Phil JFSC test document

HANDBOOK FOR THE PREVENTION AND DETECTION OF MONEY LAUNDERING

AND THE FINANCING OF TERRORISM

FOR FINANCIAL SERVICES BUSINESS REGULATED UNDER THE REGULATORY LAWS

Part 1

Statutory and Regulatory Requirements and Guidance Notes

Sections 1 – 9 and

Glossary

Issued: 4 February 2008 (Partly revised: 22 July 2010)

Handbook for regulated financial services businesses

Contents

Effective from: 4 February 2008 3 Revised: 30 January 2009 Revised: 20 July 2009 Revised 22 July 2010

CONTENTS

CONTENTS............................................................................................................................................3

1 INTRODUCTION ...........................................................................................................................7 1.1 Objectives of the Handbook .............................................................................................. 8 1.2 Structure of the Handbook ................................................................................................ 9 1.3 Legal status and sanctions for non-compliance.............................................................. 10

1.3.1 Handbook................................................................................................................. 10 1.3.2 Money Laundering Order......................................................................................... 10 1.3.3 Regulatory Requirements ........................................................................................ 10

1.4 Scope of the money laundering order and regulatory requirements............................... 11 1.4.1 Application of the Money Laundering Order to financial services business

conducted in Jersey................................................................................................. 11 1.4.2 Application of the Money Laundering Order and Regulatory Requirements

outside Jersey.......................................................................................................... 11 1.4.3 Application of Regulatory Requirements ................................................................. 12

1.5 Definition of financial services business.......................................................................... 12 1.6 Risk based approach....................................................................................................... 12 1.7 Equivalence of requirements in other countries and territories....................................... 13

1.7.1 Equivalent business................................................................................................. 13 1.7.2 Equivalent countries and territories ......................................................................... 13 1.7.3 Determining equivalence ......................................................................................... 13

2 CORPORATE GOVERNANCE ...................................................................................................15 2.1 Overview of section ......................................................................................................... 15 2.2 Obligation to have procedures and controls.................................................................... 15 2.3 Board responsibilities ...................................................................................................... 15

2.3.1 Business risk assessment ....................................................................................... 16 2.4 Systems and controls, training and awareness .............................................................. 17

2.4.1 Oversight of the effectiveness of systems and controls .......................................... 18 2.4.2 Oversight of compliance with systems and controls................................................ 19 2.4.3 Consideration of cultural barriers............................................................................. 19 2.4.4 Outsourcing.............................................................................................................. 20

2.5 The Money Laundering Compliance Officer (MLCO)...................................................... 21 2.6 The Money Laundering Reporting Officer (MLRO) ......................................................... 22

3 CUSTOMER DUE DILIGENCE REQUIREMENTS.....................................................................25 3.1 Overview of section ......................................................................................................... 25 3.2 Obligation to conduct customer due diligence ................................................................ 26 3.3 Risk based approach to customer due diligence ............................................................ 27

3.3.1 Customer due diligence information – Stage 1........................................................ 28 3.3.2 Customer due diligence profile – Stage 1................................................................ 29 3.3.3 Source of funds and wealth – Stages 1 and 2......................................................... 29 3.3.4 Evaluation of customer due diligence information – Stage 2................................... 30 3.3.5 Customer risk assessment – Stage 3 ...................................................................... 32 3.3.6 Updating customer due diligence and customer risk assessments – Stage 5 ........ 33

Handbook for regulated financial services businesses Contents

4 Effective from: 4 February 2008 Revised: 30 January 2009

Revised: 20 July 2009 Revised 22 July 2010

3.4 Enhanced customer due diligence .................................................................................. 33 3.4.1 Politically Exposed Persons (PEPs) ........................................................................ 34 3.4.2 Customer who is connected to a higher risk country or territory ............................. 35 REGULATORY REQUIREMENT ......................................................................................... 35 3.4.3 Other higher risk customers..................................................................................... 35

3.5 CDD requirements when acquiring a business or a block of customers ........................ 36

4 IDENTIFICATION AND VERIFICATION OF IDENTITY .............................................................37 4.1 Overview of section ......................................................................................................... 37 4.2 Obligation to identify and verify identity of applicant for business .................................. 37 4.3 Identification and verification: Individuals........................................................................ 39

4.3.1 Establishing identity ................................................................................................. 39 4.3.2 Verifying identity....................................................................................................... 39 4.3.3 Independent data sources ....................................................................................... 42 4.3.4 Guarding against the financial exclusion of Jersey residents.................................. 42 4.3.5 Verification of residential address of overseas residents ........................................ 43

4.4 Identification and verification: trustees and express trusts ............................................. 44 4.4.1 Establishing identity ................................................................................................. 45 4.4.2 Verifying identity....................................................................................................... 45

4.5 Identification and verification: legal bodies...................................................................... 46 4.5.1 Establishing identity (except foundations) ............................................................... 47 4.5.2 Verifying identity (except foundations)..................................................................... 48 4.5.3 Establishing identity – foundations (except charities).............................................. 50 4.5.4 Verifying identity – foundations (except charities) ................................................... 51

4.6 Identification and verification: authorised agent of applicants for business .................... 52 4.7 Identification and verification: applicants acting for third parties (intermediary

relationships) ................................................................................................................... 53 4.8 Non-face to face Identification and verification ............................................................... 53

4.8.1 Suitable certifiers ..................................................................................................... 54 4.9 Exceptions from identification measures......................................................................... 56

4.9.1 Regulated persons and those carrying on equivalent businesses .......................... 56 4.9.2 Companies with listed securities.............................................................................. 56 4.9.3 Jersey public authorities .......................................................................................... 57 4.9.4 Persons authorised to act on behalf of an applicant................................................ 57 4.9.5 Identification measures for pension schemes ......................................................... 58 4.9.6 Other exceptions...................................................................................................... 58

4.10 Identification and verification of identity in intermediary and introduced relationships ... 58 4.10.1 Assessment of risk where reliance placed on intermediaries and introducers........ 60 4.10.2 Intermediary relationships – Article 17..................................................................... 61 4.10.3 Intermediary and introduced relationships – Article 16............................................ 62 4.10.4 Group intermediaries and introducers in certain jurisdictions – Article 16............... 64 4.10.5 Intermediary customers and lower risk products ..................................................... 65

4.11 Reduced or simplified measures: verification of identity concession for very low risk products/services ............................................................................................................ 66

4.12 Timing of initial identification and verification of identity ................................................. 67 4.12.1 Delayed completion of verification requirements..................................................... 67

4.13 Subsequent identification and verification of identity ...................................................... 68 4.14 Failure to complete identification or verification of identity.............................................. 68


Contents

Effective from: 4 February 2008 5 Revised: 30 January 2009 Revised: 20 July 2009 Revised 22 July 2010

5 MONITORING ACTIVITY AND TRANSACTIONS......................................................................70 5.1 Overview of section ......................................................................................................... 70 5.2 Obligation to monitor ....................................................................................................... 71

5.2.1 Countries and territories that do not, or insufficiently, apply FATF Recommendations74 5.3 Automated monitoring methods ...................................................................................... 74

6 REPORTING MONEY LAUNDERING AND FINANCING TERRORISM ACTIVITY AND TRANSACTIONS ........................................................................................................................75

6.1 Overview of section ......................................................................................................... 75 6.2 Disclosure of knowledge or suspicion to the JFCU......................................................... 75 6.3 Procedures for reporting to the JFCU ............................................................................. 76

6.3.1 Internal reporting procedures................................................................................... 77 6.3.2 Evaluation of suspicious activity reports by the MLRO............................................ 77 6.3.3 Reporting to the JFCU ............................................................................................. 78

6.4 Tipping off........................................................................................................................ 78 6.4.1 The customer due diligence process....................................................................... 78 6.4.2 JFCU consent .......................................................................................................... 79 6.4.3 Terminating a relationship ....................................................................................... 79

7 VETTING, AWARENESS AND TRAINING OF EMPLOYEES...................................................80 7.1 Overview of section ......................................................................................................... 80 7.2 Obligation to promote awareness and to train ................................................................ 80 7.3 Vetting of relevant employees......................................................................................... 81 7.4 Awareness of employees ................................................................................................ 82

7.4.1 All relevant employees (customer facing and non-customer facing)....................... 82 7.4.2 Non-relevant employees.......................................................................................... 82 7.4.3 Ongoing awareness (all employees) ....................................................................... 82

7.5 Training of employees ..................................................................................................... 83 7.6 Adequacy of training........................................................................................................ 83

7.6.1 All relevant employees (customer facing and non-customer facing)....................... 83 7.6.2 The Board ................................................................................................................ 84 7.6.3 The MLCO ............................................................................................................... 84 7.6.4 The MLRO and deputy MLROs ............................................................................... 84 7.6.5 Non-relevant employees.......................................................................................... 84

7.7 Timing and frequency of training..................................................................................... 84 7.8 Monitoring the effectiveness of promotion and awareness and of training..................... 85

8 RECORD KEEPING ....................................................................................................................86 8.1 Overview of section ......................................................................................................... 86 8.2 Recording evidence of identity and other customer due diligence measures................. 86 8.3 Recording transactions.................................................................................................... 87 8.4 Other record keeping requirements ................................................................................ 88

8.4.1 Compliance monitoring and procedures.................................................................. 88 8.4.2 Suspicious activity reports ....................................................................................... 88 8.4.3 Records relating to higher risk activity and transactions ......................................... 89 8.4.4 Training and awareness .......................................................................................... 89

8.5 Access to and retrieval of records................................................................................... 89 8.5.1 External record-keeping........................................................................................... 90 8.5.2 Requirements on closure or transfer of business .................................................... 90

Handbook for regulated financial services businesses Contents

6 Effective from: 4 February 2008 Revised: 30 January 2009

Revised: 20 July 2009 Revised 22 July 2010

9 EXISTING CUSTOMERS ............................................................................................................91 9.1 Overview of section ......................................................................................................... 91 9.2 Application of identification measures to existing customers.......................................... 91

Glossary ..............................................................................................................................................95


Part 1: Section 1 - Introduction

Effective from: 4 February 2008 7 Revised: 28 October 2008 Section 1.5 revised: 21 January 2009 Section 1.4 revised: 21 May 2009 Section 1.7 revised 22 July 2010

1 INTRODUCTION

1. The continuing ability of Jersey’s finance industry to attract legitimate customers with funds and assets that are clean and untainted by criminality depends, in large part, upon the Island’s reputation as a sound, well-regulated jurisdiction. Any business that assists in laundering the proceeds of crime, or financing of terrorism, whether:

• with knowledge or suspicion of the connection to crime; or

• acting without regard to what it may be facilitating through the provision of its products or services

will face the loss of its reputation, risk the loss of its licence1 or other regulatory sanctions (where regulated and supervised), damage the integrity of Jersey’s finance industry as a whole, and may risk prosecution for criminal offences.

2. Jersey has had in place a framework of anti-money laundering legislation since 1988, and for the countering of terrorism since 1990. This legislation has continued to be updated as new threats have emerged, including legislation to extend the definition of criminal conduct for which a money laundering offence can be committed and to combat international terrorism.

3. Jersey’s defences against the laundering of criminal funds and terrorist financing rely heavily on the vigilance and co-operation of the finance sector. Specific financial sector legislation (the Money Laundering (Jersey) Order 2008) is therefore also in place covering a person carrying on financial services business in or from within Jersey, and a Jersey body corporate or limited liability partnership (“LLP”) carrying on financial services business anywhere in the world (a “relevant person”).

4. Each relevant person in Jersey must recognise the role that it must play in protecting itself, and its employees, from involvement in money laundering and the financing of terrorism, and also in protecting the Island’s reputation of probity.

5. The Jersey Financial Services Commission (the “Commission”) strongly believes that the key to the prevention and detection of money laundering and the financing of terrorism lies in the implementation of, and strict adherence to, effective systems and controls, including sound customer due diligence (“CDD”) measures based on international standards. The Handbook therefore establishes standards which match international standards issued by the Financial Action Task Force on Money Laundering (the “FATF”). The Handbook also has regard to the standards promoted by the Basel Committee on Banking Supervision, International Organisation of Securities Commissions and the International Association of Insurance Supervisors. The Handbook takes account of the requirements of European Union (the “EU”) legislation to counter money laundering and the financing of terrorism and its application of standards set by the FATF.

6. The Commission is also mindful of the importance of financial services being generally available to all Jersey residents and, where necessary, the Handbook incorporates measures to guard against the financial exclusion of Jersey residents from financial services and products.

1 In this handbook “licence” is being used as a generic term to cover: a registration granted under the Banking Business (Jersey) Law 1991 (the “BB(J)L”); a permit or certificate granted pursuant to the Collective Investment Funds (Jersey) Law 1988 (the “CIF(J)L”); a registration granted under the Financial Services (Jersey) Law 1998 (the “FS(J)L”); and a permit granted pursuant to the Insurance Business (Jersey) Law 1996 (the “IB(J)L”).

http://www.jerseylaw.je/Law/display.aspx?url=lawsinforce%2fconsolidated%2f08%2f08.780.30_MoneyLaunderingOrder2008_RevisedEdition_1January2009.htm

Handbook for regulated financial services businesses Part 1: Section 1 – Introduction

8 Effective from: 4 February 2008 Revised: 28 October 2008

Section 1.5: Revised 21 January 2009 Section 1.7 Revised 22 July 2010

1.1 OBJECTIVES OF THE HANDBOOK

7. The objectives of the Handbook are as follows:

• to outline the requirements of the Proceeds of Crime (Jersey) Law 1999 (the “Proceeds of Crime Law”), the Drug Trafficking Offences (Jersey) Law 1988 (the “Drug Trafficking Offences Law”), the Terrorism (Jersey) Law 2002 (the “Terrorism Law”), and the Terrorism (United Nations Measures) (Channel Islands) Order 2001 and the Al-Qa’ida and Taliban (United Nations Measures) (Channel Islands) Order 2002 (“United Nations Measures”), all of which apply to all persons (natural or legal) in Jersey, all persons (natural or legal) operating from within the Island, and all companies and limited liability partnerships registered in Jersey conducting activities in any part of the world;

• to outline the requirements of the Money Laundering (Jersey) Order 2008 (the “Money Laundering Order”) which supplements the above legislation by placing more detailed requirements on relevant persons;

• to outline the requirements of the Community Provisions (Wire Transfers) (Jersey) Regulations 2007 (the “Wire Transfers Regulations”) which introduce additional obligations for those remitting or receiving wire transfers;

• to set out the Commission’s requirements - to be followed by all relevant persons that are regulated by the Commission under the CIF(J)L, the BB(J)L, the IB(J)L, and the FS(J)L (referred to as the “regulatory laws”) and that hold a licence;

• to assist a relevant person to comply with the requirements of the legislation described above and the Commission’s requirements through practical interpretation;

• to provide a base from which individual businesses can design and implement systems and controls and tailor their own policies and procedures for the prevention and detection of money laundering and the financing of terrorism;

• to ensure that Jersey matches international standards to prevent and detect money laundering and the financing of terrorism;

• to emphasise the responsibilities of the Board of a relevant person in preventing and detecting money laundering and the financing of terrorism;

• to promote the use of a proportionate, risk based approach to CDD measures, which directs resources towards higher risk customers;

• to provide more practical guidance on identification and verification of identity;

• to emphasise the particular money laundering and financing terrorism risks of certain financial services and products; and

• to provide an information resource to be used in training and raising awareness of money laundering and the financing of terrorism.

8. The Handbook will be reviewed on a regular basis and, following consultation, may be the subject of amendment in light of experience, changes in legislation, and the development of international standards.

9. The Handbook is intended for use by senior management and compliance staff in the development of a relevant person’s systems and controls, and detailed policies and procedures. The Handbook is not to be used by a relevant person as an internal procedures manual.

http://www.jerseylaw.je/Law/display.aspx?url=lawsinforce%2fconsolidated%2f08%2f08.780_ProceedsofCrimeLaw1999_RevisedEdition_1January2010.htm

http://www.jerseylaw.je/law/display.aspx?url=lawsinforce%2fconsolidated%2f08%2f08.580_DrugTraffickingLaw1988_RevisedEdition_1January2010.htm

http://www.jerseylaw.je/Law/display.aspx?url=lawsinforce%2fconsolidated%2f17%2f17.860_TerrorismLaw2002_RevisedEdition_1January2010.htm

http://www.jerseylaw.je/Law/display.aspx?url=lawsinforce%2fconsolidated%2f17%2f17.910.72_Appendix_Terrorism(UnitedNationsMeasures)(ChannelIslands)Order2001.htm

http://www.jerseylaw.je/law/display.aspx?url=lawsinforce%2fconsolidated%2f17%2f17.910.16_Appendix_Al-Qa%2527idaandTaliban(UnitedNationsMeasures)(ChannelIslands)Order2002.htm

http://www.jerseylaw.je/law/display.aspx?url=lawsinforce%2fconsolidated%2f17%2f17.910.16_Appendix_Al-Qa%2527idaandTaliban(UnitedNationsMeasures)(ChannelIslands)Order2002.htm


http://www.jerseylaw.je/Law/display.aspx?url=lawsinforce%2fconsolidated%2f17%2f17.245.57_CommunityProvisions(WireTransfers)Regulations2007_RevisedEdition_1January2008.htm

http://www.jerseylaw.je/Law/display.aspx?url=lawsinforce%2fconsolidated%2f17%2f17.245.57_CommunityProvisions(WireTransfers)Regulations2007_RevisedEdition_1January2008.htm


Part 1: Section 1 – Introduction

Effective from: 4 February 2008 9 Revised: 28 October 2008 Section 1.5: Revised 21 January 2009 Section 1.4: Revised 21 May 2009 Section 1.7 Revised 22 July 2010

1.2 STRUCTURE OF THE HANDBOOK

10. Part 1 of the Handbook is structured to take a two level approach.

• Level one (Statutory Requirements) describes the statutory requirements that apply to a relevant person (natural or legal) when carrying on financial services business. Failure to follow a statutory requirement is a criminal offence and may also attract regulatory sanction.

• Level two (Regulatory Requirements) sets out how a relevant person must meet the Statutory Requirements. Failure to follow level two may attract regulatory sanction2.

11. The Guidance Notes, which accompany the two levels, present ways of complying with the Statutory Requirements (level one), and Regulatory Requirements (level two) and must always be read in conjunction with these requirements. A relevant person may adopt other appropriate measures to those set out in the Guidance Notes, including policies and procedures established by group, so long as it can demonstrate that such measures also achieve compliance with the Statutory and Regulatory Requirements. This allows a relevant person discretion as to how to apply requirements in the particular circumstances of its business, products, services, transactions and customers. The soundly reasoned application of the provisions contained within the Guidance Notes will provide a good indication that a relevant person is in compliance with the Statutory and Regulatory Requirements.

12. The provisions of the Statutory Requirements and of the Regulatory Requirements are described using the term must, indicating that these requirements are mandatory. However, in exceptional circumstances, where strict adherence to a Regulatory Requirement would produce an anomalous result, a relevant person that is regulated may apply in advance in writing to the Commission for variance from the requirement. For further information refer to Part 3, Section 1.3. Paragraph 7 also sets out circumstances where an obligation to do something outside Jersey may be met through complying with overseas regulatory requirements.

13. In contrast, the Guidance Notes use the term may, indicating ways in which the requirements may be satisfied, but allowing for alternative means of meeting the requirements. References to must and may elsewhere in the Handbook should be similarly construed.

14. In addition to the above levels, the Handbook also contains Overview text which provides some background information relevant to particular sections or sub-sections of the Handbook.

15. The Handbook is not intended to provide an exhaustive list of systems and controls to counter money laundering and the financing of terrorism. In complying with the Statutory and Regulatory Requirements, and in applying the Guidance Notes, a relevant person should (where permitted) adopt an appropriate and intelligent risk based approach and should always consider what additional measures might be necessary to prevent its exploitation, and that of its products and services, by persons seeking either to launder money or to finance terrorism.

16. Level one (Statutory Requirements) necessarily paraphrases provisions contained in the Proceeds of Crime Law, Drug Trafficking Offences Law, Terrorism Law, United Nations Measures, Wire Transfers Regulations and Money Laundering Order and should always be read and understood in conjunction with the full text of each law. This text is presented in italics, to distinguish the text, and contains hyperlinks to the relevant statutory provisions.

