HMRC economic crime supervision annual assessment report: 1 April 2021 to 31 March 2022

Question 1

Foreword

Accepted Answer

I’m pleased to introduce this year’s annual HMRC self-assessment report of our Economic Crime Supervision function. This self-assessment analyses the extent to which HMRC is meeting its obligations under the Money Laundering Regulations 2017, as well as comparing it to the standards set for professional body anti-money laundering supervisors.

Money laundering supports a raft of harmful crimes that have a devastating effect on victims, communities and economies. So, preventing and tackling it is vital. Businesses play a key role in implementing the relevant legislation to manage money laundering risks through appropriate policies, procedures and controls, along with promptly reporting all suspicious activity.

HMRC, as the UK tax authority, a law enforcement agency and economic crime supervisor, is extremely well placed to exploit the extensive information that it holds on businesses to accurately focus supervision on those where the risks are highest in respect of money laundering activity. Our aim is to provide world-leading supervision and we have committed to enhance our supervisory approach in the government’s Economic Crime Plan (2019 to 2022) and to also support the delivery of recommendations made within the Treasury Select Committee Report on Economic Crime, Eleventh Report of Session 2021 to 2022 (published in January 2022).

This second self-assessment was commissioned to evaluate HMRC’s progress to date and identify further areas for improvement. A central principle of the UK’s strategy to tackle serious and organised crime is to make it harder for criminals to launder and profit from their illicit gains. I am proud of the key role HMRC’s robust supervision plays in achieving this goal and making the UK a more difficult environment for those who seek to launder criminal proceeds.

I hope you find this assessment of value.

Simon York, Chief Investigation Officer and Director, Fraud Investigation Service

Question 2

Executive summary

Accepted Answer

HMRC Economic Crime Supervision (ECS) is compliant with the regulations and framework constructed by HM Treasury (HMT) and the sourcebook for professional bodies as overseen by the Office for Professional Body Anti-Money Laundering Supervision (OPBAS) in relation to its responsibilities as a supervisor of regulated activity.
ECS has well-structured risk assessments that are used across all the relevant supervised sectors. The risk assessment process has been implemented across all sectors under HMRC Anti-Money Laundering/ Terrorist Financing (AML/TF) supervision and these assessments are kept under monthly review and updated as required to maintain an accurate, current risk picture.
ECS contributed proactively to the broader government Covid fee relief measures by allowing businesses due to pay fees in the early stages of the first lockdown to defer payment of fees for 6 months, benefiting business across all sectors during uncertain times.
ECS uses multiple supervisory tools to aid and deliver on its work, these are selected and deployed based on the identified risk. ECS is working to increase the number of interventions that it can undertake in both desk based and face to face form, through several initiatives, which includes an increase in staffing resource during 2021 to 2022. This significant growth underlines the commitment from ECS to deliver on its supervisory responsibilities by increasing its resources to widen the capability to deliver.
ECS has robust registration processes that are defined by the Money Laundering Regulations (MLR). In the 2021 assessment it was highlighted that issues existed in meeting the 45-day target for registration. Prior to this self-assessment progress has been made to increase compliance with the 45-day target and this has had a positive impact on the delivery of that target. However, it is also recognised that the demands of this target upon ECS make it difficult to achieve fully.
ECS also works with law enforcement partners externally and with other HMRC areas to share intelligence and identify and manage risk and criminality where it can under the legislation. ECS takes part in many cross-law enforcement and supervisory groups to further the ability to share appropriate information and intelligence and also provide expertise and knowledge to other agencies. Since the last review ECS has also taken forward work on international sharing and co-operation with partners including the United Arab Emirates.
ECS compliance with regulation 46(5), Suspicious Activity Reporting (SAR) has seen consistency with the previous year in terms of numbers of SAR reports created. ECS has also worked with the National Crime Agency UK Financial Intelligence Unit (NCA UK FIU) looking at reporting triggers to ensure that submissions are both accurate and have not been duplicated.
ECS continues to meet the ongoing challenge of increasing the number of supervisory interventions that it undertakes within a set year as it continues to enhance its approach to supervision, during the year ECS has undertaken 3,725 interventions, an increase of 2,580 from the previous year.
In 2021 to 2022 ECS delivered its final Economic Crime Plan commitment – to increase compliance intervention numbers. The pandemic and delays in recruitment impacted on the accomplishment of this objective during 2020 to 2021, however in 2021 to 2022 intervention levels increased significantly from 2019 to 2020 levels.
The Financial Crime Information Network (FIN-NET) is an information sharing network that facilitates exchange of information and intelligence between supervisory bodies and law enforcement agencies. This was re-joined by HMRC in 2021.
The regulations state that ECS must make information about Money Laundering and Terrorism Financing (ML/TF) available to businesses. ECS does this via guidance, webinars, online training and emails to members, as well as through its engagement with trade bodies and speaking at conferences. It has taken steps to ensure that going forward it can promptly share information on new risks with supervised businesses.
The significant increase in staffing resource in ECS brings a training challenge that is twofold, of training new staff, while developing the existing staff and doing so on a large scale while delivering the targets set for ECS. Training, and the focus on it, continues to significantly improve. There is still a wider opportunity to collaborate with colleagues in other HMRC areas to further improve the training offering.
Records of interventions are kept and ECS is driving up data reliability through the governance team and the use of the data hub. There is a robust quality assurance process in place, which is starting to improve performance. This improvement in data has also led to greater control and management of ECS budget forecasts, assisting the senior management team in its planning activity.
HMRC through ECS also leads the cross-government response to ML/TF in MSBs, working in partnership with other economic crime departments, the other statutory supervisors and law enforcement across the UK.
ECS has been working with the Institute of Chartered Accountants in England and Wales (ICAEW) to create a training film that exemplifies what can go wrong when due diligence isn’t completed correctly by registered accountancy businesses. It is anticipated that this video will assist with ensuring that accountancy businesses are more effective in adhering to their Anti-Money Laundering (AML) responsibilities, while acting as a template for additional future educational films.
ECS is exploring the ability to create YouTube videos, which would explain to businesses how to complete their regulated requirements across the sectors. These videos will focus on very specific areas, such as common errors made when completing documents. These videos will be made available on HMRC’s guidance pages.
ECS completed time critical work in August coinciding with the changing landscape in Afghanistan, providing communications to MSBs regarding the crisis and the effects to businesses. This work required cross-government working with both the Treasury and Home Office to ensure the messages were relayed efficiently and effectively.
During the 2021 to 2022 year the return rate for governance panel submissions requiring further work increased by approximately 20%. Data held by the panel on cases and on those returned for further work is well controlled and detailed. The governance panel are still identifying insufficiencies with cases submitted due to a lack of proper quality assurance (QA) being undertaken before submission. This QA issue isn’t exclusive to the governance area and needs to be addressed across ECS, with a robust and dynamic training solution devised and implemented.

Question 3

1.  Overview

Accepted Answer

1.1. The government’s Economic Crime Plan for 2019 to 2022, contained a commitment from HMRC that it would enhance its risk-based approach to supervisory activities undertaken by March 2021 and that it would carry out an annual self-assessment of its money laundering and terrorist financing supervision. The first self-assessment was published in 2021 and this self-assessment continues the commitment to the annual process and also looks to review and build upon the findings of the original 2021 self-assessment. The aim of this assessment remains that of ensuring that ECS, which was formally known as Anti-Money Laundering Supervision (AMLS) in the previous report, remains compliant with the relevant regulations under the Money Laundering Regulations (MLRs) and continues to meet the standards set for the Professional Body Supervisors (PBSs) as set out in the Office for Professional Body Anti-Money Laundering Supervision (OPBAS) Sourcebook, as far as is appropriate to HMRC.

1.2. The National Risk Assessment 2020 (NRA) estimates that serious and organised crime costs the UK economy £37 billion per year. Specific types of legitimate businesses can be exploited by criminals, or the businesses hijacked or fully operated for criminal purposes of Money Laundering and Terrorist Financing (ML/TF). Therefore, it is imperative that measures are in place to detect money laundering and prevent the criminal exploitation of these business sectors.

1.3. HMRC is one of 28 Anti-Money Laundering (AML) supervisors in the UK, delivering on its responsibilities through the ECS teams that are based nationally. ECS undertakes a primary purpose to help ensure that businesses supervised by HMRC comply with the relevant MLR and have the correct and appropriate systems and processes in place to protect themselves and their services from being exploited for the purposes of ML/TF. HMRC has responsibility for approximately 37,000 businesses operating from nearly 73,000 premises, across nine differing sectors:

Money Service Businesses (MSBs)
Accountancy Service Providers (ASPs)
Trust or Company Service Providers (TCSPs)
Estate Agency Businesses (EABs)
Letting Agency Businesses (LABs)
Art Market Participants (AMPs)
High Value Dealers (HVDs)
Bill Payment Service Providers (BPSPs)
IT and Digital Payment Service Providers (ITDPSPs)

1.4. This self-assessment has identified that HMRC, through ECS, is compliant with the relevant MLRs and the OPBAS Sourcebook on good practice expected of the PBSs. In this second self-assessment review of ECS the self-assessment team has, in line with OPBAS standards, focused on the effectiveness of HMRC, through ECS, in conducting AML/TF supervision. This is in contrast with the first self-assessment report which focused on technical compliance with money laundering regulations. There are recognised areas where effectiveness of ECS performance can improve further, but these areas do not impact on compliance with the requirements and come under the wider area of general business development and improvement as would be expected to ensure that the obtained compliance remains and is built upon.

1.5. From the detailed review conducted by the self-assessment team it is judged that ECS is effective and compliant in its obligations under the regulations and as set out in the OPBAS Sourcebook. In the last year ECS has taken considerable steps to improve and drive-up performance, despite the challenges that the pandemic has placed on many businesses. As with the initial self-assessment and this follow up, yearly assessments will continue to ensure that ECS continues in the progress that it has made to date.

Question 4

2.  Governance

Accepted Answer

Regulation 102 states that HMRC may impose charges on applicants for supervision and on businesses supervised by them. The fee however cannot exceed the amount HMRC considers necessary to cover the cost of supervision. There are no other specific regulations on HMRC governance.

The OPBAS Sourcebook states that PBSs should:

provide adequate resources to carry out their supervisory functions
clearly allocate responsibility for managing their Anti-Money Laundering and Counter-terrorist financing (AML/CTF) supervisory activity
evidence that senior management is actively engaged with their approach to AML/CTF supervision
have appropriate reporting escalation arrangements promoting effective decision making
have procedures to handle conflicts of interest

2.1. ECS has built on its established governance structures in the period since the 2020 to 2021 self-assessment and in doing so it has enhanced its capability to successfully track and improve its performance, while being able to more accurately undertake longer range planning with accuracy. ECS has developed, and continues to improve, its comprehensive data hub, which has been of great assistance in tracking and improving governance issues.

Fees

2.2. The MLRs state that HMRC can charge fees for AML/CTF supervision, but that these fees must not exceed what they think is needed to meet their expenses. ECS Senior Management Team (SMT) review their income and expenses monthly to ensure that supervised business’ fees are used as effectively as possible. The forecasting of income from fees has been an area which has improved under the governance structure since the last assessment and this has contributed to allowing more stable long-range planning by ECS senior managers and as such will assist towards the work of ECS in being a robust supervisory authority as it will better be able to plan, allocate and utilise the resources available to it through this improvement.

