Guide to the Duties of the Money Laundering Reporting Officer
The role of the Money Laundering Reporting Officer (“MLRO”) carries significant responsibility and can be very challenging and lonely at times. It should therefore only be undertaken by an appropriately experienced individual.
All subject persons are required to appoint an officer to carry out the function of the MLRO. The said individual has the responsibility to ensure the subject person complies with the Prevention of Money Laundering and Funding of Terrorism Regulations (“PMLFTR”) and the relative guidance. The MLRO should be “of sufficient seniority and command as the reporting officer…”1 of the subject person.
The following are the main duties and responsibilities of the MLRO:
Ensuring the subject person has the Prevention of Money Laundering and Financing of Terrorism (“PMLFT”) policies and procedures in place including the exercise of effective influence on the said policies.
These need to include the following:
- The legal and regulatory obligations;
- The due diligence procedures it expects staff to undertake when conducting business, in particular customer identification and verification and the purpose an intended nature of the business relationship;
- The training in relation to PMLFT all members of staff are expected to carry out;
- Set the subject person’s objectives and what it intends to do in order to prevent itself from being used for the purposes of laundering money; and
- Process regarding internal and external reporting.
These should be set out in a clear and accessible form and reviewed on a frequent basis to ensure they are kept up to date with the regulatory and legislative changes. The MLRO should monitor the effectiveness of the policies and processes and the risks in order to make changes where applicable.
When changes are made to policies, procedures or processes, the MLRO should communicate this to all members of staff and relevant training provided.
Subject persons (other than sole practitioners) should have an independent AML review to ensure the adequacy and effectiveness of their processes and any weaknesses are identified and addressed. In larger firms this can be carried out by the internal auditor function.
Knowing the subject person’s clients and ensuring Customer Due Diligence (“CDD”) is being carried out
CDD measures are a key part of the PMLFT requirements. It enables the subject person to know who their clients are and ensure they do not accept clients outside their risk appetite. It is imperative that the subject person understands its clients’ regular business pattern of activity in order to be able to identify any abnormal business patterns or activities. The MLRO is responsible to determine the degree of CDD to apply and assist in adopting a risk-based approach, taking into account the types of customers, business relationships, geography and products in order to target the risks of money laundering and terrorist financing.
To ensure that the client-facing staff are carrying out the correct CDD, the MLRO should ensure they are made aware of the subject persons procedures and that they are given appropriate training in relation to the application of CDD.
It is the MLRO’s responsibility to consider internal reports of money laundering and decide if there is sufficient grounds for suspicion to file a suspicion transaction report (“STR”). The MLRO is also responsible for deciding whether consent is required from the FIAU for provision of service to continue, and how to conduct the business relationship while a consent decision is awaited. It is imperative that the MLRO has access to all the information and resources in order to enable the MLRO to carry out that responsibility. Following the receipt of an internal STR, the MLRO may conclude, for justifiable reasons that the report does not give rise to knowledge or suspicion of money laundering. In such cases, the MLRO should keep a copy of the internal STR together with the rationale of why the report did not warrant a submission to the FIAU. It is important that the MLRO keeps record of all internal reports, together with details of the following:
- Requests for information/documentation;
- The rationale for deciding whether or not to submit a STR; and
- Any advice given to engagement teams about continued working and any consent requests made.
What information should the MLRO request when assessing an internal STR?
Should you know, suspect or have reasonable grounds to suspect that someone is engaged in money laundering:
- Do you have information/documentation on the suspect?
- The duration of the business relationship.
- Did the internal report identify the laundered property? What is the underlying criminal activity?
- Do you have access to all the transactions/activity carried out by the client for which you received a report?
To ensure that the correct procedures are being followed, all relevant employees of the subject person must be made aware of their obligations under the Regulations. The MLRO should develop and implement a training programme which is applicable to the subject person in terms of PMLFT. Training can be delivered in several different ways: classroom training, e-learning, external training or a combination of them all. Records indicating who has received training should be kept identifying the areas covered. The training programme itself should include:
- The legal and regulatory duties of the employees;
- The risk of money laundering and terrorist financing;
- The identity of the MLRO and designated employee (if applicable);
- ‘Red flags’ of which staff should be aware when conducting business in order to identify suspicion of money laundering;
- How to deal with transactions which might be related to money laundering and financing of terrorism; and
- The process with respect to internal reporting
PMLFT Training programme
- A formal training plan would assist in ensuring that the right staff receive the right training to enable them to comply with their AML obligations.
- Organise tailor made training for the different roles in each business area within the subject person and address the different risks posed by the specific services they provide.
The MLRO should be the first point of contact within the subject person with respect to any issues related to PMLFT. In addition, the MLRO should have sufficient resources and time in order to undertake the role effectively.
- Identify which areas of the business are subject to the most risk from an AML perspective.
- Maintain links with business areas and keep informed on all the new products and services the subject person is providing.
- Understand the concerns members’ staff have in relation to ML/FT.
- Monitor staff compliance with the firm’s money laundering policies.
- Ensure members of staff are aware of the ML/FT risks.
- 1 Article 15(1)(a) of the Prevention of Money Laundering and Financing of Terrorism Regulations