Save content
Have you found this content useful? Use the button above to save it to your profile.
pound on line to dry | accountingweb | AML regs
iStock_mhj_pound

Regulation of AML compliance continues to grow

by

As regulators ramp up anti-money laundering supervision, what does this mean for accountancy firms, and how severe are the consequences for non-compliance? Ian Ko and Julie Matheson from Kingsley Napley and David Winch explore the current issues. 

30th Oct 2023
Save content
Have you found this content useful? Use the button above to save it to your profile.

Consistent with the government’s Second Economic Crime Plan, regulators have identified anti-money laundering and the countering of terrorist and proliferation financing (AML/CTF) as key priorities. 

It is therefore perhaps unsurprising that many firms in the accountancy and professional services sector have also noticed a recent uptick in regulatory scrutiny of their AML/CTF processes. 

So what are the regulators’ current AML priorities, and what should accountancy firms bear in mind when designing processes that comply with the relevant regulations? 

Amplification of regulatory priorities 

Published on 30 March 2023, the plan describes the AML supervisory regime as being a “critical component” of the fight against economic crime. Supervisory bodies have been asked to set clear expectations, including taking “appropriate, proportionate and dissuasive” enforcement action for AML/CTF breaches. 

The message from the top has clearly filtered down to regulatory priorities. This mandate is perhaps one of the key factors contributing to the increase in AML/CTF supervisory activity by accountancy regulators, not least the Institute of Chartered Accountants in England and Wales (ICAEW) and the Association of Chartered Certified Accountants (ACCA). 

Focus on AML compliance

ICAEW has unsurprisingly announced that its area of focus for practice assurance reviews in 2023 is AML compliance. 

In its recently published 2023 Practice Assurance Monitoring Report, breaches of the money laundering regulations 2017 (MLRs) were by far the greatest source of non-compliance. The report noted that 545 of the firms reviewed had at least one finding of non-compliance with the MLRs. The second-greatest source of non-compliance, breaches of the clients’ money regulations, involved some 197 firms by contrast.

Such a trend is also reflected in referrals made to the ICAEW Practice Assurance Committee. In 2022, the committee considered a total of 45 reports. Of those, almost 40% related to “significant weaknesses” in compliance with the MLRs. 

Comparatively, the second and third issues most commonly considered were the use of the title “chartered accountant” when ineligible to do so (approximately 11% of reports), and “significant breaches” of clients’ money regulations (approximately 8% of reports).  

ICAEW noted that, “in addition to our routine AML monitoring procedures”, its on-site reviews would also include consideration of the following:

  • the role of the money laundering reporting officer (MLRO)
  • firm-wide risk assessments
  • sanctions compliance
  • prohibitions on provision of accountancy services to Russia
  • suspicious activity reports (SARs) 
  • client due diligence (CDD) processes. 

Action plan

ACCA has taken a similar approach. Its report on regulation 2023 stated that it undertook 395 AML compliance reviews in the UK and Ireland in 2022. This represented an approximately 25% increase in the number of AML reviews undertaken in 2021. 

The report also noted that in January 2023, ACCA had been inspected by the Office for Professional Body Anti-Money Laundering Supervision (OPBAS). 

While the OPBAS assessment findings indicated that ACCA had increased its effectiveness in several areas, it also identified further areas for improvement. ACCA has accordingly prepared a proposed action plan in response to the OPBAS findings. 

What does this mean for firms? 

It is clear that regulators, driven by the government’s mandate and ongoing OPBAS scrutiny, are prioritising AML/CTF compliance. But what does it mean for those downstream, namely firms themselves and members of professional bodies?

We are already seeing increased monitoring activity by way of on-site and desktop reviews. It is likely that such regulatory scrutiny will only continue to increase, and lead to larger numbers of disciplinary referrals where breaches appear to have occurred. 

Enforcement action, as well as penalties for proven breaches, are also likely to be shaped by the government’s directive for “appropriate, proportionate and dissuasive” action to be taken.  

