The Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 commenced on 26 June 2017 and replace the Money Laundering Regulations 2007.
The regulations apply to:
- credit institutions;
- financial institutions;
- auditors, insolvency practitioners, external accountants and tax advisers;
- independent legal professionals;
- trust or company service providers;
- estate agents;
- high value dealers;
- casinos.
The regulations do not apply to landlords or letting agents but do apply to estate agents which will include an estate agent also operating as a Lettings business.
The regulations do not apply to a person who may fall under those activities listed above if the person is engaging in a financial activity on an occasional or very limited basis. Occasional or very limited basis includes:
- The person’s total annual turnover in respect of the financial activity does not exceed £100,000;
- the financial activity is limited in relation to any customer to no more than one transaction exceeding 1,000 euros, whether the transaction is carried out in a single operation, or a series of operations which appear to be linked;
- the financial activity does not exceed 5% of the person’s total annual turnover;
If the regulations do apply, the requirements are more of a risk based assessment than previously.
Regulation 18(1) provides the relevant person must:
… take appropriate steps to identify and assess the risks of money laundering and terrorist financing to which its business is subject.
In carrying out the risk assessment, a relevant person must take into account—
- information made available to them by a supervisory authority
- risk factors relating to (but not limited to)-
- its customers;
- the countries or geographic areas in which it operates;
- its products or services;
- its transactions; and
- its delivery channels.
In deciding what steps are appropriate, the relevant person must take into account the size and nature of its business.
Furthermore, a relevant person must keep an up-to-date record in writing of all the steps it has taken (unless its supervisory authority notifies it in writing that such a record is not required).
The relevant person must provide the risk assessment it has prepared, the information on which that risk assessment was based and any record required to be kept, to its supervisory authority on request.
In addition to the risk assessment based approach, the regulations require the relevant person to establish and maintain policies, controls and procedures to mitigate and manage effectively the risks of money laundering and terrorist financing identified in the risk assessment undertaken. The policies must be regularly reviewed and updated.
The policies, controls and procedures must be recorded in writing and must be communicated to staff.
The policies will be proportionate to the size and nature of the business and must be approved by senior management.
The policies must include:
- risk management practices;
- internal controls;
- customer due diligence;
- reliance and record keeping;
- the monitoring and management of compliance with, and the internal communication of, such policies, controls and procedures.
Appropriate measures must be taken to ensure all relevant employees are
- made aware of the law relating to money laundering and terrorist financing, and to the requirements of data protection; and
- regularly given training in how to recognise and deal with transactions and other activities or situations which may be related to money laundering or terrorist financing;
A written record of training given must be maintained.
Where a risk assessment determines that a business relationship or transaction presents a low degree of risk of money laundering, a simplified customer due diligence may be applied.
A person failing to comply with the regulations could face a fine, improvement of up to 2 years or both.
HMRC has produced guidance for estate agency businesses which should be consulted for more in-depth information about the regulations. The guidance is interim currently but will be reviewed in due course.