2.3. A public consultation on the sustainability of the future fees model (as opposed to the level of fees) was referenced in the previous assessment. This review has been delayed and will be reviewed for relevance and advanced if required in the financial year of 2022 to 2023 for consultation. The next self-assessment will be able to report on the outcomes and next steps taken by ECS in respect of this.

Clear allocation of responsibility in ECS

2.4. Since the initial self-assessment of 2020 to 2021 HMRCs supervision teams have been renamed to Economic Crime Supervision and have been moved into the newly formed Economic Crime directorate within the Fraud Investigation Service. This has brought together specialist knowledge and skills across the Economic Crime directorate that is focused on common goals detect, educate, and prevent all types of money laundering and fraud, through Criminal and Civil means. It has provided synergy and focus with all teams that cover the wider area of Economic Crime reporting to one Deputy Director and so ensuring that there are no barriers to knowledge sharing and joint working across all teams within the Economic Crime teams based within HMRCs Fraud Investigation Service and working to achieve increased capability and robustness from all teams in this area, not just ECS.

2.5. The management team across the ECS directorate is committed to driving forward the vision statement and core HMRC beliefs. In response to last year’s self-assessment a new operating and responsibility model has been developed across each sector of the ECS directorate ensuring that all managers and staff have a clear understanding of their individual roles and responsibilities. The operating model has been well received overall and is assisting ECS’s end-to-end compliance function, further improving efficiency and effectiveness. Alongside the adoption of a new operating model, ECS have developed and produced clear role profiles for every individual role across ECS.

2.6. The establishment of the operating model has assisted with the top-down management across ECS with the 2 Assistant Directors being responsible for Operations and Strategy respectively, with one Deputy Director now having responsibility for all of ECS. This has allowed each of them to focus on their specific area, dedicating more of their time to improving each diverse function thus leading to a more comprehensive regulatory model.

2.7. Within the governance team the structure implemented has split responsibilities across 4 sub areas with ECS, these being:

recruitment, change control, culture, internal Comms and Knowledge Library
Governance Panel secretariat and SMT support
finance and data
project lead

2.8. This clear structure and the management responsibilities that fall from this mean that all staff within governance are able to have a clear focus on their primary role and responsibilities and how their work contributes to the wider delivery within ECS. This clear delineation has been a key factor in the continuing improvement of the governance area. However, there are within the full structure a number of vacancies at Officer and Higher Officer grade and the successful recruitment of people into these posts and their embedding into the governance work will be key to maintaining and improving delivery.

Senior oversight

2.9. The EC Deputy Director and SMT within ECS are actively engaged with their approach to supervision. In addition to ad hoc meetings and regular interface with staff, the SMT meets monthly to discuss pressing issues facing ECS. At the set monthly meetings oversight issues are placed within the agenda for discussion across the wider SMT, either to create solutions or benchmark effective solutions which have been used within ECS. They also discuss budgetary points at meetings and now have a much clearer view on the financial situation within ECS, which has allowed for more accurate predictions to be considered when planning out future work, projects and campaigns. The outcomes from the SMT meetings are reported to the Deputy Director of Economic Crime, in order to ensure the SMT remains focused on the priorities for business delivery within ECS. These outcomes, along with key risks and issues are reported to the FIS Director by the Deputy Director for ECS each month.

Communications

2.10. ECS sends out regular communication to their staff regarding news, readouts of SMT discussions, changes to the working environment and successes that have been achieved across their regulatory sector. This is managed through the governance team who control a central mailbox for all communications that require ECS wide dissemination, once received into the mailbox they are processed and disseminated, giving control over the communications issued and ensuring consistency. There are frequent virtual catch-ups across each sector as well as wider leadership team events. Now that the directorate and wider HMRC have returned to offices following enforced Covid restrictions, SMT will strive to visit all offices to ensure their visibility and accessibility to ECS staff.

All staff communications sent out by ECS

Year	For info	For action
2019	39	14
2020	57	21
2021	65	10
2022	17	3

Data for 2022 only held until March 2022, data is recorded per calendar year.

2.11. ECS has adapted well during the sustained change to the working environment over the course of the Covid pandemic, utilising virtual tools to cascade messages and hold regular staff involvement meetings. The use of virtual tools for engagement has assisted in fostering a better working culture across teams which are spread out nationally as well as allowing teams to work efficiently and effectively from home during the Covid restrictions. It is envisaged that these virtual tools will continue to be utilised now that staff have fully returned to offices. It has also had the additional benefit of ECS staff becoming familiar with the use of digital tools in daily work, improving skills and knowledge across ECS.

2.12. The governance teams within ECS are responsible for maintaining the Knowledge Library (KL) and ensuring that it is up to date. The KL provides great benefit to all staff across ECS, acting as a one-stop shop for all relevant information assisting individuals in being more effective in their roles. It will only retain this level of effectiveness if it is fully utilised by ECS staff and so efforts to promote and drive its use must be maintained, while the accuracy and relevance of the data must remain under constant review. The KL continues to be enhanced as demonstrated by development of the ECS handbook that will assist all ECS staff in their daily work. Phase 1 was completed during December 2021 and phase 2 will focus on identifying and filling gaps; with all phases planned for completion within the 2022 to 2023 financial year. This will be underpinned by an enhanced MLR staff training package to give all staff an up-to-date reference point to assist in the delivery of any aspect of their duties, increasing staff knowledge and effectiveness at all levels across ECS. It should be noted that the handbook will require continual monitoring once fully implemented to ensure it maintains accuracy with MLR legislation and ECS working processes.

2.13. ECS has continued to promote and champion the new vision statement implemented the previous year; ‘Working together to protect the UK against the risk of money laundering and terrorist financing, through world class supervision’. This statement features prominently on the KL homepage, has been regularly discussed across each sector at meetings and included on email correspondence from the individual sector leads. Furthermore, the new vision statement is referred to on day one of all induction events run for ECS new starters. The statement ensures that all staff within the directorate have a clear focus on what ECS is striving to achieve within its regulatory capacity. Having discussed the vision statement with the sector leads they all showed an excellent understanding of what ECS is aiming to achieve and displayed a clear vision of how they are pushing and developing work on their sectors to achieve this overarching goal.

Question 5

3.  Risk-based approach

Accepted Answer

Under Regulation 17 of the MLRs, supervisors are required to undertake a risk assessment, covering the international and domestic risks of ML/TF in the sector. This assessment must be informed by certain documents, including the National Risk Assessment (NRA). The supervisor must keep an up-to-date record in writing of the steps it has taken to make its assessment.

Supervisors must also have a written risk profile for each business in its sector and update these regularly in response to developments. Regulation 46 requires the supervisor to use the risk profiles they prepare to decide the frequency and intensity of onsite and offsite supervision.

Section 4 of the OPBAS Sourcebook also requires PBSs to:

adopt a risk-based approach, focusing efforts and resources on the highest risks
ensure measures to reduce money laundering and terrorist financing are proportionate to the risks
regularly review the risks to their sector(s), including reviewing the NRA and other relevant documents
support their members in the adoption of a principles-based risk-based approach
designing and implementing a risk-based approach (RBA) using different methods, including considering the probability of ML/TF taking place, the impact of potential harm and use of clustering

Sector risk assessments

3.1. ECS has assessed the risks presented by each of its supervised sectors as listed at 1.3. The risk assessments created by ECS remain under review and are amended as required in order to continue to highlight and mitigate risk. The self-assessment team has reviewed this and considers these to be a well-developed foundation for the risk-based approach to supervision adopted by ECS.

3.2. The risk assessments have been kept under review by ECS and have been updated and adjusted as required or have been revisited in response to trigger factors even if not changed from the extant format in use at that time. This shows that ECS is alive to the risk factors that it faces across its supervised sectors and has a tailored picture of risk for each sector that is updated or reviewed as required to ensure it remains valid and robust. This is illustrated in the ECS response to the Afghan crisis as this event initiated an immediate review of the MSB risk assessment in respect of money transfers and movements to the country by supervised entities. (for further details regarding the Afghanistan outreach work, please see section 6.11).

3.3. The risk assessment documents are sector-specific and include the consideration of various external reports including the National Risk Assessment, EU Supra-national report and publications from Financial Action Taskforce (FATF), while also ensuring the valuable staff experience and knowledge of ECS staff is utilised in addition to the wide-ranging intelligence that is available to ECS. The risk assessments are clear in how risk is assessed on areas such as the product, geographical risk or client size, while also including potential impacts from business size, scope or reach and any potential relationships or links to other businesses. The size of the business is not a presiding factor in interventions that are undertaken, more so it is the risk that the business is exposed to from its trading activities that drive interventions by ECS.

3.4. It is vital that identified risks are tackled through a coherent strategy to ensure these are addressed effectively, Promote, Prevent and Respond are the key approaches taken. ECS has developed and established processes to ensure these assessments are reviewed on a 3-month basis or sooner where events dictate a possible change of risk, as such they are actively managed and in essence under constant review.

Case study – Russia risk response

Russian investment in UK property is well-known. Estate Agent Businesses (EABs) are required under the Money Laundering Regulations to undertake appropriate money laundering risk assessments and implement measures to manage those risks.

Whilst HM Land Registry should impose restrictions on land and property title deeds owned by designated persons, it is likely that sanctions targets will try to liquidate UK assets and remove them from UK jurisdiction. Given the complex financial arrangements often involved, there is a risk that ownership may not be traced to a sanctioned person.

HMRC has a campaign in progress to ensure that estate agents selling super-prime properties (properties worth over £5 million) have appropriate risk assessments in place (and that those risk assessments have been reviewed to consider the potentially heightened risks stemming from the situation in Ukraine) and robust policies, controls and procedures in place to manage those risks. Those controls must include sanctions screening and appropriate customer due diligence (including source or wealth and funds where appropriate) and must be conducted both at the beginning of the customer relationship or before completing a one-off transaction and on an ongoing basis.

A number of businesses have already been inspected for compliance in a focused period of action which commenced in April.

HMRC will use the full toolkit available, including regulatory sanctions as appropriate, to address any compliance failings.

Risk-based allocation of supervisory resources

3.5. ECS utilises a 3-stage approach to allocation of resources for supervision purposes, these being:

between or across the sectors on the basis of the balance of risks
each sector lead then allocates their allotted resources between different campaigns, which focus on different risk criteria
risk teams then identify which precise businesses should be included in each campaign. They do this on the basis of business risk profiles, as well as other internal and external information sources

Allocation of resources between the sectors

3.6. ECS allocates and focuses resources to campaigns or compliance activity based on the risk that is recorded with the sector risk assessments (or cross-sector risks) or to undertake test and learn activity that can specifically assist in the understanding of risk within a supervised sector and that information then be incorporated into a future risk assessment update if required.

3.7. The now established risk assessments for each supervised sector have been instrumental in driving the risk-based approach that ECS now utilises at its core to ensure that robust supervision and legal compliance is delivered across all supervised sectors, a process that is now well embedded across ECS.

3.8. Within each campaign, interventions are focused following an extensive review of many risk factors and data points. Almost all of these risk factors are included in ECS’s risk matrix, which is a dedicated AML data collection return based on the business’ application for registration as well as other sources of intelligence such as tax compliance and law enforcement. The risk matrix is the risk profile of each business, therefore meeting the requirements of Regulation 17.

