These procedures are to be used by any member of staff for reference. Further reference
material can be found in “Xxxx Due Diligence Annex”.
This manual has been drafted in compliance in line with the prevailing regulation in our current jurisdiction.
Money Laundering Regulations as applied by Her Majesty’s Revenue and Customs (HMRC), and National Crime Agency (NCA) and applicable to Xxxx can be broadly summarised as follows:
Money laundering is the process by which criminally obtained money or other assets
(criminal property) are exchanged for ‘clean’ money or other assets with no obvious link to
their criminal origins.
Criminal property may take any form, including money or money’s worth, securities, tangible property and intangible property. It also covers money, however come by, which is used to fund terrorism.
Examples of Money laundering activity includes:
There is no single stage of money laundering; methods can range from the purchase and resale of luxury items such as a car or jewellery, to passing money through a complex web of
legitimate operations. Usually the starting point will be cash, but it is important to appreciate
that money laundering is defined in terms of criminal property. This can be property in any
conceivable legal form, whether money, rights, real estate or any other benefit, if you know
or suspect that it was obtained, either directly or indirectly, because of criminal activity and you do not report these suspicions to your MLRO then you too are taking a part in the
The money laundering process usually follows three stages:
Please note however that it is rare for any one financial institution to be involved with all stages and as such a firm may only see one or two stages. This makes it harder to detect and prevent as no financial sector business is immune from the activities of criminals and OmegaPro will consider the money laundering risks posed by the products and services they offer.
Terrorist financing is the process of legitimate businesses and individuals choosing to provide funding to resource terrorist activities or organisations. This could be being done for ideological, political or other reasons. Firms must therefore ensure that:
There is inevitably some overlap between AML provisions and Terrorist Financing acts. However, there are two major difficulties when Terrorist Financing is compared with other money laundering activities:
There are currently a number of relevant pieces of legislation of which all employees need to be aware of and comply with, including the following:
The Proceeds of Crime Act 2002 has established a series of criminal offences in connection
with money laundering, failing to report knowledge or suspicions or reasonable grounds for
knowledge or suspicions, tipping off a person to the fact that a report has been made, and
prejudicing an investigation. The Act also sets out penalties for the various offences
established under PoCA. Furthermore, the act upholds that the National Crime Agency NCA
has the power to investigate whether a person holds criminal assets, and if so, their location.
In addition, the act has created five investigative powers for law enforcement.
Under the act the following are money laundering offences:
The report must be made to the MLRO as soon as reasonably practical after the knowledge, suspicion or reasonable grounds for knowledge or suspicion came to light. There is no defence in claiming no knowledge or suspicion if the circumstances were such that a reasonable person would have known or suspected that the funds could have been the proceeds of crime.
The MLR 2017 applies to institutions who engage in any financial activities. The MLR 2017 aims to combat money laundering and terrorist financing through:
Failure to comply with the provisions of the regulations carries a maximum of 2 years imprisonment and or a fine.
The commission published the 4th Money Laundering Directive in June 2015, and this came into effect in June 2017. The regulation and Directive provide a more targeted and focused risk-based approach. In summary, the directive:
The 5AMLD is a new regulation to amend the Fourth Money Laundering Directive
(MLR2017) to further clamp down on terrorist financing. The Fifth Money Laundering
Directive (5AMLD) will come into force on January 10, 2020.
In summary, the directive:
The TA 2000 establishes offences relating to involvement in facilitating, raising, possessing or using funds for terrorist purposes and for failing to report suspicions, tipping off and prejudicing an investigation. In addition, empowers authorities to make Orders on financial institutions in connection with terrorist investigations Furthermore, establishes a list of proscribed organisations with which financial services firms may not deal.
One of the statutory objectives of the FCA is the enhancement of the integrity of the UK
financial system. The statutory objective was derived from the Financial Services and
Markets Act 2000 (FSMA 2000). This particular objective incorporates the prevention of
The MLRO will provide guidance to you relating to your obligations relating to money laundering and financial crime.
