News -

News

Enforcement Cases

It’s been a couple of weeks since the Commission presented a flavour of some of their enforcement cases to industry and have since released two further public statements on their most recently concluded investigations.

If you attended the presentations, I’m sure you listened to the stories unfolding and wondered ‘How could any business allow this to happen?’

Most importantly, how do we ensure this doesn’t happen to us?

Whereas most firms at some point will have remediated an area of their business, sanctions brought against firms and their directors tend to be where Boards have failed to identify how an issue, or a combination of issues, reflect an underlying fundamental failing with their compliance, risk or governance frameworks. That is, they have failed to identify the bigger picture.

A simplified example could involve ineffective financial crime controls through inadequate consideration of all relevant risks at client onboarding, leading to inappropriate risk ratings / understanding of SOF/SOW, which detrimentally affects ongoing monitoring of business relationships. The sum of these individual breaches can evidence poor governance through an ineffective system of risk management and control.

It is this overall story that is likely to provoke sanctions from the Commission.

It is prudent when identifying any potential regulatory breaches to consider whether they are a symptom of a broader overall failing.

Of the four case studies presented by the Commission, Stephen had worked on three.

Please contact Stephen if you would like an informal meeting to understand more about the services ThreeSixty Regulatory Solutions offer.

Pre-Regulatory Onsite Assistance – Corporate Governance Reviews – Risk Management Assessments – AML/CFT/CPF Audit – Remediation – Compliance Support – MLCO/MLRO & NO – Licensee & Change of Control Applications

Handbook Takeaways – 16 February 2024

We thought it would be useful to see some of the key takeaways from the recent Handbook changes in a succinct post:

Chapter 12

UN / UK Sanctions apply immediately to the Bailiwick, so emphasis on firms to take steps so they are immediately aware of new listings or changes to listings by subscribing to the UN / UK notification facility. (12.23 / 12.24)

www.gov.uk/government/publications/financial-sanctions-consolidated-list-of-targets/consolidated-list-of-targets

www.gov.gg/sanctionsmeasures

Results of any sensitivity assessments of screening tools to form part of CMP reporting. (12.36)
Report any disclosures under Sanctions Law / Terrorist Asset-Freezing Law to Policy Council and report to the Commission with prescriptive data requirements. (12.37)
Have a register of prescriptive data requirements to log all reports made to the Policy Council on sanctioned / designated persons (12.38) and consider using this MI in your Sanctions Board reporting (12.40)

Chapter 17

Document a suitable and sufficient Proliferation Financing Business Risk Assessment as soon as reasonably practicable after 29 February 2024 (17.6) and for it to be approved by the Board by 31 December 2024. (17.8)
Two updated sources within Appendix I:-State sponsors of terrorism, US Treasury / Country Reports on Terrorism – US Department of State adding Mali; and-TRACE Bribery Risk Matrix 2022 adding Belarus, Cambodia, Equatorial Guinea, Eritrea and Gabon.

Our 5 Red Flags

Having spent years reviewing client files here are a few red flags that should invoke further questions to ensure the client relationship is correctly understood. These red flags should certainly be identified, and an explanation clearly documented on file, when onboarding or reviewing a client relationship and considered on a risk-based approach.

In no particular order:

The settlor to a trust appears to have no family connection with the beneficiaries. What is the connection between settlor and beneficiary? Is there a reasonable explanation? Where there is no clear connection between settlor and beneficiary, there is a risk that there is an unidentified economic settlor in the background. Be alert to anything that would support this I.e. evidence of a third-party unknown to you giving directions.
Is there an indication that the client is associated with a PEP? If so, establish if the client is a close associate as defined by the Handbook, which includes a close business relationship or the client’s ability to conduct substantial financial transactions on behalf of that PEP. Examples of a close associate could also be someone outside of the family unit such as partners, prominent members of the same political party or other similar connection. Aside from PEPs, do not forget that mitigation should also be considered if identifying a close association between a client and a person subject to an asset freeze.
Have all nationalities been disclosed or identified? For example, if a passport has a different place of birth to the nationality being presented and no additional nationality had been disclosed, then this should be confirmed with the customer, especially where high-risk jurisdictions are involved.
Ensure comprehensive due diligence checks are undertaken on maiden names, or other names provided, or identified, to ensure there is no adverse media or sanctions in existence.
If there is undue pressure being exerted by the client or their agents to establish the relationship or push through a quick transaction, consider whether the reasons are valid.