17. References to sections in Part 1 of the Handbook are to sections contained within Part 1.

18. Part 2 of the Handbook contains an information resource to be used in training and raising awareness of money laundering and the financing of terrorism. Part 3 of the Handbook sets out the Commission’s policy for the supervision of compliance of a relevant person that is a

2 Level two and the Guidance Notes shall also be relevant in determining whether or not requirements contained in the Money Laundering Order or in Article 23 of the Terrorism Law have been complied with.

http://www.jerseyfsc.org/pdf/Part_3_AML_HBK_Apr_2009_2.pdf

http://www.jerseyfsc.org/anti-money_laundering/regulated_financial_services_businesses/aml_cft_handbook.asp






regulated person with the Statutory and Regulatory Requirements of Part 1. Part 4 of the Handbook provides an “audit trail” for changes that are made to the Handbook.

1.3 LEGAL STATUS AND SANCTIONS FOR NON-COMPLIANCE

1.3.1 Handbook

19. The Handbook is issued by the Commission pursuant to its powers under Article 8 of the Financial Services Commission (Jersey) Law 1998 and in the light of provisions of Article 37 of the Proceeds of Crime Law (which provides for the Money Laundering Order) and Article 23(6) of the Terrorism Law, which anticipate that anti-money laundering and counter-terrorist financing procedures will be prescribed for persons carrying out financial services business.

1.3.2 Money Laundering Order

20. The Money Laundering Order is made by the Minister for Treasury & Resources under Article 37 of the Proceeds of Crime Law. The Money Laundering Order covers money laundering and terrorist financing offences that are set out in the Proceeds of Crime Law, Drug Trafficking Offences Law, and Terrorism Law.

21. Failure to comply with the Money Laundering Order is a criminal offence under Article 37(4) of the Proceeds of Crime Law. In determining whether a relevant person has complied with any of the requirements of the Order, the Royal Court is, pursuant to Article 37(8) of the Proceeds of Crime Law, required to take account of the guidance provided by the Handbook (for this purpose guidance will include the Regulatory Requirements of the Handbook in conjunction with the Guidance Notes), as amended from time to time. The sanction for failing to comply with the Money Laundering Order may be an unlimited fine or up to two years imprisonment, or both. Where a breach of the Money Laundering Order by a body corporate is proved to have been committed with the consent of, or to be attributable to any neglect on the part of, a director, manager or other similar officer, that individual, as well as the body corporate shall be guilty of the offence and subject to criminal sanctions.

22. Similarly, in determining whether a person has committed an offence under Article 23 of the Terrorism Law (the offence of failing to report), the Royal Court is required to take account of the guidance provided by the Handbook. The sanction for failing to comply with Article 23 of the Terrorism Law may be an unlimited fine or up to five years imprisonment, or both.

1.3.3 Regulatory Requirements

23. Regulatory Requirements are set by the Commission under Article 22 of the Proceeds of Crime (Supervisory Bodies) (Jersey) Law 2008 (the “Supervisory Bodies Law”). This provides for the Commission to prepare and issue Codes of Practice for the purpose of establishing sound principles for compliance with the Supervisory Bodies Law, Drug Trafficking Offences Law, Proceeds of Crime Law, Terrorism Law, United Nations Measures, the Wire Transfers Regulations, and the Money Laundering Order. Compliance with Regulatory Requirements will be considered by the Commission in the conduct of its supervisory visits.

24. Non-compliance with the Regulatory Requirements may be regarded by the Commission as an indication of a failure to comply with sound principles.

25. The consequences of non-compliance with the Regulatory Requirements that are set through the Supervisory Bodies Law could include an investigation by or on behalf of the Commission, the imposition of regulatory sanctions, and criminal prosecution of the business and its employees. Regulatory sanctions include:

• issuing a public statement;

• imposing a direction and making this public; and

http://www.jerseyfsc.org/pdf/Part_4_Log_of_amendments_to_the_Handbook_2011%2002%2025.pdf

http://www.jerseylaw.je/law/display.aspx?url=lawsinforce%2fconsolidated%2f13%2f13.250_FinancialServicesCommissionLaw1998_RevisedEdition_1January2010.htm#Toc231537536

http://www.jerseylaw.je/law/display.aspx?url=lawsinforce/consolidated/superseded/08/08.780_proceedsofcrimelaw1999_revisededition_31august2004.htm#Toc89157483

http://www.jerseylaw.je/law/display.aspx?url=lawsinforce/consolidated/superseded/17/17.860_terrorismlaw2002_revisededition_31august2004.htm#Toc89162477







http://www.jerseylaw.je/law/display.aspx?url=lawsinforce%2fconsolidated%2f08%2f08.785_ProceedsofCrime(SupervisoryBodies)Law2008_RevisedEdition_1January2010.htm#Toc247935744




• revocation of a licence.

26. In addition to this, the ability of a relevant person that is a regulated by the Commission under the regulatory laws to demonstrate compliance with the Regulatory Requirements will be directly relevant to its regulated status and any assessment of fitness and propriety of its principals. Non-compliance with the Regulatory Requirements may be regarded by the Commission as an indication of:

• a lack of fitness and propriety under Articles 7 or 8B of the CIF(J)L, Article 10 of the BB(J)L, Article 7 of the IB(J)L, and Article 9 of the FS(J)L; and/or

• a failure to follow certain fundamental principles within Codes of Practice issued under each of the regulatory laws.

27. In addition to the regulatory sanctions that are available under the Supervisory Bodies Law, consequences of non-compliance with the regulatory laws could also include imposing a licence condition, objecting to the appointment and continued appointment of a principal person (or equivalent controller or manager of the business) or key person, and appointment of a manager.

28. The Commission’s policy for supervising and enforcing compliance with the requirements of the Handbook is set out in Part 3 of the Handbook.

1.4 SCOPE OF THE MONEY LAUNDERING ORDER AND REGULATORY REQUIREMENTS

1.4.1 Application of the Money Laundering Order to financial services business conducted in Jersey

29. The Money Laundering Order applies to any person that is carrying on financial services business in or from within Jersey. This will include Jersey-based branches of companies incorporated outside Jersey conducting financial services business in Jersey.

1.4.2 Application of the Money Laundering Order and Regulatory Requirements outside Jersey

30. Under Article 10A(2)(a) of the Money Laundering Order, a relevant person that is a Jersey body corporate or Jersey limited liability partnership and carries on a financial services business through an overseas branch must comply with the Money Laundering Order in respect of that business. In cases where a relevant person is not a Jersey body corporate or Jersey limited liability partnership, Article 10A(3) requires a relevant person that carries on a financial services business through an overseas branch to apply measures that are at least equivalent to the requirements of the Money Laundering Order to that business.

31. Under Article 10A(2)(b) and (4) of the Money Laundering Order, a relevant person must ensure that any subsidiary of that relevant person applies measures that are at least equivalent to the requirements of the Money Laundering Order in respect of any financial services business carried on outside Jersey by that subsidiary.

32. Where legislation in place in a jurisdiction outside Jersey prohibits compliance with the Money Laundering Order, then, under Article 10A(6) of the Money Laundering Order, the requirements set out in Article 10A(2), (3) and (4) do not apply and the Commission must be informed that this is the case. In such circumstances, Article 10A(8) requires a relevant person to take other reasonable steps to effectively deal with the risk of money laundering and the financing of terrorism.

33. If a relevant person carries on a financial services business or has a subsidiary carrying on such a business in a jurisdiction outside Jersey that has more stringent requirements than those set out in the Money Laundering Order, Article 10A(10) of the Money Laundering Order

http://www.jerseylaw.je/law/display.aspx?url=lawsinforce%2fconsolidated%2f13%2f13.100_CollectiveInvestmentFundsLaw1988_RevisedEdition_1January2010.htm#Toc250034886

http://www.jerseylaw.je/law/display.aspx?url=lawsinforce%2fconsolidated%2f13%2f13.100_CollectiveInvestmentFundsLaw1988_RevisedEdition_1January2010.htm#Toc250034889

http://www.jerseylaw.je/law/display.aspx?url=lawsinforce%2fconsolidated%2f13%2f13.075_BankingBusinessLaw1991_RevisedEdition_1January2010.htm#Toc237156885

http://www.jerseylaw.je/law/display.aspx?url=lawsinforce%2fconsolidated%2f13%2f13.425_InsuranceBusinessLaw1996_RevisedEdition_1January2010.htm#Toc237232254

http://www.jerseylaw.je/law/display.aspx?url=lawsinforce%2fconsolidated%2f13%2f13.225_FinancialServicesLaw1998_RevisedEdition_1January2010.htm#Toc250037310


http://www.jerseylaw.je/law/display.aspx?url=lawsinforce%2fconsolidated%2f08%2f08.780.30_MoneyLaunderingOrder2008_RevisedEdition_1January2009.htm#Toc216514160










provides that the relevant person must ensure that the more stringent requirements are complied with.

34. Overseas regulatory requirements and guidance may be followed by overseas branches and subsidiaries conducting financial services business, rather than the Regulatory Requirements and Guidance Notes contained in the Handbook, so long as the overseas regulatory requirements and guidance are consistent with those of the Handbook, or are otherwise consistent with the requirements of the FATF Recommendations (see Section 1.7.2).

1.4.3 Application of Regulatory Requirements

35. The Regulatory Requirements that are applied in this Handbook cover relevant persons that are regulated by the Commission under the regulatory laws.

36. Separate handbooks have been published for the accountancy and legal sectors, and estate agents and high value dealers.

37. Relevant persons that are not covered by this Handbook or other handbooks should refer to paragraph 21.

1.5 DEFINITION OF FINANCIAL SERVICES BUSINESS

38. Schedule 2 of the Proceeds of Crime Law defines financial services business activity. Appendix E reproduces Schedule 2. Included in Appendix E is a document explaining the rationale for exempting certain activities from Schedule 2.

1.6 RISK BASED APPROACH

39. To assist the overall objective to prevent money laundering and the financing of terrorism, the Handbook adopts a risk based approach. Such an approach:

• recognises that the money laundering and financing of terrorism threat to a relevant person varies across customers, jurisdictions, products and delivery channels;

• allows a relevant person to differentiate between customers in a way that matches risk in a particular business;

• while establishing minimum standards, allows a relevant person to apply its own approach to systems and controls, and arrangements in particular circumstances; and

• helps to produce a more cost effective system.

40. Systems and controls will not detect and prevent all money laundering or the financing of terrorism. A risk based approach will, however, serve to balance the cost burden placed on individual businesses and on their customers with a realistic assessment of the threat of a business being used in connection with money laundering or the financing of terrorism by focusing effort where it is needed and has most impact.

41. Inter alia, Part 3 of the Handbook sets out in further detail the Commission’s expectations of a soundly reasoned risk based approach.


http://www.jerseyfsc.org/pdf/Appendix E _Nov 2009_.pdf





1.7 EQUIVALENCE OF REQUIREMENTS IN OTHER COUNTRIES AND TERRITORIES

1.7.1 Equivalent business

42. Articles 16 and 17 of the Money Laundering Order permit concessions from identification measures where a person with a specific connection to a customer is carrying on a financial services business that is overseen for AML/CFT3 compliance in Jersey or carries on business that is “equivalent business”. Sections 3.5 and 4.11 of the Handbook also provide concessions from Regulatory Requirements on a similar basis.

43. Article 5 of the Money Laundering Order defines equivalent business as being overseas business that:

• if carried on in Jersey would be financial services business;

• may only be carried on in the country or territory by a person registered or otherwise authorised under the law of that country or territory to carry on that business;

• is subject to requirements to forestall and prevent money laundering consistent with those in the FATF Recommendations in respect of that business; and

• is supervised for compliance with those requirements by an overseas regulatory authority.

44. The condition requiring that the business must be subject to requirements to combat money laundering and the financing of terrorism consistent with those in the FATF Recommendations will be satisfied where the business is located in an equivalent country or territory (see Section 1.7.2).

1.7.2 Equivalent countries and territories

45. Appendix B provides a list of countries and territories that are considered by the Commission to have set requirements for measures to be taken by their domestic financial institutions and designated non-financial businesses and professions to forestall and prevent money laundering and the financing of terrorism that are consistent with those in the FATF Recommendations, hereafter referred to as “equivalent jurisdictions”.

46. Appendix B is not intended to provide an exhaustive list of such countries and territories, and no conclusions should be drawn from the omission of a particular country or territory from the list.

1.7.3 Determining equivalence

47. Requirements for measures to be taken by financial institutions and designated non-financial businesses and professions (carrying on equivalent business) to forestall and prevent money laundering and the financing of terrorism will be considered to be consistent with the FATF Recommendations only where those requirements are established by law, regulation, or other enforceable means.

48. In determining whether or not the requirements for measures to be taken in a country or territory are consistent with the FATF Recommendations, the Commission will have regard for the following:

3 AML/CFT means Anti-money Laundering / Countering the Financing of Terrorism




http://www.jerseyfsc.org/pdf/Appendix_B_(25_February_2011).pdf




• Generally - whether or not the country or territory is a member of the FATF, a member of a FATF Style Regional Body, a Member State of the EU (including Gibraltar), a member of the European Economic Area (“EEA”), or another Crown Dependency (the Bailiwick of Guernsey and the Isle of Man).

• Specifically - whether a country or territory is compliant or largely compliant with those FATF Recommendations that are directly relevant to the application of available concessions. These are Recommendations 5-11, 13-15, 18, 21, 23, and Special Recommendations IV and VII. Where a person with a specific connection to a customer is a designated non-financial business or profession (a term that is defined by the FATF), then Recommendations 12, 16, and 24 will be relevant. The following sources may be used to determine whether a country or territory is compliant or largely compliant:

the laws and instruments that set requirements in place in that country or territory;

recent independent assessments of that country’s or territory’s framework to combat money laundering and the financing of terrorism, such as those conducted by the FATF, FATF Style Regional Bodies, the International Monetary Fund (the “IMF”) and the World Bank (and published remediation plans); and

other publicly available information concerning the effectiveness of a country’s or territory’s framework.

49. Where a relevant person seeks itself to assess whether a country or territory not listed by the Commission is an equivalent country or territory, the relevant person must conduct an assessment process comparable to that described above, and must be able to demonstrate the process undertaken and the basis for its conclusion.


Part 1: Section 2 – Corporate Governance

2 CORPORATE GOVERNANCE

2.1 OVERVIEW OF SECTION

1. The Cadbury Report on corporate governance states that corporate governance is the system by which businesses are directed and controlled. The Cadbury Report adds that the responsibilities of the Board include setting strategic aims, providing the leadership to put them into effect and supervising the management of the business. The Organisation for Economic Co-operation and Development builds on this definition by stating that the corporate governance structure specifies the distribution of rights and responsibilities among different participants, such as the Board, managers and other stakeholders, and spells out the rules and procedures for making decisions on corporate affairs.

2. Under the general heading of corporate governance, this section considers:

• Board responsibilities for the prevention and detection of money laundering and the financing of terrorism;

• requirements for risk management systems and controls, and for training; and

• the appointment of a Money Laundering Compliance Officer (the “MLCO”) and Money Laundering Reporting Officer (the “MLRO”).

3. The Handbook describes a relevant person’s general framework to combat money laundering and the financing of terrorism as a “business’ systems and controls”. The Handbook refers to the way in which those systems and controls are implemented into the day-to-day operation of the business as the “business’ policies and procedures”.

4. Where a relevant person is not a company, but is, for example, a branch or partnership, references in this section to “the Board” should be read as meaning the senior management function of that business.

2.2 OBLIGATION TO HAVE PROCEDURES AND CONTROLS

STATUTORY REQUIREMENTS

5. In accordance with Article 37 of the Proceeds of Crime Law, a relevant person must have in place procedures to prevent and detect money laundering. Failure to establish and maintain such procedures is a criminal offence and, where such an offence is proved to have been committed with the consent or connivance of, or to be attributable to neglect on the part of, a director or manager or officer of the business, he too shall be deemed to have committed a criminal offence.

6. Article 37 enables the Treasury and Resources Minister to prescribe by Order the procedures that must be put in place by a relevant person. These procedures are established in the Money Laundering Order.

2.3 BOARD RESPONSIBILITIES

OVERVIEW

7. The key responsibilities of the Board are set out in further detail below. The Board is assisted in fulfilling these responsibilities by a MLCO and MLRO. Larger or more complex relevant persons may also require dedicated risk and internal audit functions to assist in the assessment and management of money laundering and financing of terrorism risk.

Effective from: 4 February 2008 15

http://www.jerseylaw.je/law/display.aspx?url=lawsinforce%2fconsolidated%2f08%2f08.780_ProceedsofCrimeLaw1999_RevisedEdition_1January2010.htm#Toc247935932


Handbook for regulated financial services businesses Part 1: Section 2 – Corporate Governance

16 Effective from: 14 February 2008

STATUTORY REQUIREMENTS 8. Article 11(1) of the Money Laundering Order requires a relevant person to establish and

maintain policies and procedures in respect of the person’s financial services business in order to prevent and detect money laundering.

9. Article 11(11) of the Money Laundering Order requires a relevant person to establish and maintain procedures for monitoring and testing the effectiveness of its procedures, including the effectiveness of awareness raising and training for relevant employees (see Section 7).

REGULATORY REQUIREMENTS

10. The Board must conduct and document a business risk assessment. In particular, the Board must consider, on an ongoing basis, the extent of its exposure to risks by reference to its organisational structure, its customers, the jurisdictions with which its customers are connected, its products and services, and how it delivers those products and services. The Board’s assessment must be kept up to date. (See Section 2.3.1).

11. On the basis of its business risk assessment, the Board must establish a formal strategy to counter money laundering and financing of terrorism. For a Jersey business forming part of a group operating outside the Island, that strategy must protect both its global reputation and its Jersey business.

12. Taking into account the conclusions of the business risk assessment and strategy, the Board must organise and control its affairs effectively and be able to demonstrate the existence of adequate systems and controls (including policies and procedures) to counter money laundering and financing of terrorism. (See Section 2.4).

13. The Board must document its systems and controls (including policies and procedures) and clearly apportion responsibilities for countering money laundering and financing of terrorism, and, in particular, responsibilities of the MLCO and MLRO (see Sections 2.5 and 2.6).

14. The Board must assess both the effectiveness of, and compliance with, systems and controls and take prompt action necessary to address any deficiencies. (See Sections 2.4.1 and 2.4.2).

15. The Board must consider what barriers (including cultural barriers) exist to prevent the operation of effective systems and controls to counter money laundering and the financing of terrorism, and must take effective measures to address them. (See Section 2.4.3).

16. The Board must notify the Commission immediately in writing of any material failures to comply with the requirements of the Money Laundering Order or of the Handbook. Refer to Part 3 of the Handbook for further information.

2.3.1 Business risk assessment

GUIDANCE NOTES

17. The Board of a relevant person may demonstrate that it has considered the business’ exposure to money laundering and financing of terrorism risk by:

• Involving all members of the Board in determining the risks posed by money laundering and financing of terrorism within those areas for which they have responsibility.

• Considering organisational factors that may increase the level of exposure to the risk of money laundering and financing of terrorism, e.g. outsourced aspects of regulated activities or compliance functions.

• Considering the nature, scale and complexity of its business, the diversity of its operations (including geographical diversity), the volume and size of its transactions, and the degree of risk associated with each area of its operation.

• Considering who its customers are and what they do.

• Considering whether any additional risks are posed by the jurisdictions with which its customers (including intermediaries and introducers) are connected. Factors such as high levels of organised crime, increased vulnerabilities to corruption and inadequate frameworks






to prevent and detect money laundering and the financing of terrorism will impact the risk posed by relationships connected with such jurisdictions.

• Considering the characteristics of the products and services that it offers and assessing the associated vulnerabilities posed by each product and service, including delivery channels. For example:

a. The use of third parties such as group entities, introducers and intermediaries to conduct elements of the CDD process.

b. Pooled relationships with intermediaries will tend to be more vulnerable - because of the anonymity provided by the co-mingling of assets or funds belonging to several customers by the intermediary.

c. Products such as standard current accounts are more vulnerable because they allow payments to be made to and from third parties, including cash transactions.

d. Conversely, those products that do not permit third party transfers or where redemption is permitted only to an account from which the investment is funded will be less vulnerable.

• Considering how it establishes and delivers products and services to its customers. For example, risks are likely to be greater whether relationships may be established remotely (non-face to face), or may be controlled remotely by the customer (straight-through processing of transactions).

