We are sometimes asked by accountants in practice, “What are the fundamentals for Anti-Money Laundering compliance?” or, more bluntly, “What is the bare minimum I can get away with?”.
We do not encourage accountants to just do the bare minimum – but we understand why we are asked the question.
There are six fundamental aspects that accountants in practice must cover in order to scrape a ‘pass’ on an AML Compliance review by a supervisory body.
1 The MLRO
There has to be a named individual in the firm who is responsible for the firm’s compliance with the Money Laundering Regulations. Typically in accounting firms this person is described as the Money Laundering Reporting Officer (or MLRO) although that title is not mandatory.
2 Policies & Procedures
There has to be an AML Policies & Procedures document which is relevant to your firm, and which describes the AML policies and procedures which your firm actually does follow. It is not enough simply to have copied a template from somewhere and inserted your firm’s name in the first line.
3 Firm-wide Risk Assessment
You have to have a firm-wide risk assessment document. Again this has to be relevant to your firm and not simply a copy of a standard template with your firm’s name inserted into the heading. This document should demonstrate that you have thought about your firm, its clients and the services it provides in the context of money laundering risk.
4 Know Your Client or Client Due Diligence Records
On an individual client basis there firstly need to be records demonstrating that you have gathered information about each client (and their beneficial owners) to confirm their identity and the client’s financial activities in outline. This is commonly referred to as KYC or CDD. This information is collected when you commence to act for a new client (and reviewed, and updated if necessary, at least annually).
5 Client risk assessments
Again on an individual client basis there need to be assessments of the risk of money laundering or terrorist financing connected with that client – and these risk assessments have to be recorded and be reviewed at least annually. Typically these conclude for each client that the risk is either ‘low’, ‘normal’ (or medium), or ‘high’. Where the risk is high there needs to be a record of additional steps taken to address that high risk.
The MLRO and all relevant staff must have received training in relation to money laundering and terrorist financing, and there must be a record of that training having been undertaken by them. The training needs to be refreshed from time to time.
So that is our brief list of the bare minimum needed to scrape a ‘pass’ from your supervisor on an AML Compliance review. If you think that you may not have sufficient documentation to satisfy your supervisor to even this bare minimum standard then please contact us now.