Money Laundering Regulations 2017

Although the draft Regulations keep the principal requirement that you must perform client due diligence (CDD) before you establish a business relationship and when you identify any factors relevant to your risk assessment that have changed, the draft Regulations are slightly more prescriptive than the 2007 ones due to the proposed changes to CDD. These include:

• You must now complete CDD where you only perform company formation services, whether or not the formation of the company is the only transaction carried out for that client. (Reg.4(2))
• You must also identify and verify the identity of a person purporting to act on behalf of your client (Reg. 28(10)).
• When undertaking CDD on a body corporate, you must obtain and verify the name of the body corporate, its company number or other registration number, its registered address, principal place of business, the law to which it is subject, its memorandum of association and governing documents, the names of the board of directors or management body and its senior management. (Reg.28(3)).

In addition, the draft Regulations significantly change the requirements to enhance due diligence (EDD) and provide a list of circumstances in which EDD measures must be applied (Reg. 33), which includes:

• where there is a high risk of money laundering or terrorist financing;
• where a transaction or business relationship involves a person established in a ‘high risk third country’;
• if the client is a Politically Exposed Person (PEP), or a family member or known close associate of a PEP;
• in any case where the client has provided false or stolen identification documentation or information on establishing a relationship;
• in any case where you identify that the client has entered into transactions that are complex and unusually large, or there is an unusual pattern of transactions, and the transaction or transactions have no apparent economic or legal purpose.

There is also a list of factors that must be taken into account in assessing whether a high risk of money laundering exists and the extent of EDD measures that should be applied. For example, ‘the customer is resident in a geographical area considered to be an area of high risk’.

The definition of a PEP has been expanded and now includes ‘domestic PEPs’ (Reg 35). The draft Regulations also provide that EDD measures must be applied to a person for at least 12 months after they cease to be a PEP.

In respect of simplified due diligence (SDD) there is no longer a defined list of entities to which SDD applies. Instead the draft Regulations adopt a risk based approach and you can limit your CDD where you think SDD would be appropriate. The draft Regulations provides a list of low risk factors where SDD may be appropriate (Reg. 36).

It is important to note that the draft Regulations have yet to be finalised and may be subject to change.

As an illustration of a client potentially providing false or stolen identification documentation as set out above, here is an interesting query example:

Q: In carrying out customer due diligence on a new client, I asked to see the client’s driving licence. She produced an old style paper licence issued in 1992. When I photocopied it, a watermark of the word ‘fake’ appeared several times across the bottom of the document. I am concerned about continuing to act for this client and would like to know what I should do.

A: Between 1990 and 1993, the DVLA issued approximately four million paper licences which incorporated the ‘fake’ messages in an effort to prevent photocopies being passed off as originals. The watermark was designed so that the word ‘fake’ only became visible when the licence was photocopied. Use of the watermark was discontinued in 1994 when the DVLA accepted that widespread problems were being caused to drivers who required their licences to be legitimately photocopied.

As a precaution, you may wish to contact the DVLA to verify the position of your client (01792 788355) or write to DVLA, Department DVRE, 5 Longview Road, Swansea SA6 7JL.