Pre-Regulatory Onsite Assistance – Corporate Governance Reviews – Risk Management Assessments – AML/CFT/CPF Audit – Remediation – Compliance Support – MLCO/MLRO & NO – Licensee & Change of Control Applications

We can ease the strain and help you achieve a successful visit.

As specialists with extensive Commission knowledge and a positive track record of assisting firms with onsite visits, we can:

· Help navigate the end-to-end process.

· Advise on the pre-visit questionnaire and supporting documentation.

· Identify risks to focus your attention.

· Conduct mock interviews for directors and relevant staff.

· Provide ongoing support post onsite visit.

Pre-Regulatory Onsite Assistance – Corporate Governance Reviews – Risk Management Assessments – AML/CFT/CPF Audit – Remediation – Compliance Support – MLCO/MLRO & NO – Licensee & Change of Control Applications

Third 2024 prediction

Focus Countries

There is no definitive list of Focused Countries (due to the fluid nature of geopolitics) and through our observations they can sometimes go unidentified and therefore go unrecorded within the firm’s terrorist financing BRA.

Focus Countries include:

- Countries that present active terrorism or terrorist financing threats. These can be identified through reviewing the terrorist related indices within Appendix I, knowledge of current affairs and open-source research.

- Countries that have a link to those identified at point 1. Such as, geographical links through a shared border, economic links through trade etc, political allegiance.

- Countries that may not be active in terrorist or terrorist financing activity but have a heightened threat through criminal activity to raise funds for terrorist activities. This is fairly broad, but again refer to Appendix I and open-source research if warranted.

Consider whether the Firm has a connection directly or indirectly with a Focused Country, this should include the flow of funds through the structure. As the NRA 2023 contains information on the money flows from Guernsey firms to Focused Countries by Industry Sector, allowing for your firm to benchmark itself against its peer group to give an indication as to whether it is an outlier.

Pertinent management information relating to Focus Countries should be included in the BRA, evidencing to the Commission that you have tailored the BRA specifically to the business.

Pre-Regulatory Onsite Assistance – Corporate Governance Reviews – Risk Management Assessments – AML/CFT/CPF Audit – Remediation – Compliance Support – MLCO/MLRO & NO – Licensee & Change of Control Applications

Second 2024 prediction

Enhanced Measures

The Commission will want to ensure that Firms have effectively implemented Enhanced Measures, which under the Transitional Provisions of the Handbook means they have been embedded for at least a couple of years.

Through our work with licensees, we are aware that not only is this area scrutinised by the Commission, but Enhanced Measures can often be confused with Enhanced Due Diligence.

Enhanced Measures can apply to customers of every risk rating, whereas EDD is attributed to High Risk only. Consider Enhanced Measures as reviewing customers against predefined higher risk factors prescribed under paragraph 5(2) Schedule 3 (see below). You must apply sufficient Enhanced Measures to mitigate each of these factors, even if the customer is high risk.

Consideration should be given to effective ongoing monitoring of changes in a customer relationship to identify whether it subsequently falls into (or out of) a requirement to conduct Enhanced Measures. For example, would your firm’s Enhanced Measures be triggered if the customer moved residency abroad and was therefore no longer a Bailiwick resident?

Paragraph 5(2) of Schedule 3, states that the firm shall carry out enhanced measures in relation to business relationships and occasional transactions, whether otherwise high risk or not which involve or are in relation to –

a customer who is not resident in the Bailiwick;
the provision of private banking services;
a customer which is a legal person or legal arrangement used for personal asset holding purposes; or
a customer which is:
a legal person with nominee shareholders, or
owned by a legal person with nominee shareholders.