18. The Board must record and retain its business risk assessment. An annual, formal reassessment might be appropriate for a dynamic, growing business, but too often in some other cases, e.g. an established business with stable products and services.

2.4 SYSTEMS AND CONTROLS, TRAINING AND AWARENESS


19. Article 11(1) of the Money Laundering Order requires a relevant person to establish and maintain appropriate policies and procedures in respect of the person’s financial services business in order to prevent and detect money laundering.

20. Parts 3, 4 and 5 of the Money Laundering Order provide for the procedures that are to be applied in respect of customer due diligence, record keeping and reporting procedures.

21. Article 11(2) requires appropriate policies and procedures established and maintained under Article 11(1) to provide for an assessment of risk that any business relationship, product or transaction will involve money laundering, and to reflect such assessment of risk.

22. Article 11(9) of the Money Laundering Order requires a relevant person to take appropriate measures for the purpose of making employees whose duties relate to the provision of financial services aware of policies and procedures under Article 11(1) and of legislation in Jersey to counter money laundering and financing of terrorism. Article 11(10) of the Money Laundering Order requires a relevant person to provide employees whose duties relate to the provision of financial services with training in the recognition and handling of transactions carried out by or on behalf of persons who are, or appear to be, engaged in money laundering or financing terrorism.

23. Article 11(11) of the Money Laundering Order requires a relevant person to establish and maintain policies and procedures for monitoring and testing the effectiveness of its procedures, including the effectiveness of awareness raising and training for relevant employees.

24. Articles 7 and 8 of the Money Laundering Order require that a relevant person appoints a MLCO and a MLRO.

25. Article 11(8) requires that a relevant person operating through branches or subsidiaries, which carry on financial services business, must communicate its policies and procedures, maintained in accordance with Article 11(1), to those branches or subsidiaries.



















26. A relevant person must establish and maintain systems and controls to prevent and detect money laundering and the financing of terrorism, that enable the business to:

• Apply appropriate CDD policies and procedures (in line with Sections 3, 4, and 5), which must include:

a. the development of clear customer acceptance policies and procedures;

b. use of transaction limits and management approvals for higher risk customers.

• Monitor and review instances where exemptions are granted to policies and procedures, or where controls are overridden.

• Report to the Joint Financial Crimes Unit (“JFCU”) when it knows, suspects, or has reasonable grounds to know or suspect that another person is involved in money laundering or financing terrorism, including attempted transactions - in line with Section 6.

• Adequately screen relevant employees when they are initially employed, aware of the risks of becoming concerned in arrangements involving criminal money and terrorist financing, aware of their personal obligations and policies and procedures concerning measures to combat money laundering and the financing of terrorism, and provided with training - in line with Section 7.

• Keep records - in line with Section 8.

• Liaise closely with the Commission and the JFCU on matters concerning vigilance, systems and controls.

• Monitor compliance by overseas branches and subsidiaries with policies and procedures.

27. In maintaining the required systems and controls, a relevant person must check that the systems and controls are implemented and operating effectively.

28. A relevant person must have systems and controls in place, or take appropriate measures, to guard against the use of technological developments in money laundering or financing terrorism schemes.

29. A relevant person must have policies and procedures in place to address specific risks associated with non-face to face business relationships or transactions, which should be applied when applying CDD measures.

2.4.1 Oversight of the effectiveness of systems and controls

GUIDANCE NOTES

30. For systems and controls (including policies and procedures) to be effective, they will need to be both appropriate to the circumstances of the relevant person and complied with. Guidance on means of overseeing compliance is set out in Section 2.4.2.

31. It is the responsibility of the Board to implement systems and controls that are effective. While it is the responsibility of the Board to reach an independent conclusion, the Board may wish to use the MLCO and MLRO to provide information and advice to assist the Board to assess the effectiveness of the business’ systems and controls. Alternatively, independent assessments could be commissioned from time to time from external experts. Larger or more complex businesses may require separate risk management and internal audit functions to assist in the assessment of effectiveness.

32. The Board may demonstrate that it has assessed the effectiveness of a relevant person’s systems and controls where it, for example:

• Receives regular and timely information relevant to the management of the business’ money laundering and financing of terrorism risk, including information on any branches and subsidiaries.

• Considers the adequacy of the management information received by the Board relevant to the management of money laundering and financing of terrorism risk.




• Monitors the ongoing competence and effectiveness of the MLCO and the MLRO.

• Considers the adequacy of resources to comply with the Proceeds of Crime Law, Drug Trafficking Offences Law, Terrorism Law, United Nations Measures and the Money Laundering Order (and by extension, also the Handbook).

• Periodically reviews the adequacy of policies and procedures for higher risk customers.

• Periodically considers the adequacy of its approach to the management of money laundering and financing terrorism risk posed by its existing customer base (see Section 9).

• Considers whether the incidence of suspicious activity reports (or absence of such reports) has highlighted any deficiencies in the business’ CDD measures, or reporting policies and procedures, and whether changes are required to address any such deficiencies.

• Consider whether inquiries have been made by the JFCU, or production orders received, without issues having previously being identified by CDD or reporting policies and procedures.

• Consider changes made or proposed in respect of new legislation, regulatory requirements or guidance, or as a result of changes in business activities.

2.4.2 Oversight of compliance with systems and controls

GUIDANCE NOTES

33. The Board may demonstrate that it has assessed that there is compliance with systems and controls where it periodically commissions and considers a report from the MLCO that covers compliance, and records and retains the report. The frequency of such reports should be determined by its business risk assessment and consideration of cultural barriers.

34. Areas which the periodic report may cover include:

• The means by which compliance with the business’ systems and controls has been monitored and tested.

• Compliance deficiencies identified and details of action taken or proposed to address any such deficiencies.

• The number and scope of exemptions granted to policies and procedures.

• The number of internal suspicious activity reports received and the number of subsequent external suspicious activity reports submitted to the JFCU, by business area, if appropriate.

• Information concerning the training programme: for which staff have received training, the methods of training and the nature of any significant issues arising from the training.

• Action taken in response to notices highlighting jurisdictions which do not or insufficiently apply the FATF Recommendations or which are the subject of international countermeasures.

• Action taken to comply with terrorist and financial sanctions legislation.

35. To assist the MLCO in preparing the report, a relevant person may wish to provide the MLCO with support from its internal audit or compliance function, as appropriate, or to use external resources.

2.4.3 Consideration of cultural barriers

OVERVIEW

36. The implementation of systems and controls for the prevention and detection of money laundering and the financing of terrorism does not obviate the need for a business to address cultural barriers that can prevent effective control. Human factors, such as the inter-relationships between different employees within a business, and between employees and customers, can result in the creation of damaging barriers.



37. Unlike systems and controls, the prevailing culture of an organisation is intangible. As a result, its impact on the business can sometimes be difficult to measure.

GUIDANCE NOTES

38. The risk that cultural barriers might prevent the operation of effective systems and controls to prevent and detect money laundering and the financing of terrorism may be minimised by the Board considering the prevalence of the following factors:

• An assumption on the part of more junior employees that their concerns or suspicions are of no consequence.

• Negative handling by managerial staff of queries raised by more junior employees regarding unusual, complex or higher risk activity and transactions.

• An unwillingness on the part of employees to subject high value (and therefore important) customers to effective CDD checks.

• Pressure applied by management or customer relationship managers outside Jersey upon employees in Jersey to transact without first conducting all relevant customer due diligence.

• Excessive pressure applied on employees to meet aggressive revenue-based targets, or where employee or management remuneration or bonus schemes are exclusively linked to revenue-based targets.

• The familiarity of employees with certain customers resulting in unusual or higher risk activity and transactions within such relationships not being identified as such.

• The inability of employees to understand the commercial rationale for business relationships, resulting in a failure to identify non-commercial and therefore potential money laundering and financing of terrorism activity.

• A tendency for line managers to discourage employees from raising concerns due to lack of time and/or resources, preventing any such concerns from being addressed satisfactorily.

• An excessive desire on the part of employees to provide a confidential and efficient customer service.

• Non-attendance of senior employees at anti-money laundering and countering the financing of terrorism training sessions on the basis of mistaken belief that they cannot learn anything new or because they have too many other competing demands on their time.

2.4.4 Outsourcing

OVERVIEW

39. In all instances of outsourcing, it is the delegating business that bears the ultimate responsibility for the duties undertaken in its name. This will include the requirement to determine that the third party has in place satisfactory systems and controls, and that those systems and controls are kept up to date to reflect changes in requirements.

40. Depending on the nature and size of a relevant person, the roles of MLCO and MLRO may require additional support and resourcing. Where a business elects to bring in additional support, or to delegate areas of the MLCO or MLRO functions to third parties, the MLCO or MLRO will remain directly responsible for his respective role.


41. A relevant person must follow the Commission’s policy statement and guidance notes on outsourcing, as may be amended from time to time.

42. A relevant person must consider the effect that outsourcing has on money laundering and financing terrorism risk, in particular where a MLCO or MLRO is provided with additional support from third parties, either from within group or externally.

43. A relevant person must assess possible money laundering or financing terrorism risk associated with outsourced functions, record its assessment, and monitor any risk on an ongoing basis.



44. Where an outsourced activity is a financial services business activity, then a relevant person must be satisfied with the policies and procedures that are put in place by the provider of the outsourced service.

45. In particular, a relevant person must be satisfied that knowledge, suspicion, or reasonable grounds for knowledge or suspicion of money laundering or financing of terrorism activity will be reported by the provider of the outsourced service to the MLRO (or deputy MLRO) of the relevant person.

2.5 THE MONEY LAUNDERING COMPLIANCE OFFICER (MLCO)

OVERVIEW

46. The Money Laundering Order requires a relevant person to maintain appropriate policies and to apply procedures, and to monitor the business’ compliance with those policies and procedures. The Money Laundering Order requires that the business appoint an individual as MLCO, and task that individual with the function of monitoring the business’ compliance with legislation in Jersey relating to money laundering and financing of terrorism.

47. This requirement does not preclude the Board from using internal or external resources to monitor compliance or preclude the MLCO from having a functional reporting line, to a group compliance function.

STATUTORY REQUIREMENTS 48. Article 7 of the Money Laundering Order requires a relevant person to appoint a MLCO to

monitor whether the enactments in Jersey relating to money laundering and financing of terrorism are being complied with. The same person may be appointed as both MLCO and MLRO.

49. Article 7(6) of the Money Laundering Order requires a relevant person to notify the Commission in writing within one month when a person is appointed as, or ceases to be, a MLCO. However, Article 10 provides that the Commission may grant exemptions from this notification requirement, by way of notice.

50. Article 7 of the Money Laundering Order recognises that a relevant person that is a regulated person may have notified the Commission of the appointment or cessation of a MLCO under a requirement of the regulatory legislation. If so, a duplicate notification is not required under the Money Laundering Order.


51. A relevant person must appoint a MLCO that:

• is employed by the relevant person or business in the same group as the relevant person4;

• is based in Jersey5;

• has sufficient experience and skills;

• has appropriate independence;

• has a sufficient level of seniority and authority within the business so that the Board reacts to and acts upon any recommendations made;

4 In the case of a relevant person that: is a functionary of a collective investment fund, a Category B insurance permit holder,

a managed bank, or other managed entity; has no staff of its own; and is administered by a financial services business that is a regulated person, it is acceptable for an employee of the administrator to be appointed by the relevant person as its MLCO.

5 In the case of a relevant person that: is a Category A or Category B insurance permit holder or a money service business; has no staff of its own in Jersey; and is administered by a financial services business that is a regulated person or is a person carrying on equivalent business (refer to Section 1.7), it is acceptable for the relevant person to appoint an employee of the administrator as its MLCO.




http://www.jerseylaw.je/Law/display.aspx?url=lawsinforce%2fconsolidated%2f08%2f08.780.30_MoneyLaunderingOrder2008_RevisedEdition_1January2009.htm#Toc216514159




• has sufficient resources, including sufficient time and (if appropriate) a deputy MLCO and support staff;

• has regular contact with the Board so that the Board is able to satisfy itself that statutory obligations are being met and that the business is taking sufficiently robust measures to protect itself against the risk of money laundering and financing of terrorism;

• reports directly to the Board;

• has unfettered access to all business lines, support departments and information necessary to appropriately perform the function; and

• is fully aware of both his and the business’ obligations under the Proceeds of Crime Law, Drug Trafficking Offences Law, Terrorism Law, United Nations Measures and the Money Laundering Order (and by extension, also the Handbook).

52. In the event that the position of MLCO is expected to fall vacant, to comply with the statutory requirement to have an individual appointed to the office of MLCO at all times, a relevant person must take action to appoint a member of the Board (or other appropriate member of senior management) to the position on a temporary basis.

53. Where temporary circumstances arise where the relevant person has a limited or inexperienced compliance resource, the business must ensure that this resource is supported as necessary.

54. When considering whether it is appropriate to appoint the same person as MLCO and MLRO, a relevant person must have regard to:

• the respective demands of the two roles, taking into account the size and nature of the business’ activities; and

• whether the individual will have sufficient time and resources to fulfil both roles effectively.

55. The Commission has exercised the power provided by Article 10 of the Money Laundering Order by issuance of a Notice. On 4 February 2008, it issued a Notice in respect of relevant persons that are not also regulated persons (see Notice issued under Article 10 of the Money Laundering (Jersey) Order 2008).

GUIDANCE NOTES

56. A relevant person may demonstrate that it has clearly apportioned responsibilities for countering money laundering and the financing of terrorism, where the MLCO (or other audit, compliance or review function):

• Develops and maintains systems and controls (including policies and procedures) in line with evolving requirements.

• Undertakes regular reviews (including testing) of compliance with policies and procedures to counter money laundering and the financing of terrorism.

• Advises the Board on anti-money laundering and financing of terrorism compliance issues that need to be brought to its attention.

• Reports periodically, as appropriate, to the Board on compliance with the business’ systems and controls.

• Responds promptly to requests for information made by the Commission and the JFCU.

2.6 THE MONEY LAUNDERING REPORTING OFFICER (MLRO)

OVERVIEW

57. Whilst the Money Laundering Order requires one individual to be appointed as MLRO, it recognises that, given the size and complexity of operations of many businesses, it may be appropriate to designate additional persons (“deputy MLROs”) to whom suspicious activity reports may be made.

http://www.jerseylaw.je/law/display.aspx?url=lawsinforce%2fconsolidated%2f08%2f08.780_ProceedsofCrimeLaw1999_RevisedEdition_1January2010.htm


http://www.jerseylaw.je/Law/display.aspx?url=lawsinforce%2fconsolidated%2f17%2f17.860_TerrorismLaw2002_RevisedEdition_1January2009.htm




http://www.jerseyfsc.org/pdf/Gazette_Notice_Article_10_MLO_26_Jan_09.pdf





58. Article 8 of the Money Laundering Order requires a relevant person to appoint a MLRO. The MLRO’s function is to receive and consider reports in accordance with internal reporting procedures. The same person may be appointed as both MLCO and MLRO.

59. Article 8(4) of the Money Laundering Order requires a relevant person to notify the Commission in writing within one month when a person is appointed as, or ceases to be, a MLRO. However, Article 10 provides that the Commission may grant exemptions from this notification requirement, by way of notice.

60. Article 8 of the Money Laundering Order recognises that a relevant person that is a regulated person may have notified the Commission of the appointment or cessation of a MLRO under a requirement of the regulatory legislation. If so, a duplicate notification is not required under the Money Laundering Order.

61. Article 9 allows a relevant person to designate one or more deputy MLROs, in addition to the MLRO, to whom suspicious activity reports may be made.

62. Under Article 21(g) procedures must be established and maintained which allow the MLRO and any deputy MLROs to have access to all relevant information which may be of assistance to them when considering a suspicious activity report.


63. A relevant person must appoint a MLRO that:

• is employed by the relevant person or business in the same group as the relevant person6;

• is based in Jersey7;

• has sufficient experience and skills;

• has appropriate independence;

• has a sufficient level of seniority and authority within the business;

• has sufficient resources, including sufficient time, and (if appropriate) is supported by deputy MLROs;

• is able to raise issues directly with the Board; and

• is fully aware of both his and the business’ obligations under the Proceeds of Crime Law, Drug Trafficking Offences Law, Terrorism Law, United Nations’ Measures and the Money Laundering Order (and by extension, also the Handbook).

64. Where a relevant person has appointed one or more deputy MLROs the requirements set out above for the MLRO must also be applied to any deputy MLROs.

65. Where a relevant person has appointed one or more deputy MLROs, the business must provide that the MLRO:

• keeps a record of all deputy MLROs;

• provides support to and routinely monitors the performance of any deputy MLROs; and

• consider and determines that suspicious activity reports are being handled in an appropriate and consistent manner.

6 In the case of a relevant person that: is a functionary of a collective investment fund, a Category B insurance permit holder,

a managed bank, or other managed entity; has no staff of its own; and is administered by a financial services business that is a regulated person, it is acceptable for an employee of the administrator to be appointed by the relevant person as its MLRO.

7 In the case of a relevant person that: is a Category A or Category B insurance permit holder or a money service business; has no staff of its own in Jersey; and is administered by a financial services business that is a regulated person or is a person carrying on equivalent business (refer to Section 1.7), it is acceptable for the relevant person to appoint an employee of the administrator as its MLRO.








http://www.jerseylaw.je/law/display.aspx?url=lawsinforce%2fconsolidated%2f08%2f08.780_ProceedsofCrimeLaw1999_RevisedEdition_1January2010.htm


http://www.jerseylaw.je/law/display.aspx?url=lawsinforce%2fconsolidated%2f17%2f17.860_TerrorismLaw2002_RevisedEdition_1January2010.htm





66. In the event that the position of MLRO is expected to fall vacant, to comply with the statutory requirement to have an individual appointed to the office of MLRO at all times, a relevant person must take action to appoint a member of the Board (or other appropriate member of senior management) to the position on a temporary basis.

67. Where temporary circumstances arise where the relevant person has a limited or inexperienced reporting resource, the relevant person must ensure that this resource is supported as necessary.

68. The Commission has exercised the power provided by Article 10 of the Money Laundering Order by issuance of a Notice. On 4 February 2008, the Commission issued a Notice in respect of relevant persons that are not also regulated persons (see Notice issued under Article 10 of the Money Laundering (Jersey) Order 2008).

GUIDANCE NOTES

69. A relevant person may demonstrate that it has clearly apportioned responsibilities for countering money laundering and the financing of terrorism, where the MLRO:

• maintains a record of all enquiries received from law enforcement authorities and records relating to all internal and external suspicious activity reports (Section 8);

• manages relationships effectively post disclosure to avoid tipping off any third parties; and

• acts as the liaison point with the Commission and the JFCU and in any other third party enquiries in relation to money laundering or financing of terrorism.

70. A relevant person may demonstrate routine monitoring of the performance of any deputy MLROs by requiring the MLRO to review:

• samples of records containing internal suspicious activity reports and supporting information and documentation;

• decisions of the deputy MLRO concerning whether to make an external suspicious activity report; and

• the bases for decisions taken.





Part 1: Section 3 – Customer due diligence requirements

Effective from: 4 February 2008 Sections 3.3.4.1 and 3.4 revised: 12 January 2009 Section 3.4 revised: 30 January 2009 Paragraph 48 revised: 22 April 2009 Sections 3.3.4.1 and 3.4.2 revised 22 July 2010 25

3 CUSTOMER DUE DILIGENCE REQUIREMENTS


1. This section establishes the minimum CDD requirements of the Handbook, and sets out a framework by which a relevant person is required to develop a risk based approach to determining the type and extent of measures to apply to different types of customers, products and services. For example, the type and extent of customer identification and relationship information to collect, the nature of verification of information obtained, and the level of business relationship monitoring activity.

2. The minimum CDD measures required by the Statutory and Regulatory Requirements of the Handbook involve:

• Identifying an applicant for business and verifying the applicant’s identity using reliable, independent source documents, data or information.

• Identifying the beneficial ownership and control of the applicant and taking reasonable measures to verify the identity of the beneficial owners and controllers such that a relevant person is satisfied that it knows who the beneficial owners and controllers are.

• Identifying any third parties (and owners and controllers) on whose behalf the applicant is acting.

• Obtaining information on the purpose and intended nature of the business relationship.

