On 22 February 2018, HM Revenue and Customs (“HMRC”) issued an Anti-Money Laundering/ Counter Terrorist Financing (“AML/CTF”) thematic review of AML compliance in the Money Services Business (“MSB”) Sector. This focused on those MSBs which operate via agent networks but is likely to be instructive to all MSBs supervised by HMRC. It follow on from HMRC’s supervisory activity in 2014/2015 of those MSBs with the largest agent networks.
Some key points of the review are:
1. The number of principals registering with HMRC has been declining since 2010 (potentially due to de-risking in the banking sector, consolidation in the market and/or businesses ceasing to trade as principals and becoming agents);
2. MSBs must now (pursuant to the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (“MLR 2017”)) ensure that agents are “fit and proper”. Principals must have policies and procedures which address the “fit and proper” test for agents and all records must be available for HMRC (should it request them). A person is deemed not to be “fit and proper” if they have unspent convictions (as listed in schedule 3 of MLR 2017); have consistently failed to comply with money laundering regulations; or are otherwise not fit and proper having regard to the risk of the business being used for money laundering or terrorist financing;
3. HMRC expects that principals will keep records of the responsible persons (including officers, managers or ultimate beneficial owners) for each agents. This should include basic identifying information such as name, address and date of birth;
4. The 2014/2015 agent network visit was the largest review conducted by HMRC and involved 1,450 interventions. HMRC reported that the results were generally disappointing although some areas of good practice were found. Key concerns related to the on-boarding process for agents, monitoring conducted by principals and training provided to agents;
5. Examples of good practice identified included:
- Principals conducting physical inspections of agent locations prior to on-boarding;
- Principals controlling access to systems outside of agents’ trading hours;
- Keeping records in electronic format;
- Principals conducting unannounced visits to agents;
- Avoiding agents that are involved in multiple principal relationships;
- Ensuring that agents operate in a commercially viable context so there is no pressure to attract new customers regardless as to whether they are illicit; and
- Where there is a principal-master agent-sub-agent chain, the principals also scrutinises the sub-agents and does not only focus on the master agent.
6. Examples of poor practice identified included:
- Know your agent checks not being conducted at on-boarding and changes in agent ownership not being monitored;
- Inadequate training being provided to staff within the agent’s business or training not being kept up to date;
- Agents having poor knowledge of the systems they operate;
- Systems not set up to carry out customer due diligence;
- Systems being unable to deal with linked transactions;
- Poor record keeping – by agents and principals;
- Failing to scrutinise source of funds, where appropriate;
- Failure to adequately monitor agent activity;
- Agents exhibiting poor IT security; and
Poor understanding of Suspicious Activity Reports (“SARs”) by agents.
HMRC sets out a number of recommendations for good practice in order to minimise the exposure of principal MSBs to money laundering risks. These build upon guidance already issued by HMRC and include:
- At on-boarding, principals must (from June 2017) undertake tests to satisfy itself that an agent would pass the statutory “fit and proper” test;
- Controls and procedures should be in place to enable the monitoring of agents. A principal should keep sufficient up to date records to document relationships with agents and demonstrate compliance with guidance;
- All agents must be trained (and refresher training should be provided) in respect of their obligation with respect to MLR 2017, Proceeds of Crime Act 2002 (“POCA”), SARs and reporting to the National Crime Agency. Records of training should be kept;
- There should be policies and procedures in place to ensure system and IT security;
- A principal should provide HMRC and his agents with copies of relevant up to date AML policies and procedures;
- HMRC should be notified of material changes to information provided to them in a timely way;
- Compliance audits of agents should be considered and if carried out, copies of the reports should be made available to HMRC and appropriate steps taken to address non-compliance; and
If the business relationship with an agent has ended because there is a suspicion that the agent is involved in money laundering or other criminality a SAR must be made and it must be reported to HMRC.
MSBs which operate via agent networks should pay attention to this thematic review. The outcomes and recommendations should be considered with a view to determining whether a firm is already compliant or whether improvements could be made to existing policies and procedures. Other MSBs which are supervised by HRMC should also note those areas which may be transferable to their business model, as this thematic review provides a useful insight into the thoughts of HMRC on the sector.