Research and analysis

Anti-money laundering and counter terrorist finance supervision report 2012-13

Updated 28 November 2013

1. Foreword from the Commercial Secretary to the Treasury

Anti-money laundering and counter financing of terrorism (AML/CFT) should not be judged by the laws, competent authorities and regulations countries have in place, but by the use of these laws and the effectiveness of supervision and compliance in reducing the vulnerability of the financial system to illicit finance.

Through our presidency of the G8 this year, the UK has shown global leadership in the fight against money laundering and terrorist financing. As the Prime Minister announced in October we are taking unprecedented action to tackle the use of shell companies and improve corporate transparency, including through creating a public registry of company beneficial ownership, that is, of individuals that ultimately own and control companies incorporated in the UK. This public registry will help individuals and companies identify who really owns the companies they are doing business with, promote sound corporate behaviour, and help prevent the misuse of companies for tax evasion, money laundering and other crimes. And we continue to encourage our Overseas Territories, Crown Dependencies and international partners in the G8, EU, G20 and beyond to take similar action.

Also during October, the National Crime Authority and the Serious and Organised Crime Strategy for the UK were launched. This will bring a more coordinated and proactive approach to tackling illicit finance domestically and through international cooperation. And next year will see the publication of the UK’s first national risk assessment from money laundering and terrorist financing, that will identify and assess risks, co-ordinate action and apply resources to mitigate those risks.

Through the commitment of its supervisory bodies and their cooperation in producing this report, the UK is also leading the way in improving the transparency and accountability of supervision and enforcement work. Few other countries’ supervisors report collaboratively and publicly on their activities. This report is the third Annual Supervision Report to be published by the Treasury. It shows the commitment of supervisors in the UK to ensuring compliance with the regulations and some of the ways in which they are going about doing this.

I believe this provides a strong foundation as the UK begins preparation for assessment by the Financial Action Task Force (FATF) in 2016.

I would like to thank the AML/CFT supervisors for their ongoing commitment to maximising the effectiveness of their supervisory activities; and for their efforts to ensure compliance in the sectors they supervise.

Lord Deighton

2. Statement from the chair of the Anti Money Laundering Supervisors Forum

2012 has been a year of building connections and enhancing cooperation between all of us involved in the fight against money laundering and terrorist financing in the UK.

As supervisors, we have shared our experience, regulatory information and best practice with each other and we have developed even stronger links with our firms and our oversight bodies.

But we have much still to do.

2013-14 will present us with new challenges, driven by strengthened global standards and work underway on the new European directive and a shared expectation that we will continue to build on the work we have started to implement the revised FATF recommendations.

We are all facing up to FATF’s challenge to demonstrate that our efforts to raise and maintain standards are truly effective in reducing the incidence and impact of money laundering and terrorist financing. This won’t be achieved simply by increasing sanctions and expelling more members – we need to place the greatest emphasis on prevention and early detection.

Whether through increased and more targeted liaison, education, monitoring, resource management or communications, we will all be targeting better ways to reduce and where possible, eradicate money laundering, which we know has a significant negative impact on society.

One thing is clear, if we are going to turn the tide and beat the crooks, we need to work together – not only across all of the key AML/CTF bodies and forces in the UK but also with our counterparts across the world.

FATF has provided the blueprint. Our job is to make it a living reality.

Paul Simkins

3. Executive summary

This is the Treasury’s third Annual Supervision Report, covering predominantly supervisory activities in 2012. This report contains more quantitative and qualitative information than in previous years, as supervisors rise to the challenges set by the FATF to focus their efforts more on demonstrating that they supervise in accordance with a risk-based approach and that this supervision is effective.

Increasingly supervisors are framing their monitoring interventions in a way which seeks to ascertain not merely whether systems or procedures are in place, but more rigorously tests those systems and the understanding of those who use the systems. The vast majority of supervisors provide support services to their supervised firms, such as events, help-lines and email advice services, as a way to provide real time engagement with firms, thereby enhancing compliance proactively rather than merely after errors are made.

Overall the approach to enforcement of AML/CFT obligations is becoming more robust and transparent. This year the majority of supervisors were in a position to explain what action they had taken specifically on AML/CFT failings, which in previous years has been a challenge for those who undertake their AML/CFT supervision activities as part of a wider conduct remit. Detailed action plans, investigations, and conditions on licences are increasingly being used in response to poor compliance, rather than just warning letters.

However, many of the areas of non-compliance identified related to basic requirements which have been in place for many years. Increasing the use of punitive sanctions alongside the requirements for remedial action, may help ensure that enforcement actions are more effective at dissuading non-compliance. While many supervisors are already capturing in detail the level of compliance with AML/CFT obligations during routine monitoring activity and action taken on repeat breaches, more work can be done in this area to further enhance the UK’s ability to consistently demonstrate the effectiveness of our supervisory regime.

It is recognised that changes to systems are resource intensive and a retrospective report will take some time to reflect changes in approach and data capture. However, improvements are already evident and the continued commitment by supervisors will ensure we remain in a good position to demonstrate our effectiveness even more transparently in years to come.

The Treasury will continue to work with supervisors to ensure that we have a robust, proportionate and effective AML/CFT regime in the UK.

4. Introduction

4.1 Background

There are a number of businesses which are vulnerable to misuse by money launderers and those facilitating the movement of terrorist finance*. International standards (agreed by the 36 Member States of the Financial Action Task Force (FATF)) ensure that there are sufficient controls and procedures in place to counter the risk of money laundering and terrorist financing across a number of sectors. European Union (EU) and national legislation (EU Third Money Laundering Directive and Money Laundering Regulations 2007) reflect these standards by placing necessary and proportionate anti-money laundering (AML) and counter-terrorist financing (CTF) obligations on businesses to help prevent misuse. They also ensure that firms can be monitored for compliance with their obligations. This is in line with the government’s Serious and Organised Crime Strategy to pursue, prevent, protect and prepare against money laundering and terrorist financing.

