Keep up to date with the latest developments at the IPA – follow us on LinkedIn (Insolvency Practitioners Association) and Twitter (@IPAssociation).

Anti-Money Laundering Case Studies

Case Study 1

Area of Concern

Regulations 27 & 28 of the 2017 Money Laundering Regulations require the application of Customer Due Diligence (CDD) measures to identify and verify the identity of the proposed client. Copies of the CDD documentation should be held to evidence verification of identity.

Position

A case file reviewed as part of an inspection visit did not have copies of the CDD identification documentation. As such there was no evidence that Regulations 27 & 28 had been followed.

Result

The issue was flagged to the member as an Advisory Notice requiring remediation, and updated CDD documentation was obtained and added to the file.

Requirement

Members must ensure that proper CDD work is carried out prior to taking on a new appointment or advice work, and they should ensure that copies of the CDD documentation are held on the case file. It is recommended that the any CDD policy makes is clear that such documentation should be clearly held on file.


Case study 2

Area of Concern

Regulation 27 of the 2017 Money Laundering Regulations requires the application of Customer Due Diligence (‘CDD’) measures to identify and verify the identity of a proposed client. Regulation 30 advises that the requirement to verify must be carried out prior to the establishment of any business relationship, i.e. the taking of an appointment, unless the appointment is urgent or there is little risk of money laundering.

Position

A member was appointed as Liquidator of a company and sold the assets to the former director of the company as sale under Statement of Insolvency Practice (SIP) 13. The CDD documentation was requested prior to the appointment, but was not received until after the appointment and SIP 13 sale had completed.

Result

The issue was flagged to the member as an Advisory Notice and the firm’s CDD policy was updated to confirm that where there was no urgency to the appointment – as in this case – the CDD work must be completed before undertaking any work on the assignment.

Requirement

Insolvency is considered to be a high-risk area for money laundering, so no case should fall into the area where CDD is not required prior to the commencement of an appointment, even if it is believed that there may be a low risk of money laundering. Where an appointment is urgent – such as where an appointment is made at a decision procedure for an Insolvency Practitioner (IP) to be appointed instead of the nominated IP – CDD work can be undertaken post-appointment, but must be completed as soon as reasonably practicable thereafter.


Case study 3

Area of Concern

Employment of new members of staff – AML training under Regulation 24 of the 2017 Money Laundering Regulations.

Position

A member had employed new members of staff, but there was no evidence that they had undertaken AML training and been provided with details of the firm’s AML policies and procedures.

Result

The member noted this during the visit, and the policies and procedures were provided and training set up for the new staff members. Due to the actions during the visit, the matter was flagged to the member as a minor finding, and they received a reminder to ensure that new members of staff receive effective AML training and are made aware of the firm’s AML policies and procedures.

Requirement

Regulation 24 requires appropriate measures to be taken to ensure your employees are made aware of the law relating to money laundering, the requirements of data protection and that they regularly receive training on how to recognise and deal with transactions and other activities or situations which may be related to money laundering. Remember you must have a written record of the training undertaken. Policies, controls and procedures are required under Regulation 19, and steps must be taken to communicate these policies and any changes within your firm.


Case study 4

Area of Concern

Regulation 30(3) of the 2017 Money Laundering Regulations relates to where Customer Due Diligence (CDD) can be completed prior to commencing an insolvency appointment of advice work, but where there is a hostile appointment (ie where the appointment is being made without the consent of a company’s directors), the CDD work must be completed as soon as reasonably practicable.

Position

A member was appointed as Administrator over a company, and the appointment was a hostile appointment by the secured creditor. Whilst searches were carried out at Companies House, via Smartsearch and Office of Financial Sanctions Implementation (OFSI) checks, no identity or verification of identity was carried out. There was also no request from the secured creditor for confirmation of any searches that they had undertaken to provide some comfort and reliance on third party checks.

Result

The member met with the directors and completed identification checks of the directors and was able to evidence the work undertaken. As such, the issue was noted to the member as a minor finding with a reminder to ensure that where there is a hostile appointment, CDD work is carried out as soon as reasonably practicable.

Requirement

Whilst most appointments can be planned and CDD work undertaken prior to an appointment, there will be a very small number of occasions where CDD cannot be completed prior to an appointment. Members must ensure that they complete CDD as soon as practicable post-appointment and ensure that the case risk assessment is kept updated and file notes are held to evidence work carried out to complete CDD work.

Members are reminded of Regulation 31, which is clear that where CDD cannot be completed, the business relationship must not be established.


Case study 5

Area of Concern

Regulation 28(11) of the 2017 Money Laundering Regulations requires Client Due Diligence (CDD) checks to be kept under review, and consideration is also required of the ‘Person with Significant Control’ (PSC) on Companies House, as required under the 5th Money Laundering Directive.