3.9. However, these risk profiles do not always on their own provide a complete picture of the risks presented by a business. In many instances too many factors are included in the risk matrix, including occasionally irrelevant information, and the weighting system is not reliable and can give too much weight to tax and tax compliance issues. The combination of these risks with data from intelligence sources produces a more complete picture in a large number of cases and ECS has been making use of these broader profiles. There are plans to expand the intelligence tools available and further develop and inform the picture of risk.

3.10. ECS undertakes campaign activity within specific sectors, again driven by risk. An example of this approach is detailed in the following case study:

Case study – Large estate agency business

ECS visited a large estate agency business (EAB). The business operates across the UK and mainly dealing with residential property. During the compliance intervention breaches of the MLR in 2007 and 2017 were identified. This included failure to maintain the businesses policies, controls and procedures and failure around customer due diligence processes including failure to verify customers identities. A significant financial penalty was imposed, which was upheld by HMRC following an independent review.

Cross sector

3.11. ECS also undertakes campaigns and interventions across the full spectrum of sectors, through random sampling of registered businesses to allow ECS to test the risking approach and follow up visits for those businesses or entities that have received a warning or penalty from previous intervention activity.

Case study – UK Trust or Company Service Providers (TCSP): Week of action

ECS completed a week of action between 4 and 8 October 2021 in respect of TCSP businesses. From the week of action, the following results were achieved:

12 warnings issued
1 penalty issued
23 compliant businesses identified
14 cases identified as requiring further investigation

Supporting businesses’ risk-based approach

3.12. ECS supports businesses in taking a risk-based approach. Information on how to take a risk-based approach has been provided to businesses via the guidance. This has been supported with webinars, which are available on the HMRC GOV.UK pages (more details in section 6). ECS has also delivered e-learning covering the risk-based approach. ECS staff are trained to support business’ risk-based approach, and not to adopt a prescriptive or tick-box approach when reviewing business’ anti money laundering and terrorist financing risk assessments, policies, controls and procedures. ECS also utilise email campaigns as another method of supporting and educating businesses in existing and new risks. ECS are exploring ways to expand the use of HMRC’s established social media platforms to help increase communication and interaction with businesses.

Question 6

4.  Supervision

Accepted Answer

Regulation 46 requires supervisors to effectively monitor their own sector and use the risk profiles they prepare under Regulation 17 to decide the frequency and intensity of onsite and offsite supervision. The regulations also require supervisors to ensure their approach to supervisory functions takes account of the guidelines issued by the European Supervisory Authority. The regulations require the supervisor to take appropriate measures to review the risk assessments carried out by businesses, and the adequacy of their policies, controls and procedures.

HMRC must abide by regulations to which it is subject, and which are linked to regulation activity. HMRC must maintain a register of MSBs, TCSPs, HVDs and PSPs, as covered by regulation 54(2). Regulation 55(3) also allows HMRC to maintain a register of other sectors as well and HMRC is free to publish these registers. The register of HMRC supervised and authorised entities is published on GOV.UK in an Excel file that is accessible and downloadable to the public.

Further regulations that are relevant to HMRC and utilised within the regulatory supervision are:

Regulation 57 covers the rights of the supervisory authority, in this case Economic Crime Supervision to require relevant persons to provide information to support their submitted application for registration.
Regulation 58 requiring HMRC to carry out Fit and Proper tests on responsible persons involved in MSB or TCSP sectors.
Regulation 59 sets out the grounds as to when HMRC can refuse a registration application, while it states that HMRC has 45 days in which to complete a registration application.

The OPBAS Sourcebook states that:

supervisors can select members for supervision based on who poses the greatest risk
supervisors should have a number of tools to use when monitoring how adequate members’ AML/CTF defences are
these tools should enable them to compare a member with its peers
supervisors should adopt a gatekeeper role when considering whether a member meets. the ongoing requirements for continued participation in the profession
supervision can include a sampling approach

Supervisory Tools

4.1. ECS utilises 2 primary methods to monitor compliance of the entities that it supervises. These are face-to-face and offsite, remote Desk Based Interventions (DBI), allowing monitoring of compliance with the specific and relevant regulations. These interventions allow ECS to compare and evaluate the anti-money laundering and counter terrorist financing arrangements of any supervised business with the required regulatory standards, allowing an informed assessment on the robustness and quality of any business’s controls.

4.2. Risk is the driving factor that will determine whether any investigation into compliance activity is undertaken through DBI or face-to-face. Risks are ones posed by the business as an individual entity and also in the context of the sector or sub sector in which that business operates. The level of risk is one that the appointed compliance officer will keep under review when starting any DBI. A visit to any business may be announced or unannounced and this will again be dependent on the identified risks and strategy that is deemed to be needed and most appropriate to obtain the required information.

4.3. A steering group with members from across the compliance teams has also been established to allow all to feed into and have an input into best practice and working changes to improve efficiency, giving ownership to all the teams in helping drive and improve standards. The following table displays the penalties issued by ECS over the past 3 years. It is reflective of ECS and its drive to be a robust supervisor that the number of penalties has increased. During 2021 to 2022 ECS revised a number of penalties, resulting in the adjustments detailed below. ECS’s ability to better identify and address non-compliance robustly provides a wider deterrent effect beyond the impact on the sanctioned business.

	2018 to 2019	2019 to 2020	2020 to 2021	2021 to 2022
Penalty counts	113	31	41	283
Penalty values	£1,226,437	£9,066,033	£32,810,612	£2,502,415
Revised figures	£1,226,437	£1,911,227	£3,078,182	£2,502,415

The revised figures have been created to display all previous year’s figures, reflective of the update to the penalty framework enacted in 2021.

4.4. The interventions target for 2021 to 22 was a stretching one and the ongoing, and varied, national restrictions across the UK have continued to limit the volume of face-to-face visits conducted, with DBIs continuing to form a substantial part of ECS’s compliance work. The use of DBIs is a very valuable tool. However, ECS should ensure these are used based on risk assessment and that they do not become the standard approach to compliance intervention. This could risk missing the opportunity for direct engagement with supervised entities and the benefits that can bring from the ability to pass and communicate messages and regulatory updates, through to the identification of new or additional risks. ECS will continue to consider what level and type of intervention is appropriate, in accordance with government Covid guidance.

Gatekeeper role; Registration

4.5. ECS has established processes to ensure only legitimate businesses are capable of meeting the requirements of the Money Laundering Regulations and are allowed to gain registered status with HMRC. The process in place is compliant with Regulation 57. Applicants must complete comprehensive registration documents that are tailored to the business area in which they trade and are designed to gather sufficient material to accurately assess the risks that business may pose. The information obtained is cross checked with numerous other intelligence and data sources, held by HMRC or externally with law enforcement partners. Where any potential issues or ambiguity is identified then additional information will be requested from the applicant to clarify and resolve the issues.

4.6. In certain cases, ECS may send questionnaires to obtain the required information to make a decision on registration. Applicants will be requested to provide documents or evidence setting out their policies, procedures and controls as well as other documents that may be needed in an individual case to obtain the material upon which to base a decision. As an example, knowledge and learning within ECS has identified that High Value Dealers (HVDs) have a history of non-registration, and registration where not required, therefore extended and more detailed checks will be applied here to counter the risks posed.

4.7. When requests for information are made applicants are given 21 days to respond to the requests, which is specified within the regulations. At registration all applicants are advised that they must inform ECS as soon as possible and within the timeframe specified in the regulations of any changes to the information they have provided. This is repeated in the welcome email they are sent and in online training and webinars. At the point of renewal of registration, one year later, this obligation to disclose changes is again repeated. The Economic Crime Supervision pages within the HMRC sections of GOV.UK also clearly feature how to disclose and inform of changes. Any decisions not to register a business are taken in line with regulation 59 and fully recorded in respect of the rationale by ECS.

4.8. The below table provides a snapshot of the cancellations and suspensions implemented by ECS over the past 4 years, exemplifying the progress made and the application of the robust registration procedures:

	2018 to 2019	2019 to 2020	2020 to 2021	2021 to 2022
Suspensions	–	3	14	4
Cancellations	5	89	54	4

HMRC’s first suspension was 2019 to 2020.

The number of businesses HMRC prevented from engaging in supervised activity due to identified regulatory breaches, by way of cancellation. This does not include cancellations of business for administrative purposes.

4.9. Over the last 3 years ECS has made progress in identification and action against non-compliant business and ensured that action has been taken. During the 2021 to 2022 period the progress appears to have stalled, particularly in respect of cancellations that have been undertaken. This could be due to the success in previous years meaning the deterrent effect that produced has now filtered through to the businesses or it could be due to limitations on tools such as face-to-face visits due to Covid restrictions. It is not possible to easily identify the reason for the change in figures here, as such ECS should keep this under close review in the 2022 to 2023 period to look at any trends that may emerge and then act upon those.

Fit and proper and approvals testing and 45-day rule

4.10. ECS carries out fit and proper testing, on MSBs and TCSPs and their relevant persons, as set out in regulation 58. This must be completed and passed before the business can be registered. The process can be a complicated one and often additional information will be required. If this results in slow or delayed responses from the applicant, when combined with the detailed checks, it can mean that the set 45 days to complete a registration is surpassed. The reforms and increases in performance that have been achieved since the last review have assisted in mitigating this, however it is not possible to guarantee that the specified 45 days will not be breached. With the target of all registrations being completed within the 45 days not being met by ECS (as shown in the chart below) this area is one that ECS needs to review further. Should plans to achieve compliance not be possible, ECS should seek to engage HM Treasury (HMT) with evidence on the difficulties of achieving this target and whether this is the correct time period for the registration process.

4.11. Currently where businesses are registered as an agent of the main principal business, it falls to the registered business to undertake the fit and proper testing of its agent and ensure they are compliant with the regulations to the same standards as ECS applies to the main registered business. As such the main business becomes responsible for its agent network. This is setting aside that the agent may be registered with ECS in their own right as they may undertake other work separately to their agent work.

Percentage target achieved in respect of 45-day rule

Year	Percentage
2018 to 2019	72.34%
2019 to 2020	58.73%
2020 to 2021	78.07%
2021 to 2022	70.71%

Maintaining a register

4.12. ECS maintains a register of all registered businesses under its supervision. This data is published on GOV.UK in an excel file and is available to the public to search. The limitations to this data are the monthly updates, although suspensions and cancellations are processed faster. Meaning that the register available to the public cannot be guaranteed to be up to date at all times. The data is stored and presented to the public in a way which is limited in its user friendliness as the Excel file requires downloading and opening and in some cases the column size then adjusted to read the data and then perform a search. This assumes that the person searching is using a compatible device and has the required proficiency in Microsoft Excel. As such this register although effective in publication is not the user interface people now expect.

4.13. ECS is working closely with other supervisors and partners across government to look at a single cross-government MSB register that would incorporate HMRC, Financial Conduct Authority (FCA) and Gambling Commission data in one location and this work also provides an opportunity for Economic Crime Supervision to utilise the same IT solution to produce a new, user friendly, more accessible register that could be updated in close to real time. As such this is something that should be pursued between this assessment and the next one.

Policing the perimeter

4.14. Teams involved in ‘policing the perimeter’ (PTP) are involved in the identification of businesses that are trading while unregistered with the aim to prevent these businesses from continuing to trade unregistered or in some cases bringing them onto the register. The system is effective, however allowing registration of a business that has operated and avoided registration previously does bring enhanced risks that ECS is aware of and has active management plans for. The below table displays the work completed by ECS in regard to PTP from 2018 to 2019, to 2021 to 2022:

	2018 to 2019	2019 to 2020	2020 to 2021	2021 to 2022
Brought onto the register	0	87	59	67
Penalties issued	0	0	2	23

4.15. The restructuring of the policing the perimeter teams has been effective in allowing the targeting of resources into this area and, when combined with campaigns to bring attention to registration requirements, it has assisted in increasing effectiveness in this area that will continue to be built upon. This is supported by the now revised sanctions framework that can be utilised to create deterrent factors in this area and further increase registration compliance.

