provided that:
- details and written evidence of the suitability of the delegate (person or institution) to perform the MRLO function are made available to CIMA on request;
- there is clear understanding between the FSP and the delegate as to the functions to be performed;
- the relevant customer information is readily available to CIMA, the Financial Reporting Authority (or "FRA") and law enforcement authorities on request; and
- the FSP satisfies itself on a regular basis as to the reliability of the delegate's systems and procedures.
The role of the MLRO
The primary duties of the MRLO are set out under Regulation 14 and section 5 of the Guidance Notes and state that the MLRO should:
- receive reports of any information or other matter, which comes to the attention of a person handling relevant financial business, which gives rise to an actual knowledge or suspicion of money laundering;
- consider and investigate such reports in light of relevant information in order to determine if the information or other matter does give rise to such knowledge or suspicion;
- have reasonable access to other information which may assist in considering such report;
- make prompt disclosures to the FRA on the standard form (see Appendix J of the Guidance Notes) if after considering a report there is knowledge or a suspicion of money laundering;
- establish and maintain a register of money laundering reports made by staff; and
- maintain a register of reports to the FRA.
Identifying unusual or suspicious transactions
As the types of transactions which may be used by money launderers are unlimited it is difficult to define a suspicious transaction. The Guidance Notes are instructive in that they differentiate between "suspicious" and "unusual" transactions as set out below.
Where a transaction is inconsistent in amount, origin, destination, or type with a customer's known, legitimate business or personal activities, the transaction must be considered "unusual", and the staff member put on enquiry.
Where the staff member conducts enquiries and obtains what he considers to be a satisfactory explanation of the complex or unusual large transaction, or unusual pattern of transaction, he may conclude that there are no grounds for suspicion, and therefore take no further action as he is satisfied with matters. However, where the enquiries conducted by the staff member do not provide a satisfactory explanation of the activity, he may conclude that there are grounds for "suspicion" requiring disclosure.
Liability of the MLRO
The Law introduced a new offence directed solely at the failure by the MLRO to disclose to the FRA that he suspects or knows that another person is engaged in criminal conduct. The penalty for this offence is either a fine of up to CI$5,000 and/or imprisonment for up to two years (on summary conviction) or imprisonment for up to five years and/or a fine (on conviction on indictment). MRLOs should be aware that the Law protects whistleblowers and that reporting suspicious activity to the FRA will not give rise to any civil liability (legal, administrative or employment-related) and it does not constitute a breach of the duty of confidentially under Cayman Islands law.
The selection and role of the Compliance Officer
The Law and the revised Regulations expand the degree of compliance management expected from FSPs. To manage these new expectations effectively, Regulation 5(1)(e) requires FSPs to designate a person "…at management level, to be a compliance officer with responsibility for monitoring and ensuring internal compliance with the Laws relating to money laundering." Note 6.3 states that such a person can also carry out the role of the MLRO and should:
- have sufficient skills and experience;
- report directly to the FSP's Board and have sufficient seniority and authority so that the FSP's Board reacts to and acts upon any recommendations;
- have regular contact with the FSP's Board so that the FSP's Board is able to satisfy itself that its statutory obligations are being met and that satisfactory measures are in place to protect itself against money laundering;
- have sufficient resources, time and support to carry out the role, as well as unfettered access to all business lines and information necessary to perform the function;
- develop, maintain and report on internal anti money laundering ("AML") systems and controls;
- ensure regular audits of the internal AML processes;
- advise the FSP's Board on compliance issues; and
- respond promptly to requests from relevant authorities.
Regular audits by the Compliance Officer
The Guidance Notes also set out a requirement to conduct regular audits to attest to the overall integrity and effectiveness of the systems and controls in place to counter money laundering and terrorist financing. These include audits to:
- assess any risks and exposures;
- assess the adequacy of internal AML policies and procedures, including the process used to identify suspicious activity;
- test compliance with the AML laws and regulations;
- test transactions; and
- assess employees' knowledge of laws and internal policies and procedures and the adequacy of relevant training programmes.
Discussions regarding the delegation of the Compliance Officer functions are ongoing, but it is widely considered permissible to delegate the role consistent with the principles for delegation of the MLRO role noted above.
Staff awareness and training
The key to effective compliance management is ensuring that staff are fully aware of their AML obligations, can recognise suspicious activity and act upon it in the proper manner. The Notes recommend the following:
- staff screening (the scope of the screening should be dictated by the particular position);
- initial and refresher training of staff on how to recognise suspicious activity, the procedures they need to follow and the criminal offences that will be committed if they contravene the legislation;
- general AML training for all new staff as part of their introduction to the FSP;
- tailored training for operations staff, supervisors and mangers; and
- ongoing in-depth training for the MLRO/Compliance Officer on all aspects of the AML laws and internal policies.
FSPs and those holding MLRO and Compliance Officer functions need to be fully aware of their responsibilities, obligations and the potential liability under the AML regime of the Cayman Islands. Failing to report knowledge or suspicion of money laundering, and failing to have suitable procedures in place for internal control and communication, are serious criminal offences.