The JMLSG is made up of the leading UK Trade Associations within the Financial Services Industry. It provides detailed interpretation on the practical issues involved in the implementation of and compliance with the sources of UK legislation outlined above.
Apart from the criminal penalties mentioned above, contravention of the laws and rules can
also give rise to civil actions under the civil law framework whereby liabilities to the victims
of the original crime or subsequent terrorist act could arise.
In addition to risks of prosecution, you also leave your business open to the risk of damage to reputation. Consumers often select financial services firms on the basis of their perceived integrity, trust, ethical standards and professionalism. Perceived involvement in money laundering or terrorist financing could have the effect of destroying a firm’s reputation. s
There are certain measures and controls that can be implemented and carried out to help prevent against money laundering. OmegaPro carries out such measures during its daily business activities and is committed to preventing any aspect of financial crime.
An MLRO has been appointed and is responsible for monitoring all anti-money laundering
measures and raising SARs.
All documents relating to money laundering reporting, business transactions, client identification and customer due diligence are retained for a minimum of 5 years.
The appointed MLRO will ensure that the below minimums are met with regards to the information on any reports: -
Using all the information available at the time, the MLRO is required to make an informed decision using sound judgment as to whether there are reasonable grounds for either the knowledge or the suspicion of money laundering and to enable them to prepare their report for the National Crime Agency (NCA), where appropriate.
To ensure compliance with obligations under the law, OmegaPro is required to establish and
maintain systems and controls to deter criminals from using their facilities for money
OmegaPro Money Laundering Reporting Officer (MLRO) is John Smith who has the overall oversight of the firm’s anti-money laundering activities, the implementation of appropriate Financial Crime strategies and regulatory reporting obligations.
John Smith is responsible for ensuring that the firm is provided with compliant and up to date
systems and controls policies related to financial crime on a regular basis.
Provisions relating to countries with inadequacies on the approach to Money Laundering Prevention
The HM Treasury may direct any person or institution carrying out relevant business not to enter into a business relationship or carry out one-off transaction, or not to proceed any further with a customer relationship or transaction if the customer is based or incorporated in a country to which the Financial Action Task Force (FATF) has decided to apply countermeasures.
OmegaPro will make use of national and international findings on countries with inadequacies. This is to enable the Government and Financial Action Task Force findings of inadequacies concerning the approach of money laundering of individual countries or jurisdictions to be brought to bear on the relevant firms’ decisions and arrangements.
All staff working in OmegaPro, regardless of their actual position, have a duty to be aware of
the need to prevent money laundering and terrorist financing.
Staff will direct any queries regarding AML/CTF to the MLRO. All suspicions must be reported to the MLRO. Failure to report your knowledge or suspicions to the MLRO may result in action being taken.
Should staff have reason to believe or suspect that any transaction, or potential transaction, could involve the proceeds of criminal conduct they must make an internal report of this to its MLRO. Failure of any staff member to adhere to the guidance and objectives laid out in this policy, may lead to action being taken upon that staff member i.e. disciplinary action.
John Smith is responsible for the firms Anti-Money Laundering strategy.
The MLRO is responsible for:
Approving business relationships where the firm wishes to enter or continue a business
relationship where the consumer is a Politically Exposed Person, the jurisdiction is
considered by Financial Action Task Force (FATF) as non-cooperative or where the country
has a high risk of terrorism.
It is the MLRO’s overall responsibility to oversee the firm’s compliance with the Money Laundering regulations and the FCA Senior Management Arrangements, Systems and Controls (SYSC) Sourcebook.
When considering an internal suspicion report, the MLRO will need to strike the appropriate balance between the requirement to make a timely disclosure to the NCA, especially if consent is required, and any delays that might arise in searching a number of unlinked systems and records that might hold relevant information.