Many firms may already have AML/CTF arrangements in place which they have been using historically, but which are not fully systemised, documented and/or rigorously implemented. 

It is essential, however, that such historical arrangements remain up-to-date and compliant with the latest regulations. In most cases, these arrangements, while a useful starting point, are unlikely to be deemed fully compliant. 

Some firms may consider it unfair that the MLRs apply uniformly, with little regard to the firm’s size and resources. Nonetheless, regulators have consistently noted that the size of a firm does not absolve the need for compliance. Adopting such a stance may even be deemed to demonstrate a lack of understanding regarding the importance of AML compliance, as well as the absence of a desire to abide by the relevant regulations. 

We routinely observe that firms appear to be caught out in one or more of the following areas:

  • conducting and documenting an AML firm-wide risk assessment (FWRA)
  • undertaking regular reviews of the adequacy and effectiveness of the firm’s AML policies, controls and procedures
  • undertaking and recording appropriate AML training for staff
  • conducting and documenting customer due diligence (CDD) for new clients and/or ensuring that CDD documentation is regularly reviewed and updated.
  • incomplete criminal record checks for beneficial owners, officers and managers. 

Consequences for non-compliance 

Where an on-site review has been conducted, regulators attempt to engage in constructive dialogue with their supervised populations prior to taking enforcement action. This is often not the case where there has been a desktop review. 

Following an AML compliance review by ACCA for instance, a firm is usually issued with a report. The review may be completed and the report issued (and in some cases, a referral made to the professional conduct department) without any substantive dialogue between the firm and the reviewer to clarify the firm’s procedures and the circumstances surrounding any alleged breaches. 

Such referrals may then result in disciplinary action. Lower-level breaches of AML regulations might not attract the most serious sanctions. However, where there is some other form of alleged misconduct, firms can be sure that regulators will take matters very seriously. 

For example, where there are allegations of potential dishonesty or lack of integrity arising from the creation of documents retrospectively, or a failure to cooperate with the investigation process more widely, then sanctions are likely to be at the upper end of the spectrum.

Although the approach to AML compliance breaches varies between supervisory bodies, the following summaries of recent disciplinary findings illustrate regulators’ current positions.

  • On 6 December 2022, an ACCA member was found guilty of misconduct for (a) failing to comply with the MLRs by not conducting a FWRA, not having an AML policies and procedures document, not completing and recording AML training, not implementing appropriate CDD measures, and (b) failing to cooperate with the ACCA’s investigation. He was excluded from membership and ordered to pay costs of £8,400. 
  • On 14 February 2023, an ACCA member was found guilty of misconduct for (a) failing to comply with the MLRs by not conducting a FWRA and not undertaking AML training; (b) making false representations regarding the creation date of his firm’s policies and procedures document; (c) failing to cooperate with the ACCA’s monitoring processes, and (d) failing to cooperate with the ACCA’s investigation. He was excluded from membership and ordered to pay costs of £6,000. 
  • On 12 April 2023, an ICAEW member was found guilty of misconduct for (a) failing to fulfil assurances provided to the ICAEW regarding CDD procedures; (b) breaches of the MLR 2007; (c) failing to conduct a FWRA, not having an AML policies and procedures document in place, and not implementing appropriate CDD arrangements; and (d) failing to cooperate with the practice assurance committee process. He was severely reprimanded, fined £8,000, and ordered to pay costs of £10,825. 

Ensuring compliance 

Firms would therefore be well advised to re-evaluate their current AML processes, bearing in mind the following key matters.

