Business Risk Assessment for Brokers, Credit Unions & Accountants

News

Business Risk Assessment for Brokers, Credit Unions & Accountants

Anti-Money-Laundering-McCole-Consultants-DonegalThe EU’s Fourth Anti-Money Laundering Directive (4 AMLD) has introduced a raft of significant regulatory and legislative changes into Irish Law. I will have a look at each of these important developments over the course of a series of blog items. As a starting point, my first blog item will look at the requirement to document a Business Risk Assessment.

This is a new stand-alone statutory requirement outlined at section 30A of the Criminal Justice (Money Laundering and Terrorist Financing) Act 2010 (as amended).

Is your firm required to have a business risk assessment?

All designated persons are required to carry out a ‘business risk assessment’. As a Financial Broker, Credit Union or Accountant, you are a designated person and must therefore comply with this requirement.

What do you need to include in your Business Risk Assessment?

Policy-&-Procedures-McCole-ConsultantsDrafting your business risk assessments will require you to look at your firm’s:

  1. Type of Customers;
  2. Customer’s Products, Transactions and Services
  3. Customer’s Countries or Geographical Areas
  4. Customer’s Distribution or Channels

Type of Customers

It is critical that you have a clear understanding of the types of customer that you enter into a business relationship with. This risk area alone will significantly impact your overall business-wide risk rating. Whether you are a Financial Broker, Credit Union or an Accountant you should be asking the following questions – list is not exhaustive – in relation to you customers:

  • are your customers linked to sectors involving significant amounts of cash?
  • are your clients linked to high risk sectors?
  • do your customers have political connections?
  • any adverse media (local/national) reports involving your customers?
  • is the ownership or control structure of your clients unnecessarily complex?
  • any doubts about your customer’s identity?
  • have your clients engaged in any unusual or complex transactions?

A ‘yes’ answer to any of the above questions may indicate higher levels of risk.

Type of Products, Transactions and Services

It is important that you next consider the nature of the products, transactions or services that your business offers to its customers. Whether you are a Financial Broker, Credit Union or an Accountant you should be asking the following questions – list is not exhaustive – in relation to the types of products, transactions and services:

  • do you accept cash payments for certain products, transactions or services?
  • do you offer (e.g. investment) products with no cap on transaction value or premium?
  • is a transaction unnecessarily complex so that it doesn’t appear to make economic sense?
  • does a product, service or transaction accept payments from an unidentified third party?
  • does a product facilitate high value transactions?

A ‘yes’ answer to any of the above questions may indicate higher levels of risk.

Countries or Geographical Areas

Whether you are a Financial Broker, Credit Union or Accountant, consider asking the following questions – list is not exhaustive – in relation to determining the risk associated with countries or geographical areas:

  • are clients linked to countries associated with higher AML risk?
  • are funds sent to or received from countries where terrorist groups are known to operate?
  • are clients linked to jurisdictions that have issue relating to tax compliance and legal transparency?

A ‘yes’ answer to any of the above questions may indicate higher levels of risk.

Distribution/Channels

It is essential that you understand where exactly you source your clients from. Whether you are a Financial Broker, Credit Union or an Accountant, I have outlined below some questions you may consider asking – list is not exhaustive – in relation to the distribution or channel risk of your clients:

  • did you meet your client on a remote basis? (e.g. internet, telephone, email)
  • did you meet your client on another non face-to-face basis? (e.g. post)
  • Did you meet your client through a third party intermediary or agent?

A ‘yes’ answer to any of the above questions may indicate higher levels of risk.

Concluding remarks

Small to medium sized brokers, credit unions and accountants, have limited resources in terms of time and staff. It is therefore not disputed that the initial implementation of an effective Business Risk Assessment requires a serious dedication of these resources.

I do however feel that implementing a business wide risk assessment that is relevant to your firm will provide great value. Firstly, when you complete your business risk assessment in year one it is just a matter of reviewing and updating it the following years. Secondly, it will provide a valuable source of management information that highlights what areas of your firm is exposed to money laundering risk.

I will conclude by saying that the business risk assessment should not be viewed as a one off legal and regulatory obligation. Once drafted, your business risk assessment should be monitored on an ongoing basis. It should also be reviewed on an annual basis by a member of senior management.

If you require any assistance with drafting your Business Risk Assessment, please contact Dermot McCole: dermot@mccoleconsultants.ie