23rd December 2019
By Steve O’Neill, Managing Director of BTC – trusted partner of Leonard Curtis, providers of the Lifecycle network
We’ve just undertaken Lifecycle’s latest webinar which looked at the amended Fifth European Money Laundering Directive (5AMLD) and what it will mean for accountants. You can listen to it here, free of charge, if you’re a Lifecycle member.
As failure to comply with AML laws and regulations has severe consequences – from warning letters and damaged reputations to fines of up to a maximum of €5 million or 10% of annual turnover, sanctioning and, in the most serious cases, criminal prosecution – the interactive online session raised some interesting questions from delegates.
Here we take a look at some of the most frequently-raised queries. Please get in touch @lclifecycle or email email@example.com if you have any more.
When will electronic verification become mandatory?
AML rules require firms to identify and verify the identity of clients. They currently don’t specify how these customer due diligence procedures (CDD) should be carried out and, in practice, firms tend to undertake them remotely.
However, the 5AMLD stipulates a need, wherever possible, to use electronic client verification solutions when undertaking CDD but this won’t be necessary from day one on 10th January 2020 when the new Directive comes into force.
To set the context, not all European countries currently have electronic identification solutions available – in fact, only five do – but it is widely believed that by the end of 2022, electronic verification will become mandatory.
So, it’s wise for all practices – whatever your size and client base – to look at electronic solutions now in preparation.
What constitutes adequate proof of identification? Will photo ID and proof of address suffice? And are electronic versions suitable?
All papers and records must be in their original or certified format and acceptable identity documents include a current signed passport, a valid UK driving licence or an EEA member state identity card.
When it comes to proof of address, this could be a valid photo driver’s licence if not used as ID. A bank, building society or credit card statement dated within three months and showing account number and recent activity would also be acceptable.
Other options include UK, EU, EEA mortgage statements, tenancy agreements, council tax bills – all dated within 12 months – and utility and telephone bills and HMRC tax notification dated within six months.
To ensure compliance, we recommend that accountants undertake retrospective identity checks on existing clients, not just new ones.
The introduction of 5AMLD provides a great opportunity to broach the subject with clients – no matter how longstanding the relationship and how potentially awkward it might be to do so.
It’s essential that the three steps of risk assessment are undertaken. All clients should be subject to identification, risk assessment and verification procedures. Just because you’ve met with someone and you think you know them, it doesn’t necessarily mean that they’re who they say they are.
It’s wise to bear in mind that identity fraud has reached a record level in the UK, with almost 190,000 cases recorded last year. As more services have moved online, so there is a greater danger of data being involved in a breach and of clients pretending to be someone else.
Respond by ensuring your firm-wide risk assessment guide is adequate for your size and client base. Ensure that AML CDD is part of what you do when you meet a prospective client for the first time and that you revisit it each time you carry out a piece of work for the client to ensure that the AML CDD you have is up to date.
Would a client know if a production order had been requested for them?
If your client risk assessments do bring any anomalies to light – however insignificant or vague the suspected criminal activity – it’s essential to disclose the information. It’s the same for all other professional service providers such as lawyers and bankers.
If no further steps are taken following subsequent investigation – and a production order isn’t served – clients won’t even know that they have been subject to checks.
And, as many production orders come with a relatively short deadline, complying with the order can be difficult for smaller firms. This is another reason why adhering to robust and ongoing risk assessment procedures is beneficial as the information should be immediately to hand.
Yes, client confidentiality is important but those accountants who don’t comply can find themselves facing criminal prosecution. They could also face prosecution for providing too little information to HMRC.
Yet supplying more information than HMRC has the right to require could also lead to legal action against the practice by their client. Deciding how to respond to a notice may not always be easy and the potential costs of making an error can be high, so we recommend that expert specialist advice is always sought.
SmartSearch is a very efficient and cost-effective client verification tool that delivers AML, CDD and Know Your Customer (KYC) information to help ensure accountants remain compliant and protected. It provides accountants in practice with a robust and reputable audit trail and automatic checks for a cost of just £3 for Lifecycle members which lasts for years.
How can I ensure I’m undertaking robust enough checks on non-UK clients?
Firms are required to verify customers and beneficial owners, which can be especially difficult when they live overseas.
However, SmartSearch provides a simple solution – all you need to do is provide a high-resolution image of the individual’s identity document – passport, ID card, driving licence or other accepted ID in the country of issue – and it will be validated to a level 3 Immigration Standard. This equates to the level of immigration officers manning UK entry points.