Question 7

5.  Information sharing between supervisors and public authorities

Accepted Answer

Regulation 50 requires supervisors to take appropriate steps to co-operate with other supervisory authorities and law enforcement in addition to HMT, in respect of the development and implementation of policies to counter money laundering and terrorist financing. Supervisors must also co-ordinate activities with its partners to counter money laundering and terrorist financing. Co-operation by ECS with overseas authorities and partners is also required to ensure effective supervision of relevant persons linked to both the UK and the additional jurisdiction.

The OPBAS Sourcebook states that PBSs should:

take part in existing information and intelligence sharing arrangements
actively share intelligence with other supervisors and law enforcement about active misconduct investigations
participate in inter-organisational sharing arrangements such as Shared Intelligence Service (SIS) and FIN-NET (Financial Crime Information Network)
nominate a single point of contact (SPOC) to manage their AML/CTF obligations
appoint a nominated officer to report knowledge or suspicion of ML/TF to the NCA
have arrangements to handle disclosures from whistle blowers

Co-operation and co-ordination in the development and implementation of policy

5.1. ECS is an active member of several supervisory groups focused on sharing information about typologies and supervisory practices. Examples of these groups include the Anti-Money Laundering Supervisory Forum, the Accountants AML Supervisory Group, and Intelligence Sharing Expert Working Groups (ISEWG). Through attendance and participation within these groups HMRC is able to share and learn about new and emerging practices, whilst sharing appropriate supervisory intelligence in order to ensure it remains updated on new and emerging risks facing supervisors.

5.2. ECS is currently working closely with other supervisory partners including the FCA and Gambling Commission to create a single cross-government register of the regulated MSBs which will assist in identifying potential issues and threats in greater detail across this regulatory area.

International co-operation

5.3. ECS is also part of international supervisory groups, including groups that are part of the Five Eyes group, which aim to share risks and intelligence with close international partners that include the USA, Canada, Australia and New Zealand. In the last year ECS has also worked closely with international partners in the United Arab Emirates.

5.4. HMRC’s network of over 40 embassy-based Fiscal Crime Liaison Officers (FCLO) provide further support to investigations and information sharing requests by building effective relationships with the authorities in different states. ECS has made effective use of this and has used this to assist in working closely with Dubai based colleagues.

Case study – Working with external partners

ECS has worked with the Fiscal Crime Liaison Officer (FCLO) network and engaged proactively with partners in the United Arab Emirates (UAE) and has achieved this through close co-operation with the HMRC Dubai-based FCLO team. This is part of an HMRC, and wider government offer to assist UAE partners with work flowing from the UAE 2019 Financial Action Task Force (FATF) Mutual Evaluation Review.

The review identified areas where the UAE could strengthen its handling of risk in regulated sectors such as MSBs and dealers in precious metals and stones. ECS identified an opportunity to engage and work with partners in the UAE’s Ministry of Economy (AML department), which had recently been the supervisory authority for CSPs, DPMS and Real Estate Agents. With parallels existing between the 2 supervisors, ECS agreed to design and deliver capability building support in the form of workshops with UAE partners. Similar workshops were also arranged for the UAE’s Central Bank which had a supervisory role around MSBs.

The capability building programme from HMRC (also included Trade Based Money Laundering (TBML) training from FIS and analysis training from RIS IA to other parts of UAE apparatus) was part of a wider initiative which laid important groundwork and foundations of credibility and trust for the landmark Illicit Finance Partnership Agreement signed between UAE and UK earlier this year.

5.5. ECS worked closely with the HMRC FCLO colleagues in Dubai to shape the content of the workshops for both the Ministry of Economy (MoE) and the UAE Central Bank in response to requests on topic areas from our UAE partners. This primarily covered HMRC’s risk-based approach to Anti-Money Laundering Supervision that ECS has been successful in implementing and building upon and the ways in which this has been achieved and is implemented by ECS. Various colleagues from ECS delivered the workshops in spring 2021 and this allowed the skills and knowledge of these ECS colleagues to be utilised and also for them to interact, network and also learn from UAE colleagues.

5.6. In this example of significant international co-operation between a UK supervisor and an international partner, training days were delivered virtually to senior and practitioner-level staff across the MoE and Central Bank. Simon York, FIS Director, opened both workshops, demonstrating the importance of this international engagement, which received very positive feedback from participants and gained significant positive publicity across a number of media outlets including the example detailed below:

‘The Ministry of Foreign Affairs and International Co-operation (MoFAIC) welcomed Her Majesty’s Revenue and Customs (HMRC) for a series of joint technical training workshops on anti-money laundering and countering the financing of terrorism (AML/CFT), held in March and April 2021.

The workshops, hosted by the HRMC’s team of experts, provided an opportunity to share the latest advances in AML/CFT thinking as part of the UAE’s ongoing efforts to raise awareness, build technical expertise, and further strengthen its supervisory system.

Key institutions from across the UAE benefitted from the skills and knowledge exchange, including the Ministry of Economy, Federal Customs Authority, and the Central Bank. The workshops were designed to share the UK Government’s leading approach, experience and latest AML/CFT methods, with a focus on several specific target areas of risk, including: Trade-based money laundering, including the misrepresentation of price, quantity or quality of goods moved through international trade such as in the precious metals sector.’

5.7. Due to the success of the workshops led by ECS with UAE colleagues, FCLO colleagues have planned the creation and delivery of further events. These are likely to be more informal and allow subject matter experts from the UAE and ECS to undertake detailed discussions on specific areas. One workshop occurred in March 2022, with another planned for May 2022, with the aim of joint work to tackle shared UAE/UK ML risks.

5.8. Feedback from FCLO colleagues and internal HMRC law enforcement partners has indicated potential inefficiencies in the intelligence sharing relationship which they have with ECS colleagues. Although intelligence sharing with law enforcement partners nationally or internationally requires appropriate legal gateways, internal sharing of intelligence from within HMRC with FCLO or law enforcement colleagues is not bound in the same way. ECS is aware of the inefficiencies in internal sharing with FCLO and internal law enforcement colleagues and is working to ensure these are eliminated in the 2022 to 2023 year.

5.9. HMRC is bound by the Commissioners for Revenue and Customs Act (CRCA) 2005. This Act clearly states at s18 that HMRC is prohibited by law from disclosing information about taxpayers except in certain prescribed circumstances, such as where there are other enactments allowing disclosure. Making any unlawful disclosure of HMRC information could constitute a criminal offence punishable by a fine, a prison sentence or both.

5.10. Regulation 52 of the MLR is an enactment which allows HMRC to disclose information that is directly related to AML/CTF supervision to other supervisors and names relevant authorities. Appropriate legal gateways are available and utilised so that HMRC can share additional information with the Gambling Commission and FCA.

5.11. ECS regularly engages with stakeholders across all its regulated sectors at conferences, trade events and other arranged events. For example, this includes the Responsible Art Market (RAM), HMRC Customs, businesses representing AMPs and some identity providers giving a range of insights into the art industry and issues they see. ECS attended one conference in person, a trade body conference in October 2021 where ECS was able to interact with senior business representatives in the art industry. For the EAB and LABs a lot of the stakeholder engagement is joint as the stakeholders represent both. This includes the 2 main trade bodies, PropertyMark and RICS, as well as a representation of 5 of the large EAB/LABs, separate engagement with some of the larger EABs and working closely with National Trading Standards (NTS). ECS spoke at one trade conference in person in November 2021, which focused on lettings businesses and gave a valuable insight to the industry and introductions to some new stakeholders. For all these sectors ECS is reviewing their stakeholder outreach and plans to have regular engagement relating to art fairs, with the British Art Market Federation (BAMF) and some other large businesses.

5.12. HMRC also has an extensive network of embedded staff sitting with police forces across the UK. In England and Wales, they sit in each of the 9 Regional Organised Crime Units (ROCU). Each ROCU comprises the individual police constabularies in the region. HMRC’s embedded staff have direct daily contact with the constabulary representatives in the ROCU. In Scotland, Northern Ireland and London, where there is no ROCU established, HMRC has embedded officers in the individual forces: Police Scotland, Police Service of Northern Ireland, the City of London Police and the Metropolitan Police Service. Additionally, having multiple officers embedded with the National Crime Agency and other government partners. Many of the ROCUs include Economic Crime Units staffed by police financial investigators and HMRC’s embedded officers interact with them frequently to facilitate the two-way exchange of intelligence.

5.13. ROCU embedded officers can consider requests, these requests are all processed within existing legal gateways. As such this provides a communication and engagement channel for ECS to interact and make requests of Police colleagues and the same where Police colleagues can seek the assistance and expertise of ECS in order to enhance or progress any operation.

5.14. There are no further enactments in relation to the Public Body Services (PBSs), which means they do not have any additional gateways which would allow HMRC to easily share non-supervisory information. Except in very limited circumstances, the Gateway teams in HMRC have highlighted one gateway at CRCA 2005 20(3) which has sometimes been used to provide further information. This is the public interest gateway, which states that disclosures can be made to bodies responsible for the regulation of a profession, where they relate to the misconduct of a member and the misconduct relates to a function of HMRC.

5.15. One of the criteria set out in legislation is that any public interest disclosure must also be subject to an instruction to disclose. This instruction can either be general, and enable a class of information to be disclosed, or specific, covering a one-off disclosure. There is only one general instruction under s20(3) CRCA 2005 – which enables disclosure to be made to professional bodies with responsibility for the accountancy profession. At present it does not enable disclosure in respect of members of the legal profession, however HMRCs executive committee (ExCom) has agreed a protocol for the legal profession and the process is now being agreed with the relevant bodies. In all cases, the necessity and proportionality of a disclosure must be established and a key part of this is whether the disclosure would contribute to the purpose of preventing misconduct by a member of that profession in relation to an HMRC function. ECS has been able to make appropriate disclosures outside of these limitations using the powers available under s52 of the Money Laundering Regulations which has allowed the sharing of appropriate data with other relevant supervisors and other law enforcement agencies.

Suspicious activity reporting to the NCA

5.16. Regulation 46(5) requires supervisors to report suspicions of Money Laundering and Terrorist Financing to the NCA by the preferred method of Suspicious Activity Reports (SARs). Across 2021 to 2022 ECS has continued to submit SARs to the NCA in line with its regulatory obligations in respect of SARs that are relevant to the supervisory activity undertaken by ECS. ECS has also worked to increase its interactions and close working with the NCA UK Financial Intelligence Unit (FIU) in relation to SAR submissions and has worked with senior UK FIU staff to look at when reporting is relevant and required to ensure the best use of intelligence sharing within the regulations and to ensure that intelligence that originated from partners such as the NCA UK FIU is not duplicated, creating potential resourcing impacts for any party in the process. This is an example of how ECS has continued to work to refine its current processes and of how the obligation to share intelligence and report via the SAR process, where appropriate, is taken within ECS.

Whistleblowing

5.17. Regulation 46 (2) requires a supervisor to take effective measures to encourage its own sector to report breaches of the provisions of the regulations to it.

