MLR3C10480 - Trust or Company Service Providers (TCSPS): Compliance Checks at a “Mailbox” Company

The main risk posed by clients of a “mailbox” company is that the business registered at their address may be used as a front for criminal activity. Compliance checks should test whether the mailbox company has an effective risk strategy in place to prevent this. The checks should include.

• Whether an assessment has been put in place of the risk of money laundering posed by the clients of the business. Factors to be taken into account might include the purpose of the relationship, the likely duration of it and the type of business operated by the client.
• Has the business used appropriate customer due diligence measures to identify the customer and any beneficial owners. For example a business with nominee or offshore directors using a mailbox address would be regarded as suspicious.
• Whether the business carries out adequate ongoing monitoring of the business relationship with the client. Matters likely to be relevant are any changes in the identity of beneficial ownership of the client, changes to personnel authorised to act on behalf of the client and whether mail volumes and type is consistent with what they have been told about the client’s business activity.
• Does the business carry out enhanced customer due diligence to deal with situations where the circumstances warrant it? For example these would include non face to face transactions, entering a business relationship with a politically exposed person or any circumstance where there is perceived to be a higher risk of money laundering activity posed by the client.
• Whether adequate staff training in anti money laundering procedures has been put in place. Larger organisations will have several employees that will have contact with the client.