• Keeping the above information up to date, and monitoring activity and transactions undertaken throughout the course of a relationship to determine whether the activity or transaction being conducted is consistent with the relevant person’s knowledge of the customer.

3. Sound CDD measures are vital because they:

• help to protect the relevant person and the integrity of the financial sector in which it operates by reducing the likelihood of the business becoming a vehicle for, or a victim of, financial crime;

• assist law enforcement, by providing available information on applicants for business, customers or activities and transactions being investigated - following a suspicious activity report to the JFCU;

• constitute an essential part of sound risk management, e.g. by providing the basis for identifying, limiting and controlling risk; and

• help to guard against identity fraud.

4. The inadequacy or absence of satisfactory CDD measures can subject a relevant person to serious customer and counterparty risks, as well as reputational, operational, legal, regulatory and concentration risks, any of which can result in significant financial cost to the business. CDD information is also a vital tool for the MLRO and business employees when examining unusual or higher risk activity or transactions, in order to determine whether a suspicious activity report is appropriate.

5. The CDD sections of the Handbook (Sections 3, 4 and 5) follow the approach taken to CDD in the FATF Recommendations.

Handbook for regulated financial services businesses Part 1: Section 3 – Customer due diligence requirements


6. General requirements, including the application of a risk based approach, are described in this section (Section 3) together with the circumstances in which enhanced due diligence must be conducted.

7. Identification and verification elements of CDD are addressed in Section 4, together with circumstances in which exceptions apply and simplified procedures might be applied to lower risk applicants for business. Ongoing monitoring and scrutiny of activity and transactions is described in Section 5. Accordingly, this section should be read and understood in conjunction with Sections 4 and 5.

8. Throughout this section, references to an “applicant for business” or “applicant” relate to a prospective customer, and references to a “customer” relate to a person with whom a business relationship has been formed or one-off transaction conducted.

9. An applicant for business may be an individual, trustee of an express trust, or a legal body (including bodies corporate, foundations, anstalts, partnerships, associations, or any similar bodies that can establish a permanent customer relationship with a relevant person or otherwise own property) seeking to enter into a business relationship or conduct a one-off transaction - as principal or on behalf of a third party.

10. The individuals considered to be the beneficial owners and controllers for each customer type are described in Section 4.

3.2 OBLIGATION TO CONDUCT CUSTOMER DUE DILIGENCE


11. Article 37 of the Proceeds of Crime Law enables the Treasury and Resources Minister to prescribe the measures to be followed by a financial services business.

12. Article 13(1) of the Money Laundering Order requires a relevant person to apply CDD measures.

13. Article 3 sets out what due diligence measures are to involve.

14. Article 11(1) requires a relevant person to maintain policies and procedures for the application of CDD measures that are appropriate having regard to the degree of risk of money laundering and the financing of terrorism.

15. Article 11(3) requires that the appropriate policies and procedures include policies and procedures:

• which provide for the identification and scrutiny of:

a. complex or unusually large transactions;

b. unusual patterns of transactions, which have no apparent economic or lawful purpose;

c. business relationships and transactions connected with jurisdictions that do not, or insufficiently, apply the FATF Recommendations;

d. business relationships and transactions with persons or jurisdictions that are subject to UN or EU sanctions and measures, or measures imposed by one more countries for insufficient or non-existent application of FATF Recommendations; or

e. any other activity, the nature of which causes the relevant person to regard it as particularly likely to be related to money laundering or the financing of terrorism.

• which specify additional procedures where products and transactions are susceptible to anonymity; and

• which determine whether a customer is a PEP.

Sections 3.3.4.1 and 3.4 revised: 12 January 2009 Section 3.4 revised: 30 January 2009

Paragraph 48 revised: 22 April 2009 Sections 3.3.4.1 and 3.4.2 revised 22 July 2010









3.3 RISK BASED APPROACH TO CUSTOMER DUE DILIGENCE

OVERVIEW

16. Section 2.3 of the Handbook requires the Board of a relevant person to conduct (and keep up to date) a business risk assessment, which considers the business’ activities and structure and concludes on the business’ exposure to money laundering and financing terrorism risk.

17. This business risk assessment will enable a relevant person to determine its initial approach to performing Stage 1 of the CDD process as set out below, depending on the type of customer, product or service involved. The remaining stages of the process require a relevant person to consider whether the specific circumstances of the customer, or the product or service requested, will necessitate further CDD measures to be applied.

18. A risk based approach to CDD is one that involves a number of discrete steps in assessing the most effective and proportionate way to manage the money laundering and financing terrorism risk faced by a relevant person. While these steps must be incorporated into policies and procedures, the steps do not need to take place in the sequence outlined below, and will often occur simultaneously.

19. The risk assessment of a particular applicant will determine the extent of identification information (and other CDD information) that will be requested, how that information will be verified, and the extent to which the resulting relationship will be monitored.

20. Systems and controls will not detect and prevent all instances of money laundering or the financing of terrorism. A risk based approach will, however, serve to balance the cost burden placed on a relevant person and on applicants and customers with the risk that the business may be used in money laundering or to finance terrorism by focusing resources on higher risk areas.

21. Care has to be exercised under a risk based approach. Being identified as carrying a higher risk of money laundering does not automatically mean that a customer is a money launderer or is financing terrorism. Similarly, identifying a customer as carrying a lower risk of money laundering does not mean that the customer is not a money launderer or financing terrorism.


22. A relevant person must apply a risk based approach to determine the extent and nature of the measures to be taken when undertaking the process set out below. For higher risk customers, refer also to Section 3.4.

Stages 1-3: Regulatory Requirements: determination and recording of risk Guidance

Stage 1: A relevant person must collect relevant CDD information on:

• the applicant for business, • any beneficial owners and controllers of the applicant, and • any third parties on whose behalf the applicant acts (and

beneficial owners and controllers of third parties); and • the relationship to be established,

to enable a customer profile to be prepared.

In particular, a relevant person must understand the nature of the business that the applicant expects to conduct and the rationale for the business relationship or one-off transaction.

Section 3.3.1

Section 3.3.2

Section 3.3.3


28 Effective from: 4 February 2008 Sections 3.3.4.1 and 3.4 revised: 12 January 2009

Section 3.4 revised: 30 January 2009 Paragraph 48 revised: 22 April 2009

Sections 3.3.4.1 and 3.4.2 revised 22 July 2010

Stages 1-3: Regulatory Requirements: determination and recording of risk Guidance

Stage 2: A relevant person must, on the basis of the relevant CDD information collected at Stage 1, evaluate the information with reference to “factors to consider” and appropriate external data sources, and consider whether it is appropriate to collect further information.

Section 3.3.3

Section 3.3.4

Stage 3: A relevant person must determine and record a risk assessment for the applicant.

Section 3.3.5

Stages 4-5: Regulatory Requirements: application of a risk based approach Guidance

Stage 4: A relevant person must verify the identity of the applicant and take reasonable measures to verify the identity of any beneficial owners and controllers of the applicant and of any third parties on whose behalf the applicant acts (and beneficial owners and controllers of such third parties).

Section 4

Stage 5: A relevant person must periodically update relevant CDD information and its risk assessment (in line with Stages 1 to 3). In the event of any change in beneficial ownership or control of the applicant, or third parties on whose behalf the applicant acts reasonable measures should be taken to verify identity (in line with Stage 4).

Section 3.3.6

3.3.1 Customer due diligence information – Stage 1

GUIDANCE NOTES

23. CDD information comprises both identification information and relationship information.

24. Information that may be considered relevant identification information is set out in Section 4. Information that may be considered relevant relationship information for individuals, express trusts, and legal bodies is described below.

25. The extent of relationship information sought in respect of a particular applicant, or type of applicant, will depend upon the jurisdictions with which the applicant is connected, the characteristics of the product or service requested, how the product or service will be delivered, as well as factors specific to the applicant.

Guidance Notes: customer relationship information

All customer types

• Purpose and intended nature of relationship.8 • Type, volume and value of activity expected. • Source of funds, e.g. nature and details of occupation or employment. • Details of any existing relationships with the relevant person. • Reason for using overseas service provider (non-residents only).

8 For many simple retail savings or investment products, the reasons for a relationship may be self-evident.




Additional relationship information

Express trusts

• Type of trust (e.g. fixed interest, discretionary, testamentary). • Structure of any underlying legal bodies (if applicable) and nature of

activities undertaken by the trust and any underlying legal bodies (having regard for “sensitive activities” as defined by the Commission and trading activities).

• Classes of beneficiaries, including any charitable causes named in the trust instrument.

• Name of trustee’s regulator, if applicable.

Legal bodies • Entity and group (if applicable) ownership and control structure. • Nature of activities undertaken (having regard for “sensitive activities” as

defined by the Commission and trading activities). • Geographical sphere of the legal body’s activities and assets. • Name of regulator, if applicable.

3.3.2 Customer due diligence profile – Stage 1

GUIDANCE NOTES

26. For certain types of products or services, it may be possible to prepare a customer profile on the basis of generic expected activity and transactions. For more complex products or services, however, tailored activity profiles may be necessary.

27. In any event, a relevant person may demonstrate that a customer profile contains sufficient information where that profile enables it to:

• identify a pattern of expected business activity and transactions within each business relationship; and

• identify unusual or higher risk activity and transactions that may indicate money laundering or financing terrorism activity.

3.3.3 Source of funds and wealth – Stages 1 and 2

OVERVIEW

28. The ability to follow the audit trail for criminal funds and transactions flowing through the financial sector is a vital law enforcement tool in money laundering and financing of terrorism investigations. Understanding the source of funds and, in higher risk relationships, the customer’s source of wealth is also an important aspect of CDD.

GUIDANCE NOTES

29. A relevant person may demonstrate that it has collected relevant relationship information by:

Lower and standard risk

• Taking reasonable measures to establish source of funds for each applicant and, when third party funding is involved, making further enquiries as to the relationship between the person providing the funds and the applicant.

Higher risk:

additional measures

• Taking reasonable measures to establish a customer’s source of wealth. • Considering whether it is appropriate to take measures to verify source of

funds and wealth.





30. The “source of funds” is the activity which generates the funds for a customer, e.g. a customer’s occupation or business activities. Information concerning the geographical sphere of the activities may also be relevant.

31. The Money Laundering Order and the Handbook stipulate record keeping requirements for transaction records, which require information concerning the remittance of funds to be recorded (e.g. the name of the bank and the name and account number of the account from which the funds were remitted). This is not to be confused with source of funds.

32. “Source of wealth” is distinct from source of funds, and describes the activities which have generated the total net worth of a person, i.e. those activities which have generated a customer’s funds and property. Information concerning the geographical sphere of the activities that have generated a customer’s wealth may also be relevant.

33. In determining source of wealth it will often not be necessary to establish the monetary value of an individual’s net worth.

3.3.4 Evaluation of customer due diligence information – Stage 2

GUIDANCE NOTES

34. The following factors may be relevant when assessing and evaluating the CDD information collected at Stage 1, and are not exhaustive. A relevant person should consider whether other variables are appropriate factors to consider in the context of the products and services that it provides and its customer base. Where this evaluation of CDD information highlights a higher risk, then it may prove necessary to request further CDD information.

3.3.4.1 Factors to consider

Country risk

• Residence in or connection with higher risk countries or territories. The following countries or territories may be considered to present a higher risk:

• those that have been indentified by the FATF as having strategic deficiencies in the fight against money laundering and the financing of terrorism (countries and territories in Group 3 of Appendix D);

• those that have high levels of organised crime;

• those that have strong links (such as funding or other support) with terrorist activities;

• those that are vulnerable to corruption; and

• those that are the subject of United Nations (“UN”) or EU sanctions measures.

In assessing which jurisdictions may present a higher risk, objective data published by the IMF, FATF, World Bank, the Egmont Group of Financial Intelligence Units, US Department of State (International Narcotics Control Strategy Report), US Office of Foreign Assets Control (“OFAC”), and Transparency International (Corruption Perception Index) will be relevant.

• Geographical sphere of business activities, e.g. the location of the markets in which a customer does business.

• Familiarity of a relevant person with a country, including knowledge of its local legislation, regulations and rules, as well as the structure and extent of regulatory oversight, for example, as a result of a relevant person’s own operations within that country.

See also 3.4.2.

http://www.jerseyfsc.org/pdf/Appendix_D_(25_February_2011).pdf




Product or service risk

• Ability to make payments to third parties.

• Ability to pay in or withdraw cash.

• Ability to migrate from one product to another.

• Ability to hold boxes, parcels or sealed envelopes in safe custody.

• Ability to use numbered accounts.

• Ability to use “hold mail” facilities.

• Ability to pool underlying customers.

• Mechanism or instrument that could be used to finance activity-based financial prohibitions (i.e. prohibitions on provision of financial services related to the supply, sale, transfer, manufacture or use of prohibited items, materials, equipment, goods and technology).

Delivery risk

• Indirect relationship with the customer - use of intermediaries or gatekeepers. (See Section 4.10.1 for factors to consider).

• Non-face to face relationships - product or service delivered exclusively by post, telephone, internet etc.

• Availability of “straight-through processing” of customer transactions.

Customer risk

• Type of applicant or customer. For example, a politically exposed applicant will present a higher risk.

• Nature and scope of business activities generating the funds/assets. For example, an applicant or customer conducting “sensitive” activities (as defined by the Commission) or conducting activities which are prohibited if carried on with certain countries; an applicant or customer engaged in higher risk trading activities; or an applicant or customer engaged in a business which involves significant amounts of cash, may indicate higher risk.

• Transparency of applicant or customer. For example, persons that are subject to public disclosure rules, e.g. on exchanges or regulated markets (or consolidated subsidiaries of such persons), or subject to licensing by a statutory regulator, e.g. the Jersey Competition Regulatory Authority, may indicate lower risk. Customers where the structure or nature of the entity or relationship makes it difficult to identify the true beneficial owners and controllers may indicate higher risk.

• Reputation of applicant or customer. For example, a well known, reputable person, with a long history in its industry, and with abundant independent information about it and its beneficial owners and controllers may indicate lower risk.

• Behaviour of applicant or customer. For example, where there is no commercial rationale for a customer buying the products that he seeks, requests undue levels of secrecy, or where it appears that an “audit trail” has been deliberately broken or unnecessarily layered, an applicant for business may indicate higher risk.

• The regularity or duration of the relationship. For example, longstanding relationships involving frequent customer contact that result in a high level of understanding of the

http://www.jcra.je/cms3/v2/public/default.asp

http://www.jcra.je/cms3/v2/public/default.asp





customer relationship may indicate lower risk.

• Type and complexity of relationship. For example, unexplained use of corporate structures and express trusts, and use of nominee and bearer shares may indicate higher risk.

• Value of assets handled.

• Value and frequency of cash or other “bearer” transactions.

• Delegation of authority by the applicant or customer. For example, the use of powers of attorney, mixed boards and representative offices may indicate higher risk.

• Nature of the relationship between an applicant’s beneficial owners and controllers and account signatories.

• In the case of an express trust, the relationship of the settlor(s) to beneficiaries with a vested right, to other beneficiaries and persons who are the object of a power. (See also Section 4.4.)

• In the case of an express trust, the nature of classes of beneficiaries and classes within an expression of wishes. (See also Section 4.4.)

3.3.4.2 External data sources

35. Appropriate external data sources will include sources such as domestic legislation applying UN and EU sanctions and measures, and guidance issued by the Commission, and may include information published by governments and law enforcement authorities on terrorists (e.g. United States government agencies such as the Federal Bureau of Investigation and OFAC), electronic subscription databases, the internet and other media.

36. In particular, HM Treasury maintains a consolidated list of targets listed by the UN, EU, and UK under legislation relating to current financial sanctions regimes.

3.3.5 Customer risk assessment – Stage 3

GUIDANCE NOTES

37. A relevant person may demonstrate an effective process to determine an initial customer risk assessment by taking into account:

• the CDD information obtained at Stage 1 and the evaluation of this information carried out at Stage 2 against relevant “factors to consider” and external data sources; and

• inconsistencies between the CDD information obtained, for example, between specific information concerning source of funds or source of wealth, and the nature of transactions.

38. In determining a risk assessment for a customer, the presence of one factor to consider that might indicate higher risk will not automatically establish that a customer is higher risk. Equally, the presence of one lower risk factor should not automatically lead to a determination that a customer is lower risk. As set out above, the process of determining an appropriate risk assessment should take into account the absence or presence of relevant factors, whether any compensating factors apply and the CDD information held by the relevant person.

39. The sophistication of the risk assessment process may be determined according to factors established by the business risk assessment.

40. Where it is appropriate to do so, risk may be assessed generically for applicants and customers falling into similar categories.

http://www.fbi.gov/

http://www.ustreas.gov/offices/enforcement/ofac/

http://www.hm-treasury.gov.uk/



Effective from: 4 February 2008

• The business of some relevant persons, their products, and customer base, can be relatively simple, involving few products, with most applicants or customers falling into similar risk categories. In such circumstances, a simple approach, building on the risk that the business’ products are assessed to present, may be appropriate for most customers, with the focus being on those customers who fall outside the norm.

• Others may have a greater level of business, but large numbers of their customers may be predominantly retail, served through delivery channels that offer the possibility of adopting a standardised approach to many procedures. Here too, the approach for most customers may be relatively straight forward - building on product risk.

• In the case of Jersey residents seeking to establish retail relationships, and in the absence of any information to indicate otherwise, such applicants may be considered to present a lower risk.

41. A more complex system may be appropriate for diverse customer bases or businesses with broad ranges of products or services.

3.3.6 Updating customer due diligence and customer risk assessments – Stage 5

GUIDANCE NOTES

42. In the case of a business relationship assessed as presenting higher risk, a relevant person may demonstrate that its CDD information remains up to date where it is reviewed and updated on at least an annual basis.

43. In the case of other relationships, a relevant person may demonstrate that its CDD information remains up to date where it is reviewed and updated on a risk sensitive basis, including where additional “factors to consider” become apparent.

44. Trigger events, e.g. the opening of a new account, the purchase of a further product, or meeting with a customer may also present a convenient opportunity to update CDD information.

45. Under Article 13(1)(c) of the Money Laundering Order, where there is doubt about the veracity or adequacy of documents, data or information previously obtained under CDD measures, then CDD information must be updated.

46. A comprehensive understanding of the risk presented by a business relationship may only become evident at a later stage following the establishment of relationship. A relevant person may demonstrate that its customer risk assessments remain up to date where its review procedures (as outlined above), and its monitoring procedures (Section 5) involve consideration as to the ongoing appropriateness of the customer’s risk assessment.

3.4 ENHANCED CUSTOMER DUE DILIGENCE


47. Article 15 of the Money Laundering Order requires that a relevant person apply enhanced CDD measures using a risk based approach where:

• A customer is not physically present for identification purposes.

• The relevant person has or proposes to have a business relationship or proposes to carry out a one-off transaction with a person connected with a country or territory that does not apply or insufficiently applies the FATF Recommendations.

Sections 3.3.4.1 and 3.4 revised: 12 January 2009 Section 3.4 revised: 30 January 2009 Paragraph 48 revised: 22 April 2009 Sections 3.3.4.1 and 3.4.2 revised 22 July 2010 33





• The relevant person has or proposes to have a business relationship or proposes to carry out a one-off transaction with an applicant for business or a customer who is a PEP or where any of the following is a PEP: (i) owner or controller of an applicant or customer, (ii) third party on whose behalf an applicant or customer acts, (iii) beneficial owner or controller of a third party described in (ii), or (iv) person acting, or purporting to act, on behalf of a customer.

• The relevant person holds a deposit-taking licence and has or proposes to have a correspondent banking relationship with a bank that is outside Jersey. See sector specific section on correspondent banking.

• The nature of the situation is such that a higher risk of money laundering is likely.

48. Article 15(5A) of the Money Laundering Order requires that a relevant person that has or proposes to have a business relationship or proposes to carry out a one-off transaction with a PEP (or relationship or transaction that has a prescribed connection to a PEP) must have specific and adequate measures that: (i) require any new business relationship or continuation of such a relationship or any new one-off transaction to be approved by the senior management of the relevant person; and (ii) establish the source of the wealth of the PEP and the source of the funds involved in the business relationship or one-off transaction.

49. For the purposes of determining whether a person is a close associate of a PEP a relevant person need only consider information that it holds or is publicly known.