5.18. HMRC has a dedicated whistleblowing system. It allows any individual whether linked to the suspected business or not to report potential criminal activity in confidence either via an online form or via a hotline. Dedicated teams in HMRC deal with this intelligence to assess the quality of the intelligence and ensure its dissemination or action by appropriately trained HMRC teams. All teams involved in the triage process are trained to ensure confidentiality of all reports made to HMRC under the whistleblowing structure. HMRC has sophisticated systems in place to ensure the anonymity of whistle blowers, the identity of the whistle blower is not revealed to supervisory staff and steps are taken to sanitise any information/intelligence before it’s handed over to the relevant teams, ensuring that the information cannot be traced back to an individual. All HMRC staff, including all ECS staff, must undertake Human Intelligence Training (HUMINT) every 2 years to ensure that they understand the procedure for taking any information provided to them and how to handle such information should it come into their possession.

5.19. ECS promotes the use of the whistleblowing system in its communications to members and is considering other ways this information could be promoted.

Question 8

6.  Information and guidance for supervised businesses

Accepted Answer

Regulation 17 states that information from risk assessments should be made public if that would assist relevant persons in carrying out their own risk assessments.

Regulation 47 states that supervisors must make current, up to date information on money laundering and terrorist financing available to relevant persons in any way it decides is appropriate. This information must include a description of the indicators that could suggest a transfer of criminal funds is taking place and a description of the circumstances where there is a high risk of money laundering or terrorist financing. This must draw on several specified sources.

The OPBAS Sourcebook states that PBSs must:

provide information to members about the money laundering risks faced by their membership and consider how best to pass this information on, while balancing the need to give practical assistance with the requirement to protect sensitive information and intelligence
give members guidance on how to meet their high-level obligations
liaise with other supervisors to ensure coherent interpretation of obligations and minimise inconsistencies

Guidance

6.1. ECS has published guidance for each of the main sectors that it supervises. This guidance is kept under review and amended or adjusted as required, whilst it is cross-referenced to the guidance available in other sectors to ensure consistency of approach and message from ECS, ensuring the latest information is made available. The guidance sets out what the business must do to meet its regulatory obligations in a clear manner. The risks that a business may face in respect of money laundering or terrorist financing risks are covered extensively within the risk narratives that supplement the published guidance. These risks are generated from the experience and knowledge of ECS, law enforcement partners, international sources and other open sources of information, that are combined to achieve this.

6.2. Since the 2020 to 2021 review ECS has been working to ensure delays in the publishing of relevant guidance are minimised and has had some success in this. It has been identified that one factor causing delays is with the process of passing draft guidance to HMT for review and clearance for publication. This is an issue that ECS needs to continue to address with HMT.

Promote

6.3. ECS continues to provide a range of supplementary educational products to help supervised businesses comply with the relevant legislation. ECS has created a number of targeted products to help those supervised understand their obligations under the regulations. These include short films, e-learning, email alerts, participation at trade events or conferences and the information published on GOV.UK as examples.

Case study – Creation of ICAEW Film

In early 2019, HMRC expressed an interest in working with the ICAEW to explore ideas on how professional bodies could tackle professional enablers. The ICAEW was keen to collaborate with HMRC to produce an educational film.

The ICAEW has considerable experience in producing educational films for their members and other professional body members. HMRC and the ICAEW have now jointly produced a film where FIS has influenced the content and provided technical input. The content covers professional accountants and tax agent’s compliance with money laundering regulations, modern slavery and human trafficking.

The purpose of the film is to challenge existing mindsets, raising awareness and focus on the need for greater professional scepticism when faced with potential money laundering risks, reducing the likelihood of members effectively becoming enablers and/or facilitators as part of their professional advice.

All Too Familiar is a 16-minute high-quality drama film which explores the degree of trust still placed in personal and professional relationships and whether trust is enough in the fight against economic crime.

The film will be available to all professionals in the UK who are subject to AML supervision including non-accountancy bodies. However, target markets are:

ICAEW members. Available through a secure website
other accountancy bodies. It will be the responsibility of those bodies to provide access to their members

The film may be licenced to overseas organisations equivalent to the ICAEW including other professional and regulatory organisations.

ICAEW supervises and monitors over 12,000 firms. HMRC supervises around 29,000 businesses, and nearly 50% of those are accountancy service providers.

Collectively this film and associated training materials has been shared with over 26,000 businesses in the UK.

Case study – Creation of education products

ECS identified an opportunity to educate EABs and AMPs in how to keep themselves and their businesses safe and operating within regulatory guidance while also knowing the signs and indicators to be aware of in respect of ML/ TF, and how to address any concerns from this. This was specifically targeted at indicators that may be present during the buying or selling process.

ECS had the goal to make the educational products as engaging and user friendly as possible in order to increase the uptake and use of the products by the EAB and AMP sectors. Products include; webinars and in-person attendance at trade events.

ECS has utilised this new and innovative engagement approach and expanded it to work in conjunction with other projects such as the ICAEW informational film and also within the creation of educational YouTube videos, as ways to tackle ML/TF risks.

6.4. The use of email campaigns to notify business of changes to legislation and guidance, to create awareness of campaigns or days of action taken by ECS or provide details on changes to risking indicators are all uses that email campaigns have been put to in the last year. The average rate of opening these emails has been 38% (2021 to 2022) compared to a Civil Service open rate benchmark of 22%, meaning this has compared favourably as it did in the previous assessment. It should be noted that changes to IT security by a major manufacturer is now making the accurate tracking of email opening problematic and so this will impact future results.

	2018 to 2019	2019 to 2020	2020 to 2021	2021 to 2022
Average open rate	46.00%	71.41%	48.34%	38.00%

6.5. ECS has completed 2 webinars in the last year, with these having been viewed more than 3,000 times. These webinars were focused on Art Market Participants and those businesses engaged in the TCSP sector. Since 2015 ECS has created and delivered a library of 29 webinars that are all available online. In order to create and deliver further webinars and expand this during the next year ECS is seeking to purchase the licences that will facilitate quicker in-house creation and delivery.

	2018 to 2019	2019 to 2020	2020 to 2021	2021 to 2022
Webinars	2	3	2	2
Participation during session (cumulative yearly attendance figures)	1,055	431	1173	901
Total access to recording	4,227	5,869	6,954	3,310

6.6. ECS is also looking at other new methods to promote risking messages and assist those supervised by it. These include the use of YouTube videos to assist its customers and also look to remove common mistakes from process where they interact with ECS and so improve the customer experience and efficiency for ECS. It is also using a short film, developed and funded with partners to show what can happen when regulatory guidance is not followed and the consequences of this. (see case study at 6.3)

6.7. Work with trade bodies by ECS is also a vital route to promote messages and drive forward engagement, through the attendance at conferences or events in addition to digital engagement. This helps to raise the profile of ECS and allow businesses direct access to ask questions and seek assistance. This has proved particularly successful in the new and emerging area of the art market, and this should serve as a template for other areas where these bodies exist.

6.8. ECS has also placed articles related to changes to the MLR in the trade press, for example in the Antiques Trade Gazette after AMPs were brought into the scope of the MLR.

6.9. Information for supervised businesses is also contained within GOV.UK and since the last review this has been reviewed and changes implemented. In 2021 to 2022, the specific pages with GOV.UK had been viewed 496,057 times. Comparison with previous years is shown in the below table:

	2018 to 2019	2019 to 2020	2020 to 2021	2021 to 2022
GOV.UK page views	568,732	634,661	472,515	496,057

6.10. ECS has a dedicated team that responds to queries from businesses on a wide range of issues, from advice on compliance with the MLRs to information regarding the processing of applications. Statistics relating to these queries are disseminated monthly, to ensure that leads are aware of any emerging trends and can act to address them.

Risk alerts

6.11. Post the last assessment ECS has sent emails to businesses advising them of new risks that have become relevant. The dual use of emails and the extensive guidance published with GOV.UK means that ECS continues to meet its obligations under Regulations 17 and 47.

Case study – External outreach, Afghanistan

In August 2021 in response to the dynamic and fast-moving situation created from the Afghanistan crisis, ECS worked at pace to ensure that the HMRC supervised MSB sector was given accurate and timely advice on managing new and emerging risks in relation to this crisis.

ECS developed and arranged for a message to be delivered urgently to around 1,500 MSBs, ensuring that they had all the information they needed to continue to provide vital humanitarian aid to Afghanistan whilst carefully managing their ML/TF risks. ECS also ensured that colleagues within the business area were upskilled and made aware of the changing risk picture so that they could provide the appropriate support and information to supervised businesses.

The actions of ECS in issuing this information promptly ensured the level of enquiries from businesses to ECS was minimised, preventing pressures on staff in responding to businesses, meaning that those businesses requiring further assistance were able to gain this promptly and ensure regulatory compliance in the changing picture of risk.

6.12. ECS has developed new processes to identify risks that may impact its processes and need bringing to the attention of supervised businesses. This is done through horizon scanning of multiple and wide-ranging information, intelligence and media feeds. This has been overseen by the leads for each area, however due to the success, and also the identification of the resourcing that this work takes, ECS is to create this as a full-time role. The impact of this will be able to be judged at the next assessment. The identified material, considered relevant by ECS, is then communicated to the supervised population in order to assist in the management of risk.

6.13. In order to ensure that risks are being regularly considered, this process is supported by quarterly risk assessment meetings. The meetings will ensure sector risk assessments are reviewed and consider whether the risk information made available to businesses needs amendment.

6.14. ECS has recruited a Behavioural Insight Analyst, who has developed and distributed a survey to MSB principals, with the aim of understanding risk in key areas such as the onboarding and training of employees and agents. Results showed that a number of the HMRC registered MSBs are failing to meet their obligations as principals. The analyst made a number of key recommendations for ECS in response to the survey. Following the success of this survey, over the next 3 years ECS will expand this survey to include more sectors.

6.15. Alongside the FIS education team, the Behavioural Insight Analyst approached 7 wholesale currency MSBs to collect data on currency trading to help improve our understanding of risks. All MSBs engaged with the process and key insights around risk areas were identified. The feedback from the MSBs involved was positive and the Behavioural Insight Analyst is working to develop an education product to raise awareness and reduce the risk of criminal activity in this space.

6.16. The Behavioural Insight Analyst has worked alongside the strategic leads across all sectors within ECS to revise the welcome emails. The aim is to increase compliance and engagement with ECS products from the outset. These welcome emails will now be distributed by sector and include targeted sector-specific information and links. These started to be sent in April 2022.

6.17. The Behavioural Insight Analyst reviewed queries received by the ECS mailbox and helpline over the past 3 and a half years and made a recommendation to create a series of YouTube videos for GOV.UK pages to support businesses across a range of topics such as registering, renewing, and making payments. These will go live in 2022 with the aim of supporting our businesses and reducing the number of queries received by ECS.

Question 9

7.  Enforcement

Accepted Answer

Regulation 46(1) requires a supervisor to take necessary measures for the purpose of securing compliance.

Regulations 60, 76, 78, 83 and 85 set out the actions HMRC should take in order to enforce compliance with the regulations. The regulations state that HMRC enforcement actions must be effective, proportionate and dissuasive.

Enforcement action may take the form of financial penalties, either on the business or a person knowingly concerned in the contravention of the regulations. Enforcement can also include censure statements; cancellation or suspension of the registration of the business; the suspension or prohibition of management; or criminal action. The regulations set out the features that must be considered when calculating a penalty.

