Ongoing monitoring and review of a business relationship – Reg 28(11) Money Laundering Regulations 2017
IPA Insolvency Practitioner newsletter AML Digest, November 2022
Contents
- David Holland, Chief Inspector and IPA Money Laundering Reporting Officer
- AML 2021/22 Annual Report and 2022/23 Sector Risk Assessment
- Awareness of CEO fraud and impersonation frauds
- Amendments to the 2017 Money Laundering Regulations
- SARs Reporter Booklet
- Accountancy AML Supervisors’ Group alerts
- Sanctions
- SAR Reform Programme
- SAR Glossary Codes
- Renewals
- Supervisory work for 2022/23
- ISS AML training and IPA Learning
IPs should be aware of and carry out due diligence checks and identity checks of individuals and companies under Reg 28 of the 2017 Money Laundering Regulations.
However, recent inspection visits have highlighted that the ongoing monitoring and review of customer due diligence is not always carried out. Reg 28(11) advises that:
The relevant person must conduct ongoing monitoring of a business relationship, including:
(a) scrutiny of transactions undertaken throughout the course of the relationship (including, where necessary, the source of funds) to ensure that the transactions are consistent with the relevant person’s knowledge of the customer, the customer’s business and risk profile;
(b) undertaking reviews of existing records and keeping the documents or information obtained for the purpose of applying customer due diligence measures up-to-date.
In particular sub-para b) needs to be properly reviewed as a number of visits have highlighted that IPs are relying on records and documentation that is out-of-date and the updated/renewed documentation is not requested.
The IPA would recommend that a review of AML documentation and the assessment of the money laundering risk of each case is included in all file reviews undertaken and remedial action to be taken noted on the review form. If there are difficulties in obtaining updated documentation, please ensure that the actions taken are clear and a file note made. This may require a fresh assessment of the case risk assessment to indicate a heightened risk from non-compliance, or where the director/debtor has gone missing.