More detail on these high-risk factors and potential mitigation is provided at the end of Chapter 8 of the Handbook (this section is both helpful but can easily be overlooked).

Pre-Regulatory Onsite Assistance – Corporate Governance Reviews – Risk Management Assessments – AML/CFT/CPF Audit – Remediation – Compliance Support – MLCO/MLRO & NO – Licensee & Change of Control Applications

First 2024 prediction

Please join us over the next few weeks as we take you through our top predictions for 2024 in respect of both changes to the regulatory landscape and those regulatory requirements that the Commission may focus on when supervising firms.

First, the easy one:

Schedule 3 and the inclusion of a proliferation financing Business Risk Assessment.

Proposed changes for the addition of a BRA and respective policies, procedures and controls are currently under consultation until the end of January, but keep a watchful eye, as the consultation document states “…businesses will be expected to develop a distinct proliferation financing assessment during 2024 and for this to be informed by the national risk assessment on proliferation financing…”.

NRA 2 Headline Changes

We thought it would be useful to post a short summary of the headline changes to the recently released NRA 2 (although please be aware this has not been an in-depth review).

Proliferation Financing
The biggest change is the inclusion of a Proliferation Financing Risk table alongside its own chapter, which would need to be reviewed by all businesses as the NRA needs to be considered as part of the Business Risk Assessments.

Risk Tables
The Money Laundering Residual Risks Table no longer records Foreign Legal Arrangements as a Medium residual risk. It would now appear to be included in the Higher risk rating, ‘TCSP sector (legal persons and legal arrangements)’ which also seemingly now includes Foreign Legal Persons and Domestic legal persons and legal arrangements – cross border activity.

For those servicing E-Casinos, these have moved from Medium Lower to Medium for Money Laundering risk and from Much Lower to Lower under Terrorist Financing risk.

Of further note, VASPs have been added into the tables and as a specific sector within the document, and Emerging Products & Technologies have been removed from the risk tables and products.

Criminal Justice Case Studies
8 new case studies have been added with an emphasis on bribery & corruption which account for half, with the others including drug trafficking, foreign fraud, insider dealing and tax evasion. The new case studies are 10, 11, 19, 20, 21, 22, 32 and 35.

Supervisory Case Studies
Of the 20 examples 9 are new reflecting the Commission’s actions across various Industry sectors and in part, serve as a reminder to review public statements on the Commission website to review against your own business. The new case studies are 3, 4, 5, 10, 14, 15, 18, 19 and 20.

Updated Guernsey National Risk Assessment

The updated National Risk Assessment for Guernsey is expected to be released by the end of this year. As a core function of the BRA and the AML/CFT/P&PF risks faced by your firm, it’s essential that any updates are reviewed against your firm’s current risk framework whilst considering whether any changes are required to ensure continued compliance with the Handbook.

One of the factors to consider relating to an independent audit function (introduced in the July 2023 Handbook update) includes whether the firm is operating in a higher risk sector as indicated by the NRA. Any review needs to assess the firm’s current risk sector (if changed), and if this alters the firm’s requirement for an independent audit.

https://gov.gg/finance-risk-assessment

First few months…

As a new compliance consultancy business in Guernsey we have had a busy first few months assisting regulated and prescribed businesses with Commission written responses, pre-onsite visit preparation, audits and corporate governance reviews.

We continue to provide compliance solutions that are relevant to your firm. We know from our experience that it is cost effective to identify issues and remediate them before being prompted by a regulator.