Given the need for timely reporting, it may be prudent for the MLRO to consider making an initial report to the NCA prior to completing a full review of linked or connected relationships, which may or may not subsequently need to be reported to the NCA.
The manner of reporting will include typed, paper-based submission on a standard form and the existing electronic submission methods; secure extranet Money Web interface, the NCA’s web based reporting mechanism (Suspicious Activity Report) SARs Online, encrypted e-mail or encrypted digital media.
OmegaPro will include in each SAR as much relevant information about the customer, transaction or activity that it has in its records. The law enforcement agencies have indicated that details of an individual’s occupation/company’s business and National Insurance number are valuable in enabling them to access other relevant information about the customer. As there is no obligation to collect this information (other than in very specific cases), a firm may not hold these details for all its customers; where it has obtained this information, however, it would be helpful to include it as part of a SAR made by the firm. If the MLRO decides not to make a report to the NCA, the reasons for not doing so should be clearly documented or recorded electronically and retained with the internal suspicion report. Please refer to Appendix 1 Suspicious Activity Report Form.
The first step in carrying out Due Diligence on prospective clients is to ascertain what level
of risk that client may present. Then, depending on the level of risk, Due Diligence should be
carried out, as appropriate.
In order to make the Risk Assessment procedure as clear and as effective as possible there are three levels of risk in which the client can be categorised:
The following must be taken into account when assessing the client’s level of risk
With a Risk Assessment it is always better to considered on the side of caution, and not make assumptions that the client is low risk. The key “Red Flags” above, notwithstanding the other points, are in bold. Should the client be “Red Flagged” by any of those points then Enhanced Due Diligence procedures should be followed.
The following examples provided are given as guidance and would typically be considered “Low Risk” clients. If there is any suspicion raised by a member of staff however, for whatever reason, then Enhanced Due Diligence procedures should be followed.
The following are given as guidance only.
Xxxx should run PEP and Sanction List check’s on all-natural persons and all-natural persons requiring verification in regard to legal entities (whether Director, Beneficiary, Controller, Signatory etc):
Note: Equivalent & High-Risk Jurisdictions
The list of jurisdictions which are considered Equivalent or High Risk is updated regularly by the Joint Money Laundering Steering Group (JMLSG).
All European Economic Area (EEA) states are considered equivalent jurisdictions and therefore low risk.
Jurisdictions outside of the EEA which are considered equivalent jurisdictions, and as such are low risk are the following.
For the latest guidance on Equivalent Jurisdictions, please see: http://www.jmlsg.org.uk/ For guidance on whether a given jurisdiction is high risk, you may refer to several Indices on the Transparency International website.
Any copies of any evidence obtained in order to verify a client’s identity and satisfy Due
Diligence requirements should be retained for a minimum of 5 years from the date that the
client relationship finished.
Copies must be made of any paper documentation. These copies must be filed and stored electronically to allow efficient retrieval when required.
Details of client transactions must be retained for a minimum of 5 years from the date of the transaction.
If applicable (i.e. if any internal / external reports have been made) records should be retained of:
As required under Money Laundering Regulations, periodic training of staff is required.
When this is carried out, the following must be recorded by the firm:
The MLRO will draft an annual report, in which the effectiveness of Xxxx’s systems and controls are reviewed. This is to be retained by the firm for a minimum of 5 years from when the report was drafted.
The MLRO of OmegaPro is John Smith. His appointed deputy for receiving internal
suspicion reports is email@example.com
The responsibilities of these members of staff include:
If any member of staff has any suspicions raised, about any client, whether that client might
be engaged in money laundering, or terrorist financing, then an internal report must be made
by that staff member to the MLRO, or the MLRO’s appointed deputy.
The obligation on staff members is to submit this internal report as soon as is reasonably practical.
Any internal report must be considered by the MLRO in the light of all other relevant information, to determine whether or not the information contained within the report does give rise to concerns or suspicions that the client may be engaging in money laundering or the financing of terrorism.