Position

A member was appointed as Liquidator of a Members Voluntary Liquidation (MVL), and there was a change in director between the engagement and appointment, but the CDD checks were not updated and kept under review. The change also meant that the PSC did not match the details held on Companies House.

Result

The member provided updated copies of CDD documentation and an updated case risk assessment, and was provided with a reminder to ensure that CDD was kept under review as part of any case as per Regulation 28(11).

Requirement

Members must ensure that CDD is kept under review as part of any appointment, and updates of documentation requested where required. It is recommended that reviews of CDD and the case risk assessment are carried out as part of a review of the case file and that the review is evidenced as being completed. Members should also remember that where there is a discrepancy in the PSC between the details on Companies House and the details you have been provided, you have a duty under the 5th Money Laundering Directive to report the discrepancy to Companies House. Details of how you can carry this out, can be found here.


Case Study 6

Area of Concern

Under Regulation 18 of the 2017 Money Laundering Regulations, all firms that deal with insolvency must have a risk assessment which identifies and assesses the risks of money laundering to which its business is subject, and this assessment must cover the areas listed in Regulation 18(2).

Position

A member’s firm’s risk assessment did not consider the particular services provided and the level of risk of those services highlighting areas where the risk was deemed to be increased so that staff could fully consider the AML risks on an individual case level.

Result

The member updated the firm’s risk assessment to cover the areas under Regulation 18 and circulated the updated assessment around the teams to highlight the areas where a higher risk of money laundering could be found. The member was reminded to ensure that the risk assessment was subject to at least an annual review and updated to consider the change in risk of work undertaken.

Requirement

Every firm should have an assessment of the risks. There will be general risk areas but there may be specific types of cases that are undertaken, and it is key that the money laundering risk of the specific work is considered, assessed and highlighted as part of any Regulation Assessment document.

Members will be aware that, as part of licence renewal, a copy of the current Regulation 18 firm risk assessment is required to be provided. The IPA will be reviewing risk assessments and following up on any that appear to be non-compliant with the member, to require immediate remediation action.


Case Study 7

Area of Concern

Training of furloughed staff as per Regulation 24 of the Money Laundering Regulations.

Position

The member had some furloughed members of staff who did not undertake AML training provided during the period of furlough.

Result

The member was reminded that when the relevant members of staff were taken off furlough and were brought back to work, they must undertake the AML training. When the training has been undertaken, the firm’s training record must be updated to evidence the training having been taken.

Requirement

Whilst this is a matter that is highlighted due to Covid, the same position would also apply to staff on maternity or paternity leave, or long-term sick who return to the office. It is important that any returning members of staff undertake the required AML training and that you ensure that the training record is updated to evidence the training has been fully rolled out.


Case study 8

Area of Concern

The carrying out on of an audit of AML policies and procedures under Regulation 21 of the 2017 Money Laundering Regulations.

Position

A member’s AML internal policy was that an external consultant would audit the firm’s AML policies and procedures every 2-3 years, but there was no evidence of any external audit being carried out.

Result

The member was asked to provide details of the last audit, confirm the date of the next audit and provide a copy of any recommendations for amendment to policies and procedures so that these can be monitored to ensure they are introduced effectively.

Requirement

Regulation 21 applies, where appropriate, with regard to the size and nature of a business and requires a member of senior management or a Board member to be appointed to ensure compliance by the firm with the 2017 Money Laundering Regulations. Reg21(1)(c) advises the need to establish an independent audit function to examine and evaluate the adequacy and effectiveness of policies and procedures, and make recommendations for improvement.

Where an independent audit function is in place, you must make sure that this is carried out. It is recommended to have policies and procedures independently checked to ensure that they are robust, effective and provide clear guidance to staff on responsibilities.


Case Study 9

Area of Concern

Reliance on third parties to have undertaken Customer Due Diligence (CDD) measures required under Regulation 28 of the 2017 Money Laundering Regulations.

Position

A member relied upon a third party to carry out CDD on a transaction but failed to obtain from the third party the information needed to satisfy the requirements of Regulation 28.

Result

The member was reminded of the requirements of Regulation 39 of relying on a third party to carry out CDD work, and an amended CDD policy was provided to evidence that the requirement was part of the firm’s procedures.

Requirement

A member can rely on a third party to carry out CDD work as Regulation 39 makes that clear. However, Regulation 39 also requires that you must immediately obtain from the third party all the information needed to satisfy the requirement of Regulation 28 and that you must enter into arrangements with the third party which enable you to obtain immediately on request copies of any identification and verification data and requires the third party to retain the records for a period of five years from the date that the business relationship (i.e. closure of the estate) has ceased.


Case Study 10

Area of Concern

Failure to carry out a case risk assessment for a Court work case.