It’s good to talk

Contact:

Stephen 07911 752478

Mark 07781 163727

enquiries@threesixty.gg

Pre-Regulatory Onsite Assistance – Corporate Governance Reviews – Risk Management Assessments – AML/CFT/CPF Audit – Remediation – Compliance Support – MLCO/MLRO & NO – Licensee & Change of Control Applications

We thought it might be interesting to learn the headline areas that we’ve been working on throughout the first six weeks since opening the doors:

Pre-visit preparations for GFSC PRISM attendance (Reviewing and reporting on documentation, Board / Staff mock interviews and assisting with the full end to end process)

Corporate Governance reviews (Ensuring packs / minutes adhere to expectations of AML / CFT Handbook, Financial Code of Corporate Governance, Fiduciary Rules etc)

Board Reviews (Attending Board meetings to assess effectiveness and compliance)

Compliance support enquiries (Where businesses have existing staff performing the supervised role(s) but want additional BAU support or a review to ensure their Compliance is in good order)

Advice (Advising regulated and unregulated businesses, to enhance their business and ensure compliance requirements)

Prescribed Business advice (When businesses cross the threshold of needing to register and other requirements that will come into play)

Supervised role provision enquiries (MLRO / Nominated Officer)

Media (Articles in Business section of Guernsey Press, Business Brief and Entrepreneur supplement)

Pre-Regulatory Onsite Assistance – Corporate Governance Reviews – Risk Management Assessments – AML/CFT/CPF Audit – Remediation – Compliance Support – MLCO/MLRO & NO – Licensee & Change of Control Applications

A LinkedIn post to show how we have the experience to offer compliance support services to our clients.

#compliance #MLRO #MLCO #support

Unregulated Trusts / Partnerships

From 16 October 2023, legal changes came into force that require the identification of parties of unregulated Trusts or Partnerships. In certain circumstances they may also require verification.

We can help advise you and create policies and procedures that take this into account. Please contact us at www.threesixty.gg

The circulated guidance can be found here

Pre-Regulatory Onsite Assistance – Corporate Governance Reviews – Risk Management Assessments – AML/CFT/CPF Audit – Remediation – Compliance Support – MLCO/MLRO & NO – Licensee & Change of Control Applications

Are you prepared?

Between 15-26 April 2024 MONEYVAL will be visiting selected local firms to assess their compliance with the FATF recommendations and their reporting will directly reflect on the future well-being of Guernsey’s finance industry.

With our Commission, Industry and FIU insight we can support your firm by ensuring you are prepared when MONEYVAL visits.

Please contact us if you would like further information on how we can help.

Food for thought

Bernie Ecclestone has just pleaded guilty to fraud following the non-disclosure of £400M held in a trust in Singapore. Guernsey’s NRA identifies fraud (including tax evasion) as a risk which needs to be considered in all Business Risk Assessments.

Chapter 3, 3.60 of the Handbook discusses this risk in more detail.

https://www.bbc.co.uk/news/uk-67088503

Senior Consultant

At ThreeSixty, Stephen and Mark are supported by their senior consultant Craig Aitken who has the unique experience of previously working as a manager in Guernsey’s FIU (Financial Intelligence Unit). Most firms should be familiar with the FIU as it is where externalised SARs (Suspicious Activity Reports) are sent.

As an accredited financial & terrorist financing investigator and supervisor, Craig can assist with any audit or remediation of your disclosure policies and procedures to ensure you comply with the requirements. As the person who also received requests under the consent regime, his knowledge can assist firms in their understanding of how to act and how to do so in a timely manner.
Craig can also fulfil your MLRO / Nominated Officer role on either an interim or more substantive basis.
Please contact us should you wish to discuss how Craig can help your business or any other aspect of regulatory compliance matters we can assist you with.

Welcome to ThreeSixty Regulatory Solutions’ first LinkedIn post since opening the doors 4 days ago!

It’s been a very busy time meeting prospective new clients, making new acquaintances, and signing new contracts!

We even arranged our first hire before we opened. Craig Aitken also joins us having previously spent 10 years in the FIU. Craig will be available to perform MLRO / Nominated officer roles on an interim or temporary basis as needed.
You may have already seen the snapshot below from Monday’s Guernsey Press, with other publications running further stories and interviews in the coming weeks.

Contact us

Please contact us for any further information about the services that we offer.