Section 8 Flashcards Preview

R01 > Section 8 > Flashcards

Flashcards in Section 8 Deck (6)
Loading flashcards...

Money Laundering

•Process by which criminals convert money obtained illegally into apparently legitimate funds
•Usually 3 stage process:

Illicit cash put into, for example, deposit account or life assurance or packaged investment

Series of transactions designed to conceal origins of illicit money

Process by which money finally converted into proceeds of legitimate business or investment portfolio


Financial Action Task Force (FATF)

•UK and other EU members joining together to combat money laundering


Proceeds of Crime Act 2002 - created criminal offences:

•To conceal, disguise, convert or transfer criminal property or remove it from the UK
•To be concerned in an arrangement to facilitate the acquisition, retention, use or control of criminal property
•To acquire, use or possess criminal property
•Failure to disclose known or suspected cases of money laundering in the course of business in the regulated sector is an offence
•Also offence to tip off the subject of a money laundering investigation


Money Laundering Regulations

•Implement EU 4th and 5th money laundering directives
•Joint Money Laundering Steering Group made up of leading trade associations in industry
•2017 regulations - emphasis on adopting risk-based approach and included wider range of business:
o Credit and financial institutions
o Auditors, accountants, tax advisers
o Leasing companies, commercial finance providers


Important Areas of the Regulations

•Policies and procedures:
o To minimise risk of firm being used for money laundering purposes
o Appoint Money Laundering Reporting Officer (MLRO)

•Customer due diligence (CDD):
•Identify customer
•Obtain information on purpose and intended nature of business relationship

•CDD check when:
o establishing business relationship
o Carrying out occasional transactions
o Money laundering suspicions
o Terrorist financing suspicions
•Simplified due diligence (SDD) may be used for low risk transactions
•Enhanced CDD checks required if person not present or politically exposed person from outside UK and, following 5th MLD, those from high risk third country
•On-going monitoring required to scrutinise transactions to ensure consistent


Identification Procedures:

Staff Awareness and Training


Suspicious Activity Reporting (SAR)

Firm Annual reporting


Protection Measures

Civil Recovery

General Data Protection Regulation (GDPR

Data Protection Act 2018

•Identify customer
•Verify ID
•Acceptable ID:
o government issued document with name and photo and either address or date of birth
o secondary evidence of address if no photo on government document
o If not individual client (e.g. company) then relevant ID required e.g. company registration number

•eIDV (electronic identity verification)
o matches client details with public database
o match, partial match or no match
o speedy

Staff Awareness and Training:
•Firms must ensure staff are aware of relevant legislation and are trained with regular re-training

•Includes power to enter and inspect premises and take copies of relevant documents

Suspicious Activity Reporting (SAR):
•Firm appoint Money Laundering Reporting Office (MLRO) to report to NCA if know/suspect ML/TF activity, staff report to MLRO

Firm Annual reporting:
•Annual review of AML systems – obtain report from MLRO

•Required to keep ID for 5 years after end of client relationship or 5 years from when transaction completed

•If not authorised under FSMA then must register with appropriate money laundering supervisory agency

Protection Measures:
•Outside the investigation, the person who reported the suspicion will have name concealed

Civil Recovery:
•Assets Recovery Agency (ARA)
•Can confiscate proceeds of crime from criminals
•Work of ARA is now merged with NCA (National Crime Agency)

General Data Protection Regulation (GDPR):
•GDPR applies to the use of personal data by data controllers and data processors
•Sensitive data is referred to as ‘special categories of personal data’
•Includes an accountability principle (firm must demonstrate compliance with data protection principles)
•There must be a lawful basis for processing personal data
•Consent to processing must be given freely using a form of positive opt-in
•Data subjects have the rights to be informed, of access, to rectification, to erasure, to restrict processing, to data portability, to object and in relation to automated decision making and profiling
•Firms must be accountable and transparent in their dealings with personal data
•All organisations are obliged to notify the Information Commissioner of serious personal data breaches
•There are restrictions on the transfer of personal data outside the EU

Data Protection Act 2018:
•Implements GDPR in UK, but wider scope including:
o General data processing
o Law enforcement processing
o National security processing
o Regulation and enforcement

•Gives powers to Information Commissioner to regulate and enforce data protection law
o Serious data breach fine £17m (€20m)/ 4% global turnover, whichever is the largest
o Can bring criminal proceedings if data controller / processor alters records following subject access request