* For the full list of ‘relevant persons’ who are subject to the Money Laundering Regulations 2007, see Regulation 3

4.2 Supervision in the UK

The Treasury is responsible for appointing supervisors* and for the Money Laundering Regulations 2007 (the Regulations) which set out the role of the supervisors and gives them powers to effectively monitor their respective sectors. In order to improve the transparency and accountability of supervision and to encourage good practice, the Treasury has worked with supervisors to produce this third annual report, which covers supervisory activities in 2012-13. We received responses from all but one supervisor; thirteen responses covering the period April 2012 to March 2013, and fourteen covering January 2012 to December 2012.

* The adoption of supervisors is ultimately subject to Parliamentary approval.

The Treasury has 28 appointed AML/CTF supervisors (full list in Section 7) which oversee eight broad sectors and a diverse range of firms which include financial institutions, credit institutions, law firms, accountancy firms, estate agents and casinos*. Some have been supervisors for AML/CTF purposes since the Regulations were first implemented in 1993; others were introduced when the Regulations were updated in 2007. The supervisors are a highly diverse group including large global professional bodies, smaller professional and representative bodies, and a number of public sector organisations. In each area of supervision, the supervisor’s approach needs to be proportionate to the nature and associated risks of the firm being supervised.

* Full list of supervised sectors include: credit institutions; financial institutions; auditors, insolvency practitioners, external accountants and tax advisers; independent legal professionals; trust or company service providers; estate agents; high value dealers; and casinos

All supervisors are expected to attend the AML Supervisors Forum* which meets on a quarterly basis, and is chaired by Paul Simkins, Director of Quality Assurance, Professional Standards at the Institute of Chartered Accountants in England and Wales (ICAEW), which is one of the professional body supervisors. Supervisors meet on a regular basis in smaller affinity groups based on the industry sector they supervise to encourage the exchange of sector relevant material**.

* The AML Supervisors Forum was set up to encourage the sharing of information and best practice between supervisors. It is also attended by the Treasury, the Home Office and the National Crime Agency.
** There are three affinity groups: accountancy, legal and public sector.

4.3 Recent developments and future work

On 1 October 2012, amendments to the Regulations came into force following a thorough review and consultation by the government. The amendments reduce regulatory burden where possible and make the overall supervisory regime more robust, effective and proportionate. Her Majesty’s Revenue and Customs (HMRC) was given further support to reinforce its fit and proper testing for money service businesses. The impact of this is starting to be seen, with greater numbers of applicants being deemed as unsuitable. HMRC withdrew the fit and proper status of 86 individuals and removed 71 businesses from its register during the reporting period, compared with the withdrawal of 11 fit and proper statuses and seven businesses removed from the register during the previous reporting period.

The amendments also added an information sharing gateway for all supervisors, allowing them to share information among themselves in the context of their AML/CTF duties. The previous distinction between Part 1 and Part 2 supervisors in Schedule 3 of the Regulations was removed to extend and encourage the use of reliance and reduce the need for duplicative customer due diligence. The Treasury expect the benefits of this information sharing gateway will continue and be reported on in more detail next year once the effect of this change has been fully embedded.

Three supervisors reported changes to the nature or remit of their organisations over the reporting period. The Chartered Institute of Taxation (CIOT) merged with the Institute of Indirect Taxation (IIT) on 1 August 2012. The merging of the two organisations combined their expertise and resources to strengthen the technical, continuous professional development and educational offerings to members and students of both bodies. IIT members will have to abide by the same rules and obligations, including AML/CTF, as CIOT members.

On 1 April 2013, the Financial Services Authority (FSA) was replaced by two regulators, the Prudential Regulation Authority (PRA), responsible for the prudential supervision of banks and insurers, and the Financial Conduct Authority (FCA), responsible for consumer protection and the integrity of the UK’s financial system. The FCA has taken on all the FSA’s responsibilities relating to financial crime, including the role of a supervisor under the Regulations. It works closely with the PRA on these issues.

HMRC reported changes to its nature and remit over the reporting period. It has implemented an Anti-Money Laundering Supervision Change Programme which will focus on a number of strategic areas for change. This will include improving the integrity of its register, re-engineering its penalty processes, making non-compliance less attractive and co-operating with other supervisors and law enforcement agencies by further developing information sharing gateways.

There have been a number of significant international developments in the AML/CTF framework over this reporting period, including revisions to the international standards on combating money laundering (ML) and terrorist financing (TF) and proliferation set by the FATF, which were published in February 2012. These revisions to the international standards mean that it is necessary for the current EU legislation, the third Money Laundering Directive to be reviewed and updated.

A proposal for a fourth Money Laundering Directive was published in February 2013, and is currently being negotiated at EU level. Along with all other EU member states, the UK will consequently be required to amend its domestic AML/CTF legislation once the content of this new Directive is agreed. This will ensure that the international standards are implemented across the EU.

In February 2013, the FATF published a methodology for assessing technical compliance with the FATF Recommendations and the effectiveness of AML/CFT systems to assess the effectiveness of countries’ AML/CTF regimes. All countries which are members of the FATF are assessed against its standards. In previous rounds of assessments, the focus has been on technical compliance with these standards. The FATF’s focus has now shifted to considering both the extent to which a country is compliant with the standards and the effectiveness of its AML/CTF systems. Countries will now be required not only to demonstrate to the FATF assessors that they have the required AML/CTF systems and controls in place, but that these are being effectively implemented at all levels across the AML/CTF regime. Supervisors will need to demonstrate that they appropriately supervise financial institutions and designated non-financial businesses and professions (DNFBPs) for compliance with AML/CTF requirements commensurate with their risks.

The Treasury has reviewed its supervisor application criteria to take into account the FATF’s increased focus on effectiveness. Over the coming year, the Treasury will be reviewing the returns supervisors submitted for this report to identify any gaps with the FATF effectiveness methodology and the proposal for the Fourth Money Laundering Directive, and will work with supervisors to address issues identified.