The regulations state that information about this penalty should be published, unless HMRC considers that it would be disproportionate to publish this information. HMRC must give businesses notice of their intent to publish this information.

The OPBAS Sourcebook says that PBSs should:

be ready and able to take appropriate action where members have failed to meet their obligations
have sufficient information gathering and investigative powers to effectively monitor and assess compliance
seek to remove the benefits of non-compliance and deter future non-compliance
satisfy itself, and OPBAS, that their powers are adequate and used appropriately
enforcement records should be maintained sufficiently to allow post event understanding
make enforcement action related to AML/CTF non-compliance public

ECS use of sanctions

7.1. ECS has a wide range of sanctions available to it and these are assessed in terms of which are appropriate to utilise based on the individual case and facts available to ECS at the time. This is used in conjunction with the new sanctions framework that has been implemented. The available sanctions include:

censuring statements
injunctions
temporary or permanent management prohibition
registration suspension or cancellation,
financial penalties and
criminal prosecution

7.2. Whilst not a sanction by definition, ECS also uses its fit and proper function to mitigate ML/ TF risks: if, as a result of a compliance intervention, ECS determines that a business or an individual within it is not fit and proper, it will act to prevent that person continuing supervised activity. That may mean pausing activity whilst the fit and proper individual is removed from the business or, if the business itself is found not be fit and proper, it may lead to cancellation of the business’ supervisory registration with HMRC.

Financial penalties

7.3. Where ECS decides that a financial penalty is the effective and appropriate sanction, it will consider a number of factors as part of the process to ensure the applied penalties are effective, proportionate and dissuasive. These factors include the circumstances, nature and severity of the identified breaches and the financial strength of the business.

7.4. While sectors such as the MSB sector continue to attract high value penalties, it should be noted that ECS is applying penalties across all supervised sectors where it identifies breaches. As an example, in December 2021 the ASP sector was subject to £68,200 (£2,175 for trading whilst unregistered, the rest for late registrations) in penalties and £100,350 (£15,000 for failure to comply with RAs and PCPs, the rest for late registrations) in the EAB sector, meaning by December 2021 these sectors had received higher penalty values than the MSB sector. However due to work carried out towards the end of the 2021 to 2022 financial year, penalties and action in the MSB sector remained higher annually.

7.5. The number of penalties issued by ECS during the 2021 to 2022 financial year was 283, compared to 41 in 2020 and 31 in 2019. This shows that the work by ECS to undertake more robust action is now resulting in large increases in the number of penalties issued, based against the implemented framework and so assisting to deliver the deterrent effect that is required. The average penalty value in 2018 to 2019 was £10,853, by 2019 to 2020 this had increased to £61,652, whilst in 2020 to 2021 the average increased again to £75,077 due to the change in the penalty framework. The average penalty value during 2021 to 2022 has decreased to £8,842, however this is due to a change in the type of penalties being issued. The increase of 242 penalties in one-year highlights ECS’s commitment to robust supervision, creating a significant deterrent to non-compliant businesses.

7.6. The increased volume of penalties and the value of these penalties issued by ECS is a clear indication that the move to more robust supervision is now taking full effect and the work done to achieve this is becoming embedded as business-as-usual activity. (see table at 4.3) Whilst this is seen as a positive metric in terms of combatting non-compliance, it isn’t the only measure used by ECS to monitor effectiveness as a regulator. ECS is also enhancing its educational activity for businesses to ensure more compliance knowledge across all regulated sectors. Even though the number of penalties issued has increased, there is still scope to further increase the number of penalties and utilise other available sanctions to increase the deterrent effect. The wider use of additional penalty types and sanctions is something that ECS should look to pursue and develop in the next year, utilising the available powers as and when a suitable opportunity is identified. Policing the perimeter penalties have assisted in increasing these figures.

Management prohibition

7.7. This sanction, which effectively removes a person from working in any management role in the regulated sector, has been used on a limited number of occasions in previous years by ECS and it is acknowledged that cases or situations appropriate for the use of this will be limited and must be proportionate. However, in line with robust supervision and the need to provide a deterrent effect, where this has been considered, but then discounted, the reasons should continue to be recorded. This has not yet been considered a relevant supervisory tool for use across 2021 to 2022. All available sanctions including management prohibition are considered within each case, and managers will conduct management reviews during each investigation, ensuring they’re alive to the use of management prohibition when reviewing cases that come before them. Where they identify that management prohibition would be considered potentially suitable it would be raised to the compliance officer for consideration if they had not already considered it.

Registration suspension or cancellation

7.8. ECS has made use of these sanctions and has increased their use in line with the move to more robust supervision. The suspension and cancellation of registration processes utilised by ECS are fully in line with the requirements in Regulation 60. (Data in relation to cancellations and suspensions can be found at section 4.8).

Censuring statement and injunctions

7.9. These sanctions have yet to be utilised by ECS, however they have remained under review and appropriate opportunities are constantly sought for their use.

Criminal prosecutions

7.10. ECS will refer cases across to colleagues within FIS for consideration for criminal prosecution. Exemplifying ECS’s robust approach to supervision.

Case study

ECS has developed the efficacy of their criminal referrals for money laundering and terrorist financing (ML/TF). ECS self-generated intelligence internally for the first time, developing and referring the intelligence package to be taken forward for criminal prosecution without the assistance of intelligence external to ECS to start the process. Demonstrating a significant development of capability by ECS in enhancing its ability as a robust supervisor in fighting ML/TF through intelligence referral and robust supervisory practice. Outcomes of this case should be available for the next report.

This operation has now allowed ECS to create a working template for the identification and development of intelligence in relation to suspected criminal activity, and the processes for passing this intelligence to colleagues in FIS for action. This will allow ECS to utilise this procedure going forward to increase intelligence flows and criminal case referrals.

Process for seeking review of sanctions

7.11. ECS ensures businesses are aware of the ability to request the independent review of any sanctions that are issued. The review would be carried out by Solicitors Office and Legal Services (SOLS) within HMRC. If the business chooses it can also lodge an appeal with the tribunal. The 2 processes follow the requirements of Regulations 94-100. Since 2018 ECS has not been required to undertake any tribunal hearings, the first is scheduled for April 2022. The outcome of this can be reviewed in the next self-assessment.

New sanctions framework

7.12. ECS has developed and implemented a new sanctions framework along with the training of its staff in this new framework. This was created and implemented in order to ensure that more proportionate, dissuasive and effective sanctions are applied to address the risks posed by compliance failures.

7.13. The framework ensures that staff always consider and make the most appropriate use of the full range of available sanctions. The framework is underpinned by comprehensive guidance on the policies created and in operation on each available sanction and the most appropriate way in which each can be utilised. The guidance is kept under review and amended and updated as required to ensure it remains current and accurate. The framework has been in operation since September 2020.

7.14. The sanctions framework encourages the consideration of using suites of sanctions where this is more likely to change behaviour and address ML/TF risks. It is underpinned by a new decision-log on which investigators record the basis of the proposed sanctions and their rationale, aiding QA and any review or appeal. This seems likely to encourage use of the full suite of tools going forward as a response to the identified breaches of the regulations.

7.15. ECS has delivered training on the new sanctions framework. They have produced new desk instructions to help staff deliver this new approach and help investigators understand which sanction or sanctions are best suited to the type of behaviour they are trying to change. This includes guidance on when sanctions such as censure statements are appropriate, and how they should be delivered. The guidance continues to be developed.

Consistency of sanctions – Governance Panel

7.16. ECS rightly recognises the importance of having consistency and high standards as part of the sanctions and penalties process. All proposed or recommended sanctions or penalties are reviewed by the Governance Panel, which is currently chaired by a senior member of the ECS management team and also contains senior staff members and representation from HMRC solicitors. The panel reviews an average of 6 cases per meeting and meets fortnightly, however it has the capability to convene an emergency panel meeting, in response to an immediate and time critical issue. The ability to convene as necessary helps to deliver on the goals of ECS to deliver a more robust supervisory approach. At each scheduled meeting Case Officers in areas such as compliance will detail a case and the proposed penalties or sanctions, this will be discussed and approved or suggestions for amendments made by the panel, in order to ensure consistency of approach.

7.17. The approach of the panel was revised to coincide with the rollout of a new QA process with the aim of ensuring the panel focuses solely on ensuring that proposed sanctions and penalties are in line with the strategies and policies of ECS and whether the proposed action are supported by sound evidence (in the past, the panel sometimes performed a default QA role). A penalty threshold was also set to ensure lower value penalties could be issued quicker, without panel oversight. Warnings and advice letters, as well as refusals to register a business on first application, are also outside of the panel process. Checks are in place at senior management level to ensure that staff are not artificially issuing low value penalties to avoid use of the panel. Records are maintained by the relevant senior manager undertaking the checks, at present this is undertaken by 2 senior managers, the lead for compliance and the lead for the Governance Panel, to ensure consistency. The documents submitted to the panel should be fully checked for QA purposes before submission. The panel will work with the case officer to ensure the appropriate use of sanctions in any specified case. Where appropriate, the panel will make recommendations on the approach the case officer should adopt in respect of potential sanctions.

7.18. The panel keeps a full record of the progress of each submission, which assists the robust governance process. During the 2021 to 2022 year the return rate of submissions has increased from approximately 27% in 2020 to 2021 to 42%. This is highly illustrative of the QA issue that is faced by ECS and the issues this compounds onto the Governance Panel in terms of resourcing to review and return the submissions. The situation has also been exacerbated across 2021 to 2022 due to the high level of trainees entering the business. ECS needs to review the training provided on drafting and creation of evidential documents; this may be an area where training packages provided to other areas of FIS and RIS could be utilised and adapted to the benefit of ECS case officers.

	2018 to 2019	2019 to 2020	2020 to 2021	2021 to 2022
Number of Governance Panel referrals received	47	245	377	192
Number of cases returned to officers for further work	25	183	101	80

Publication of sanctions

7.19. Since 2018 ECS has published online the details of the sanctions applied every 2-3 months. ECS is compliant with Regulation 83 in that businesses are given notice that the details will be published. They have the opportunity to object if the business believes that it is disproportionate to publish the details. If this is accepted the sanction can be published with the business’s details being deferred to a later point when it is judged that a disproportionate impact would not exist. Furthermore, there is an option to publish sanctions anonymously in respect of individuals if it’s deemed that releasing the information would be disproportionate. ECS has detailed guidance to assist staff with this area. Any appeals by a business will be made clear ion the published list. Publication now includes cancelled and suspended registrations and assists in showing the robust supervision approach now taken by ECS.

Staffing levels

7.20. ECS is in the middle of a period of growth and recruitment of new staff across all areas but particularly in the compliance sector which will increase capacity and capability. However there have been a number of delays to recruitment and the appointment of staff, not all of which have been within the control of ECS. This has meant that the pressing targets and plans to deliver training and ensure staff become effective in post in the shortest time are under strain.

7.21. This means that the drive to meet the challenging targets is falling back onto existing staff, who are also being asked to assist in mentoring and training new recruits. It must be realised that this places ECS staff under strain and may in part account for higher rates of attrition and staff turnover. This could also be impacted by other factors such as promotion opportunities available across CCG and HMRC. The ability to retain trained and experienced staff is a priority for ECS, potentially through talent spotting and development internally. ECS currently undertakes an exit survey with all leavers, however it is suggested that to better understand the reason for staff leaving, and to assist ECS in the retention of staff, face to face exit interviews are held with all staff moving from ECS during the 2022 to 2023 year. This will provide further valuable insight for review and evaluation and can be assessed as part of the next self-assessment.