3.4.1 Politically Exposed Persons (PEPs)

OVERVIEW

50. Corruption inevitably involves serious crime, such as theft or fraud, and is of global concern. The proceeds of such corruption are often transferred to other jurisdictions and concealed through private companies, trusts or foundations, frequently under the names of relatives or close associates.

51. By their very nature, money laundering investigations involving the proceeds of corruption generally gain significant publicity and are therefore very damaging to the reputation of both businesses and jurisdictions concerned. This is in addition to the possibility of criminal charges.

52. Indications that an applicant or customer may be connected with corruption include excessive revenue from “commissions” or “consultancy fees” or involvement in contracts at inflated prices, where unexplained “commissions” or other charges are paid to third parties.

53. The risk of handling the proceeds of corruption, or becoming engaged in an arrangement that is designed to facilitate corruption, is greatly increased where the arrangement involves a PEP. Where the PEP also has connections to countries or business sectors where corruption is widespread, the risk is further increased.

54. PEP status itself does not, of course, incriminate individuals or entities. It will, however put an applicant for business or customer into a higher risk category.

STATUTORY REQUIREMENTS 55. Article 11 of the Money Laundering Order requires a relevant person to put in place appropriate

risk based systems and controls to determine whether an (i) applicant for business or customer, (ii) owner or controller of an applicant or customer, (iii) third party on whose behalf an applicant or customer acts, (iv) beneficial owner or controller of a third party described in (iii), or (v) person acting, or purporting to act, on behalf of a customer, is a PEP. Such systems and controls must recognise that customers may subsequently acquire PEP status.

Sections 3.3.4.1 and 3.4 revised: 12 January 2009 Section 3.4 revised: 30 January 2009

Paragraph 48 revised: 22 April 2009 Sections 3.3.4.1 and 3.4.2 revised 22 July 2010






GUIDANCE NOTES

56. The nature and scope of a relevant person’s activities will generally determine whether the existence of PEPs in its customer base is a practical issue for the business.

57. Where the existence of PEPs is considered to be a practical issue, a relevant person may demonstrate that it has appropriate systems and controls for determining whether it is servicing a PEP where it:

• Assesses those jurisdictions with which customers are connected, which pose the highest risk of corruption. One source of information is the Transparency International Corruption Perception Index.

• Establishes who are the current and former holders of prominent public functions within those higher risk countries and determines, as far as is reasonably practicable, whether or not applicants for business and customers have any connections with such individuals (including through immediate family or close associates). In determining who are the current and former holders of prominent public functions, it may have regard to information already held by the relevant person and to external information sources such as the UN, the European Parliament, the UK Foreign and Commonwealth Office, the Group of States Against Corruption, and commercially available databases.

• Exercises vigilance where applicants and customers are involved in business sectors that are vulnerable to corruption such as, but not limited to, oil or arms sales. One source of information is the Transparency International Corruption Perception Index.

3.4.2 Customer who is connected to a higher risk country or territory

REGULATORY REQUIREMENT

58. Countries and territories in Group 1 of Appendix D are to be treated as countries and territories that do not apply, or insufficiently apply, the FATF Recommendations under Article 15(3A) of the Money Laundering Order. The effect of this is that enhanced CDD measures must be applied under Article 15 of the Money Laundering Order.

59. Countries and territories in Group 2 of Appendix D are to be treated as countries and territories that present a higher risk under normal CDD measures.

3.4.3 Other higher risk customers

GUIDANCE NOTES

60. A relevant person may demonstrate that it has applied enhanced due diligence measures to higher risk customers where it undertakes one of more of the measures set out below. The nature of the measures to be applied will depend on the circumstances of the relationship or transaction and the factors leading to the customer being considered to be higher risk.

61. Enhanced due diligence measures include:

• obtaining additional CDD information (identification information and relationship information, including further information on the source of funds and source of wealth), from either the customer or independent sources (such as the internet, public or commercially available databases);

• taking additional steps to verify the CDD information obtained;

• commissioning due diligence reports from independent experts to confirm the veracity of CDD information held;

• requiring higher levels of management approval for higher risk new customers;

http://www.transparency.org/policy_research/surveys_indices/cpi/2009

http://www.transparency.org/policy_research/surveys_indices/cpi/2009









• requiring more frequent review of business relationships;

• requiring the review of business relationships to be undertaken by the compliance function, or other employees not directly involved in managing the customer; and

• setting lower monitoring thresholds for transactions connected with the business relationship.

3.5 CDD REQUIREMENTS WHEN ACQUIRING A BUSINESS OR A BLOCK OF CUSTOMERS

OVERVIEW

62. This sub-section establishes the requirements when established business relationships are taken on when acquiring a business or block of customers.


63. Before acquiring a business with established business relationships or a block of relationships, a relevant person must undertake sufficient due diligence on the vendor to establish the level of CDD information and evidence of identity held in relation to the business to be acquired.

64. A relevant person may rely on the information and evidence of identity previously obtained by the vendor where the following criteria are met:

• the vendor is a financial services business that is a regulated person or carries on equivalent business to any category of regulated business as defined by Article 5 of the Money Laundering Order (refer to Section 1.7); and

• the relevant person has assessed that the vendor’s CDD policies and procedures are satisfactory. This assessment must either involve sample testing, or alternatively an assessment of all relevant CDD information for the relationships to be acquired.

65. When relying on this concession, a relevant person must obtain from the vendor the CDD information and evidence of identity held for each customer acquired.

66. Otherwise, where the vendor is not a financial services business that is a regulated person, or is not carrying on equivalent business to any category of regulated business (refer to Section 1.7), or where deficiencies in the vendor’s CDD policies and procedures are identified (either at the time of transfer or subsequently), a business must determine and implement a programme to apply CDD measures on each customer and to remedy deficiencies. The business must agree its programme with the Commission.

67. CDD procedures must be undertaken as soon as possible in line with a risk based approach and requirements set out in the Handbook.



Part 1: Section 4 – Identification and verification of identity

Effective from: 4 February 2008 37 Revised 20 July 2009

4 IDENTIFICATION AND VERIFICATION OF IDENTITY


1. The purpose of this section of the Handbook is to establish the identification information to be requested when establishing a business relationship or carrying out a one-off transaction, the information to be verified, and how that information is to be verified. This section also sets out exceptions and concessions to these general requirements, which apply in certain scenarios.

2. Guidance is also given on the timing of verification measures and on what to do where it is not possible to complete identification or verification of identity.

3. Identification and verification requirements (referred to in the Money Laundering Order as “identification measures”) apply at the outset of a business relationship or one-off transaction, where there is suspicion of money laundering or financing of terrorism, or where there is some doubt as to the veracity or adequacy of documents, data or information that are already held (including the circumstances set out in 4 below).

4. In particular, identification and verification requirements will apply when there is a:

• change in identification information of a customer;

• change in beneficial ownership and control of a customer; or

• change in the third parties (or beneficial ownership or control of third parties) on whose behalf an applicant or customer acts.

5. An applicant for business may be an individual (see Section 4.3), trustee of an express trust (see Section 4.4), or a legal body (including companies and foundations (both of which are bodies corporate when incorporated in Jersey), anstalts, partnerships, associations, or any similar bodies that can establish a business relationship with a relevant person or otherwise own property) (see Section 4.5) seeking to enter into a business relationship or to conduct a one-off transaction - as principal or on behalf of a third party (see Section 4.7).

6. This section should be read and understood in conjunction with Sections 3 and 5, which also address customer due diligence requirements.

7. Throughout this section, references to an “applicant for business” or “applicant” relate to a prospective customer, and references to a “customer” relate to a person with whom a business relationship has been formed or one-off transaction conducted.

4.2 OBLIGATION TO IDENTIFY AND VERIFY IDENTITY OF APPLICANT FOR BUSINESS

OVERVIEW

8. Determining that an applicant for business is the person that he, she, or it claims to be is a combination of being satisfied that:

• a person exists - on the basis of appropriate identification information; and

• the applicant for business is that person - by verifying from reliable, independent source documents, data or information, satisfactory confirmatory evidence of appropriate components of the applicant’s identity.

9. Evidence of identity can take a number of forms. In respect of individuals, much weight is placed on identity documents and these are often the easiest way of providing evidence as to someone’s identity. It is, however, possible to be satisfied as to a customer’s identity by obtaining other forms of confirmation, including, in appropriate circumstances, written assurances from persons or organisations that have dealt with the customer for some time.


Handbook for regulated financial services businesses Part 1: Section 4 – Identification and verification of identity


10. How much identification information to ask for, what to verify, and how to verify it in order to be satisfied as to a customer’s identity, will depend on the risk assessment for that customer (refer to Section 3.3).

11. When verifying identity, a relevant person will need to be prepared to accept a range of documents, and may also wish to use independent data sources to verify information.

STATUTORY REQUIREMENTS 12. Article 13 of the Money Laundering Order requires identification measures to be conducted in

respect of an applicant for business and any third parties for whom the applicant is acting (reasonable measures to verify identity in the case of the latter). Where the applicant (or any third party) is not an individual, Article 13 also requires beneficial owners and controllers of the applicant (or third parties) to be identified and reasonable measures to be taken to verify their identity.

13. For persons who are not individuals, Article 2 of the Money Laundering Order describes:

• beneficial owners as individuals with ultimate beneficial ownership of that person; and

• beneficial controllers as individuals who ultimately control that person or otherwise exercise control over the management of that person.

14. The description of a beneficial owner or controller will apply whether the individual satisfies the description alone or jointly with other persons.

15. Article 2 of the Money Laundering Order provides that no individual is to be treated as a beneficial owner of a person that is a body corporate, the securities of which are listed on a regulated market.

16. Article 3 of the Money Laundering Order defines what is meant by customer due diligence measures and provides that identification of a person involves:

• obtaining information about identity; and

• verification of that information.

17. Verification evidence is satisfactory if, on the basis of documents, data or information from a reliable and independent source, it is reasonably capable of establishing that the applicant for business or customer (and others) is who he is said to be and the person conducting verification is satisfied that it does establish that fact.

18. Where the person to be identified is not physically present when identification measures are carried out, Article 15(3) of the Money Laundering Order requires that the customer due diligence measures must take into account the greater risk that is posed.

19. Article 13(1) of the Money Laundering Order requires identification measures to be applied before the establishment of a business relationship or before carrying out a one-off transaction, except where Article 13(4) and (5) apply. It also requires identification measures to be applied where the relevant person suspects money laundering or the financing of terrorism or has doubts about the veracity or adequacy of documents, data or information previously obtained under customer due diligence measures.

20. Article 13(4) provides for verification of identity of a person to be completed as soon as reasonably practicable after the establishment of a business relationship if:

• this is necessary not to interrupt the normal conduct of business; and

• there is little risk of money laundering occurring as a result of completing such verification after the establishment of that relationship.

21. Where there is a change in the beneficial owners or controllers of a customer, Article 13(1)(c)(ii) of the Money Laundering Order requires that the new beneficial owners or controllers are identified and that reasonable measures are taken to verify their identity.

22. Article 13 of the Money Laundering Order also requires a relevant person to identify and to take reasonable measures to verify the identity of persons purporting to be authorised to act on behalf of a customer and to verify the authority of any persons purporting so to act.

Revised 20 July 2009















4.3 IDENTIFICATION AND VERIFICATION: INDIVIDUALS

OVERVIEW

23. The following requirements are relevant to situations where an individual is the applicant for business or where the applicant for business is more than one individual, such as a husband and wife opening a joint account.

24. They also apply to situations where an individual is a beneficial owner or controller of an applicant for business, is acting on behalf of an applicant for business (e.g. is acting according to a power of attorney, or who has signing authority over an account), or is a third party (underlying customer) on whose behalf an applicant for business is acting (see Section 4.7).

4.3.1 Establishing identity


25. A relevant person must collect relevant identification information on an individual.

GUIDANCE NOTES

26. A relevant person may demonstrate collection of relevant identification information where it requests, receives and keeps up to date the following:

All customers

• Legal name, any former names (such as maiden name) and any other names used.

• Principal residential address.

• Date of birth.

Standard and higher risk: additional information

• Place of birth.

• Nationality.

• Sex.

• Government issued personal identification number or other government issued unique identifier.

4.3.2 Verifying identity


27. A relevant person must verify the identity of the individual.

28. Where a particular aspect of an individual’s identity subsequently changes (such as following marriage, change of nationality, or change of address), a relevant person must take reasonable measures to re-verify that particular aspect of identity of the individual.

29. All key documents (or parts thereof) used to verify identity must be understandable (i.e. in a language understood by the employees of the business), and must be translated into English at the request of the JFCU or the Commission.

GUIDANCE NOTES

30. A relevant person may demonstrate that it has verified the identity of an individual where it verifies the following components:


40 Effective from: 4 February 2008 Revised 20 July 2009

Lower risk – information to be verified

• Legal name, any former names (such as maiden name) and any other names used, and

• Principal residential address or date of birth.

using at least one identification verification method (see paragraph 31).

Standard risk – information to be verified

• Legal name, any former names (such as maiden name) and any other names used;

• Principal residential address;

• Date of birth;

• Place of birth;

• Nationality; and

• Sex.

using at least two identification verification methods (see paragraph 31).

Higher risk – information to be verified

• Legal name, any former names (such as maiden name) and any other names used;

• Principal residential address;

• Date of birth;

• Place of birth;

• Nationality;

• Sex; and

• Government issued personal identification number or other government issued unique identifier.

using at least two identification verification methods (see paragraph 31).

Refer to Section 3.4 for enhanced due diligence requirements for higher risk relationships.

31. Components of identity may be verified using the following methods:

All customers – identification verification methods

General identification information:

• Current passport - providing photographic evidence of identity.

• Current national identity card - providing photographic evidence of identity.

• Current driving licence - providing photographic evidence of identity - where the licensing authority carries out a check on the holder’s identity before issuing.

• Independent data sources (including electronic sources). (Refer to Section 4.3.3).




All customers – identification verification methods

Residential address:

• Correspondence from a central or local government department or agency (e.g. States and parish authorities).

• A letter of introduction confirming residential address from: (i) a relevant person that is regulated by the Commission; (ii) a regulated financial services business which is operating in a well-regulated jurisdiction; or (iii) a branch or subsidiary of a group headquartered in a well-regulated jurisdiction which applies group standards to subsidiaries and branches worldwide, and tests the application of, and compliance with, such standards.

• Personal visit to residential address.

• A bank statement or utility bill.

• One of the general identification information sources listed above.

Lower risk

Where the above general identification information methods are not possible, identity may be verified using:

• A Jersey driving licence; or

• A birth certificate in conjunction with:

• a bank statement or a utility bill;

• documentation issued by a government source; or

• a letter of introduction from a relevant person that is regulated by the Commission.

32. Verification methods provide evidence of identity from a number of sources. These sources may differ in their integrity, reliability and independence. For example, some identification documents are issued after due diligence on an individual’s identity has been undertaken, for example passports and national identity cards; others are issued on request, without any such checks being carried out. A relevant person should recognise that some documents are more easily forged than others.

33. Additionally, verification methods incorporating photographic confirmation of customer identity provide a higher level of assurance that an individual is the person who he or she claims to be.

34. Where a relevant person is not familiar with the form of the evidence obtained to verify identity, appropriate measures may be necessary to satisfy itself that the evidence is genuine.

35. When applying reasonable measures to the re-verification of identity following a change in a particular aspect of identity, e.g. a change of address, a relevant person may apply a risk based approach which focuses on higher risk customers.

36. In determining whether a jurisdiction is well-regulated, a relevant person may have regard to:

• the development and standing of the jurisdiction’s regulatory framework; and

• recent independent assessments of its regulatory environment, such as those conducted and published by the IMF.

37. Where components of identity are verified through use of a passport, national identity card, or driving licence, which subsequently expires, then, in the absence of other risk factors, no further verification is necessary.



4.3.3 Independent data sources

OVERVIEW

38. Independent data sources can provide a wide range of confirmatory material on an applicant for business or customer, and are becoming increasingly accessible, for example, through improved availability of public information and the emergence of commercially available data sources such as electronic databases and research firms. Sources include:

• Registers of electors.

• Telephone directories.

• Credit reference agency checks.

• Business information services.

• Electronic checks provided by commercial agencies.

39. Where a relevant person is seeking to verify identity using an independent data source, whether by accessing the source directly or by using an independent third party organisation (such as a credit reference agency), an understanding of the depth, breadth and quality of the data is important in order to determine that the method of verification does in fact provide satisfactory evidence of identity.


40. Where a relevant person intends to use independent data sources to verify components of identity, it must ensure that:

• The source, scope and quality of the data are satisfactory. At least two matches of each component of an individual’s identity (see Section 4.3.2) must be obtained.

• Processes allow the relevant person to capture and record the information used to verify identity.

41. The level of satisfaction required will depend on the extent that a relevant person relies on the independent data sources to obtain satisfactory evidence of identity.

GUIDANCE NOTES

42. Where a relevant person intends to use data held by independent third party organisations to verify identity, the business may demonstrate that data is satisfactory where the organisation is registered with a data protection agency in the EEA (or with an agency in a jurisdiction that has similar data protection provisions to the EEA), and where the organisation:

• uses a range of positive information sources that can be called upon to link an applicant to both current and historical data;

• accesses negative information sources such as databases relating to fraud and deceased persons;

• accesses a wide range of alert data sources; and

• has transparent processes that enable a relevant person to know what checks have been carried out, what the results of these checks were and to be able to determine the level of satisfaction provided by those checks.

4.3.4 Guarding against the financial exclusion of Jersey residents

OVERVIEW

43. On occasions, an individual may be unable to provide evidence of identity using the verification sources set out at Section 4.3.2. Examples of such individuals include:

• Seasonal workers whose principal residential address is not in Jersey.




• Individuals living in Jersey in accommodation provided by their employer, with family (for example in the case of minors), or in care homes, who may not pay directly for utility services.

• Jersey students living in university, college, school, or shared accommodation, who may not pay directly for utility services.

• Minors.


44. A relevant person must determine that there is a valid reason for an applicant for business being unable to satisfy its more usual verification requirements, and must document that reason.

GUIDANCE NOTES

45. In the case of a lower risk minor, whose parent or guardian is unable to produce more usual documentation to verify the minor’s identity, and who would otherwise be excluded from accessing financial services and products, satisfactory verification of identity may be established with a birth certificate.

46. In other cases, where a lower risk individual has a valid reason for being unable to produce more usual documentation to verify identity, and would otherwise be excluded from accessing financial services and products, satisfactory verification of identity may be established by:

• A letter from the head of the household at which the individual resides confirming that the applicant lives at that Jersey address, setting out the relationship between the applicant and the head of household, together with evidence that the head of household resides at the address.

• A letter from a Jersey nursing home or residential home for the elderly, which a relevant person is satisfied that it can place reliance on, confirming residence of the applicant.

• A letter from a Jersey employer, which a relevant person is satisfied that it can place reliance on, which confirms residence at a stated Jersey address, and indicates the expected duration of employment. In the case of a seasonal worker, the worker’s principal residential address in his country of origin should also be obtained.

• A letter from a principal of a university or college, which a relevant person is satisfied that it can place reliance on, that confirms residence at a stated address. In the case of a Jersey student studying outside the Island, a residential address in Jersey should also be obtained.

47. Confirmatory letters should be written on appropriately headed notepaper.

4.3.5 Verification of residential address of overseas residents

OVERVIEW

48. On occasions, an individual that resides abroad may be unable to provide evidence of his principal residential address using the verification methods set out at Section 4.3.2. Examples of such individuals include residents of countries without postal deliveries and few street addresses, who rely upon post office boxes or employers for delivery of mail, and residents of countries where, due to social restraints, private addresses may not be verified by personal visits.

49. It is essential for law enforcement purposes that a record of an individual’s residential address (or details of how that individual’s place of residence may be reached) be recorded. As a result, it is not acceptable only to record a post office box number as an address, or to fail to take steps to verify that a residential address is valid where required by this Handbook.


50. A relevant person must determine that there is a valid reason for an applicant for business being unable to satisfy its more usual verification of address requirements, and must document that reason.



51. Where alternative methods to verify address are relied on, a relevant person must consider whether enhanced monitoring of activity and transactions is appropriate.

GUIDANCE NOTES

52. Where an individual has a valid reason for being unable to produce more usual documentation to verify residential address, satisfactory verification of address may be established by:

• Verification of a “locator” address - a locator address is an address at which it would normally be possible to physically meet or contact an individual (with or without prior arrangement), for example, an individual’s place of work.