  • The FWRA should reflect the unique nature of the firm, the services it provides, the ways in which it communicates with clients, the transactions in which the firm is involved, the activities of its clients, and its clients’ locations. The FWRA must demonstrate the firm’s awareness of the relevant money laundering risks, as well as the measures taken to mitigate those risks. 
  • The firm’s AML policies and procedures document must record the policies and procedures actually operated by the firm. They must satisfy the requirements of the MLRs (including recent updates dealing with proliferation financing, for example), and take into account the relevant recommendations and guidance published by the firm’s supervisory body. 
  • Training records should demonstrate and document that all relevant staff have received and understood the AML training undertaken. For instance, this might include keeping records of test results obtained by staff following AML training. 
  • Internal SARs should be made to the firm’s money laundering reporting officer in writing. It is preferable that this is recorded in a form that prompts the author to provide all appropriate details of the suspected person, the suspicion, as well as the reasons for making the report.  

Where a regulator has arranged for a desktop review, firms may find it helpful to have a second pair of eyes reviewing the document package before it is submitted. This will ensure that any documentation provided gives a clear picture of the firm and its approach to AML compliance. 

Ultimately, firms in the accountancy and professional services sector would be prudent to set aside some time in the near future to carefully consider whether their current AML/CTF processes are fully compliant. The alternative might be to risk an adverse report being issued, potentially leading to more significant disciplinary consequences down the line. 

Replies (33)

Please login or register to join the discussion.

avatar
By twohaporth
30th Oct 2023 18:15

At the end of the day this is just a waste of time in 95% of cases. Tick boxes, complete forms switch brains off and all will be well. The big firms do not apparently do the same AML as solicitors when undertaking legal work - a bit like auditing, probably - so lots of stuff like source of funds just doesn't get done - or at least so I am told by a legal friend. Sounds true to me when you think how many large firms operated in Russia and still do in places like Dubai. 'Where did you get your money from rich client?' You can imagine the answer. So concentrate on the little people so that we can show we are doing what we should and let the big boys do what they will.
It's a face saving exerise that we all know is a waste of time - when we reported anything it always came to nothing because it was too small to bother with - fine but why waste our time then?

Thanks (10)
Replying to twohaporth:
avatar
By johnjenkins
31st Oct 2023 10:44

I really don't think Government realise there is a marked difference between large concerns (those that make £2.8b profit) and those that make £15k profit. We have seen the same sort of stupidity with MTD. Making small business do QU, ludicrous.

Thanks (5)
Replying to johnjenkins:
David Winch
By David Winch
31st Oct 2023 11:03

johnjenkins wrote:

I really don't think Government realise there is a marked difference between large concerns (those that make £2.8b profit) and those that make £15k profit. We have seen the same sort of stupidity with MTD. Making small business do QU, ludicrous.


It is true that the MLR 2017 are intended to cover everyone from the High Street banks to the individual running an accountancy practice in the spare bedroom at home. So, for example, we have to address in our AML documentation the risk that our clients are engaged in the production, transport or sale of nuclear, chemical, biological or radiological weapons.
However there are practical and inexpensive steps that firms can take to comply with the regulations (and keep the regulators off your back).
David
Thanks (0)
Replying to davidwinch:
avatar
By johnjenkins
31st Oct 2023 12:45

"However there are practical and inexpensive steps that firms can take to comply with the regulations (and keep the regulators off your back)."
It's called common sense, David, and this has always been the case even prior to AML regulations.

Thanks (1)
Replying to twohaporth:
7om
By Tom 7000
31st Oct 2023 11:24

only 95%, you must have a lot of dodgy clients..
Probably 99.995

But its the 0.005 you need to let go as clients to avoid all the grief.

Thanks (2)
Replying to twohaporth:
avatar
By DMBAcc
31st Oct 2023 12:48

It was one of the main reasons I retired

Thanks (0)
By Padam Walburn
31st Oct 2023 10:40

Could someone point me in the direction of example firm wide risk assessments for sole traders please? I know we need one but have no idea how to write it. I am happy that there are no other issues with our compliance (fingers crosed)

Thanks (0)
Replying to Padam Walburn:
David Winch
By David Winch
31st Oct 2023 10:56