When a client provides Xxxx with requested Due Diligence Documentation, it is vital that the
following procedures be adhered to.
Documents in a foreign language
Any document received in a foreign language for the purposes of satisfying Due Diligence requirements must have an independent translation into English.
When a client supplies Xxxx with original documentation, and copies are made, the member of staff making the copy must on every page of the copy:
Paper versions of these copies must be stored in the physical Client file, and electronic copies
must be stored and filed on the computer system to allow easy and efficient retrieval, when
When a client is unable to provide original documentation to Xxxx, they may provide copies. The copies must be retained in the physical client files, and also be scanned and stored electronically.
Completing Due Diligence
Once all relevant Due Diligence documentation and information is collected, the account opening forms must be populated with the relevant information. The entire client file must be signed off by the member of staff who compiled it as completed, and also have a senior member of staff countersign it, to confirm the file has all required information.
A PEP is defined as:
“an individual who is or has, at any time in the preceding year, been entrusted with prominent public functions and an immediate family member, or a known close associate, of such a person”.
This definition only applies to those holding such a position in a state outside the UK, or in a Community institution or an international body.
The following are examples of prominent public functions which may constitute a PEP:
The firm should, as far as practicable, be alert to public information relating to possible changes in the status of its customers with regard to political exposure (i.e. Interpol and National Crime Agency (NCA) updates).
Ongoing monitoring of a business relationship includes:
Enhanced customer due diligence and monitoring (EDD) is required by the Money
Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer)
Regulations 2017 (MLR 2017) in any situation where there is a higher risk of money
laundering or terrorist financing. It must also be carried out in certain prescribed situations.
For example, where clients have unnecessarily complex or opaque business structures, the
transactions are unusual or lack an obvious purpose, the client is not present, or the client is
a politically exposed person (PEP). One other situation is where the business relationship or
transaction is with a person established in a "high-risk third country".
Examples where the client’s details or circumstances change include:
If the client has changed address in the last 3 years, proof of previous address is required.
The following supplementary information should also be provided by the client:
A more Extensive list of documentation which may be accepted for Due Diligence Purposes may be found in Annex 2, along with guidance on its use.
If there is any suspicion that a principal of the client firm may be a PEP, or, if you have
doubts about a customer's identification information (e.g. possible fraud), then Enhanced
Due Diligence procedures should apply.
Simplified DD should be applied firstly, on evidence reasonable grounds for believing the firm may be regulated and authorised by:
A list of the regulatory authorities in EU and FATF member states is available at
Xxxx must take appropriate steps to be reasonably satisfied (risk-based approach) that the person representing the company is appropriately authorised to do so. This may be done by:
Enhanced Due diligence procedures must be carried out if there is any suspicion that a
principal of the client firm may be a PEP, or, otherwise a principal or the firm is considered
high risk (adverse media, name match on sanctions list, suspicion of money laundering,
company structure is overly complex), or if you have doubts about a customer's
identification information (e.g. have not been able to validate the information provided). It
must be repeated if the client’s details or circumstances have changed.
Examples where the client’s details or circumstances change include:
Xxxx should ensure that it fully understands the company’s legal structure and ownership. Xxxx should also obtain sufficient additional information on the nature of the company’s business and the reasons for seeking the product or service. In addition to evidencing the identity of beneficial owners and controllers, the following, additional documentation (If deemed high risk, certified or original) should be obtained:
The critical issue is to establish a link between the beneficial owners (whose assets are in the
firm) and controllers (who will operate the account) of the firm
The firm should verify the existence of the corporate status:
For companies not listed on a recognised stock exchange (i.e. private companies), identity should be verified (follow Simplified Due Diligence procedures for individuals engaging in a one-off purchase) for:
For trusts, identity should be verified (follow Simplified Due Diligence procedures for individuals) for the settlor (i.e. person providing the funds) and the individuals who are authorised to invest or transfer funds (i.e. trustees and those who exert influence over the trustees). In addition, the following information should be obtained:
The trust deed or reference to an appropriate register in the country of establishment should be able to provide most of the information.
