FCA: financial crime: a guide for firms
There’s been a lot of talk on LinkedIn over the last few days about an update to the FCA’s Financial Crime: a guide for firms. However, none of the comment seemed to highlight what of the 118 pages had actually changed. Was this a radical overhaul? Were the changes material? Are they going to require you to do things differently? The FCA haven’t provided any specific commentary and there’s no change log in the document.
Well, we’ve spent our weekend going through the changes, so you don’t have to. And the good news, is that the changes are very minimal. In fact they are hardly even newsworthy.
The changes are focused on chapter 3 “Money laundering and terrorist financing”:
3.2.4 CDD checks:
Up to date information: Emphasis is placed on CDD measures applying when contacting a customer for any legal duty, including under the International Tax Compliance Regulations 2015. They note in particular the need to review information relevant to the customer risk assessment or beneficial ownership.
Record keeping: They emphasise the need to verify the identity of “the senior person in the” company where all possible means of identifying the beneficial owner have been exhausted. Firms are reminded to keep written records made of the actions undertaken and any difficulties encountered.
Proof of company registration: Whilst reminding of the obligation to obtain proof of registration, the guide now includes the obligation to report discrepenices to Companies House.
Electronic identification: The ability to rely on electronic identification processes is recognised, so long as that process is independent of the person being verified, secure from fraud and capable of providing appropriate assurance that the person claiming a particular identity is in fact that person.
3.2.7 Handling higher risk situations:
Regulatory risk factors: The guidance now reflects the need to take account of risk factors set out under regulation 33(6) relating to customer, product and geographical risk.
Relationships or relevant transactions where either party is established in a high risk third country: The guidance recognises definitions, including of “high risk third country” as one identified by the EU commission. We note it does NOT reference specifically the UK’s high risk third country list as maintained by HMT (which is materially different to the EU list). The guidance underscores the need for EDD in these circumstances.
Other transactions: For unusually large or complex transactions the guidance now specifics specific EDD measures to be applied, including examining the background and purpose of the transaction and increasing the degree and nature of monitoring. Additionally, provisions for life insurance policies are now included.
Learning
The guide has only changed to catch up with the regulations, there hasn’t been any new examples of good / poor practice, case studies or new regulatory expectations.
LinkedIn posts sharing the “update” without providing the details are limited in their value… you have to understand the details.
Guide for firms remains a useful document for firms, but could be significantly enhanced by more regular updates e.g. bringing in the contents of recent Dear CEO letters, so that expectations are not so fragmented.
A change log would be a much appreciated addition for firms trying to map and monitor their regulatory obligations.