I have sent you a private message on here.
David

Thanks (0)
Replying to Padam Walburn:
avatar
By Alison Pyatt
31st Oct 2023 11:00
Thanks (1)
Replying to Alison Pyatt:
David Winch
By David Winch
31st Oct 2023 11:09

At risk of stating what one hopes should be obvious, the idea is that most of the wording on this template is deleted by you and replaced with wording relevant to your own firm. I have seen some really awful examples of FWRAs prepared from this template!
David

Thanks (0)
Replying to davidwinch:
avatar
By Alison Pyatt
31st Oct 2023 11:28

Hi David,

Might be stating the obvious but still good that you said it! Yes lots of wording needs changing/personalising but it does give a starting point.

Alison

Thanks (0)
Replying to Padam Walburn:
avatar
By DMBAcc
31st Oct 2023 12:49

Rest assured you won't get any help from HMRC

Thanks (1)
avatar
By Crouchy
31st Oct 2023 10:45

I'd probably be happy with more AML compliance if I thought there was any point to it, but what actually happens with SARs that are filed, absolutley nothing

Thanks (6)
Replying to Crouchy:
7om
By Tom 7000
31st Oct 2023 11:25

Indeed, thats always puzzled me...

Thanks (0)
Replying to Tom 7000:
David Winch
By David Winch
31st Oct 2023 11:41

If it helps, the NCA received 900,000 SARs in the year to 31 March 2022. #justsaying

Thanks (0)
Replying to davidwinch:
avatar
By johnjenkins
31st Oct 2023 11:49

How many shouldn't have been sent and how many were acted upon (I know you don't know) I'm just making the point that it is farcical and will get even worse.

Thanks (2)
Replying to johnjenkins:
David Winch
By David Winch
31st Oct 2023 12:00

Certainly some SARs do get acted upon and lead to positive results for law enforcement.
Also the reporting procedure using the new NCA portal is easier to deal with than the previous online reporting system and has a familiar UK government 'look and feel'. Hopefully that will also lead to better quality information in the reports making them easier to analyse and action. Fingers crossed!
David

Thanks (0)
Replying to davidwinch:
avatar
By johnjenkins
31st Oct 2023 12:41

I don't understand. What is there to analyse? It would appear that the SARs reports don't actually contain what they are supposed to contain, so whose fault is that?

Thanks (0)
Replying to davidwinch:
7om
By Tom 7000
31st Oct 2023 12:12

Wow, all those people doing stuff wrong, that's scary, how does society survive

Thanks (0)
Replying to davidwinch:
avatar
By Red1960
01st Nov 2023 11:28

And acted on how many?

Thanks (0)
avatar
By twohaporth
31st Oct 2023 11:52

Actually the more I think about this the more grotesque it becomes. Imagine the cost of all this AML rubbish ( I make no excuse for using that word) - there is an admin setup in the ICAEW, the ACCA and all the other accountancy bodies, HMRC, The Law Society and, no doubt, others. Then there are all the firms spending time and money trying to comply with all this stuff, then there is the NCA who may or may not do anything with all the mountains of data which they must have. And then there are all the people who act for the actual money launderers advising them how not to be regarded as money launderers so that they can carry on regardless. Oligarch minders etc. And who pays for it? Taxpayers for the government side (not good value) and clients in extra costs (certainly not good value) and the only people to win - the money launderers because at the end of the day if you act for one and ask him/her where does the dosh come from they have enough money to buy the right answer. Cynical? Me? Good heavens no - just report what I read in the papers. Oh well - press on regardless.

Thanks (5)
Replying to twohaporth:
avatar
By johnjenkins
31st Oct 2023 12:53

Spot on.

Thanks (0)
Replying to twohaporth:
avatar
By Ian McTernan CTA
31st Oct 2023 15:47

Probably £5bn by now....and set for a massive increase with this latest waste of space.