All beneficial owners must be identified. The beneficial owner of a partnership is any
individual who ultimately is entitled to or controls (whether the entitlement or control is
direct or indirect) more than a 25% share of the capital or profits of the partnership, or more
than 25% of the voting rights in the partnership, or who otherwise exercise control over the
management of the partnership.
The firm should obtain the following in relation to the partnership or unincorporated association
Xxxx’s obligation is to verify the identity of the customer using evidence from a reliable and
independent source. Where partnerships or unincorporated businesses are well known
reputable organisations, and with substantial public information about them and their
principals and controllers, confirmation of the customer’s membership of a relevant
professional or trade association is likely to be able to provide such reliable and independent
evidence. This does not obviate the need to verify the identity of the partnership’s beneficial
Other partnerships and unincorporated businesses will have a lower profile, and will generally comprise a much smaller number of partners/principals. In verifying the identity of such customers, firms should primarily have regard to the number of partners / principals. Where these are relatively few, the customer should be treated as a collection of private individuals and follow the guidance for individuals. Where numbers are larger, the firm should decide whether it should continue to regard the customer as a collection of private individuals or whether it can be satisfied with evidence of membership of a relevant professional or trade association. In either circumstance there is, likely to be, a need to see the partnership deed (or other evidence in the case of sole traders or other unincorporated businesses), to satisfy that the entity exists, unless an entry in an appropriate national register can be verified.
For identification purposes, Scottish partnerships and limited liability partnerships should be treated as corporate customers. For limited partnerships, the identity of general partners should be verified (follow Due Diligence procedures for individuals engaging in a one-off purchase) whilst other partners should be treated as beneficial owners.
(Public sector bodies include state supported schools, colleges, universities and NHS trusts.)
Only Simplified Due Diligence is required in respect of public authorities in the UK.
Only Simplified Due Diligence is required in respect of non-UK public authorities which meet the following criteria:
Firms should obtain the following information about customers who are public sector bodies, governments, state-owned companies and supranationals:
Firms should take appropriate steps to understand the ownership of the customer and the nature of its relationship with its home state authority.
UK pension schemes can take a number of legal forms. Some may be companies limited by
guarantee; some may take the form of trusts; others may be unincorporated associations.
Many register with HMRC in order to achieve tax-exempt status. Most have to register with
the Pensions Regulator. Generally, evidence of registration with HMRC or the Pensions
Regulator will be sufficient to meet identification and verification obligations in respect of
most UK pension schemes.
Where a firm is unable to confirm the scheme’s HMRC or Pension Regulator registration, a pension scheme should be treated for AML/CTF purposes according to its legal form and standard evidence obtained, including obtaining the list of authorised signatories.
Non face-to-face identification and verification carries an inherent risk of impersonation fraud. Where identity is verified electronically, or copy documents are relied on, a firm should apply an additional verification check to manage the risk of impersonation fraud. The additional check may consist of robust anti-fraud checks that the firm routinely undertakes as part of its existing procedures, or another measure, such as:
Under certain conditions, where the money laundering or terrorist financing risk in a product is considered to be at its lowest, a payment drawn on an account with a UK or EU regulated credit institution, or one from a comparable jurisdiction, and which is in the sole or joint name of the customer, may satisfy the standard identification requirement. Whilst the payment may be made between accounts with regulated firms or by cheque or debit card, the accepting firm must be able to confirm that the payment (by whatever method) is from a bank or building society account in the sole or joint name(s) of the customer. Firms will need to be able to demonstrate why they considered it to be reasonable to have regard to the source of funds as evidence in a particular instance.
