Section 1 - What you need to know
-
1. The money laundering compliance officer role
You should:
- Consider whether you have enough time to commit to the role. Do you need to release time to perform this role effectively? Refer to management if you have concerns about your capacity to undertake the role.
- Read the job specification and ensure it is relevant. If there is not one, consider creating one.
-
2. What must I do immediately on starting the role?
You should:
- Check that your firm has an AML supervisor and confirm who it is. If your firm has connected entities and/or subsidiaries check that these entities also have an AML supervisor.
- Inform ICAEW (ie, your AML supervisor) of your appointment within 14 days.
- Make sure ICAEW has your email address. We must have a current email address so that we can contact you in line with your regulatory role. Update your details by emailing amlr@icaew.com
- Read and understand your firm’s current AML firm-wide risk assessment.
- Ensure you have access to and understand your firm’s current AML policies and procedures.
- Read the findings and action points from your firm’s latest anti-money laundering compliance review. Build these into your ongoing monitoring of compliance.
- Understand the mechanism for staff training on money laundering.
- Understand your firm’s risk appetite. Explore its appetite for higher risk clients. Ensure the firm’s policies and procedures reflect what you are being told.
- Ensure there is a mechanism for approving the take on of clients that appear higher risk (eg, politically exposed persons/higher risk countries). Make sure you understand this mechanism.
- Meet with heads of service lines to ensure you understand the services provided, the client base and the money laundering risks.
- Be aware of the potential impact of changing regulations.
- Check any changes in the risk profile of the firm, access the impact on firm wide risk assessment.
-
3. Suspicious activity reports (SARs)
You must monitor and understand:
- the number of internal and external SARs at your firm;
- any emerging themes and the nature of the SARs;
- which service lines are impacted;
- the quality and frequency of internal SARs; and
- the timeliness of reporting.
Section 2 - What are my legal responsibilities?
It is extremely important that you are familiar with the relevant legislation. Some key points include:
The Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017
where appropriate with regard to the size and nature of its business, a firm must appoint one individual who is a member of the board of directors (or if there is no board, of its equivalent management body) or of its senior management as the officer responsible for the relevant person's compliance with these Regulations.
and
Within 14 days of the appointment of either the responsible board member/senior management and/or the nominated officer, the business’ Anti-Money laundering supervisory authority must be informed of the identity of the individual(s).
Here is the the relevant legislation:
Section 3 – The essentials
You should know:
- The obligations of you and your firm under the Money Laundering Regulations.
- Risks, red flags and emerging risks.
- The firm’s service offerings.
- What constitutes higher risk.
Resources
ICAEW communications
You will automatically receive regulatory updates from ICAEW via AML-the essentials and Regulatory and Conduct News, along with AML risk bulletins. It is important that you read and share these updates, to help you ensure your firm and your colleagues remain up to date with the latest requirements.
Call ICAEW for guidance
Section 4 - What are my ongoing responsibilities?
-
1. The role
As a money laundering compliance officer it is your responsibility to:
- Understand the firm’s Money Laundering Regulations firm wide risk assessments and ensure it is kept up to date.
- Ensure there are procedures in place to regularly monitor the firm’s compliance with the Money Laundering Regulations and the firm’s own AML systems, controls, and procedures.
- Take remedial action where monitoring reveals inadequate procedures or non-compliance with the firm’s own procedures.
- Ensure that the required criminal checks have been carried out on beneficial owners, officers and managers.
Develop and implement appropriate AML systems, controls, policies, and procedures that include:
- Reliance and record keeping (see regulations 39 to 40);
- Risk management practices;
- Internal controls (see regulations 21 to 24);
- Customer due diligence (see regulations 27 to 38);
- The monitoring and management of compliance with, and the internal communication of AML policies, controls, and procedures.
-
2. Staff
You should ensure that:
- Staff receive adequate money laundering training.
- There is ongoing engagement with heads of service lines and management, if applicable.
- Regular meetings with management are held to monitor changes in risk profiles and services offered.
The nominated officer
If there is a separate role of nominated officer meet with them to discuss and understand:
- Suspicious activity reporting procedures.
- SARs that have previously been submitted (eg, the quantity, any themes and red flags).
- How you will maintain an ongoing line of communication together.
- How often should SARs be reported to you and what should be included in these reports?
- Any information they require for management reporting, if relevant.
-
3. Board reporting
Do you report to the board? If so consider what management information might be required. It should be regular and include:
- The results of internal or external monitoring and compliance reviews.
- Action that will be taken to address failings identified in reviews.
- A summary of internal and external SARs and any themes you have identified.
- Emerging risks.
- Changes in the regulatory framework and any impact on the firm.
- Analysis of higher risk clients – review and monitoring.
- Reporting of SARs – we recommend this should include the number of SARs and any themes that emerge.
- Reporting of the risk profile of your client base (eg, high risk clients, politically exposed persons, high risk third countries etc).