Thanks (1)
avatar
By C J EYRE
31st Oct 2023 12:02

Why is so much time being wasted by people on AML
Recently a 65year old client cashed in his long standing pension fund to clear his mortgage. This started a month of investigation by his bank. He produced his pension statement and letters from his pension company, but they wanted more. He then had to produce the rent agreements for the 8 house he rented out, plus other information. At one stage they even froze his bank account, without telling him. He only found out when somebody phoned him to ask why his cheque had bounced
Eventually, they gave him a clean bill of health.
The big problem was that in the old days the cashier at the bank would ask politely where the money had come from and make a note on your file. Now, with nobody behind bars to serve you, this dose not happen, so everybody's time is wasted, and the client ends up with an Accountant bill for the time I had to spend on it.

Thanks (3)
avatar
By twohaporth
31st Oct 2023 12:11

Thinking even more into this why is it that the PBs just accept this nonsense and don't say to HMG 'This isn't working and needs rethinking' instead of just blindly creating more and more rules and regulations for people to inadvertantly fall foul of.
In my experience digitalisation creates more problems than it solves and when AI gets involved it will become far worse.
So - a simple question - if it doesn't work as it is, complicating it with more tick boxes etc. isn't going to make it better is it?
A rethink at ground level might help and get rid of the tick boxes - we all know the average re-action to a tick box list is sheer unadulterated boredom which isn't good for any process e.g. Audits. Get away from the idea that thinking is bad for you and try doing a bit of it HMG.

Thanks (4)
Replying to twohaporth:
avatar
By johnjenkins
31st Oct 2023 16:04

PB's charge extra on subs. HMRC charge £300 etc.etc. Government can then say, when it all goes pear shaped, not our fault, we put in the regulations, they obviously weren't followed. What a business environment this is creating. Must be Brexit's fault. Perhaps we could sue the EU, that seems to be the next band wagon to jump on.

Thanks (0)
Replying to johnjenkins:
avatar
By Postingcomments
31st Oct 2023 16:10

People like David make good money out of it too - which is why he is all over these comments sticking up for the rules.

Thanks (1)
Replying to Postingcomments:
avatar
By johnjenkins
31st Oct 2023 16:45

I think David is one of those people that are so fed up with HMRC, destroying the small business without our voices being heard, and realising he can't do anything about it, is just marking time until retirement.

Thanks (0)
Replying to johnjenkins:
David Winch
By David Winch
31st Oct 2023 17:25

johnjenkins wrote:

I think David is one of those people that are so fed up with HMRC, destroying the small business without our voices being heard, and realising he can't do anything about it, is just marking time until retirement.

Hi John, for the past 20 years or so I have not been involved in the preparation of annual accounts or returns, so my contact with HMRC has only been in relation to criminal prosecutions for tax evasion, etc. More usually I have been dealing with the police/CPS in cases of drug dealing, fraud, money laundering etc.
But of course I also advise accountants on AML compliance.
David

Thanks (0)
Replying to davidwinch:
avatar
By johnjenkins
01st Nov 2023 09:40

OK, David. In your honest opinion do you think that the return on AML for small business is worthwhile?

Thanks (1)
Replying to johnjenkins:
David Winch
By David Winch
01st Nov 2023 17:32

johnjenkins wrote:

OK, David. In your honest opinion do you think that the return on AML for small business is worthwhile?


I'm assuming John that you mean is AML compliance worthwhile for accountants in practice (outside say the 50 largest UK firms of accountants)? That's not a difficult question to answer! But we have to comply with the MLR 2017.
So a better question might be, "How can accountancy firms minimise the costs and inconvenience of AML compliance and get some benefit out of the additional work involved in that compliance?". I try to help with that!
David
Thanks (0)
Replying to davidwinch:
avatar
By johnjenkins
02nd Nov 2023 10:33

David you should have been a politician.

Thanks (0)
avatar
By cbp99
02nd Nov 2023 09:18

Meanwhile, in the light of this discussion, a timely report, showing how thoroughly effective and watertight the UK's AML regime is.
https://www.bbc.co.uk/news/uk-67276289

Thanks (0)