In April 2014, there will be changes in the supervisory regime as the Office of Fair Trading (OFT) ceases to exist. The FCA will become the supervisor for consumer credit financial institutions and HMRC will become the supervisor for estate agents.

The Treasury in close partnership with the Home Office will continue to work on the National Risk Assessment (NRA) and engage closely with supervisors in this process. The NRA process and its results will help ensure the government’s understanding of ML/TF risks is informed by sector specific insights and expertise; while at the same time ensuring that supervisors are better sighted on law enforcement concerns and the wider AML/CFT risk profile within the UK. This shared understanding of risk will inform improvement to the domestic regime from a legislative, law enforcement and supervisory perspective.

4.4 Methodology

This year’s report, in line with last year’s report, focuses on five key areas. However the reporting process was further refined, using a more detailed questionnaire format to gather information and data more consistently from supervisors.

Assessment of the supervisors’ returns focuses on the Treasury’s criteria for supervisor applications as a minimum benchmark to assess whether there are deficiencies in supervision and identify good practice. The criteria take into account the provisions of the Regulators Compliance Code. Key principles include:

  • experience of standard setting: bodies should have experience of setting standards or rules for their members; standards should include those concerning confidentiality
  • compliance: bodies should preferably have experience of monitoring compliance with standards
  • disciplinary structures and sanctions: bodies should have established disciplinary procedures and have effective sanctions available to them
  • public interest: bodies should have strong public interest objectives such as those of bodies incorporated by Royal Charter or those that have charitable status
  • qualifications/education: there is a presumption towards organisations preferring their members to possess specific qualifications or their equivalent rather than just experience
  • reach: bodies should be of significant size and membership; their ‘status’ in the industry will also be considered
  • capability/resourcing: bodies should be able to demonstrate existing capabilities to be of an appropriate level to take on sufficient AML supervision
  • collaborative working: bodies should have good, professional, relations with other supervisors and relevant public sector bodies
  • effectiveness: bodies should have a good understanding of what it means to have a risk-based approach

In light of the FATF’s assessment methodology, the Treasury has added additional criteria in order to strengthen the effectiveness of the UK’s supervisory regime:

  • understanding of the laws relating to money laundering: it is important that bodies have a sound understanding of the laws which they will be supervising against
  • ability to restrict membership/revoke a licence or registration: bodies should have the ability to prevent criminals and their associates from becoming a member and from holding or being a beneficial owner or a significant controlling interest or holding a management function in a member firm. Bodies should have the ability to remove such persons from membership.

The information collected is used by the Treasury to build a greater understanding of how the supervisors operate. Due to the diversity of the supervised population, it is not always sensible or relevant to directly compare the different approaches of the supervisors. However, the analysis in this report does highlight areas of good practice which can be relevant to all supervisors. Trends are highlighted alongside examples of individual approaches, to demonstrate how supervisors are carrying out their AML/CTF duties.

4.5 Framework of the report

The next section sets out the Treasury’s analysis of the information provided by supervisors under a number of subject headings. Where relevant and helpful to the analysis, individual supervisors are named in this report. However, they are not otherwise identified, in order to avoid inappropriate comparisons being drawn between the supervisors. This covers the following areas, which will be discussed in turn, highlighting good practice where possible:

  • how supervisors adopt a risk-based approach
  • compliance visits
  • enforcement action
  • advice and outreach
  • information sharing

5. Analysis

5.1 How supervisors adopt a risk-based approach

Context

Implementation of the risk-based approach to supervision by its very nature varies across supervisors, depending on the nature of the firms which they supervise. It is reflected by the resources invested in supervision for AML/CTF purposes and the specific measures taken to assess compliance by their supervised population. Risk will vary dependent on the nature of a firm’s activities, and therefore resources and processes are likely to vary dependent on what activity is being supervised.

Supervisors should be able to demonstrate an awareness of the ML/TF risks facing the sectors and firms they supervise, and an awareness of where non-compliance issues are likely to arise. This will allow them to prioritise resources effectively and proportionately to the areas of highest ML/TF and non-compliance risk. This year, supervisors were asked to report on both the level of ML/TF risk to their firms, and the level of risk of firms’ non-compliance with their AML/CTF requirements.

ML/TF risk

The supervisors’ responses demonstrate they are aware of the requirement to, and importance of, taking a risk-based approach to their AML/CTF supervision. The risk-based approach to supervision is reflected through the range of tools and methods that supervisors adopt in assisting them to identify areas of high, medium and low ML/TF risk to facilitate effective resource allocation.

Keeping abreast of the ML/TF risks facing firms is an integral part of a risk-based approach. Supervisors report using a variety of methods to keep abreast of such risks, including: feedback from firms through their monitoring activity; feedback from those conducting monitoring activity; information gathered through helpline activity; alerts from NCA; and information sharing through the AMLSF and affinity groups.

Risk profiling criteria are used by all supervisors to maintain an effective risk-based approach and ensure they are aware of current and emerging ML/TF risks. As ML/TF risks are not static, it would be ineffective if supervisors concentrated on areas which no longer presented significant risks, while areas of high risk were not identified or managed.

Supervisors were asked to report on how often they review their risk profiling criteria, and all supervisors demonstrated awareness of the need to keep the risk profiling criteria up-to-date. The majority of supervisors review the criteria annually, with 26% reporting they review it on a rolling basis when there are changes in guidance or legislation, or when specific intelligence or trends necessitate a review.

Supervisors were asked if they collate information on specific ML/TF risks. Such information may assist supervisors in reviewing the effectiveness of their risk profiling criteria. 48% of supervisors said they collated information on specific risk from monitoring activities, investigations and queries to their help-lines. Using information from supervisory activities and their firms to identify new trends and risks or areas requiring refresher training, will assist supervisors to demonstrate the applications of the risk-based approach.