Question 10

8.  Staff competence and training

Accepted Answer

Regulation 46 (2)(b) requires a professional body supervisor to ensure its employees have access, both at its offices and elsewhere, to relevant information on the domestic and international risks of money laundering and terrorist financing which affect its sector. In addition, the OPBAS Sourcebook says that supervisors should:

take steps to ensure that staff are equipped to take decisions on whether members policies, controls and procedures are appropriate
judge each case on its merits
provide ongoing professional development and consider if formal AML/CTF qualifications are necessary

8.1. The 2020 to 2021 self-assessment report commented on the people survey results for ECS from 2018, this was prior to ECS becoming part of FIS, which means that the most recent survey results do not allow for detailed and accurate historical analysis. In the 2018 survey a number of staff didn’t feel as though the training they received gave them the tools necessary to complete their job. In response to this, ECS revamped a number of the training offerings to improve staff competence, training and outlook. The people survey results for 2021 outline the effectiveness of the improvements made in respect of the training offering provided by ECS, with 62% of respondents to the 2021 survey indicating they are happy with the training and development offered to them, a further 19% indicated that they were not, whilst 19% were neutral. This highlights the work of ECS to address the issues identified in 2018, and seek to improve the training offering to staff. ECS management are aware that further work is still to do, in order to reduce the 19% who have indicated dissatisfaction. Further recommendations have been made by the self-assessment team to improve the training offering, it is an ECS priority to sustain and improve these results.

8.2. The people survey results for 2021 also highlighted the progress made in respect of the ECS’s new team structure. In response to a question regarding, effective support from managers, 72% of respondents indicated that their manager was supportive, 13% indicated that they were not happy with management support, while 15% were neutral. In response to the 13% ECS are working on clear and specific role profiles for each job within ECS which should help both managers and staff in supporting each other.

Routeways

8.3. ECS has staff across a number of disparate and diverse areas which require different training routeways to ensure they’re equipped with the right skills to complete their respective roles. It was identified that whilst routeways have been created and implemented for some areas, others were still without a defined routeway, this was identified for the training team to rectify. The training team has now implemented a 26-week routeway which has been successfully rolled out across all areas. Alongside the training routeway, the training team created a suite of role profiles which cover every role under the ECS banner with a specific breakdown of what is required in each position, with links for the trainees to explore.

8.4. Alongside the specific role routeways created, the training team has also created and rolled out a comprehensive management routeway, working in conjunction with HMRC Manager Development Programme and the HMRC Manager Learning Offers.

8.5. The newly created two-day role-playing session, to give staff a feeling for a compliance intervention, was extremely well received by staff and they wished to have more training of a similar nature. Unfortunately, due to the continuation of the Covid pandemic and the restricted return to office procedures, the training team has been unable to roll out anymore sessions. They were however tasked with digitising the event and rolling out the course across 2021 to 2022. Unfortunately, they have been unable to digitise the event due to a lack of expert resources for this in other teams, and therefore no role-play training has been rolled out yet.

8.6. ECS training and development has ensured that all training is in-line with the standards set out by HMG’s Counter Fraud Professions.

On the job training

8.7. ECS operates a training system whereby trainees are assigned a Practical Training Officer (PTO) to assist them in completing their specific training routeway. The PTOs are volunteers from existing ECS staff who are deemed to have the right attitude, knowledge and experience to assist new entrants in completing their training and becoming efficient and effective officers. At present ECS PTOs do not undertake the same training as their colleagues within the wider Fraud Investigation Service (FIS). In order to provide consistency across all training within FIS, ECS will look to adopt a formalised training approach for their PTO volunteers.

8.8. The training team has completed the role out the organogram which allows staff to seek out other individuals in their area who have skills and knowledge which may assist them in completing their case work, should they identify knowledge gaps of their own. In line with this the appointment of technical experts within the training team for each sector has greatly benefitted the knowledge and advice available to staff across ECS, leading to increased efficiencies and higher standard of delivery.

8.9. The training team played a leading role in the delivery of disclosure training for operational staff. This training is paramount to staff within an evidential environment, allowing them to better understand the importance of retaining and recording material correctly.

8.10. The training team has created a Learning Passport which is designed to assist ongoing development for all staff within ECS. The learning passport contains links to all training materials which will assist with staff development, progression and knowledge.

8.11. The MLR toolkit has been developed and rolled out to staff across ECS, with the functionality of the toolkit being showcased in sessions run by the training team to a number of staff. The MLR toolkit is a companion piece designed to sit alongside the regulations and legislation with useful information and guidance available to staff across the whole of ECS. It is anticipated that the MLR toolkit will be implemented for all ECS staff in 2022 to 2023, the toolkit will be monitored in respect of staff access and utilisation of it as the initial and primary measure of its uptake and impact. Communications will be sent to all ECS staff during the implementation phase to ensure high levels of engagement, and that staff identify this as a rightly valuable tool to assist them within their work.

8.12. The training team has engaged with an external accredited training provider in order to obtain formalised accreditation for staff within ECS. The accreditation was offered to all new and existing ECS colleagues. ECS colleagues have enrolled with the provider to obtain the accreditation. This is a great piece of work completed by the training team and allows for ECS colleagues to obtain a tangible asset from completing their training. It is envisaged that more colleagues will register for the accreditation over time, and the decision was made to not make obtaining the accreditation mandatory upon its initial roll out. This accreditation is in place of joining the counter fraud profession accreditation in line with a given university qualification, which the training team had initially attempted to secure but were unable to.

Three-corner contract

8.13. The capability and learning team has dedicated resourcing to improve the structure and support given to new colleagues entering ECS, ensuring that they have a defined training routeway enabling them to attain the required skills and knowledge to effectively complete their defined role. One way in which they have improved the training is by developing a three-corner contract for all new trainees. The three-corner contract consist of the trainee’s manager, a member of the training team and a practical training officer (PTO). It is envisaged that by having this support network it will allow the trainees to learn more effectively and flourish within their respective roles. As it stands the PTO assigned to trainees is selected from a cadre of experienced volunteers from across each ECS area.

Suggested training recommendations

8.14. ECS has made significant progress in improving its training offering for both new and existing colleagues across the last review period. However, there are still areas where the training is falling short and leading to reduced efficiencies across the individual sectors. The implementation of the two-day introduction to ECS is a good starting point, however it doesn’t appear to be efficient in equipping new starters with the skills they require to complete their individual roles. This introduction would benefit from being followed by a bespoke comprehensive training course as used in other areas of HMRC.

8.15. As noted above, the training team has dedicated significant resourcing to improving the training offering to this point, however there are currently some missed opportunities to liaise with other Professionalism colleagues in linked business areas and adapt the courses that have already been created to fit the ECS model. It is recommended that increased collaboration take place with FIS Professionalism and the training team in order to identify common areas where ECS could benefit from the existing training offered.

Question 11

9.  Record keeping and quality assurance

Accepted Answer

Regulation 46 of the MLRs requires a supervisor to keep written records of the actions it has taken in its AML supervision, documenting the reasons for action, including decisions where it has not acted.

The OPBAS Sourcebook states that supervisors should:

maintain records of significant decisions related to AML supervision, documenting the reasons for action. The documentation should be sufficiently thorough to allow ex-post understanding of the justification behind the decision
document their supervisory action to ensure an adequate record is maintained
subject their supervisory work and decision making to quality assurance testing in addition to managerial oversight.

Record keeping

9.1. ECS utilises a number of varying systems that assist it in recording and monitoring the compliance activity that it undertakes. The primary method of delivery and control of compliance cases to investigations staff is through the use of a HMRC-wide civil case management system, which records and tracks the life of a case, including all documents and actions pertaining to that case. The advantage of the HMRC-wide use of the case management system means it is possible for ECS staff to become aware of interest in specific cases from other HMRC areas that may impact an ongoing ECS case and so allowing ECS to actively manage deconfliction in their case.

9.2. As the HMRC-wide civil case management system is a widely used system in HMRC it does have areas that are less tailored to the specific needs of ECS, such as it allows recording of yields and revenue losses or preventions. ECS has continued to progress work to look at amendments to this case management system to overcome these issue. Due to the complexities of this, and potential wider HMRC impacts, this work remains ongoing with the relevant partners.

9.3. The use of the HMRC-wide civil case management system remains well embedded and executed by ECS staff and that remains the primary case management tool that is utilised. Through work in areas such as ECS guides on data creation and recording and reminders and refreshers for ECS staff in the use and application of the case tracker, it has had positive effects in mitigating issues that previously impacted the available data. The work to build in automated processes that would identify and weed out erroneous data has also assisted in the process to improve data quality.

9.4. ECS maintains records of all significant decisions or actions relating to the supervisory activity that it undertakes. These records contain the required key details on the decision and case and context to that decision, items may include the decision taken in respect of penalties that may be applied or why they are not applicable. In cases of no action ECS staff must ensure they ‘summarise how the business took all reasonable steps, exercised all due diligence, and took reasonable steps to comply with the requirements’. This is contained in the Decision Evidence Log (DEL) which has undergone development and changes to ensure it facilitates the accurate recording of the required data and information.

Quality Assurance (QA)

9.5. ECS has embedded checks at all stages of its supervisory cycle. QA checks are undertaken on investigations and these are overseen by a senior management lead who will also undertake case reviews and in doing so reviews of the QA associated to that specific case at that time. ECS has continued to increase its focus on improving QA and driving up the standards. This challenge will be increased in the coming year due to the large-scale recruitment into ECS, meaning this needs to be taught to and embedded within large numbers of new staff, who in many cases will not have come across similar processes before. This will be delivered by the training team and overseen by their senior manager, who will report progress to the EC Deputy Director.

9.6. The self-assessment has this time moved focus to the QA processes applied to submissions to the Governance Panel for consideration. Within this process the team leaders are the key to ensuring that accurate and well drafted and balanced documents are submitted through to the panel. The number of rejections for additional work or correction from the panel indicates that that the standard of QA applied was not sufficiently high. This is due in part to the significant number of trainees joining ECS, along with a perception that some team leaders may be defaulting responsibility to the panel to undertake the QA process for them, a varying level of the submission quality across separate teams, which together means that further focus to address this is needed. The training team is currently working on a plan to deliver bespoke training courses to address the drafting issues within QA which have been identified. This will start with the team leaders who are key as the gateway from their teams to the Governance Panel, from this point it will be rolled out to wider staff. Delivery of the training is expected in either quarters 2 or 3 of 2022 to 2023. An improvement in QA will also reduce returns from the panel and mean cases meet less delay and so can progress more efficiently, assisting ECS in meeting the stretching targets it has set.

Question 12

Annex – data tables

Accepted Answer

Summaries of key HMRC economic crime supervision statistics, including interventions and outcomes, for the past 5 years, to April 2022.

