Martyn Frost, a Fellow of the Chartered Institute of Bankers and member of the Society of Trust & Estate Practitioners
The Third Money Laundering Directive (Commission Directive 2005/60/EC as amended by 2006/70/EC): “3MLD”) was formally issued in December 2005 by the European Commission. 3MLD requires all Member States to have introduced its terms into law in each Member State by 15th December 2007. The UK complied with this Directive by introducing the Money Laundering Regulations 2007 (SI 2007/2157: “MLR 2007”) which took effect on 15th December last.
3MLD will have a considerable impact far beyond just the Member States. It will affect the way that those regulated by it (“relevant persons”) within the EU conduct business with:
- their subsidiaries outside the EU;
- their trust and company clients wherever they are based
Introduction
A great deal of what is in 3MLD is already covered by the UK in the Proceeds of Crime Act 2002 and in a broad sense 3MLD is an attempt to raise the standards in the rest of the EU to the existing UK level. 3MLD will therefore not alter much of the basic AML law that we already have, but it will extend much of what we already have to other areas of the EU.
One thing that it will not address is the wide disparity in Member States’ rules governing privilege and client confidentiality for lawyers – the UK will continue to have what are probably the strictest rules in the EU on this issue.
Structure of MLR 2007
Part 1:- Interpretation, Definitions and Application of Regulations
Part 2:- Customer Due Diligence
Part 3:- Record-Keeping, Procedures and Training
Part 4:- Supervision and Registration
Part 5:- Enforcement
Part 6:- Miscellaneous
Schedules 1-6
Part 2 Customer Due Diligence (“CDD”)
CDD does change significantly insofar as it relates to companies and trusts. There is now a requirement that for both a company and a trust that CDD is performed in relation to the “beneficial owner”.
For trusts this is quite complex and the definition of who is deemed to be a beneficial owner will prove very challenging for relevant persons who are not trust educated. A beneficial owner is a beneficiary with a vested interest in 25% or greater of the trust capital or is someone who the Regulations deem to control the trust. Control in these circumstances is someone who holds a power:
- to dispose of, advance, lend, invest, pay or apply trust property,
- to vary the trust including adding or removing a beneficiary or member of a class,
- to appoint or remove trustees
- to direct or withhold consent to the exercise of any of the above powers
However, control is not deemed to include:
- a consent to an advance under s.32 Trustee Act 1925
- a delegation of investment management under s.34 Pensions Act 1995,
- a power to remove or appoint a trustee under s.19(2) Trusts of Land and Appointment of Trustees Act 1996,
- the power at common law to terminate a trust under the rule in Saunders v Vautier.
N.B. these exclusions are framed by reference to the statutory authority and do not include provision for similar powers by statute outside of England and Wales. Express powers that make comparable provision to the statutory powers are not excluded.
A personal representative in England, Wales and Northern Ireland, and an executor in Scotland, is deemed to be the beneficial owner of the estate, thus removing the need to look further into the beneficial interests in estates. However, note that this only applies to those specified jurisdictions.
Regulation 14 introduces the concept of enhanced CDD for occasions of higher risk.
Reliance
A part solution to the difficulties of CDD on trusts is provided by regulation 17 which permits relevant persons’ CDD requirements to be met by them relying on CDD performed by some, but not all, authorised third parties. Therefore could a bank rely upon the CDD undertaken by a solicitor on the trustees? In theory they could, although liability for any default remains with the bank. Relying on CDD performed by others contains many difficulties:
- liability of the principal,
- possible payment for CDD undertaken by others,
- standards applied by others,
- willingness of third parties to allow CDD to be used in this way,
- reputational risk of the principal,
- how recently the CDD was undertaken.
But, this still would not solve the requirements to understand the structure and control and perform ongoing monitoring.
Ongoing Monitoring
Whilst similar in concept to CDD, ongoing monitoring is a new and separate concept.
“Ongoing monitoring” of a business relationship means –
(a) scrutiny of transactions undertaken throughout the course of the relationship (including, where necessary, the source of funds) to ensure that the transactions are consistent with the relevant person’s knowledge of the customer, his business and risk profile; and
(b) keeping the documents, data or information obtained for the purpose of applying customer due diligence measures up to date.
Politically Exposed Persons (“PEPS”)
• PEPs are defined in Regulation 14, and the Preamble to 3MLD also draws attention to such prominent persons who are from “countries where corruption is widespread”.
Part 3 Record-Keeping, Procedures and Training
Policies and procedures – regulation 20
MLR 2007 requires a relevant person to have appropriate and risk sensitive policies and procedures in place for:
- customer due diligence,
- reporting,
- record keeping,
- internal control,
- risk assessment and management,
- compliance management,
- internal communication of such policies and procedures in order to prevent money laundering or terrorist financing.
These are all issues where it is expected that supervisory bodies will specify requirements for all of these.
It is difficult, at this stage, to be sure of the extent to which these policies will be policed by money laundering supervisors, but as with most forms of regulation, in the event of a failure or even an offence, the extent to which all of the above requirements are documented and operating will come under scrutiny.
Training
All persons or institutions subject to MLR 2007 will be required to make all “relevant employees” aware of the law relating to money laundering and terrorist financing. This expressly includes the provision of regular “training in how to recognise transactions and other activities which may be related to money laundering or terrorist financing.”
Recording requirements
Specified records that must be kept are:
- Evidence of a customer’s identity (including identity of the beneficial owner)
- The supporting records of a business relationship or occasional transaction which was subject to CDD or ongoing monitoring
The retention period is 5 years for customer identity from when the relationship ends or the occasional transaction is completed. There are further provisions relating to retention periods where, under regulation 17, CDD conducted by another has been relied on.
Part 4 Supervision
MLR 2007 creates a number of government and professional bodies as supervisory bodies of institutions or their professional members. The fractured nature of this supervisory structure causes some concern, because:
[1] The multiplicity of money laundering regulators could lead to administrative duplication and possible inconsistencies in the requirements of the regulators.
[2] It is difficult to see which regulator will have responsibility for policing firms and professions from other EU jurisdictions, or from outside the EU, who may provide services within the UK (or even for defining what constitutes providing such business within the UK by a foreign provider);
[3] Harmonisation of national rules within the EU is going to be difficult, if not impossible by fragmenting UK supervision.
See the full version of this article for details of the supervisory bodies.
3MLD was concerned about supervision of trust and company service providers. Most who provide such services in respect of trusts will be supervised by professional bodies or the FSA. For trust service providers who are not supervised in this way, HMRC will be default supervisory body and registration by HMRC is subject to a fit and proper test set out in regulation 28.
Comment on this article