Supervisors were asked to report if the ML/TF risks varied across the firms they supervise. 52% of supervisors reported that the ML/TF risks do not vary across the firms they supervise. 37% of accountancy sector supervisors and 28% of legal sector supervisors reported that the ML/TF risks in their sector varied. Supervisors who identified varying risks highlighted that this would depend on the nature of the work carried out by their firms, which could make them a greater or lesser target for a money launderer, and the firm’s own profile.

Some supervisor’s noted, even where firms within the same sector undertake similar work, the types of clients the firm has, the jurisdictions these clients operate in and the specific client and firm profile will result in varying ML/TF risks.

The FATF’s assessment methodology requires supervisors to identify and maintain an understanding of the ML/TF risks in the sectors they supervise as a whole, between different sectors and types of firms, and of individual firms continued development of the understanding of risks.

Risk of non-compliance with the Regulations

Supervisors were asked to report on the level of risk of non-compliance posed by their firms. Supervisors should be able to identify and assess non-compliance risk in order to effectively and proportionately supervise firms for AML/CTF purposes.

The legal sector supervisors reported that the risk of non-compliance varied dependent on the nature of the work being carried out. The level of risk of non-compliance reported by supervisors in the public sector affinity group varied given the diverse range of businesses they supervised. All accountancy sector supervisors reported that the risk of non-compliance was low among their members; based on their monitoring activity, the training and support available to the firms they supervise.

Supervisors were asked to report on whether they record instances of repeat breaches by firms. 74% of supervisors record instances of repeat breaches. The ability to identify if firms are repeatedly failing in their AML/CFT obligations in the same area will be helpful, to demonstrate identification of risk of non-compliance. For some supervisors, their assessment of low risk of non-compliance was supported by a significant number of monitoring activities being undertaken, few cases of non-compliance and limited examples of repeat breaches. Through the AMLSF and affinity groups supervisors will continue to work on reducing the risk of non-compliance in the supervised population.

5.2 Monitoring activity

Context

Under the Regulations, supervisors are required to effectively monitor firms for AML/CTF compliance*. This year, supervisors were asked report in more detail on how they monitor compliance by the firms they supervise, providing further information on not just their compliance visits, but also on their off-site monitoring activity too. For the Treasury’s 2011-12 Annual Supervision Report, supervisors were asked to report on the number of ‘inspections’ carried out, and were not asked to differentiate between inspections which were desk based or on-site. There were 13,571 inspections reported by supervisors for the 2011-12 period. This is compared to 11,944 inspections (on-site visits and desk based) reported for this reporting period. The number of inspections alone is not necessarily an indicator of effectiveness, but should be based on a well informed risk assessment ensuring that inspections are properly targeted.

* Regulation 24(1) of the Money Laundering Regulations 2007.

In accordance with the Regulators Compliance Code, not all businesses need an on-site inspection on a regular basis. Therefore supervisors should have a range of techniques to monitor compliance. These may include annual returns; desk based monitoring; and telephone interviews. These off-site methods may be less resource intensive and more proportionate and efficient for the supervisor and firms.

While some supervisors undertake AML/CFT monitoring as a standalone function, others with a broader supervisory remit will undertake this monitoring as part of their practice assurance activities.

5.3 Analysis

 Annual returns

Supervisors need information about the firms they supervise. The use of an annual return can enable supervisors to keep up-to-date with firms’ activities and inform their future compliance activity and risk assessment. 66% of supervisors report using an annual return to inform their compliance activity. Supervisors may have other methods to keep up-to-date with the commercial activities and any other changes relevant to the discharging of AML/CTF obligations by an individual firm. For example, self-regulatory bodies may require annual membership renewal which enables the gathering of up-to-date information on each firm.

In line with better regulation principles the requirement to complete annual returns should not be overly burdensome for firms, and supervisors should ensure that the data collected is utilised appropriately and effectively.

Desk-based reviews

Desk-based reviews (DBRs) essentially reflect the processes of an on-site compliance visit, but are conducted off-site. Broad themes emerged as to how DBRs are structured, including:

  • AML specific or integrated questionnaires
  • telephone reviews
  • review of information submitted by members into databases held by supervisors, via email or post
  • firms self-review cases and report to supervisors if any errors/omissions arise

74% of supervisors report using DBRs to monitor compliance. Supervisors were asked to report on the outcomes of their DBRs. Not all supervisors currently systematically record the outcome of their DBRs. Non-compliance issues identified in DBRs help inform risk assessments, future visits and outreach activities. Therefore the recording of DBR results is important in informing supervisor activity, assessing the effectiveness of supervisory work undertaken and the AML/CTF risks posed to the UK through ‘gatekeeper’ failure in a supervised population. The ability to capture and use information on compliance from DBRs will be helpful in demonstrating the ability to identify and assess the risk of non-compliance.

Where supervisors provided the results of DBRs, these have been split into the three affinity groups:

Results of desk based reviews

  Accountancy sector (1) Legal sector (2) Public Sector (3)
Total number of DBRs 5659 835 1451
Number of compliant DBRs 3548 795 806
Number of partially compliant DBRs 2077 40 10
Number of non-compliant DBRs 34 0 635
(1) The IPA, IFA and the AIA did not provide quantitative information on DBRs.
(2) Only GCBEW and CLC provided quantitative information on DBRs.
(3) The FCA did not provide quantitative information on DBRs.

Compliance visits

On-site compliance visits are another way supervisors can check the firms they supervise are complying with their AML/CTF obligations. Regular visits allow supervisors to understand the application of ML/TF requirements in practice, and contribute to the supervisors’ understanding and awareness of ML/TF risks in their sectors.