• A written confirmation received from an individual satisfying the criteria for a suitable certifier - Section 4.8.1 - that confirms residential address and that the certifier has visited the individual at that address.

4.4 IDENTIFICATION AND VERIFICATION: TRUSTEES AND EXPRESS TRUSTS

OVERVIEW

53. There is a wide variety of trusts ranging from large, nationally and internationally active organisations subject to a high degree of public scrutiny and transparency, through to trusts set up under testamentary arrangements and trusts established for wealth management purposes.

54. Express trusts cannot form business relationships or carry out one-off transactions themselves. It is the trustee of the trust who will enter into a business relationship or carry out the one-off transaction on behalf of the trust and who will be considered to be the applicant for business (i.e. the trustee is acting on behalf of a third party – the trust and the individuals concerned with the trust).

55. In forming a relationship or carrying out a one-off transaction with a trustee, a relevant person will be dependent on information supplied by the trustee relating to the trust and the individuals concerned with the trust. When determining the risk assessment for an express trust (Section 3.3), the risk factors set out in Section 3.3.4.1 and Section 4.10.1 will be relevant. In addition, the monitoring measures maintained by a relevant person (Section 5) may provide additional comfort that relevant and up to date identification and relationship information has been provided.

56. The following requirements are relevant to situations where a trustee of an express trust is the applicant for business. Where the trustee of an express trust is a relevant person that is a regulated person (defined in Article 1 of the Money Laundering Order) or is a person who carries on equivalent business to any category of regulated business, the concession set out in Section 4.9.1 will be relevant. Where the trustee of an express trust is a relevant person that is overseen for AML/CFT compliance in Jersey or is a person who carries on an equivalent business (see Section 1.7), the concession set out in Section 4.10 (for the individuals concerned with the trust) will also be relevant.

57. These requirements also apply to situations where a trustee is a beneficial owner or controller of an applicant for business, or is a third party (underlying customer) on whose behalf an applicant for business is acting.

58. The requirements where an applicant for business is wishing to settle a trust are covered in a sector specific section for trust company business9.

59. Notwithstanding the requirement to obtain and verify information in relation to the trustee, the trust and those individuals who are concerned with the trust, a relevant person is not expected to establish the detailed terms of the trust, nor rights of the beneficiaries.

9 Sector specific section for trust company business published 23 December 2009.





4.4.1 Establishing identity


60. A relevant person must collect relevant identification information on the trustee(s) and on the express trust (and any subsequent changes).

61. A relevant person must collect relevant identification information on the individuals who are concerned with the trust (and any subsequent changes).

GUIDANCE NOTES

62. A relevant person may demonstrate the collection of relevant identification information where it requests and receives from the trustee(s): (i) the following information; and (ii) certain assurances.

All customers

• Name of trust.

• Date of establishment.

• Official identification number (e.g. tax identification number or registered charity or non-profit organisation number).

• Identification information of trustee(s) - in line with guidance for individuals and legal bodies.

• Mailing address of trustee(s).

• Identification information of settlor(s)10 - in line with guidance for individuals and legal bodies.

• Identification information of protector(s) - in line with guidance for individuals and legal bodies.

Standard and higher risk – additional information

• Identification information on beneficiaries with a vested right - in line with guidance for individuals and legal bodies.

• Identification information on any other beneficiaries and persons who are the object of a power and that have been identified as presenting higher risk - in line with guidance for individuals and legal bodies.


63. The assurances are that the trustee(s) has provided all of the information requested, and that the trustee(s) will update the information provided in the event of subsequent change.

4.4.2 Verifying identity


64. A relevant person must verify the name and date of establishment of the express trust. Whilst there is no requirement to review an existing trust instrument (or similar instrument) as a whole, satisfactory evidence of the appointment of the trustee(s), and the nature of his duties must be obtained.

65. A relevant person must verify the identity of the trustee(s) of the express trust and any subsequent change in trustee(s) (in line with guidance for individuals and legal bodies).

10 The settlors of a trust include the initial settlors and any persons subsequently settling funds into a trust.



66. A relevant person must take reasonable measures to verify the identity of the individuals who are concerned with the express trust (as set out at Section 4.4.1) and any subsequent changes (in line with guidance for individuals and legal bodies).

67. In the case of a standard or higher risk relationship, a relevant person must take reasonable measures to verify the identity of a beneficiary with a vested right at the time of or before distribution of trust property or income.

68. In the case of a standard or higher risk relationship, a relevant person must take reasonable measures to verify the identity of any other beneficiaries and persons who are the object of a power and that have been identified as presenting higher risk, at the time that the risk is identified.


GUIDANCE NOTES

70. Where a relevant person seeks to verify the identity of individuals who are concerned with a trust on a non-face to face basis, for example, through copy documentation provided by the trustee(s), reference should be made to the requirements and guidance set out in Section 4.8 for non-face to face identification and verification.

71. For higher risk relationships, also refer to Section 3.4 for enhanced due diligence requirements.


4.5 IDENTIFICATION AND VERIFICATION: LEGAL BODIES

OVERVIEW

73. The following requirements are relevant to situations where a legal body is the applicant for business.

74. The requirements also apply to situations where a legal body is a beneficial owner or controller of an applicant for business, or is a third party (underlying customer) on whose behalf an applicant for business is acting.

75. For the purpose of this section, a legal body includes companies and foundations (both of which are bodies corporate when incorporated in Jersey), anstalts, partnerships, associations, or any similar bodies that can establish a business relationship with a relevant person or otherwise own property. For the purposes of this section, it also includes incorporated and unincorporated clubs, societies, charities, church bodies, institutes, mutual and friendly societies, co-operative and provident societies.

76. The identification measures to be applied to a legal body that is not a foundation are set out in Sections 4.5.1 and 4.5.2. The identification measures to be applied to a legal body that is a foundation are set out in Sections 4.5.3 and 4.5.4. For the avoidance of doubt, the identification measures that are to be applied to a foundation that is a charity are those set out in Sections 4.5.1 and 4.5.2.

77. Where identification information relating to a legal body is not available from a public source, a relevant person will be dependent on the information that is supplied by the legal body. When determining the risk assessment for a legal body (Section 3.3), the risk factors set out in Section 3.3.4.1 will be relevant. The risk factors set out in Section 4.10.1 are also relevant to the risk assessment for a legal body where information and evidence of identity are obtained through a trust and company service provider. In addition, the monitoring measures maintained by a relevant person (Section 5) may provide additional comfort that relevant and up to date identification and relationship information has been provided.

78. Where a director (or equivalent) of a legal body holds this role by virtue of his employment by (or position in) a business that is a regulated Jersey trust company, the concession set out in




paragraph 95 of Section 4.5.2 (verification of director’s identity) will be relevant. Similar provision is made for a council member of a foundation at paragraph 108 of Section 4.5.4.

79. Article 2 of the Money Laundering Order, which describes those persons to be considered to be beneficial owners of a body corporate, provides that no individual is to be treated as a beneficial owner of a person that is a body corporate, the securities of which are listed on a regulated market. In the case of an applicant for business that is a subsidiary of such a body corporate, this provision means that there will be no need to identify or verify the identity of the owners of the shares of the holding body corporate. The obligation to identify individuals with ultimate effective control over the body corporate assets (or as otherwise provided for lower risk relationships) remains. Guidance published by the UK’s Joint Money Laundering Steering Group on what may be considered to be a regulated market can be found under Guidance on Equivalent Markets.

80. The requirements where an applicant for business is wishing to incorporate a company or foundation are covered in a sector specific section for trust company business11.

4.5.1 Establishing identity (except foundations)


81. A relevant person must collect relevant identification information on a legal body (and any subsequent changes).

82. A relevant person must collect relevant identification information on the beneficial owners and controllers of the legal body (and any subsequent changes).

GUIDANCE NOTES

83. A relevant person may demonstrate collection of relevant identification information where it requests and receives from the legal body: (i) the following information; and (ii) certain assurances.

All customers

• Name of body.

• Any trading names.

• Date and country of incorporation/registration.

• Official identification number.

• Registered office address.

• Mailing address (if different).

• Principal place of business/operations (if different).

• Names of all directors (or equivalent).

• Identification information of directors (or equivalent) who have authority to operate a relationship or to give the relevant person instructions concerning the use or transfer of funds or assets - in line with guidance for individuals.

• Identification information of individuals ultimately holding a 25% or more interest in the capital of the legal body - in line with guidance for individuals and trustees.

11 Sector specific section for trust company business published 23 December 2009.


http://www.jmlsg.org.uk/bba/jsp/polopoly.jsp?d=770&a=15206





• Identification information of individuals with ultimate effective control over the legal body’s assets, including the individuals comprising the mind and management of the legal body, e.g. directors - in line with guidance for individuals.

• Identification information of individuals ultimately holding a material interest in the capital of the legal body - in line with guidance for individuals and trustees.


84. Where information is not available from public sources, the assurances are that the directors (or equivalent) of the legal body have provided all of the information requested, and that the directors (or equivalent) will update the information provided in the event of subsequent change.

85. For lower risk relationships, a general threshold of 25% is considered to indicate a material interest in the capital of a legal body. Whilst this principle may also apply to standard and higher risk relationships, where the distribution of interests is uneven the percentage where effective control may be exercised (a material interest) may be less than 25% when the distribution of other interests is taken into account, i.e. interests of less than 25% may be material interests.

4.5.2 Verifying identity (except foundations)


86. A relevant person must verify the identity of the legal body.

87. A relevant person should take reasonable measures to verify the beneficial owners and controllers of the legal body and any subsequent changes in beneficial ownership and control (in line with guidance for individuals and trustees).


GUIDANCE NOTES

89. A relevant person may demonstrate that it has verified the identity of a legal body where it verifies the following components:

All customers

• Name of body.

• Date and country of incorporation/registration.


Standard and higher risk – additional verification

• Registered office address.

• Principal place of business/operations (where different to registered office).

90. Components of identity may be verified using one or more of the following verification methods:




Lower risk – minimum one verification method

Standard and higher risk – minimum two verification methods

• Certificate of incorporation (or other appropriate certificate of registration or licensing).

• Memorandum and Articles of Association (or equivalent).

• Company registry search, including confirmation that body is not in the process of being dissolved, struck off, wound up or terminated.

• Latest audited financial statements.

• Independent data sources, including electronic sources, e.g. business information services.

• Personal visit to principal place of business (standard or higher risk only).


91. A relevant person may demonstrate that it has taken reasonable measures to verify the beneficial owners and controllers of the legal body where it verifies the identity of the following:

All customers

• Those directors (or equivalents) who have authority to operate a relationship or to give the relevant person instructions concerning the use or transfer of funds or assets - in line with guidance for individuals.

Standard and higher risk

• Individuals with ultimate effective control over the legal body’s assets, including the individuals comprising the mind and management of the legal body, e.g. directors - in line with guidance for individuals.

• Individuals ultimately holding a material interest in the capital of the legal body - in line with guidance for individuals and trustees.


92. Individuals having ultimate effective control over a legal body will often include directors or equivalent. In the case of partnerships, associations, clubs, societies, charities, church bodies, institutes, mutual and friendly societies, co-operative and provident societies, this will often include members of the governing body or committee plus executives.


94. Where a relevant person verifies the identity of beneficial owners and controllers on a remote basis, reference should be made to the requirements and guidance set out in Section 4.8 for non-face to face identification and verification.

95. Where a director (or equivalent) holds this role by virtue of his employment by (or position in) a business that is a regulated Jersey trust company, a relevant person may demonstrate that it has taken reasonable measures to identify that person and to verify his identity where it obtains the following:

• the full name of the director; and

• an assurance from the trust company that the individual is an officer or employee.



4.5.3 Establishing identity – foundations (except charities)


96. A relevant person must collect relevant identification information on a foundation (and any subsequent changes).

97. A relevant person must collect relevant identification information on the persons who are concerned with the foundation (and any subsequent changes).

GUIDANCE NOTES

98. A relevant person may demonstrate collection of relevant identification information where it requests and receives from the foundation: (i) the following information; and (ii) certain assurances.

All customers

• Name of foundation.

• Date and country of incorporation.


• Business address. In the case of a foundation incorporated under the Foundations (Jersey) Law 2009, this will be the business address of the qualified member of the council.

• Mailing address (if different).


• Names of all council members and, if any decision requires the approval of any other person, the name of that person.

• Identification information for all council members who have authority to operate a relationship or to give the relevant person instructions concerning the use or transfer of funds or assets - in line with guidance for individuals and legal bodies.

• Identification information for the founder, a person (other than the founder of the foundation) who has endowed the foundation, and, if any rights a founder of the foundation had in respect of the foundation and its assets have been assigned to some other person, that person - in line with guidance for individuals and legal bodies.

• Identification information for the guardian - in line with guidance for individuals and legal bodies. The guardian of a foundation takes such steps as are reasonable to ensure that the council of the foundation carries out its functions.


• Identification information for all council members and, if any decision requires the approval of any other person, that person - in line with guidance for individuals and legal bodies.

• Identification information on any beneficiary entitled to a benefit under the foundation in accordance with the charter or the regulations of the foundation - in line with guidance for individuals and legal bodies.

• Identification information on any other beneficiary and person in whose favour the council may exercise discretion under the foundation in accordance with its charter or regulations and that have been identified as presenting higher risk - in line with guidance for individuals and legal bodies.


http://www.jerseylaw.je/Law/display.aspx?url=lawsinforce%2fconsolidated%2f13%2f13.265_FoundationsLaw2009_RevisedEdition_1January2010.htm

http://www.jerseylaw.je/Law/display.aspx?url=lawsinforce%2fconsolidated%2f13%2f13.265_FoundationsLaw2009_RevisedEdition_1January2010.htm




99. Where information is not available from public sources, the assurances are that the council members have provided all of the information requested and that the council members will update the information provided in the event of subsequent change.

4.5.4 Verifying identity – foundations (except charities)


100. A relevant person must verify the identity of the foundation.

101. A relevant person should take reasonable measures to verify the identity of persons who are concerned with the foundation and any subsequent changes of persons who are concerned with the foundation (in line with guidance for individuals and legal bodies).

102. All key documents (or parts thereof) used to verify identity must be understandable (i.e. in a language understood by the employee of the business), and must be translated into English at the request of the JFCU or the Commission.

GUIDANCE NOTES

103. A relevant person may demonstrate that it has verified the identity of a foundation where it verifies the following components:

All customers

• Name of foundation.

• Date and country of incorporation.


Standard and higher risk-additional verification

• Business address.


104. Components of identity may be verified using one or more of the following verification methods:

Lower risk – minimum one verification method

Standard and higher risk – minimum two verification methods

• Charter (or equivalent).

• Registry search.

• Latest audited financial statements.

• Independent data sources, including electronic sources.

• Commission website (for the business address of the qualified member of the council).


105. A relevant person may demonstrate that it has taken reasonable measures to verify the identity of persons who are concerned with the foundation where it verifies the identity of the following:



All customers

• Council members who have authority to operate a relationship or to give the relevant person instructions concerning the use or transfer of funds or assets – in line with guidance for individual and legal bodies.

• Founder, a person (other than the founder of the foundation) who has endowed the foundation, and, if any rights a founder of the foundation had in respect of the foundation and its assets have been assigned to some other person, that person – in line with guidance for individual and legal bodies.

• Guardian – in line with guidance for individual and legal bodies. The guardian of a foundation takes such steps as are reasonable to ensure that the council of the foundation carries out its functions.

Standard and higher risk

• All council members and, if any decision requires the approval of any other person, that person - in line with guidance for individuals and legal bodies.

• Any beneficiary entitled to a benefit under the foundation in accordance with the charter or the regulations of the foundation - in line with guidance for individuals and legal bodies (at the time of or before distribution).

• Any other beneficiary and person in whose favour the council may exercise discretion under the foundation in accordance with its charter or regulations and that have been identified as presenting higher risk - in line with guidance for individuals and legal bodies (at the time that the risk is identified).



107. Where a relevant person verifies information on a remote basis, reference should be made to the requirements and guidance set out in Section 4.8 for non-face to face identification and verification.

108. Where a council member who is an individual holds this role by virtue of his employment by (or position in) a business that is a regulated Jersey trust company, a relevant person may demonstrate that it has taken reasonable measures to identify that person and to verify his identity where it obtains the full name of the council member and an assurance from the trust company that the individual is an officer or employee.

4.6 IDENTIFICATION AND VERIFICATION: AUTHORISED AGENT OF APPLICANTS FOR BUSINESS

OVERVIEW

109. Article 13 of the Money Laundering Order requires a relevant person to identify persons purportedly authorised to act on behalf of an applicant for business that is not an individual and to take reasonable measures to obtain satisfactory evidence of identity of such persons. This will include account signatories and those to whom powers of attorney have been granted. In addition, Article 13 requires a relevant person to verify the authority of any person purporting to act.

110. Article 18(7) and (8) of the Money Laundering Order provides an exception to this requirement where a person authorised to act on behalf of an applicant for business is acting in the course of employment by a person that:

• is regulated by the Commission; or







• carries on equivalent business to any category of business that is regulated by the Commission (see Article 5 of the Money Laundering Order and Section 1.7). Refer to Section 4.9.4.


111. A relevant person must obtain a copy of the power of attorney (or other authority or mandate) that provides the individuals representing the applicant for business with the right to act on its behalf.

GUIDANCE NOTES

112. For lower risk relationships a relevant person may demonstrate that it has taken reasonable measures to obtain satisfactory evidence where it verifies the identity of a minimum of two individuals that have purported authority to act on behalf of an applicant for business.

113. For standard or higher risk relationships, a relevant person should take into account factors such as the risk posed by the relationship and the materiality of the authority delegated to individuals.

4.7 IDENTIFICATION AND VERIFICATION: APPLICANTS ACTING FOR THIRD PARTIES (INTERMEDIARY RELATIONSHIPS)

OVERVIEW

114. This section covers the scenario where the applicant for business is acting on behalf of a third party (e.g. on behalf of an underlying customer(s)). Where that applicant for business meets the criteria detailed in Articles 16 or 17 of the Money Laundering Order, then a relevant person may be able to benefit from concessions provided by those articles (Section 4.10). Otherwise, the requirements detailed in this section apply.

115. The specific situation of a trustee acting on behalf of a third party (the trust), where the trustee is not a business that is a regulated person or does not carry on an equivalent business to any category of regulated business, is addressed in Section 4.4.

STATUTORY REQUIREMENTS 116. Article 13 of the Money Laundering Order requires a determination as to whether an applicant

is acting for a third party or parties.

117. Whenever an applicant is acting for a third party or parties, Article 13 requires a relevant person to identify each third party and the individuals who are its beneficial owners and controllers and to take reasonable measures to verify the identity of each third party and its beneficial owners and controllers, in addition to undertaking measures to identify and verify the identity of the applicant.

118. Where there is a subsequent change of the third party or the beneficial owners or controllers of a third party, Article 13 requires that the new third party or new beneficial owners or controllers are identified and that reasonable measures are taken to verify their identity.

4.8 NON-FACE TO FACE IDENTIFICATION AND VERIFICATION

OVERVIEW

119. Frequently, relationships will be established where there is no face to face contact with the individuals to be identified, for example:

• relationships established by individuals through the post, by telephone or via the internet; and

• where identification information is provided through a trustee on persons who are concerned with a trust, or by a company on the persons who are its beneficial owners and controllers.

120. There may also be circumstances where there is face to face contact with an individual, but where documentary evidence is to be provided at a time when the individual is not present.










121. Article 15(3) of the Money Laundering Order requires that enhanced customer due diligence measures be applied where a customer has not been physically present for identification purposes.

122. This section contains requirements that are relevant where there has been no face to face contact with a person, and where documentary evidence is to be provided at a time when the individual is not present.


123. Where a relationship is established or transaction conducted remotely, or where the identity of an individual is to be verified using documentary evidence when the individual is not physically present, a relevant person must perform an additional check to reduce the risk of identity fraud.

GUIDANCE NOTES

124. A relevant person may demonstrate that the specific additional check undertaken is appropriate where it takes into account the customer risk assessment, matching the level of assurance given by the check to the risk presented by the customer.

125. Additional checks to reduce the risk of identity fraud include:

• Verification of identity using a further verification method listed at Section 4.3.2.

• Obtaining copies of identification documents certified by a suitable certifier.