Areas identified by the presence of armed conflict, widespread violence, including violence generated by criminal networks, or other risks of serious and widespread harm to people. Armed conflict may take a variety of forms, such as a conflict of international or non international character, which may involve two or more states, or may consist of wars of liberation, or insurgencies, civil wars. High-risk areas are those where there is a high risk of conflict or of widespread or serious abuses as defined in paragraph 1 of Annex II of the Guidance. Such areas are often characterised by political instability or repression, institutional weakness, insecurity, collapse of civil infrastructure, widespread violence and violations of national or international law.
Due diligence is an on-going, proactive and reactive process through which companies can identify, prevent, mitigate and account for how they address their actual and potential adverse impacts as an integral part of business decision-making and risk management systems. Due diligence can help companies ensure they observe the principles ofinternational law and comply with domestic laws, including those governing the illicit trade in minerals and United Nations sanctions.
Management processes and documentation that collectively provide a systematic framework for ensuring that tasks are performed correctly, consistently and effectively to achieve the desired outcomes, and that provide for continual improvement in performance.
a multilateral system operated and/or managed by a market operator, which brings together or facilitates the bringing together of multiple third-party buying and selling interests in financial instruments - in the system and in accordance with its nondiscretionary rules - in a way that results in a contract, in respect of the financial instruments admitted to trading under its rules and/or systems, and which is authorised and functions regularly and in accordance with the provisions of Title III of MiFID.
|Passport||Any current and valid passport|
|Biometric residence permit||UK|
|Current driving licence – photo card with counterpart||UK/Isle of Man/Channel Islands (full or provisional)|
|Birth certificate - issued at time of birth||UK and Channel Islands – including those issued by UK authorities overseas, eg embassies, High Commissions and HM Forces|
|Current driving licence – old-style paper version||UK|
|Current photo driving licence||Non-UK licences must be valid for up to 12 months from the date the applicant entered the UK|
|Birth certificate – issued after time of birth||UK and Channel Islands|
|Marriage/civil partnership certificate||UK and Channel Islands|
|Adoption certificate||UK and Channel Islands|
|HM Forces ID card||UK|
|Firearms licence||UK, Channel Islands and Isle of Man|
|Document||Notes||Issue Date and Validity|
|Mortgage statement||UK or EEA||Issued in last 12 months|
|Bank or building society statement||UK and Channel Islands or EEA||Issued in last 3 months|
|Bank or building society account opening confirmation letter||UK||Issued in last 3 months|
|Credit card statement||UK or EEA||Issued in last 3 months|
|Financial statement, eg pension or endowment||UK||Issued in last 12 months|
|P45 or P60 statement||UK and Channel Islands||Issued in last 12 months|
|Council Tax statement||UK and Channel Islands||Issued in last 12 months|
|Work permit or visa||UK||Valid up to expiry date|
|Letter of sponsorship from future employment provider||Non-UK or non-EEA only - valid only for applicants residing outside of the UK at time of application||Must still be valid|
|Utility bill||UK – not mobile telephone bill||Issued in last 3 months|
|Benefit statement, eg Child Benefit, Pension||UK||Issued in last 3 months|
|Slovenia Central or local government, government agency, or local council document giving entitlement, eg from the Department for Work and Pensions, the Employment Service, HMRC||UK and Channel Islands||Issued in last 3 months|
|EU National ID card||-||Must still be valid|
|Cards carrying the PASS accreditation logo||UK and Channel Islands||Must still be valid|
|Letter from head teacher or college principal||UK - for 16 to 19 year olds in full time education - only used in exceptional circumstances if other documents cannot be provided||Must still be valid|
In using the above chart, Xxxx must verify the client’s identity using one of 3 “routes” below.
The client must be able to show:
At least 1 of the documents must show the client’s current address.
If the client doesn’t have any of the documents in Group 1, then they must be able to show:
At least 1 of the documents must show the client’s current address.
Route 3 can only be used if it hasn’t been possible to process the application through Routes
1 or 2.
For Route 3,
the client must be able to show:
At least 1 of the documents must show the client’s current address.