Broad themes emerged as to how compliance visits are undertaken, including:

  • use of a pre-visit questionnaire to inform a preliminary view of the firm and tailor the visit to areas of concern
  • assessment of the firm’s approach to embedding the risk-based approach
  • review of internal systems and controls, including policies and reporting framework
  • review of training for staff and management
  • review of customer due diligence, including appropriate use of enhanced due diligence and ongoing monitoring
  • review of the role of the Money Laundering Reporting Officer (MLRO) within the firm

The frequency of visits by supervisors depends on a number of factors, including the number and types of firms they supervise, the general risk posed by their sector and a targeted allocation of supervisory resources. 85% of supervisors report using on-site visits to monitor compliance.

Visits may be on a cyclical basis, and also risk-driven. Factors generally considered in selecting firms for a monitoring visit include: whether or not non-compliance has been identified on previous inspections; the need to inspect businesses for non AML/CTF reasons (e.g. to assess professional standards) and the overall level of risk associated with the sector.

Supervisors were asked to report on the outcomes of their compliance visits. Not all supervisors currently systematically record the outcome of their visits, or do not record the specific outcome of AML/CTF compliance where the visit is part of a wider supervisory visit. As with the outcomes of DBRs, the management information obtained through compliance visits is important in assessing the effectiveness of supervisory work undertaken and the AML/CTF risks posed to the UK. Developing processes and systems to enable them to capture and use information on compliance from visits will be helpful in improving effectiveness.

Where supervisors provided the results of compliance visits, these have been split into the three affinity groups:

Results of visits

  Accountancy sector (1) Legal sector (2) Public sector (3)
Total number of visits 2059 780 1160
Number of compliant visits 1110 756 228
Number of partially compliant visits 630 1 847
Number of non-compliant visits 49 19 85
(1) Neither the IPA nor the IFA were able to provide a breakdown of the results of their visits and CIMA did not provide any quantitative information on visits.
(2) CLC, LSNI & LSS provided quantitative information on visits. The LSS does not differentiate if firms were fully compliant or partially compliant, and so for the purpose of this summary, its visits have been recorded as compliant.
(3) The FCA is unable to provide a breakdown of the results of its visits, and so the public sector figures do not include FCA visits. See Box 1 for more information on the FCA’s approach to compliance visits.

The outcomes of visits from those supervisors who were able to provide breakdowns indicate that firms are broadly compliant with their AML/CTF obligations. Where supervisors visit a small percentage of their members, having a rigorous sampling criteria and a strong programme of other monitoring activities will enable them to demonstrate that they have an effective risk-based approach to supervision.

As outlined in Table 1 there is a higher rate of non-compliance in the public sector affinity group. This may be reflective of the fact the public sector supervisors often act as default supervisor of firms not regulated for any other aspect of their business, the shorter time the sectors they supervise have been covered by AML/CTF obligations, and simply the high number of firms they regulate.

Since the end of the reporting period the FCA has published an Annual Report on its AML activities. In the report it reflected the results of its supervisory activity across the reporting period. In the report the FCA said that it saw weaknesses in firms’ dealings with high risk customers and politically exposed person (PEPs) and recognised that this is a serious and persistent problem across firms of all sizes.

Box 1: The Financial Conduct Authority’s approach to compliance visits

As part of the FCA’s approach to AML supervision it undertakes a Systematic Anti-Money Laundering Programme (SAMLP). The SAMLP has been running since early 2012 and currently covers 14 major retail and investment banks operating in the UK. These reviews are intrusive, involving detailed testing and extensive interviewing of key staff responsible for the bank’s business for implementing anti-money laundering processes and for AML controls. They often involve visits to branches, as well as the operations of UK-incorporated firms outside the EEA, where they are required to operate UK-equivalent AML standards. Within the reporting period this included overseas work in Switzerland, Singapore and India. Alongside the SAMLP the FCA undertakes thematic reviews on high risk issues, assessing around 20 firms each time. These reviews are usually published, assessing how well firms in general identify and mitigate the money laundering risks they face, as well as guidance on good and poor practice. In 2012-13 the FCA undertook thematic reviews in to how banks’ control financial crime risk in trade finance and AML/ABC controls in asset management firms. The outputs of these reviews post-date the period for this report, with the trade finance review published in July 2013 and the asset management review published in October 2013.

Overall, the outcomes of supervisors’ monitoring activity suggest that a significant proportion of the regulated sector is working hard to be compliant with their AML/CTF obligations. Where supervisors have noted a higher level of non-compliance, the development of action plans to promote improved compliance across the sector over the coming twelve months will help to improve effectiveness.

Investigations

Investigations are focused on specific allegations of compliance failure, which can arise from intelligence, complaints or information obtained in monitoring visits or desk-based reviews. The number of investigations undertaken in each sector over the reporting period were as follows:

  • 149 investigations were undertaken in the accountancy sector
  • 36 investigations were undertaken in the legal sector
  • 725 investigations were undertaken in the public sector

Some investigations will find that there was no compliance failure while others will result in enforcement action being taken.

5.4 Enforcement action

Context

Supervisors have access to a variety of sanctions to promote compliance by firms, which include both civil and criminal sanctions. In terms of criminal sanctions supervisors can refer non-compliant firms to the relevant authorities for criminal investigation and prosecution and some supervisors can enforce criminal sanctions themselves*. In terms of civil and regulatory actions the FCA, HMRC, OFT and the Department of Enterprise Trade and Investment (DETI Northern Ireland) also have powers under the Regulations to obtain information, enter and inspect premises and administer monetary civil penalties to their supervised population. Professional bodies have sanctions specific to their supervisory population, for example, the ability to expel firms from membership. The threat of removing professional accreditation in this way can be particularly effective in motivating compliance.

* The supervisors able to enforce criminal sanctions themselves are HMRC, FCA and OFT.

The FATF effectiveness methodology requires supervisors to demonstrate that remedial action and/or effective, proportionate and dissuasive sanctions are being applied, and to demonstrate that these actions have an effect on firms’ compliance. With this new methodology in mind, this year supervisors were asked to provide more information regarding their enforcement activity, including how they measure that this action is proportionate, effective, dissuasive, and adequately applied.

