The Accountant – Issue 2 of 2021 (MIA Publication)
On 16 December 2020 the FIAU issued sector specific Implementing Procedures (IPs) for CSPs1. This article provides sector-specific guidance on the implementation of particular Anti-Money Laundering/Countering Funding of Terrorism obligations, that warrant further elaboration at an industry-specific level. Paula Galea Farrugia holds a Doctorate in Laws and a Masters in Financial Services from the University of Malta.She began her career in 2004 by joining the Company Compliance Unit of the MFSA and is now the Head of Compliance at Alter Domus Malta.Paula Galea Farrugia holds a Doctorate in Laws and a Masters in Financial Services from the University of Malta.She began her career in 2004 by joining the Company Compliance Unit of the MFSA and is now the Head of Compliance at Alter Domus Malta.
The Implementing Procedures give detailed information on Money Laundering/Terrorist Financing (ML/FT) risks to assist CSPs in formulating a better understanding of the ML/FT risks they face, ensuring that they are better equipped to detect and report ML/FT suspicions. These sector-specific IPs should be read in conjunction with the IPs Part I2.
CDD on Intermediaries and Agents
These IPs guide CSPs in distinguishing between Introducers, Intermediaries and Agents and between Intermediation and Reliance.
An Introducer is defined as a person who typically would have a business relationship with a third party, the Introducer’s client, and who introduces that third party to a CSP. The intention would be for the third party to form a business relationship or conduct a one-off transaction directly with the CSP, thereby becoming a customer of the CSP directly.
When an Introducer introduces a third party to a CSP, and remains actively involved in carrying out the occasional transaction or in the business relationship established with the CSP, they become an Intermediary. Besides carrying out customer due diligence (CDD), the CSP must also carry out further due diligence measures on the Introducer. The IPs provide guidance on the basic checks required for all intermediaries and also as to further checks required for higher risk intermediaries.
An Agent is a person who acts on the customer’s behalf and has the authority to bind the customer with his or her actions. Company directors who are vested with the legal and judicial representation of the Company who, within the context of an occasional transaction or a business relationship, act on behalf of the Company, are likewise considered to be agents who purport to act on behalf of the respective company. They need to be identified and verified, and the CSP is expected to ensure that they are authorised in writing to act on the customer’s behalf.
A CSP can deal with an Agent/Intermediary without placing reliance on that Agent/Intermediary. A CSP may also rely on another subject person/third party in terms of Regulation 12 of the Prevention of Money Laundering and Funding of Terrorism Regulations (PLMFTR)without that other subject person/third party being an Agent/Intermediary regarding the CSP. In certain circumstances, an Introducer/Intermediary/Agent could be another subject person/third party subject to AML/CFT obligations in another jurisdiction, on whom the CSP is permitted to place reliance to carry out some aspects of CDD.
Purpose & Intended Nature: Establishing the Customer’s Business and Risk Profile
CSPs that solely provide company formation services, without any additional company services, are considered to be carrying out an occasional transaction and not establishing a business relationship, since the CSP’s services end with the setting up of the company. Nevertheless, CSPs are still expected to understand and, as appropriate, obtain information on the intended purpose of the company or other legal entity being set up.
CSPs who are requested to provide services, such as a registered office (RO), a correspondence address, directorship or secretarial services to or within companies/partnerships which the CSP itself incorporates or which are already incorporated, would be establishing a business relationship since these services are offered over a span of time and hence denote an element of duration. Accordingly, these CSPs are required to assess, and, as appropriate, obtain information on the purpose and intended nature of the business relationship being established. Relevant information in this context includes the rationale for the setting up of the company/partnership in Malta and/or for the provision of the requested services.
The commercial/trading activity that is to be carried out by the company should be understood. When the company is not set up to carry out commercial/trading activity but to hold assets, it would not suffice to simply determine the purpose of that company. The CSP providing services to that company would be expected to gather information on the commercial/trading activity carried out directly by the holding company’s subsidiary or subsidiaries.
The CSP is expected to assess whether the profile of the shareholders or beneficial owners’ tallies with the company’s/partnership’s activity or purpose. CSPs are expected to obtain information on the value of the share capital or assets, and, depending on any identified ML/FT risks, obtain documentation evidencing the source of funds and/or assets forming the capital of the company/partnership.
Ongoing Monitoring of Business Relationships
CSPs providing directorship services and who would be empowered to legally represent and bind the company, are expected to carry out ongoing monitoring of the transactions that the company undertakes. Transactions should be scrutinised to ensure that they are in line with the CSP’s knowledge and understanding of that corporate customer. If transactions are complex, unusually large in amount or conducted in an unusual pattern or have no apparent economic or lawful purpose, CSPs are expected to examine their background and purpose.
CDD data, information and documentation should also be kept up-to-date. The extent of monitoring should be commensurate with the risk profile established by the customer risk assessment.
Timing of CDD Procedures
CSPs are not expected to initiate CDD procedures upon first enquiry by a prospective customer, but when the customer takes active steps to seek the services of the CSP. CDD measures are then to be completed prior to setting up the business relationship or the carrying out of an occasional transaction.
Termination of Business Relationships for the Purposes
of AML/CFT Obligations
In certain cases, the relationship with the customer cannot be officially terminated. In the case of the provision of RO services, if the CSP lost contact with the client, has exhausted all possible means to contact the customer and has documented the actions taken to do so, the termination date of the business relationship for the purposes of the PMLFTR would be considered to be the date when the CSP informs the Malta Business Registry that it has lost contact with the customer and is no longer willing to continue providing them RO services.
CSPs are also subject to sanctions screening, freezing of assets and the reporting obligations envisaged under the National Interest (Enabling Powers) Act, Cap 365. All CSPs are expected to subscribe to the sanctions list, which is constantly updated by the Sanctions Monitoring Board (SMB), by sending an email to firstname.lastname@example.org (or any other procedure that may be initiated by the SMB), and to screen their clients against this list on a regular basis or, alternatively, deploy software that autonomously performs that function.
Paula Galea Farrugia holds a Doctorate in Laws and a Masters in Financial Services from the University of Malta.She began her career in 2004 by joining the Company Compliance Unit of the MFSA and is now the Head of Compliance at Alter Domus Malta.