• Requiring the first payment for the financial services product or service to be drawn on an account in the customer’s name at a bank that is a regulated person or carries on equivalent business (refer to Section 1.7).

• Verifying additional aspects of identity or other customer due diligence information from independent sources.

• Telephone contact with the applicant for business prior to establishing a relationship on a home or business number which has been verified, or a “welcome call” to the customer before transactions are permitted, using the call to verify additional aspects of identification information that have been previously provided.

• Internet sign-on following verification measures where the customer uses security codes, tokens, and/or other passwords which have been set up during account opening and provided by mail (or secure delivery) to the named individual at an independently verified address.

• Specific card or account activation measures.

126. For higher risk customers where suitable certification is relied upon, a relevant person may demonstrate that it has obtained appropriate verification of identity where it takes steps to check that the suitable certifier is real, or alternatively, performs a further check to reduce the risk of identity fraud.

4.8.1 Suitable certifiers

OVERVIEW

127. Use of a certifier guards against the risk that copy documentation provided is not a true copy of the original document and that the documentation does not correspond to the applicant whose identity is to be verified. For certification to be effective, the certifier will need to have seen the original documentation and, where documentation is to be used to provide satisfactory evidence of identity for an individual, have met the individual (where certifying evidence of identity containing a photograph). A suitable certifier will also be subject to professional rules (or equivalent) providing for the integrity of his conduct.


128. A suitable certifier must be subject to professional rules of conduct, which provide comfort as to the integrity of the certifier.

129. A suitable certifier must certify that:





• he has seen original documentation verifying identity and/ or residential address;

• the copy of the document (which he certifies) is a complete and accurate copy of that original; and

• where the documentation is to be used to verify identity of an individual and contains a photograph, the photograph contained in the document certified bears a true likeness to the individual requesting certification,

or use wording to the same effect.

130. The certifier must also sign and date the copy document, and provide adequate information so that he may be contacted in the event of a query.

131. In circumstances where the suitable certifier is located in a higher risk jurisdiction, or where a relevant person has some doubts as to the veracity of the information or documentation provided by the applicant, the relevant person must take steps to check that the suitable certifier is real.

GUIDANCE NOTES

132. Acceptable persons to certify evidence of identity (suitable certifiers) may include:

• a member of the judiciary, a senior civil servant, or a serving police or customs officer;

• an officer of an embassy, consulate or high commission of the country of issue of documentary evidence of identity;

• a lawyer or notary public who is a member of a recognised professional body;

• an actuary who is a member of a recognised professional body;

• an accountant who is a member of a recognised professional body;

• a tax advisor who is a member of a recognised professional body;

• an individual that is qualified to undertake certification services under authority of the Certification and International Trade Committee (in Jersey this service is available through the Jersey Chamber of Commerce); and

• a director, officer, or manager of a regulated financial services business which is operating in a well-regulated jurisdiction, or of a branch or subsidiary of a group headquartered in a well-regulated jurisdiction which applies group standards to subsidiaries and branches worldwide, and tests the application of and compliance with such standards.

133. A higher level of assurance will be provided where the relationship between the suitable certifier and the subject (individual, legal body or express trust) is of a professional rather than personal nature.

134. An adequate level of information to be provided by a suitable certifier would include his name, position or capacity, his address and a telephone number or email address at which he can be contacted.

135. A relevant person may apply a risk based approach to applying steps to check that a suitable certifier is real, that considers factors such as the stature and track record of the certifier, previous experience of accepting certifications from certifiers in that profession or jurisdiction, the adequacy of the framework to counter money laundering and the financing of terrorism in place in the jurisdiction in which the certifier is located and the extent to which the framework applies to the certifier.

136. In determining whether a jurisdiction is well-regulated, a relevant person may have regard to:

• the development and standing of the jurisdiction’s regulatory framework; and

• recent independent assessments of its regulatory environment, such as those conducted and published by the IMF.

http://www.jerseychamber.com/



137. Where the copy document is to be used to verify identity, best efforts should be exercised by the suitable certifier to provide an adequate quality copy of the photographic evidence to be certified.

4.9 EXCEPTIONS FROM IDENTIFICATION MEASURES

OVERVIEW

138. Article 18 of the Money Laundering Order provides for exceptions to the general requirement to carry out identification measures that would otherwise be required under Article 13.

139. The exceptions set out in Article 18 do not apply where a relevant person suspects money laundering or in any situation which by its nature can present a higher risk of money laundering.

140. Article 2 of the Money Laundering Order provides that no individual is to be treated as a beneficial owner of a person that is a body corporate, the securities of which are listed on a regulated market. In the case of an applicant for business that is a subsidiary of such a body corporate, this provision means that there will be no need to identify or verify the identity of the owners of the shares of the holding body corporate. The obligation to identify controllers remains.

4.9.1 Regulated persons and those carrying on equivalent businesses

OVERVIEW

141. The Money Laundering Order requires a relevant person to perform identification and verification of identity measures in respect of an applicant for business, its beneficial owners and controllers, and any third parties (underlying customers) for whom the applicant is acting (as well as for the beneficial owners and controllers of such third parties).

142. Where the applicant for business is a regulated person (or person who carries on equivalent business), then, in line with Article 18(7) of the Money Laundering Order, there is no requirement to apply identification measures in respect of the applicant or on the beneficial owners and controllers of the applicant. However, these provisions do not also provide an exemption in respect of any third parties (underlying customers) for whom the applicant is acting, or for the beneficial owners and controllers of such third parties. Refer to Section 4.10 for concessions concerning the underlying customers.


143. Under Article 18(7) of the Money Laundering Order, a relevant person need not identify or verify the identity of an applicant for business or its beneficial owners and controllers, whether acting as principal or on behalf of third parties, where there are reasonable grounds for believing that the applicant for business is:

• a regulated person; or

• a person carrying out an equivalent business to any category of regulated business (refer to Section 1.7).


144. A relevant person must obtain and retain documentation establishing that the applicant for business is entitled to benefit from the exemption provided in Article 18(7) of the Money Laundering Order.

4.9.2 Companies with listed securities

OVERVIEW

145. Where an applicant for business is a body corporate the securities of which are listed on a regulated market, then, in line with Article 18(6A) of the Money Laundering Order, there is no requirement to apply identification measures on that body corporate or on the beneficial owners














and controllers of the body. However, the obligations to apply identification measures to any third party for which the body corporate may be acting and to persons purporting to act on behalf of the body corporate continue.

146. Guidance published by the UK’s Joint Money Laundering Steering Group on what may be considered to be a regulated market can be found on: Guidance on Equivalent Markets.


147. A relevant person must obtain and retain documentation establishing that the applicant for business is entitled to benefit from the concession in Article 18(6A) of the Money Laundering Order.

4.9.3 Jersey public authorities

OVERVIEW

148. Where an applicant for business is a Jersey public authority, then, in line with Article 18(2) of the Money Laundering Order, there is no requirement to apply identification measures on that public authority or on the beneficial owners and controllers of the authority. However, the obligations to apply identification measures to any third party for which the authority may be acting and to persons purporting to act on behalf of the authority continue.


149. A relevant person must obtain and retain documentation establishing that the applicant for business is entitled to benefit from the concession in Article 18(2) of the Money Laundering Order.

GUIDANCE NOTES

150. The following may be considered to be public authorities in Jersey:

• A department of the States of Jersey;

• A majority States-owned company;

• An agency established by a law of the States of Jersey; or

• A parish authority.

4.9.4 Persons authorised to act on behalf of an applicant


151. Under Article 18(7) of the Money Laundering Order a relevant person need not identify or verify the identity of persons authorised to act on behalf of an applicant for business, where that applicant is a regulated person, or carries on equivalent business to any category of regulated business. See Section 1.7.

152. Under Article 18(8) of the Money Laundering Order a relevant person need not identify or verify the identity of persons purporting to be authorised to act on behalf of an applicant for business where the person who is so authorised acts in the course of employment by a business that is a regulated person, or carries on equivalent business to any category of regulated business.

GUIDANCE NOTES

153. Where a person authorised to act on behalf of an applicant for business holds this role by virtue of his employment by (or position in) a business that is a regulated person, a relevant person may demonstrate that this exception applies where it obtains:

• the full name of the individual; and

• an assurance from the financial services business that the individual is an officer or employee.










4.9.5 Identification measures for pension schemes


154. Under Article 18(3) of the Money Laundering Order, a relevant person need not apply identification measures where the business relationship or one-off transaction relates to a pension, superannuation, or similar scheme:

• where contributions are made by an employer or by way of a deduction from wages, and

• the scheme rules do not permit the assignment of members’ interests under the scheme.

4.9.6 Other exceptions


155. Under Article 18(4), (5) and (6) of the Money Laundering Order, a relevant person need not apply identification measures when the application is for an insurance business policy:

• taken out in connection with a pension scheme relating to the customer’s employment or occupation, if the policy contains no surrender clause and cannot be used as security for a loan; or

• where the premium is a single payment of no more than £1,750; or

• where the premium payments do not exceed £750 in any calendar year.

4.10 IDENTIFICATION AND VERIFICATION OF IDENTITY IN INTERMEDIARY AND INTRODUCED RELATIONSHIPS

OVERVIEW

156. Article 13 of the Money Laundering Order requires a relevant person to determine whether the applicant for business is acting for any third party (underlying customer), and if so, requires the relevant person to identify and take reasonable measures to verify the identity of the third party (underlying customer) and its beneficial owners and controllers. Such relationships are referred to as intermediary relationships, as no direct relationship between the relevant person and the underlying customer arises; the business relationship is instead between the relevant person and the intermediary. Intermediary relationships differ from introduced (also known as referred) relationships, as with introduced relationships, the underlying customer does form a direct relationship with the relevant person.

157. However, in certain circumstances where the risk of money laundering and the financing of terrorism may be lower, such as where the intermediary (or introducer) itself is subject to legal requirements to combat money laundering and financing of terrorism equivalent to those in place in Jersey, and is supervised for compliance with those requirements, the Money Laundering Order permits reduced or simplified due diligence measures to be carried out on the intermediary, or reliance to be placed on the intermediary or introducer to have conducted aspects of customer due diligence.

158. This section sets out the circumstances where reduced or simplified measures may be applied or where reliance may be placed:

• Where the applicant for business – an intermediary - is a certain type of regulated person or carries on an equivalent business to certain categories of regulated business (covered by Article 17 of the Money Laundering Order); and

• Where the relationship involves either an intermediary or introducer that is a carrying on a financial services business that is overseen for AML/CFT compliance in Jersey, or a person who carries on equivalent business (covered by Article 16 of the Money Laundering Order).












159. Intermediary relationships may cover a single underlying customer or more than one customer, including a pool of customers. Relationships established by an intermediary on behalf of a single customer, including relationships involving sub-accounts for each underlying customer, are described in the Handbook as designated relationships. A relationship established by an intermediary on behalf of more than one customer is described in the Handbook as a pooled relationship.

160. Examples of intermediary relationships may include:

• Trustees establishing relationships with other persons carrying on financial services businesses on behalf of express trusts.

• Stock-brokers and investment management firms acting as nominees for underlying investors.

161. Some examples of pooled relationships include:

• Overseas banks (typically Swiss banks) that place pooled deposits on a fiduciary basis with Jersey banks.

• Open-ended or closed-ended investment companies, trustees of unit trusts, and general partners of limited partnerships that wish to establish banking facilities for a collective investment fund.

• Client accounts operated by trust companies, investment managers, lawyers and accountants.

Introduced relationships

162. An introduced relationship is where an introducer has an established relationship with a customer and wishes to introduce that customer to another person carrying on a financial services business. Here, it is the customer who is the applicant for business, and who seeks to form a direct relationship with a relevant person. The customer will therefore have two direct relationships, one with the introducer and one with the relevant person to which he has been introduced.

163. Examples of introducers include:

• Investment advisors who arrange for their customers to invest in a financial product provided by another person carrying on a financial services business, where the investment is held in the name of the customer and not that of the investment advisor.

• Company service providers who arrange for a bank or investment account, for example, to be established in the name of a client company, and not in the name of the company service provider.

• The qualified member of a foundation that is incorporated under the Foundations (Jersey) Law 2009, to the extent that the foundation wishes to form a business relationship or carry out a one-off transaction with another relevant person, e.g. to open a bank account.

Outsourcing

164. Outsourcing arrangements are not included within the scope of this section, as these are distinct from introduced and intermediary relationships. In an outsourcing arrangement, the customer will have a direct relationship with a relevant person and not with the delegate carrying on the outsourced activity. Although the delegate may have substantial contact with the customer, the customer is a customer of the relevant person and not of the delegate. The delegate will be carrying on the outsourced activity for the relevant person according to the terms of a contract with the relevant person. An example of a typical outsourcing arrangement is where a trustee of a collective investment fund outsources the management of the fund to a third party.

http://www.jerseylaw.je/law/display.aspx?url=lawsinforce%2fconsolidated%2f13%2f13.265_FoundationsLaw2009_RevisedEdition_1January2010.htm

http://www.jerseylaw.je/law/display.aspx?url=lawsinforce%2fconsolidated%2f13%2f13.265_FoundationsLaw2009_RevisedEdition_1January2010.htm



4.10.1 Assessment of risk where reliance placed on intermediaries and introducers

OVERVIEW

165. Where it is possible to avoid applying identification measures because these have already been conducted by an intermediary, or to place reliance on measures that have already been conducted by an intermediary, this introduces an additional risk that must be considered. A similar risk is introduced where reliance is placed on an introducer to have conducted identification measures. This section considers this additional risk.

166. The risk factors that are set out in this section will also be relevant to a customer risk assessment that is conducted under Section 3.3.4.1 in the cases highlighted at Sections 4.4 (paragraph 55) and 4.5 (paragraph 77).

STATUTORY REQUIREMENTS 167. In certain cases, Articles 16 of the Money Laundering Order provides for reliance to be placed

on intermediaries and introducers to have applied identification measures in order to meet a relevant person’s obligations under Article 13 of the Money Laundering Order. In order to place such reliance, a relevant person must have conducted an assessment as to whether it is appropriate to place reliance.

168. In certain cases, Article 17 of the Money Laundering Order provides that a relevant person need not apply the requirement in Article 13 of the Money Laundering Order to identify and verify the identity of the intermediary’s underlying customer. Article 17 may be applied only where a relevant person has conducted an assessment as to whether it is appropriate to apply the concession.


169. In order to avoid applying identification measures under Article 17 or to rely on measures that have been conduced by an intermediary or introducer under Article 16, a relevant person must first assess the risk in avoiding applying such measures or placing reliance. Where appropriate, it should take additional measures to manage its risk.

GUIDANCE NOTES

Risk assessment – factors to consider

170. One or more of the following factors will be relevant when conducting a risk assessment for an introducer or intermediary:

• The stature and regulatory track record of the intermediary or introducer.

• The adequacy of the framework to combat money laundering and financing of terrorism in place in the jurisdiction in which the intermediary or introducer is based and the period of time that the framework has been in place.

• The adequacy of the supervisory regime to combat money laundering and terrorist financing to which the intermediary or introducer is subject.

• The adequacy of the measures to combat money laundering and financing of terrorism in place at the intermediary or introducer.

• Previous experience gained from existing relationships connected with the intermediary or introducer.

• The nature of the business conducted by the intermediary or introducer. Relevant factors include:

a. the geographic location of the customer base;

b. the general nature of the customer base, e.g. whether institutional or private client;

c. the risk appetite of the intermediary or introducer; and

d. the nature of the services which the intermediary or introducer provides to its customers.












• Whether relationships are conducted by the intermediary or introducer on a face to face basis.

• Whether specific relationships are fully managed by an introducer.

• The extent to which the intermediary or introducer itself relies on third parties to identify its customers and to hold evidence of identity or to conduct other due diligence measures, and whether such third parties are relevant persons or carry out an equivalent business.

• Whether or not specific intermediary or introduced relationships involve PEPs or other higher risk relationships.

Additional measures

171. Where, having assessed risk, a relevant person determines that additional measures are required, these may include all, or some, of those listed below:

• Making specific enquiries of the intermediary or introducer to determine the adequacy of measures to combat money laundering and financing of terrorism in place.

• Reviewing the policies and procedures to combat money laundering and financing of terrorism in place at the intermediary or introducer.

• Where the intermediary or introducer is a member of a financial services group, making enquiries concerning the extent to which group standards are applied to and assessed by the intermediary’s or introducer’s compliance function or internal audit function.

• Conducting (or commissioning from an external expert) periodic sample testing of the adequacy of the intermediary’s or introducer’s policies and procedures to combat money laundering and financing of terrorism, whether through onsite visits, or through requesting specific customer due diligence information and/or copy documentation to be provided.

• Requesting specific customer due diligence information and/or copy documentation to be provided, to confirm that the intermediary or introducer is able to satisfy any requirement for such information and documentation to be available without delay at the request of the relevant person.

• Where an intermediary or introduced relationship presents higher money laundering or financing terrorism risk, considering whether it is appropriate to rely solely upon the information provided by the intermediary or introducer, and whether additional customer due diligence information and/or documentation is required.

• Requiring that pooled relationships must not be used for higher risk customers, and that designated relationships with increased disclosure of information be put in place for such customers.

4.10.2 Intermediary relationships – Article 17

OVERVIEW

172. Where an intermediary meets the criteria outlined in Article 17 of the Money Laundering Order, a relevant person need not identify or verify the identity of the intermediary’s underlying customers, whether pooled or designated relationships. However, the relevant person’s risk assessment of the intermediary may necessitate the relevant person taking additional measures, as set out in Section 4.10.1, above.

173. The capacity in which the intermediary is acting will be relevant. Where an intermediary is acting other than in the course of: (a) deposit-taking business; (b) insurance business; (c) investment business or (d) fund services business, or is a permit holder or a certificate holder, then a relevant person may not rely on Article 17.


174. Under Article 17 of the Money Laundering Order a relevant person need not identify and verify the identity of third parties (underlying customers) for whom an intermediary is acting (or any







beneficial owners and controllers of those third parties) where it establishes that there are reasonable grounds for believing that:

• the intermediary is acting in the course of: deposit-taking business, insurance business, investment business, fund services business, or is a permit holder or certificate holder; or

• the intermediary carries on equivalent business to the above categories of regulated business (refer to Section 1.7).

175. A relevant person may not rely on the concession in the Money Laundering Order where it has suspicion of money laundering.


176. A relevant person must be able to demonstrate that the conditions required by the Money Laundering Order are met.

4.10.3 Intermediary and introduced relationships – Article 16

OVERVIEW

177. Where an intermediary or introducer meets the requirements outlined in Article 16 of the Money Laundering Order, a relevant person is permitted to place reliance on the intermediary or introducer to have conducted identification measures in respect of the relevant person’s underlying or introduced customers. This means that a relevant person does not need to duplicate identification measures that will have already been conducted by the intermediary or introducer.

178. Whilst a customer information profile containing necessary CDD information on the underlying customer and its beneficial owners and controllers must be obtained for both designated and pooled relationships with intermediaries, and applicants introduced by introducers, the relevant person accepting the relationship is not also required to obtain evidence of identity. Evidence of identity may be held by the intermediary or introducer, so long as the relevant person is satisfied that the intermediary or introducer will provide the evidence that it holds on request and without delay.

179. In the case of a trustee that is an intermediary for a trust, the underlying customer is considered to be the individuals concerned with the trust (Section 4.4).

180. When considering the relevant requirements to apply to intermediary relationships, provisions concerning lower risk products (Section 4.10.5) may also be relevant.

181. Where customer due diligence information is passed by an intermediary to a relevant person in order to comply with requirements to counter money laundering and the financing of terrorism, the Data Protection (Jersey) Law 2005 restricts the use of the information to that purpose, except where another condition for processing personal data applies.

STATUTORY REQUIREMENTS 182. Article 16 of the Money Laundering Order permits a relevant person to rely upon an

intermediary or introducer to have applied specified identification measures, where it obtains a confirmation from an intermediary or introducer on certain matters. It may do so where:

• the applicant for business is an intermediary (i.e. is acting on behalf of underlying customers) that meets the conditions set out below; or

• the applicant for business is introduced by an introducer that meets the conditions set out below.

183. The relevant person must have reasonable grounds for believing that:

• the intermediary or introducer is a relevant person that is overseen for AML/CFT compliance in Jersey; or

• the intermediary or introducer is a person who carries on equivalent business (refer to Section 1.7).