For this reporting period, supervisors were asked to provide information on the specific powers they have available to them, as well as a breakdown of the sanctions and other formal enforcement actions they had taken over the course of the year. In the 2011-12 Annual Supervision Report, supervisors had been asked to report on the number of disciplinary actions taken, but this was not broken down into the specific types of actions taken. This meant there was some inconsistency in reporting amongst supervisors.

Analysis

Supervisors have a range of sanctions available to them to ensure firms’ compliance with their AML/CTF obligations. The following table represents a breakdown of the sanctions supervisors currently have the power to apply:

Sanctions that supervisors have the power to apply (1)

Type of sanction Number of supervisors with this power
Expulsion/withdrawal 23
Suspension 19
Fine 22
Reprimand (2) 20
Undertaking (3) 12
Condition (4) 20
(1) Regulation 46 (1) of the Money Laundering Regulations 2007 lists HMRC, OFT and DETI as having the power to prosecute firms directly. All other supervisors may refer firms to law enforcement and criminal prosecutions can be taken forward by the CPS.
(2) a formal method of rebuking the firm.
(3) A promise to perform some type of remedial activity. Invariably the undertaking would be recorded in written format to establish a good level of formality. Once given the firm/member would be expected to fulfil their undertaking or be sanctioned.
(4) Normally a condition is associated with allowing a firm to continue to perform specified activities. The expectation is that a firm/member must comply with the condition or risk losing their registration, license or certification to perform the work in question.

In the past the range of sanctions available was considered by each supervisor to be in line with international requirements to effectively and proportionately dissuade non-compliance. The proposal for an EU Fourth Money Laundering Directive provides a more prescriptive list of minimum sanctions and the Treasury will be liaising with supervisors on these potential new requirements.

Enforcement action can arise as a result of monitoring interventions or investigations. Supervisors were asked to report on the enforcement action they have taken against their supervised population over the reporting period. This has been broken down into the affinity groups.

Enforcement action by accountancy sector supervisors

Enforcement action Number of actions taken
Fine 18
Condition 26
Action plan 136
Reprimand 25
Warning letter 78
Undertaking 3
Expulsion/removal/withdrawal 29
Other 28
Enforcement action Number of actions taken
Fine 4
Condition 23
Action plan 97
Reprimand 2
Warning letter 14
Suspension 5
Expulsion/removal/withdrawal 11
Other 9

Enforcement action by public sector supervisors

Enforcement action Number of actions taken
Fine 159
Other 3
Action plan 19
Removal of fit and proper status 86
Warning letter 389

Where accountancy sector supervisors had selected ‘other’ enforcement action, responses included the use of independent reviews, early or targeted visits and confirmations*. Where legal sector supervisors had selected ‘other’ enforcement action, responses included the use of referrals to law enforcement and disciplinary bodies and interventions. For public sector supervisors, the three instances of ‘other’ enforcement action taken were one criminal prosecution, one licence surrender and one variance of permission**.

* Where the finding from the visit is not sufficiently serious to warrant more severe regulatory action, confirmations may be sought from the firm that they have done or will do certain things, for example confirmation that the firm will update procedures to fully document compliance with AML legislation.
** The FCA has powers under section 55J of Financial Services and Markets Act 2000 (as amended) to vary or cancel an authorised person’s Part 4A permission and a power under section 55L to impose requirements on an authorised person including it is desirable to exercise the power in order to advance one or more of its operational objectives.

Box 2: Examples of enforcement action taken

HMRC prosecutes a high value dealer: In March 2013, in the first prosecution of its kind by HMRC, a director of a limited company pleaded guilty to four charges of breaching the Money Laundering Regulations 2007. The company was registered as a high value dealer but, in spite of compliance visits and warnings by HMRC’s Anti-Money Laundering Supervision team, the company failed to improve its record keeping which led to the referral to HMRC’s Criminal Investigation directorate. Sentencing has been adjourned while HMRC pursues confiscation proceedings under the Proceeds of Crime Act 2002.

Professional bodies expel members: The expulsion from/removal of membership can be an effective deterrent against non-compliance. Over the reporting period, within the legal sector two legal practitioners were expelled/removed from membership and nine had their right to practice withdrawn. Within the accountancy sector, twenty-nine accountancy practitioners were expelled/removed from membership.

FCA fines banks and MLROs: Over the past year, the Financial Conduct Authority has taken enforcement action against several firms and one individual in relation to weaknesses in anti-money laundering controls. This includes enforcement action against Habib Bank AG Zurich who were told to pay a fine of £525,000 in May 2012 for weaknesses in their AML controls over high risk and PEP customers. Habib Bank’s MLRO was also fined £17,500.

Supervisors should ensure that sanctions are effective, dissuasive and proportionate, and a number of themes emerged as to the various ways supervisors meet this requirement:

  • the use of indicative sanctions guidance
  • direct calculation for a penalty based on turnover/clients
  • publication of disciplinary proceedings to act as a deterrent
  • justification for sanction fully documented
  • approval process within the supervisory body to sign-off a sanction
  • sanctions imposed by an external, independent body
  • reviewing the state of the firm’s compliance before and after the application of sanction, with follow-up visits to check compliance

Supervisors’ approach to enforcement tends to focus on enhancing future compliance and engaging with firms on underlying issues. As the requirements of the Regulations become further embedded in the everyday practice of the regulated sector, taking robust action against those who demonstrate persistent or material breaches of the Regulations will assist supervisors to demonstrate that sanctions are proportionate and effective.