Position

A member was appointed as Trustee of a Bankruptcy estate. Whilst the member could rely on the work by the Court to verify the bankrupt’s identity, the member did not undertake an assessment of the money laundering risks for the case or keep the Customer Due Dilligence (CDD) and risk assessment under review during the appointment.

Result

As this was a single instance, the member was reminded that a risk assessment to consider any risks that may arise from the appointment must still be held, even where it is a Court instigated appointment.

Requirement

Where there is an appointment as Trustee of a Bankruptcy estate or Liquidator of a Compulsory Liquidation, you can place some reliance on the order of appointment and Court Order as to verification of identity, but this does not remove the need to consider if money laundering has taken place, or consider and assess the risk that may arise during the course of the appointment.


Case Study 11

Area of Concern

Completion of due diligence checks prior to the establishment of a business relationship as required under Regulation 30(2).

Position

A member accepted a payment of funds from the directors of a company on the signing of a Letter of Engagement but prior to completion of due diligence work on a case.

Result

The issue was flagged as an Advisory Notice to the member. The member was reminded that where the appointment is not urgent or hostile, due diligence must be completed before the establishment of a business relationship. The member was reminded of the guidance in the CCAB Supplementary Guidance for Insolvency Practitioners at paragraph F3.3. The guidance can be found here.

Requirement

The IPA recognise that there can be difficulty in stating when a business relationship is ‘established’. The CCAB Guidance is clear that due diligence should be completed before agreeing to act or accepting an appointment. The IPA would therefore expect to see due diligence work for all new appointments and agreeing to act as Nominee etc. to be completed prior to commencing work in respect of the relevant company/individual.

Until due diligence is completed, you should not agree to take any funds or hold any assets from the relevant entity. The IPA has seen and would recommend that Letters of Engagement are amended to confirm that, as an IP, until you have received and reviewed identification documentation and other relevant documents, you will not confirm your acceptance of the engagement or agree to hold funds or assets.

Members are reminded of Regulation 30(3) and paragraph F3.5 in the CCAB guidance where a hostile appointment is being undertaken and due diligence cannot be completed prior to accepting an appointment.


Case Study 12

Area of Concern

Consideration of Covid Bounce Back Loans in companies where you may be appointed as Liquidator or Administrator

Position

A member accepted an appointment as Liquidator of a company. As part of the pre-appointment meetings with the director, the member advised that the Bounce Back Loan obtained of £50,000 would be looked into as part of the Liquidator’s enquiries. The director advised that the loan was utilised on business expenses.

The member – as part of their SIP 2 investigations – found that the director had provided false accounts to enable the maximum loan of £50,000 to be obtained. The evidence obtained indicated a loan of between £5-8,000 could have been applied for.

The evidence from bank statements obtained also indicated that the loan funds were not utilised for the business. Whilst some of the funds could be traced, the evidence indicated that there were regular cash withdrawals during the pandemic when cash was not largely accepted and some of the funds were used personally by the director. A significant part of the loan had been sent to third parties based outside the UK.

Result

The member reported the issue to the Insolvency Service as part of their director conduct report and made a report to the Insolvency Service on possible criminal offences as required by IPs under Section 7Am 262B & 218(3) & (4) of the Insolvency Act 1986.

The member also reported the details to their firm’s MLRO, and a SAR was lodged with the NCA.

Requirement

This case study is provided as an example of good use of a Liquidator’s powers of investigation under SIP 2 and awareness of AML risks in cases – as highlighted in the IPA’s ‘Indicators of Higher Risk of Money Laundering’, which can be accessed here.

Members will be expected to make enquiries into Bounce Back Loans obtained, firstly to confirm that the application was valid and turnover not artificially inflated to increase the level of loan obtained.

More importantly, members will be expected to make enquiries into what the loan monies were utilised for and to satisfy yourself that the funds were used for the business and not for personal reasons – or, as in this case study, to move funds overseas for potentially criminal reasons.

Members must report any issues to the Insolvency Service on Bounce Back Loan fraud, consider if the evidence indicates suspicions of money laundering and report to your firm’s MLRO so that a decision on submission of a SAR can be made. Members should bear in mind that on 2 June 2021, the Crown Prosecution Service updated its guidance on failure to report cases under S330 of the Proceeds of Crime Act – the requirement to submit a SAR.

Members should also consider p24 of SIP 2 and report possible offences disclosed during the course of your investigations to the relevant authorities.

Members are reminded that when acting as liquidators or supervisors of voluntary arrangements, they have specific legal obligations under sections 7A, 262B and 218(3) & (4) of the Insolvency Act 1986 to report criminal offences.

In particular, if funds are shown to be sent to Russia/Belarus or other parties on the OFSI Consolidated Sanctions List, you are legally obliged to report to OFSI if you know or suspect that a breach of financial sanctions has occurred, you know or suspect that a person is a designated person, or you know or suspect that you hold frozen assets.