Numbers of registered businesses

Business type	2017 to 2018	2018 to 2019	2019 to 2020	2020 to 2021	2021 to 2022
Accountancy Service Providers	13,395	12,210	16,865	18,609	17,656
Estate Agency Businesses	10,089	7,999	13,116	15,423	15,764
Money Service Businesses	1,788	1,320	1,497	1,446	1,284
Trust or Company Service Providers	1,747	1,378	1,629	1,733	1,724
High Value Dealers	647	347	461	504	430
Bill Payment Service Providers	87	240	311	335	315
IT and Digital Payment Service Providers	33	125	173	174	110
Art Market Participants [1]	–	–	36	208	986
Lettings Agent Businesses [1]	–	–	–	124	1,687
Businesses carrying out TCSP activity	867	625	817	898	919
Total registered businesses [2]	27,786	23,619	32,827	37,194	36,960

Notes:

Art Market Participants and Lettings Agent Businesses not under HMRC AMLS Supervision until 10 Jan 2020
From 2019 to 2020 the total number takes into account multi-sector registered businesses; therefore, sector breakdowns will exceed total

Numbers of premises

Business type	2017 to 2018	2018 to 2019	2019 to 2020	2020 to 2021	2021 to 2022
Accountancy Service Providers	13,762	12,385	17,436	19,198	17,924
Estate Agency Businesses	17,108	15,063	19,920	22,067	21,825
Money Service Businesses	42,251	37,199	35,509	27,814	29,635
Trust or Company Service Providers	2,637	2,256	2,781	3,043	2,919
High Value Dealers	1,973	1,338	1,258	1,368	430
Bill Payment Service Providers	100	262	328	353	315
IT and Digital Payment Service Providers	39	154	19	197	110
Art Market Participants [1]	–	–	53	249	986
Lettings Agency Businesses [1]	–	–	–	143	1,687
Total premises [2]	77,870	68,657	77,480	72,185	73,000

Notes:

Art Market Participants and Lettings Agent Businesses not under HMRC AMLS Supervision until 10 Jan 2020
From 2019 to 2020 the total number takes into account multi-sector registered businesses; therefore sector breakdowns will exceed total

Interventions

Closed interventions

Intervention	2017 to 2018	2018 to 2019	2019 to 2020	2020 to 2021	2021 to 2022
Desk Based Reviews (Closed Desk Based Interventions)	273	131	1,012	843	1,426
Visits (Closed Face to Face Interventions)	1,323	1,265	817	153	289
Policing the Perimeter cases closed [1]	–	–	219	149	355
Mass Market Interventions [2]	–	–	–	–	1,396
Total closed interventions [3]	1,596	1,396	2,048	1,145	3,725

Notes:

Recorded as face-to-face or desk-based interventions between 2015-16 and 2018-19, then recorded as Policing the Perimeter cases from 2019-20
Mass Market Interventions are where HMRC use risk-based communications that leads to an improvement in compliance
Total closed interventions include late registration penalties completed for PTP work; breakdown not shown in table

Intervention outcomes

Penalty values

Business type	2017 to 2018	2018 to 2019	2019 to 2020	2020 to 2021	2021 to 2022
Accountancy Service Providers	£127,641.00	£79,662.26	£9,408.00	£40,468.00	£482,350.00
Estate Agency Businesses	£489,124.00	£349,705.54	£1,072,010.00	£71,531.00	£772,618.00
Money Service Businesses	£1,374,999.00	£380,652.00	£679,849.00	£2,849,012.00	£1,172,200.00
Trust or Company Service Providers	£21,909.00	£595.83	£72,282.00	–	£38,397.00
High Value Dealers	£244,983.00	£415,821.24	£77,678.00	£117,171.00	£36,100.00
Bill Payment Service Providers	–	–	–	–	–
IT and Digital Payment Service Providers	–	–	–	–	–
Art Market Participants [1]	–	–	–	–	£750.00
Lettings Agency Businesses [1]	–	–	–	–	–
Total Penalty Values [2]	£2,258,656.00	£1,226,436.87	£1,911,227.00	£3,078,182.00	£2,502,415.00

Notes:

Art Market Participants and Lettings Agent Businesses not under HMRC AMLS Supervision until 10 Jan 2020
Penalty values for 2019 to 2020 and 2020 to 2021 has been amended to reflect the revision of some penalties

Numbers of financial penalties

Business	2017 to 2018	2018 to 2019	2019 to 2020	2020 to 2021	2021 to 2022
Accountancy Service Providers	245	43	16	7	136
Estate Agency Businesses	327	45	2	20	132
Money Service Businesses	27	5	2	12	7
Trust or Company Service Providers	21	3	8	–	5
High Value Dealers	35	17	3	2	2
Bill Payment Service Providers	–	–	–	–	–
IT and Digital Payment Service Providers	–	–	–	–	–
Art Market Participants [1]	–	–	–	–	1
Lettings Agency Businesses [1]	–	–	–	–	–
Total penalty numbers [2]	655	113	31	41	283

Notes:

Art Market Participants and Lettings Agent Businesses not under HMRC supervision until 10 Jan 2020
Penalty values for 2019 to 2020 and 2020 to 2021 have been amended to reflect revised penalty values from our updated penalty framework

Other sanctions

Sanction	2017 to 2018	2018 to 2019	2019 to 2020	2020 to 2021	2021 to 2022
Suspension of registration	–	–	3	14	4
Cancellation of registration [1]	–	5	89	54	4
Publishing Details of the Non-Compliant [2]	–	15	15	33	84
Prohibitions of Management (Regulation 78) [3]	–	1	1	–	3
Public Censure	–	–	–	–	–
Injunctions	–	–	–	–	–
Warning letters	128	298	406	162	511
Advice Letters	125	227	517	175	264

Notes:

Started to report cancellations of registration from 2018 to 2019 onwards
HMRC did not publish the details of the non-compliant before 2018 to 2019
HMRC did not publish the details of prohibitions before 2018 to 2019

Compliance ratings from interventions

Onsite visits/Desk Based results (also known as face to face compliance closed interventions)

Rating	2017 to 2018	2018 to 2019	2019 to 2020	2020 to 2021	2021 to 2022
Compliant Rating – Cases resulting in closure letter	167	95	288	119	119
Generally Compliant – Cases resulting in advice letter	161	227	517	175	264
Not Compliant Rating – Cases resulting in any sanctions including Warning Letter	295	350	439	178	531
Referral to another agency following an onsite or desk-based visit	14	55	5	–	–

Note: Compliance ratings do not reflect all intervention outcomes. Interventions that do not reach a conclusion are not recorded.

Times exercised other powers under Part 9

Other powers	2017 to 2018	2018 to 2019	2019 to 2020	2020 to 2021	2021 to 2022
Regulation 66 Information requirements issued	8	16	23	1	16
Regulation 67 Requests to other foreign authorities	–	–	1	3	–
Requests to foreign authorities under regulation 68	2	–	1	–	–
Regulation 69 entry without a warrant	–	6	3	–	2
Regulation 70 entry under a warrant	–	–	–	–	–

Note: Data provided as a total breakdown not as a sector breakdown.

Applications to register

Applications received close to year-end will be included in following year’s totals (some applications are withdrawn or are subject to scrutiny).

Application	2017 to 2018	2018 to 2019	2019 to 2020	2020 to 2021	2021 to 2022
Application to register	5,691	7,560	10,462	8,595	13,196
Approved application to register	3,388	8,384	10,564	7,495	9,831
New applications cleared within 45 days [1]	–	72.34%	58.73%	78.07%	70.71%
Actions taken for non-compliance as a result of application to register (Regulation 60) [1]	–	–	–	–	–
Refusals (Regulation 59) [2]	844	1082	2134	183	19
Refusals (Regulation 26) [2]	966	1327	2027	52	2

Notes:

Not recorded prior to 2017 to 2018. Previously published figures have been amended to show the average position across each year (rather than the position in March of each year)
From 2020 to 2021, refusals carried out automatically by the online system are not included in these figures. From 2021 to 2022, figures used do not include refusals for admin purposes as recorded in previous years

Customer engagement

GOV.UK web traffic

GOV.UK page	2017 to 2018	2018 to 2019	2019 to 2020	2020 to 2021	2021 to 2022
Guidance page views	745,794	506,331	485,428	359,869	392,035
Publications page views	115,491	62,401	88,349	65,239	55,019
Manuals views [1]	–	–	4,958	2,775	1,219
Topics views [2]	–	–	55,926	44,632	47,784[4]
Total page views	861,285	568,732[3]	634,661	472,515	496,057

Notes:

MLR staff manuals published on GOV.UK were not separately tracked until 2019 to 2020
The MLR guidance contents page wasn’t separately tracked until 2019 to 2020
Figure has been amended due to an addition error
Figure amended due to administrative typing error

Emails

Emails to customers	2017 to 2018	2018 to 2019	2019 to 2020	2020 to 2021	2021 to 2022
Emails to customers: Welcome email sent (not discounting the number undelivered)	3,388	15,839	12,051	4,496	5,496
Emails to customers: Alerts/Information sent (not discounting the number undelivered)	230,797	15,6971	96,093	263,461	425,992
Emails to customers: Annual Fee Reminders sent (not discounting the number undelivered) [1]	–	42,616	33,584	36,180	42,567

Notes:

Data unavailable – no annual fee reminders sent online until 2018 to 2019

Webinars

	2017 to 2018	2018 to 2019	2019 to 2020	2020 to 2021	2021 to 2022
Webinars	9	2	3	2	2
Participation during session	2,632	1,055	431	1,173	901
Total access recording	10,058	4,227	5,869	6,954	3,310

Supervisory staff numbers and income

Webinars	2017 to 2018	2018 to 2019	2019 to 2020	2020 to 2021	2021 to 2022
Staff numbers	197	205	265	298	343
Annual income	£11,802,850	£11,451,933	£16,375,975	£22,764,868	£24,925,893

Cookies on GOV.UK

Foreword

Executive summary

1. Overview

2. Governance

Fees

Clear allocation of responsibility in ECS

Senior oversight

Communications

All staff communications sent out by ECS

3. Risk-based approach

Sector risk assessments

Case study – Russia risk response

Risk-based allocation of supervisory resources

Allocation of resources between the sectors

Case study – Large estate agency business

Cross sector

Case study – UK Trust or Company Service Providers (TCSP): Week of action

Supporting businesses’ risk-based approach

4. Supervision

Supervisory Tools

Gatekeeper role; Registration

Fit and proper and approvals testing and 45-day rule

Percentage target achieved in respect of 45-day rule

Maintaining a register

Policing the perimeter

5. Information sharing between supervisors and public authorities

Co-operation and co-ordination in the development and implementation of policy

International co-operation

Case study – Working with external partners

Information sharing between supervisors linked to supervisory activity

Information sharing non-supervisory information

Information Sharing with law enforcement

Suspicious activity reporting to the NCA

Whistleblowing

6. Information and guidance for supervised businesses

Guidance

Promote

Case study – Creation of ICAEW Film

Case study – Creation of education products

Risk alerts

Case study – External outreach, Afghanistan

7. Enforcement

ECS use of sanctions

Financial penalties

Management prohibition

Registration suspension or cancellation

Censuring statement and injunctions

Criminal prosecutions

Case study

Process for seeking review of sanctions

New sanctions framework

Consistency of sanctions – Governance Panel

Publication of sanctions

Staffing levels

8. Staff competence and training

Routeways

On the job training

Three-corner contract

Suggested training recommendations

9. Record keeping and quality assurance

Record keeping

Quality Assurance (QA)

Annex – data tables

Numbers of registered businesses

Numbers of premises

Interventions

Closed interventions

Intervention outcomes

Penalty values

Numbers of financial penalties

Other sanctions

Compliance ratings from interventions

Onsite visits/Desk Based results (also known as face to face compliance closed interventions)

Times exercised other powers under Part 9

Applications to register

Customer engagement

GOV.UK web traffic

Emails

Webinars