Responses indicate that supervisors continue to give firms the opportunity to correct their behaviour before sanctions are imposed. Of the 522 reported enforcement actions taken by accountancy sector supervisors:

  • 44% were action plans or warning letters
  • 3% were fines

Of the 195 reported enforcement actions taken by legal sector supervisors:

  • 53% were action plans or warning letters
  • 2% were fines

Of the 1381 reported enforcement actions taken by public sector supervisors:

  • 29% were action plans or warning letters
  • 11% were fines

Box 3: HMRC’s review of its application of sanctions

HMRC reviewed its policy and practice for issuing warning letters where non-compliance is identified, and found there was insufficient use of civil penalties in respect of serious and deliberate breaches. A more robust approach has been adopted and in future where the impact of non-compliance is serious or the non-compliance is judged to be deliberate, HMRC will issue a penalty rather than a warning letter. The revised policy has now been implemented and is now reflected in amended guidance and all HMRC compliance officers have attended penalty training events. The revised policy will be continually monitored by compliance managers and the results recorded.

At the start of this reporting period, the Regulations had been in place for over five years. Firms should understand their AML/CTF obligations and know how to meet them. The Treasury notes that the most common failures resulting in enforcement action or sanctions in this reporting period were:

  • customer due diligence shortcomings
  • failure to undertake document checks
  • poor commitment to ongoing monitoring
  • a lack of documentation to support internal systems and controls, including policies on AML/CTF compliance and risk assessments
  • a lack of understanding/application of a risk-based approach
  • the non-registration/renewal for supervision

These are fundamental AML/CTF obligations as set out in the Money Laundering Regulations of which all firms should be aware. While there will always be a role for remedial action, given the nature of the most common non-compliance issues identified, consideration of more punitive action being taken in conjunction with remedial action would help demonstrate that the application of sanctions are effective at dissuading non-compliance.

5.5 Advice and outreach

Context

Both the Regulators’ Compliance Code and the FATF effectiveness methodology expect supervisors to offer both general and targeted information and practical advice in a range of formats to the firms they supervise. This advice can be informal advice through the circulation of newsletters, e-magazines and law enforcement alerts. It can be formal guidance written by supervisors possibly in conjunction with industry, to help firms understand the best way to implement the Regulations in practice.

The new FATF effectiveness methodology also expects supervisors to provide firms with adequate feedback on compliance with assessors looking at the level of interaction with the firms they supervise through guidance and training.

Analysis

As recognised in the Treasury’s 2012 Annual Supervision Report, supervisors invest time and effort producing and updating specific guidance for the firms they supervise. Some refer to the Joint Money Laundering Steering Group (JMLSG) guidance or other guidance approved by the Treasury whilst others adopt specific guidance written for their sector.

Across the majority of supervisors, significant activity is undertaken to reach out to firms beyond the publishing of guidance. 74% of supervisors hold events; 70% have a telephone advice service; and 70% of supervisors have an email advice service. These are ways for supervisors to have two-way, real time engagement with firms, which also provides useful feedback for supervisors in the assessment of ML/TF and non-compliance risk.

A number of less interactive methods of engagement are also utilised by supervisors which still provide firms with instant guidance and support: 70% of supervisors use a website to communicate information to their firms; and 67% of supervisors send email updates. Other methods include the use of webinars, master classes, networking groups for Money Laundering Reporting Officers and AML newsletters.

Supervisors use follow up visits and reviews to discuss the importance of engagement with training and guidance, while professional bodies use Continuous Professional Development (CPD) monitoring to keep their firms up-to-date on AML/CTF obligations.

A number of supervisors noted that AML/CTF training and events are also available to firms through the private sector, so firms are not necessarily limited to using training provided by their supervisor. A supervisor which does not offer its own training courses may still meet its obligations to provide guidance and support to firms if other support is provided. However, understanding how firms are obtaining training and if they are not undertaking training at all will assist supervisors is assessing the risk of non-compliance.

5.6 Information sharing

Context

An effective AML/CTF regime requires supervisors to communicate and share information with each other. Some ML/TF risks may be common to some or all regulated sectors, and therefore supervisors should be able to share information on how best to identify and mitigate these risks. Supervisors may need to work together on individual cases where, for example, a firm changes supervisor.

Supervisors report that they share information regularly with one another about ML/TF risks on a general basis through various forums, including the AML Supervisors Forum and its affinity groups. The forum enables supervisors to share best practice, raise common issues and ensure that a consistent approach is taken by all supervisors. A number of supervisors made specific reference to the usefulness of these for information sharing.

Supervisors also report sharing information on specific cases. Where appropriate, supervisors have memorandum of understandings in place to facilitate this. The sharing of information is particularly important in instances where a firm ceases to be supervised by a professional body and needs to be contacted and supervised by HMRC, the default regulator for accountancy service providers and trust and company service providers. Supervisors should use information gateways available to communicate details of membership and conduct records with default regulators.

There were other examples of good information sharing between supervisors including from the Office of Fair Trading, who report sharing information with HMRC when they encounter unregistered money service businesses in the course of their work and the continuing joint working arrangements between the FCA and HMRC on the supervision of money transmitters*, including the joint visits to firms and comparison of their registers.

* HMRC is the supervisor under these Regulations while the FCA has a responsibility for consumer protection regulation of these firms under the Payment Services Regulations 2009.

Supervisors also report being able to share information with law enforcement using a number of methods, including NCA’s attendance at the AML Supervisors Forums, on individual cases and through dedicated law enforcement officers and departments within their supervisory bodies. 67% of supervisors reported that they share information from NCA with the firms they supervise. Supervisors should consider ways in which they can communicate information received from NCA with their firms where relevant, in order to assist them in the identification of ML/TF activity.

Information sharing with overseas counterparts and law enforcement is less common, and will depend on the nature and scope of the work carried out by the firms supervised. Seven supervisors reported engagement with overseas bodies, including discussions with overseas visitors on AML/CTF supervision, attendance at overseas events and committees and joint working with law enforcement and others on specific issues.

Box 4: International information sharing

The FCA works closely with AML supervisors in other jurisdictions. This may be through discussions in colleges of supervisors, where the various supervisors of globally active banks discuss key issues, which may include anti-money laundering controls. They also have bilateral discussions with their overseas counterparts about individual firms. For example, they worked very closely with the US authorities in 2012 over their investigations into HSBC and Standard Chartered Bank. The LSEW continues to provide advice on developing effective AML/CTF systems to leaders of Law Societies and Bars in Commonwealth countries through its annual Commonwealth Fellows program, and with other visiting international delegations.

