ECSH63480 - Regulation 30 - Timing of verification
|
Category Heading |
Description |
|---|---|
| The Law |
https://www.legislation.gov.uk/uksi/2017/692/regulation/30 |
| What it means |
Regulation 30 sets out when a relevant person must take customer due diligence (CDD) measures under Regulation 27, 28 and 29. |
| Purpose |
To ensure that the verification of the customer, any person purporting to act on behalf of the customer and any beneficial owner of the customer (hereafter collectively referred to as ‘the customer’) must, subject to some exceptions, take place before the establishment of a business relationship or the carrying out of a relevant transaction. |
| Time Line |
This was also a requirement under MLR2007 (Regulation 9) |
|
What to establish |
Has the relevant person verified the identity of the customer, and was this verification of identity completed before the establishment of a business relationship or the carrying out of the relevant transaction? - Regulation 30(2) If the verification of the customer has not been completed before the establishment of a business relationship, was this because it was necessary not to interrupt the normal conduct of business and was it determined that there was little risk of money laundering and terrorist financing? If the answer to both questions above is yes, was verification completed as soon as practicable after contact is first established? - Regulation 30(3) If the answer to any of these questions is no, the business has failed to comply with a relevant requirement (see Schedule 6). If a credit institution or a financial institution (an MSB) verified the customer’s identity after opening an account, did these institutions have adequate safeguards in place to ensure that no transactions were carried out by or on behalf of the customer before verification had been completed? - Regulation 30(4) Regulation 30(6) and (7) are currently under review with policy. |
|
How to test compliance and Evidence to obtain |
Establish when the business relationship and/or transactions began for the relevant customer being tested. Obtain evidence from the relevant person that the customer’s identity has been verified per the requirements of Regulation 28. Determine the date on which verification of identity for the customer took place (see best practice). Did the verification of the customer’s identity occur before the establishment of a business relationship and/or the carrying out of the relevant transaction? Is the timing of this verification correct with regards to Regulation 30(2), (3), (4), (6) and (7)? If the exceptions have been applied, is the relevant person able to show why they apply? |
| Best Practice |
Unless exceptions apply, the verification of the customer must, take place before the establishment of a business relationship and/or the carrying out of a transaction. For example, check the dates on any independent verification provided. E.g. Experian check, land registrar check or Companies House. This date should be on or before the date of the establishment of the business relationship and/or relevant transaction. Is the issue date of the identity document later than the date the business relationship was said to be established? If so, is this part of the relevant persons ongoing monitoring procedures? Is the relevant person in possession of, or has retained a copy of a previous identity document? Ask the business why the factors of Regulation 30(3) apply. |
| AMP |
See Regulation 4 in the MLR Toolkit for further details as well as Regulation 54 to 59 of the AMP guidance. |
| ASP |
In some situations, it may be necessary to carry out customer due diligence while commencing work because it is urgent. Such situations could include some insolvency appointments; appointments that involve ascertaining the client’s legal position or defending them in legal proceedings; response to an urgent cyber incident; or when it is critically important to preserve or extract data or other assets without delay. See Regulation 4 in the MLR Toolkit as well as 5.4.6 of the ASP guidance for further details. |
| EAB |
See Regulation 4 in the MLR Toolkit for further details as well as 4.10 and 4.13 of the EAB guidance. |
| LAB |
See Regulation 4 in the MLR Toolkit for further details as well as 4.10 and 4.13 of the EAB guidance. |
| HVD |
A business relationship exists where: another business is the customer, a customer account is set up to facilitate payments on account, there are preferential rates to repeat customers and any other arrangement that facilitates an ongoing business relationship or repeat custom, such as providing a unique customer identification number for the customer to use. See Regulation 4 in the MLR Toolkit as well as section 4.10 and 4.11 of the HVD guidance for further details. |
| MSB |
A business relationship for an MSB exists where, for example: another MSB is the customer, a customer account is set up, there’s a contract to provide regular services, there are preferential rates to repeat customers and any other arrangement that facilitates an ongoing business relationship or repeat custom, such as providing a unique customer identification number for the customer to use. See regulation 4 in the MLR Toolkit as well as 4.6 to 4.14 of the MSB guidance for further details. It is common for MSBs to scan and store copies of CDD on a computerised system. When establishing whether CDD measures were undertaken before a relevant transaction/establishing a business relationship, check whether the computer system displays all CDD obtained or overrides previous versions with the latest documents. It may be that the documents shown on the system are only the latest documents and therefore you will need to request all previous CDD undertaken. The Business has to keep a copy of the CDD records for five years after the occasional transaction takes place/business relationship ends - see Regulation 40. |
| TCSP |
Forming a company for a client is not to be treated as an occasional transaction even if that is the only transaction carried out for that customer. A business relationship for a TCSP exists where: another TCSP is the customer, a customer account is set up, a company is formed for a customer, there’s a contract to provide regular services, there are preferential rates to repeat customers and any other arrangement that facilitates an ongoing business relationship or repeat custom, such as providing a unique customer identification number for the customer to use. See Regulation 4 in the MLR Toolkit as well as 4.6 to 4.9 of the TCSP guidance for further details. |
| Further Reading |
All sector guidance found on GOV.UK Transferable security Regulation 27 - Customer Due Diligence Regulation 28 - Customer Due Diligence measures Regulation 29 - Additional Customer Due Diligence measures: credit MLR toolkit Regulation 4 |
| FAQs |