HM Treasury (HMT) has launched a consultation (the Consultation) on improving the effectiveness of Money Laundering Regulations 2017 (MLRs). The Consultation follows HMT’s 2022 review of the UK’s anti-money-laundering (AML) and counter-terrorist-financing (CTF) regulatory and supervisory regime (the 2022 Review), and the Economic Crime Plan 2023-26.
While the 2022 Review concluded that the MLRs remain broadly fit for purpose and compliant with international standards set by the Financial Action Task Force (FATF), it also identified weaknesses. The Consultation seeks further viewpoints, including feedback for proposals put forward.
What does the Consultation say?
1. Making customer due diligence (CDD) more proportionate and effective
Firms are required to carry out CDD when establishing a new business relationship or executing high value transactions. CDD involves a firm taking steps to verify a customer’s identity while ensuring that the financial crime risk a customer poses – taking account of the customer’s operational geographic area, its products/services, delivery channels and transactions – aligns with a firm’s own risk assessment.
From this, a firm will adopt a risk-based approach to determine the level of CDD applicable. This could be enhanced due diligence (EDD), where the customer presents a higher risk of money laundering or terrorist financing, or simplified customer due diligence (SDD) if the financial crime risk is low.
While the 2022 Review believed the CDD requirements found within the MLRs were broadly effective at mitigating the risk of money laundering and terrorist financing, HMT is keen to reduce ambiguity which could lead to over-compliance or inconsistent application.
Where do the ambiguities lie in the MLRs?
HMT has raised queries about whether further guidance is required to provide greater clarity on:
- whether the trigger points of when CDD must be undertaken, set out in Regulation 27(1) and (2) of the MLRs, are sufficiently clear and easy to apply. If they are not, HMT will consider whether amendments are necessary to provide clarity or introduce additional sector-specific triggers.
- when a source of funds check must be carried out during the course of the customer relationship; and
- whether the definition of “acting on behalf of a customer” found in Regulation 28 (10) needs further clarification in instances where the person is acting on behalf of a corporate entity.
Digital verification
Considering the UK government’s commitment to utilising digital identity verification technologies, HMT is investigating the current rate of acceptance of digital identity amongst firms, querying whether and what further guidance is needed, and exploring the appetite for legislation in this area.
Timing of verification of customer identity
Regulation 30(4) of the MLRs requires credit or financial institutions to implement ‘adequate safeguards’ to ensure that they do not transact with or on behalf of customers before verifying their identity. This could result in delays where banks are onboarding unusually large volumes of customers, such as during a bank’s insolvency. Here, customers whose sole bank account is held with an insolvent bank would be denied access to banking services whilst the successor bank conducted CDD (and are thereby barred from providing services by virtue of Regulation 30(4) of the MLRs).
HMT is keen to explore both legislative and non-legislative options in this regard, working with the Joint Money Laundering Steering Group (JMLSG) and the FCA to clarify how onboarding should be approached in such circumstances. This could involve placing reliance on the insolvent bank’s previous CDD, or amending the MLRs to accommodate a scenario such as this.
Enhanced due diligence
HMT wants to ensure that the triggers for EDD remain appropriate and support firms to identify customers that pose a higher risk of money laundering or terrorist financing. It also wants to ensure that firms can apply a risk-based approach effectively, with the appropriate level of CDD applied. Such checks must be carried out in a proportionate and risk-based manner, reflecting FCA guidance.
HMT gave the example of politically exposed persons (PEPs), and that while the MLRs remained the starting point when assessing the CDD required for domestic PEPs (including their family members or known close associates), the level of risk associated with a domestic PEP is lower than for a non-domestic PEP, unless other risk factors are present.
The risk factors that typically inform the decision to carry out EDD are derived from FATF standards and include geographic, delivery channel and product risk factors. Regulation 33(6) states that in assessing whether there is a high risk of money laundering or terrorist financing (and as a result, EDD should be applied) a number of circumstances should be considered, such as whether customers are beneficiaries of a life insurance policy or if the transaction involves certain classes of sensitive goods.
However, the Consultation states that while these circumstances could be indicators of a higher risk, that may not necessarily be the case and HMT is keen to understand the impact of such requirements on firms.
Responding to feedback that imposing EDD for ’complex or unusually large’ transactions might be unduly onerous, particularly for firms performing such transactions regularly, HMT is investigating the extent of the burden, exploring the provision of further guidance and considering whether it should amend the regulation to specify that only ‘unusually complex […]’ transactions require EDD.
Currently, Regulation 33(3A) of the MLRs prescribes mandatory EDD checks and monitoring for customers or transactions established in ‘High Risk Third Countries’ (HRTCs). HMT has recognized that these requirements might be unduly burdensome, particularly for firms with subsidiaries or numerous customers in HRTCs. HMT is seeking suggestions for a more proportionate approach, including the proposal that Regulation 33(3A) be made non-mandatory.
Simplified customer due diligence
As uptake of the SDD process has been low, HMT is contemplating an expansion of the scope wherein SDD may be applied. These include cases where the client business is itself regulated under the MLRs or where the client business is subject to regulatory or professional conduct obligations.
Additionally, certain client classes, including care homes and legal sector firms (which are limited in information sharing ability due to client confidentiality obligations), have reported difficulties accessing pooled client accounts (PCAs), which are used to hold client funds on behalf of a number of different clients. HMT expects that clarification regarding SDD’s application in low-risk PCAs and further expansion of the scope of SDDs will broaden access to PCAs.
2. Strengthening system coordination
HMT considers that further expansion of information sharing powers between supervizors (including the FCA, HMRC and the Gambling Commission), and relevant bodies is desirable to combat economic crime more efficiently. The Consultation has asked whether:
- the FCA should be permitted to share relevant information with the Financial Regulators Complaints Commissioner;
- the MLRs should impose a duty on Companies House and the Secretary of State to cooperate with other authorities on AML/CTF beyond information sharing; and
- the information-sharing gateway should be extended to other public bodies.
National Risk Assessment
The Consultation also discusses the circumstances in which a firm is required to carry out a risk assessment, and whether the MLRs are sufficiently clear on how firms should carry out a risk assessment, what sources firms should use to inform their risk assessment (such as the National Risk Assessment (NRA)) and whether firms should have a direct regard for the NRA.
Clarifying scope of the MLRs
The Consultation also considers whether changes should be made due to Brexit, evolving industry practices and technological growth. The Consultation proposes the following changes to the MLRs:
- Amend the MLRs to replace all references to euros with pounds sterling. HMT is also seeking input on the workings of two proposed conversion mechanisms.
- HMT wishes to bring the sale and onward sale of ‘off-the-shelf’ companies within scope of the MLRs. This addresses HMT’s concerns that such entities are not currently subject to due diligence requirements and at risk of being used to obscure criminal activity.
- Align the current MLR regime for crypto firms more closely with upcoming changes to the Financial Services and Markets Act 2000. This will consequently alter the classes of persons who are subject to the fit and proper test and change the threshold definitions for control.
The Consultation is open for comment until Sunday June 9, 2024. Regulated businesses are also encouraged to complete an additional survey on the current cost of compliance with the MLRs. The response to the Consultation, including possible draft legislation, will be published in due course.
Robert Dedman has been a partner in the Financial Services and Products team since January 2023. Prior to joining CMS, Rob was a lawyer at the PRA. James Dickie is a senior associate in the UK Financial Services Regulatory team. Faye Ellis is an associate and advises financial services firms, market participants and investors. CMS
Co-authored by Darren Tan.