6. Conclusions

Evidence provided by the supervisors demonstrates instances of good practice as well as highlighting areas for improvement. These opportunities for improvement include increased and more targeted liaison, education, monitoring, resource management and communications.

6.1 The risk-based approach

A risk- based approach to AML/CTF supervision is important in order for supervision to be effective and proportionate. To achieve this, supervisors should have a good understanding of the existing ML/TF risks faced by their firms, and have systems in place to identify new risks.

The NRA process is an appropriate opportunity for supervisors to share their sector specific expertise and insight on risks with government and for them to ensure their understanding of risks is informed by the wider risk picture across all sectors in the UK.

Supervisors must be aware of areas of non-compliance risk to enable them to appropriately supervise, monitor and regulate their firms for compliance with their AML/CTF obligations commensurate with their risks.

6.2 Monitoring activity

The majority of supervisors use at least one method to monitor compliance levels amongst their firms. While it is not possible to conclude that one method is more effective than another, supervisors need to be able to justify the methods they use and demonstrate that these methods are appropriate and effective.

The Treasury notes that some supervisors carry out lower levels of monitoring activity than other supervisors within their sectors. Where supervisors visit a small percentage of their members, having a rigorous sampling criteria and a strong programme of other monitoring activities will help to demonstrate that they have an effective risk-based approach to supervision.

The Treasury noted that not all supervisors were able to provide a breakdown of the results of their monitoring activity. Non-compliance issues identified in monitoring activity should inform risk assessments, future visits and outreach activities. Recording the results of monitoring activity is important in informing supervisor activity, assessing the effectiveness of supervisory work undertaken and the AML/CTF risks posed to the UK through ‘gatekeeper’ failure in a supervised population. Developing processes and systems to enable the capture and use of information on compliance from monitoring activity will be helpful in demonstrating effectiveness.

6.3 Enforcement action

All supervisors have a range of sanctions available to them, which is an essential aspect of being an effective supervisor. The Treasury notes that a wide range of sanctions have been used in this reporting period.

The most common failures resulting in enforcement action or sanctions in this reporting period are fundamental AML/CTF obligations as set out in the Money Laundering Regulations that all firms should be aware of. While there will always be a role for remedial action, given the nature of the most common non-compliance issues identified, consideration of more punitive action being taken in conjunction with remedial action would help demonstrate that the application of sanctions are effective at dissuading non-compliance.

6.4 Advice/outreach

A variety of engagement methods and mediums of communication continue to be used by supervisors. This remains an essential part of effective supervision and is specifically highlighted in the FATF effectiveness methodology. Supervisors communicate with their firms through a wide range of channels to increase awareness and understanding of the Regulations in practice. Understanding the engagement with training by their supervised population is one way supervisors can demonstrate how they are identifying and assessing the risk of non-compliance.

Understanding how firms are obtaining training and if they are not undertaking training at all will assist supervisors is assessing the risk of non-compliance.

6.5 Information sharing

The continued commitment to information sharing between supervisors and with law enforcement, both domestically and, where relevant, internationally is positive. Sharing information on ML/TF risks is important for supervisors to develop their own understanding of these risks and mitigations options. The government will continue to support supervisors in this area, especially through the public/private sector dialogue taking place within the NRA.

The Treasury welcomes the continued commitment to information sharing between supervisors on specific cases. This will ensure that firms cannot continue to operate while unregulated for AML/CTF. The consistent use of information gateways available to communicate details of membership and conduct records where firms move between supervisors will help supervisors to demonstrate effectiveness.

Information provided to supervisors by NCA can be useful in highlighting ML/TF risks and assisting firms in identifying ML/TF activity. Not all supervisors provide the information they receive from NCA to their firms. Communication by supervisors of the information received from NCA with their firms, where relevant, in order to assist them in the identification of ML/TF activity, is another way supervisors can demonstrate effectiveness of supervision.

The Treasury welcomes all feedback on this report and the proportionality and effectiveness of supervisors practice so that this can be fed back to supervisors and considered in the development of policy by the government as well as supervisors themselves. Comments should be sent by email to aml@hmtreasury.gsi.gov.uk or by post to:

Sanctions and Illicit Finance Team
The Treasury
1 Horse Guards Road
London
SW1A 2HQ

7. AML/CFT supervisors

Association of Accounting Technicians (AAT)

Association of Chartered Certified Accountants (ACCA)

Association of International Accountants (AIA)

Association of Taxation Technicians (ATT)

Chartered Institute of Management Accountants (CIMA)

Chartered Institute of Public Finance and Accountancy (CIPFA)

Chartered Institute of Taxation (CIOT)

Council for Licensed Conveyancers (CLC)

Department of Enterprise, Trade, and Investment Northern Ireland (DETNI)

Faculty of Advocates (Scottish bar association) (FoA)

Faculty Office of the Archbishop of Canterbury (AoC)

Financial Conduct Authority (FCA)

Gambling Commission (GC)

General Council of the Bar (England and Wales) (GCBEW)

General Council of the Bar of Northern Ireland (GCBNI)

HM Revenue & Customs (HMRC)

Insolvency Practitioners Association (IPA)

Insolvency Service (SoS)

Institute of Certified Bookkeepers (ICB)

Institute of Chartered Accountants in England and Wales (ICAEW)

Institute of Chartered Accountants in Ireland (ICAI)

Institute of Chartered Accountants of Scotland (ICAS)

Institute of Financial Accountants (IFA)

International Association of Book-keepers (IAB)

Law Society of England and Wales (LSEW)

Law Society of Northern Ireland (LSNI)

Law Society of Scotland (LSS)

Office of Fair Trading (OFT)

Help us improve GOV.UK

Please don't include any personal or financial information, for example your National Insurance or credit card numbers.