184. The relevant person must obtain a confirmation from the intermediary or introducer that:



http://www.jerseylaw.je/law/display.aspx?url=lawsinforce%2fconsolidated%2f15%2f15.240_DataProtectionLaw2005_RevisedEdition_1January2006.htm





• is in writing;

• confirms that the applicant for business is an established customer of the introducer (where the customer relationship is introduced);

• contains adequate assurance that the intermediary or introducer has undertaken the necessary customer identification measures;

• for intermediary relationships, contains sufficient information about the third parties (underlying customers) for whom the intermediary is acting (and of any beneficial owners and controllers of the third parties);

• for introduced relationships, in line with Articles 13 and 3 of the Money Laundering Order contains sufficient information about the applicant for business and any beneficial owners and controllers of the applicant, and also any third parties that the introduced customer may be acting for, and any person purporting to act on behalf of the introduced customer – where reliance is placed on the introducer;

• contains adequate assurance that the intermediary or introducer is required to keep and does keep records containing the evidence of identity of:

a. for intermediary relationships, the third parties (underlying customers) for whom the intermediary is acting (and of any beneficial owners and controllers of the third parties); or

b. for introduced relationships, the applicant for business and any beneficial owners and controllers of the applicant, and also any third parties that the introduced customer may be acting for, and any person purporting to act on behalf of the introduced customer – where reliance is placed on the introducer; and

• contains adequate assurance that the intermediary or introducer will provide the evidence of the identity without delay at the request of the relevant person.

185. A relevant person may not rely on this concession where it suspects money laundering.

186. The ultimate responsibility for ensuring that customer identification and verification measures are adequate remains with the relevant person. In order to place reliance on an introducer or intermediary, the introducer or intermediary must have provided its consent to do so.


187. A relevant person must be able to demonstrate that the conditions required by the Money Laundering Order are met.

188. In order to demonstrate that a relevant person has obtained sufficient information about the underlying customer, or introduced customer, a relevant person must:

• Obtain customer information profiles from the intermediary or introducer on each of the intermediary’s underlying customers, or introduced customers - in line with guidance for individuals, trustees, and legal bodies – set out in Sections 4.3 to 4.5. The information provided in the customer information profile will depend upon the relevant person’s assessment of the risk presented by a particular individual, trustee or legal body.

• Be satisfied that the intermediary or introducer will notify the relevant person of any material changes to the customer information profile provided.

189. All evidence of identity passed by the intermediary or introducer to a relevant person (on request) must be confirmed by the intermediary or introducer as being a true copy of either an original or copy document held on its file.

190. In the event that an introducer terminates its relationship with a customer introduced to a relevant person, the relevant person must require the introducer to provide the relevant person with:

• copies of the relevant evidence of identity held; or






• an assurance that the introducer will continue to hold the necessary evidence on behalf of the relevant person until such time as is agreed.

GUIDANCE NOTES

Access to CDD information and documentation

191. A relevant person may demonstrate that an intermediary or introducer will provide CDD information and documentation in relation to underlying customers, and introduced customers, without delay where it requires relevant CDD information and documentation to be made available within 5 working days of a request.

192. Where an intermediary or introducer is located in a jurisdiction known to have restrictive secrecy provisions, a relevant person may demonstrate that it has adequate access to CDD information and documentation where it periodically requests such information or documentation to be provided (and it is provided), or otherwise obtains access to review the relevant information and documentation held by the intermediary or introducer.

Responsibility for failures in identification measures

193. A relevant person will remain responsible for the satisfactory performance of all elements of identification measures. However, where the measures taken are reasonable, it will have a defence should the intermediary or introducer fail to have performed satisfactory measures.

Template customer information profiles

194. Refer to Appendix C for template customer information profiles setting out customer information to be collected for intermediary and introduced relationships.

4.10.4 Group intermediaries and introducers in certain jurisdictions – Article 16

OVERVIEW

195. Where the following criteria are met, then under Article 16 of the Money Laundering Order, a relevant person may rely on an intermediary or introducer that is in the same group as the relevant person to have obtained and to hold evidence of identity on its behalf in the way described in Section 4.10.3, notwithstanding that the intermediary or introducer itself may not be directly subject to legal requirements to combat money laundering and financing of terrorism that are consistent with the FATF Recommendations or subject to direct supervision.

196. As for other intermediary or introduced relationships, a customer information profile containing necessary CDD information on the underlying customer and its beneficial owners and controllers or introduced customer must be obtained for each group intermediary or group introduced relationship. Evidence of identity may be held by the intermediary or introducer, so long as the relevant person is satisfied that the group intermediary or introducer will provide the evidence on request and without delay.

GUIDANCE NOTES

197. A group intermediary or introducer may demonstrate that it has met the criteria established in Article 5 of the Money Laundering Order where:

• The intermediary or introducer carried on a category of business equivalent to a category outlined in Schedule 2 of the Proceeds of Crime Law and is a branch or subsidiary in the same group as the relevant person;

• The intermediary or introducer is registered or otherwise authorised in another country;

• The intermediary or introducer is subject to group requirements to combat money laundering and financing of terrorism;

• The conduct of the intermediary’s or introducer’s business is subject to supervision for compliance with group requirements to combat money laundering and financing of terrorism by an overseas regulatory authority; and

• The group’s parent meets the conditions required by Article 5 of the Money Laundering Order for equivalent businesses (refer to Section 1.7).



http://www.jerseylaw.je/Law/display.aspx?url=lawsinforce%2fconsolidated%2f08%2f08.780_ProceedsofCrimeLaw1999_RevisedEdition_1January2009.htm#Toc223929105





4.10.5 Intermediary customers and lower risk products

OVERVIEW

198. Where an intermediary is covered by Article 16 (but not also Article 17), a customer information profile will be required for each underlying customer. However, the following section sets out circumstances where a relevant person provides a lower risk product, or where the product that is controlled or administered by the intermediary itself presents lower risk, where it may be appropriate to operate a relationship without a customer information profile for each underlying customer.

GUIDANCE NOTES

199. A relevant person may demonstrate that it has satisfied the requirement of the Money Laundering Order for sufficient customer information to be obtained under Article 16 of the Money Laundering Order, where the relationship is established on an undisclosed basis with an intermediary (that is covered by Article 16) for one or more of the following:

• Investment products controlled or administered by the intermediary which are closed-ended, where there is no liquid market for shares, units, or interests in the investment product, and where the funds for investment and the proceeds of the investment are received from and returned to the investor, and not third parties.

• Employee benefit schemes (including pension schemes) controlled or administered by the intermediary, which are funded either by the sponsor or by deductions from employee remuneration, and which are for the benefit only of the sponsor’s employees, or the employees’ immediate family.

• The limited pooling of funds by an intermediary for one of the following purposes:

a. the facilitation of immovable Jersey property transactions;

b. pending the transfer to a designated account for an underlying customer, where the funds are not to be held on an undisclosed basis for longer than 40 days;

c. pending the receipt of instructions when exiting a customer relationship, where the funds are not to be held on an undisclosed basis for longer than 40 days;

d. to facilitate ad hoc (not routine) cheque payments where designated accounts do not otherwise have this facility;

e. to provide underlying customers with access to low cost banking facilities where customers’ liquid assets are of insufficient value and volume for the establishment of a designated relationship (e.g. balances of £1,000 or less per relationship, with little activity);

f. to facilitate the aggregation of statutory fees for onward payment;

g. to receive fees payable to the intermediary which have been paid in advance; and

h. to receive customer money on an ad hoc basis paid to the intermediary in error.

200. A relevant person may also demonstrate that it has satisfied the requirements of the Money Laundering Order, without obtaining CDD information in the form of a customer information profile, where it accepts an aggregated deposit of customer funds (or funds for investment) from a bank account held in the name of a person carrying on financial services business that is a regulated person (or is regulated by the Guernsey Financial Services Commission or the Isle of Man Financial Supervision Commission), where the funds (and any income or profit generated) will only be returned to the bank account from which the funds originated.







4.11 REDUCED OR SIMPLIFIED MEASURES: VERIFICATION OF IDENTITY CONCESSION FOR VERY LOW RISK PRODUCTS/SERVICES

OVERVIEW

201. Where funds involved in a relationship:

• have been received from a bank that is a regulated person or carries on equivalent business to deposit-taking (refer to Section 1.7); and

• have come from an account in the sole or joint name of the applicant for business,

then the receipt of funds from such an account will be considered to provide a satisfactory means of verifying the identity of an applicant for business, where: (i) the product or service requested by the applicant for business is considered to present a very low money laundering risk, and (ii) where the applicant for business is not considered to present higher risk.

202. The basis for this concession is that funds may only be received from and paid to an account in the customer’s name, i.e. a product or service where funds may not be paid in by, or paid out to, third parties.


203. In considering whether it is appropriate for verification of a customer’s identity to be carried out using this concession, a relevant person must be able to demonstrate that an applicant for business does not present higher risk and that it is reasonable for the concession to apply. Particular care must be taken in circumstances where an applicant is not an individual.

204. To benefit from this concession, the product or service must satisfy the following conditions:

• all initial and future payments must be received from an account at a bank that is a regulated person or carries on an equivalent business to deposit-taking (refer to Section 1.7), where the account can be confirmed as belonging to the applicant for business;

• no initial or future payments may be received from third parties;

• cash withdrawals are not permitted, with the exception of face to face withdrawals by the customer, where he is required to produce evidence of identity before the withdrawal can be made;

• no payments may be made, other than to an account at a bank that is a regulated person or carries on an equivalent business to deposit-taking (refer to Section 1.7), where the account can be confirmed as belonging to the customer, or on the death of the customer to a personal representative named in the grant of probate or the letters of administration; and

• no future changes must be made to the product or service that enable funds to be received from or paid to third parties.

205. In the event that the above conditions are breached, the identity of the customer must be verified at that time in accordance with Section 4.3, Section 4.4, or Section 4.5.

206. A relevant person must obtain and retain evidence confirming that payment has been received from an account at a bank that is a regulated person or carries on an equivalent business to deposit-taking (refer to Section 1.7), and, where a request for a withdrawal or transfer to another bank account is received, confirmation that this account is also in the customer’s name and held at a bank that is a regulated person or carries on an equivalent business to deposit-taking (refer to Section 1.7).

207. If a relevant person has reason to suspect the motive behind a particular transaction or believes that the business is being structured to avoid standard identification measures, it must not use this concession.




4.12 TIMING OF INITIAL IDENTIFICATION AND VERIFICATION OF IDENTITY

STATUTORY REQUIREMENTS 208. Article 13(1) of the Money Laundering Order requires identification measures to be applied

before the establishment of a relationship or before carrying out a one-off transaction.

209. However, Article 13(4) of the Money Laundering Order permits verification of identity to be completed as soon as reasonably practicable after the establishment of a business relationship if:

• it is necessary not to interrupt the normal conduct of business; and

• there is little risk of money laundering occurring as a result of completing such verification after establishing the relationship.

GUIDANCE NOTES

210. Funds may be received from an applicant during the course of establishing a business relationship. A relationship is established once a relevant person acts on instructions as to the operation of that relationship, for example, invests funds in a financial product on behalf of a customer.

211. Guidance as to appropriate steps to take where a relevant person is unable to complete identification measures is provided in Section 4.14.

4.12.1 Delayed completion of verification requirements

OVERVIEW

212. Article 13(4) of the Money Laundering Order allows, in certain circumstances, a relevant person a reasonable timeframe to undertake the necessary enquiries for the completion of verification measures after the initial establishment of a relationship. Where a reasonable excuse for the continued non-completion of verification measures cannot be provided, in order to comply with Article 14(2) of the Money Laundering Order, a relevant person must terminate the relationship (Section 4.14).

213. In the case of a customer that is a trustee, paragraph 67 of this section is relevant. In the case of a customer that is a foundation, paragraph 105 of this section is relevant (to the extent that it applies to any beneficiary that is entitled to benefit under the foundation).


214. A relevant person may complete verification of identity after the initial establishment of a relationship if the following conditions are met:

• all other necessary customer due diligence information (including information on identity) has been obtained;

• the need to perform verification of identity at a later stage is essential not to interrupt the normal conduct of business;

• verification of identity is carried out as soon as is reasonably practicable;

• it highlights to its customer its obligation to terminate the relationship at any time on the basis of non-completion of verification measures; and

• money laundering risk is effectively managed.

215. In any event, a relevant person must not pay away funds to a third party, other than to invest or deposit the funds on behalf of the customer, until such time as identity has been verified.

GUIDANCE NOTES

216. A relevant person may demonstrate that it has a right to terminate a relationship where terms of business which govern its relationships with its customers encompass the termination of








relationships due to non-completion of verification measures. Terms and conditions should clearly state that termination may lead to an applicant suffering losses – where, e.g. funds have been invested in a collective investment fund.

217. Money laundering risk may be effectively managed where:

• policies and procedures establish timeframes for the completion of verification measures;

• the establishment of any relationship benefiting from this concession has received appropriate authorisation and such relationships are appropriately monitored so that verification of identity is carried out as soon as is reasonably practicable; and

• appropriate limits or prohibitions are placed on the number, type and amount of transactions over an account.

4.13 SUBSEQUENT IDENTIFICATION AND VERIFICATION OF IDENTITY

STATUTORY REQUIREMENTS 218. Article 13(1)(c)(i) of the Money Laundering Order requires a relevant person to carry out

identification measures where it suspects money laundering, whether or not an exemption or concession from identification measures had previously been applied.

219. In addition, where a relevant person has doubts about the veracity or adequacy of documents, data or information previously obtained under customer due diligence measures, Article 13(1)(c)(ii) of the Money Laundering Order requires the business to take steps to carry out identification measures.

220. Article 14(6) of the Money Laundering Order provides that identification measures need not be applied where a relevant person is acting with the consent of the JFCU and where an existing relationship is terminated, relationship is not established, or one-off transaction not completed or carried out.

GUIDANCE NOTES

221. A relevant person may demonstrate that it has carried out the identification measures required under Article 13(1)(c)(ii) of the Money Laundering Order where it does so in cases where a trustee, legal body, foundation, intermediary or introducer advises of a change to identification information that it has provided to the relevant person under Sections 4.4.1, 4.5.1, 4.5.3, and 4.10.3 respectively.

4.14 FAILURE TO COMPLETE IDENTIFICATION OR VERIFICATION OF IDENTITY

OVERVIEW

222. Where identification measures cannot be completed, a relevant person must not proceed or continue with a relationship or one-off transaction. The ease, with which a relationship may be terminated, will depend upon how funds have been invested. For example, whereas a bank can close an account relatively easily and returns funds to a customer, it may be less straightforward for a fund to affect a compulsory redemption, particularly where it is closed ended, or where valuation dates are infrequent.

223. Wherever possible, when terminating a relationship where customer money or other assets have been received, a relevant person should return the assets directly to the customer, for example by returning money to the account from which it was received.

224. Where the customer requests that money or other assets be transferred to third parties, or to a different account in the customer’s name, the relevant person should assess whether this provides grounds for knowledge or suspicion, or reasonable grounds for knowledge or suspicion, of money laundering or financing of terrorism.










225. If a relevant person is unable to apply identification measures before the establishment of a relationship or before carrying out a one-off transaction (except in the circumstances provided for in Article 13(4) of the Money Laundering Order), Article 14(1) of the Money Laundering Order requires that a relevant person shall not establish that business relationship or carry out that one-off transaction.

226. Article 14(2) of the Money Laundering Order provides that if a relevant person is unable to apply identification measures in the circumstances described in Article 13(4), it shall terminate the relationship.

227. Article 14(4) of the Money Laundering Order provides that a relevant person must terminate a business relationship where it cannot apply ongoing identification measures.

228. Article 14(11) of the Money Laundering Order provides that a business relationship or one-off transaction may proceed or continue where a relevant person is acting with the consent of the JFCU.








Handbook for regulated financial services businesses Part 1: Section 5 – Monitoring activity and transactions

70 Effective from: 4 February 2008 Section 5.2.1 Revised 22 July 2010

5 MONITORING ACTIVITY AND TRANSACTIONS


1. Sections 3 and 4 address the capturing of sufficient information about a customer that will allow a relevant person to: develop a profile of expected activity to provide a basis for recognising unusual activity and transactions; and identify higher risk activity or transactions, which may indicate money laundering or financing of terrorism.

2. This section requires a relevant person to monitor business relationships and to apply scrutiny to unusual and higher risk activity or transactions, and also to specific higher risk activity, so that money laundering or the financing of terrorism may be identified and, where possible, prevented. An effective monitoring system requires a relevant person to identify unusual and higher risk activity, to maintain up to date customer due diligence information and to ask pertinent questions to determine whether there is a rational explanation for the activity or transactions identified. The scrutiny of activity and transactions may involve requesting additional customer due diligence information.

3. For some customers, a complete customer profile and appropriate risk assessment may only become evident once the relationship has been established, making monitoring of customer activity and transactions key to obtaining a complete understanding of business relationships.

4. Unusual activity or transactions may be identified as activity that is inconsistent with the expected pattern of activity within a particular relationship, or with the normal business activities for the type of product or service that is being delivered. Where a relevant person’s customer base is homogeneous, and where the products and services provided to customers result in uniform patterns of activity or transactions, it will be more straightforward to establish parameters to identify usual and unusual activity. However, where each customer is unique, and where the product or service provided is bespoke, a relevant person will need to tailor monitoring systems to the nature of its business and facilitate the application of additional judgement and experience to the identification of unusual activity. For such businesses, appropriate staff training in the recognition of unusual activity is vital.

5. Monitoring procedures may involve both real time and post event monitoring. Real time monitoring will focus on activity and transactions when information or instructions are received from customers, before or as the instruction is processed. Post event monitoring may involve end of day, weekly, monthly or annual reviews of customer activity and transactions. Real time monitoring of activity will be more effective at reducing a relevant person’s exposure to money laundering and financing terrorism risk. Post event monitoring may be more effective at identifying patterns of unusual customer activity or transactions.

6. Monitoring may involve manual and automated procedures. Automated monitoring procedures may add value to manual procedures (particularly for businesses with large volumes of customer transactions) by producing exception reports identifying transactions or activity for further examination that fall outside of parameters for usual activity. The appropriateness of automated monitoring procedures will depend on the relevance of the parameters to the nature of business undertaken by a relevant person.

7. Unusual or higher risk activity or transactions may indicate money laundering or financing terrorism activity where there is no apparent economic or visible lawful purpose.

8. Where monitoring indicates possible money laundering or financing terrorism activity, and the process of undertaking identification procedures is managed without due care, contact between a relevant person and a customer (or his advisors) could unintentionally lead to the customer being tipped off. Section 6.4 considers this situation.

9. Reporting of knowledge, suspicion, or reasonable grounds for knowledge or suspicion of money laundering and financing of terrorism is addressed in Section 6.


Part 1: Section 5 – Monitoring activity and transactions


10. Sufficient guidance and training of staff is essential to enable them to recognise money laundering and financing terrorism activity. Requirements for training in the recognition and handling of suspicious activity are covered in Section 7.

11. This section should be read and understood in conjunction with Sections 3, 4, and 6.

5.2 OBLIGATION TO MONITOR


12. Article 13 of the Money Laundering Order requires a relevant person to scrutinise transactions undertaken throughout the course of a business relationship to determine whether the transactions being conducted are consistent with the relevant person’s knowledge of the customer.

13. Article 11 provides that policies for the application of customer due diligence procedures are appropriate having regard to the degree of risk of money laundering. The policies referred to include those:

• which provide for the identification and scrutiny of:

a. complex or unusually large transactions;

b. unusual patterns of transactions, which have no apparent economic or lawful purpose;

c. business relationships and transactions connected with jurisdictions that do not, or insufficiently, apply the FATF Recommendations;

d. business relationships and transactions with persons or jurisdictions that are subject to UN or EU sanctions and measures or measures imposed by one more countries for insufficient or non-existent application of FATF Recommendations; or

e. any other activity, the nature of which causes the relevant person to regard it as particularly likely to be related to money laundering or the financing of terrorism.

• which specify additional procedures where products and transactions are susceptible to anonymity and;

• which determine whether a customer is a PEP.

14. Article 15 requires that a relevant person apply enhanced customer due diligence using a risk based approach where:

• a customer is not physically present for identification purposes;

• the relevant person proposes to have a business relationship or carry out a one-off transaction with a PEP;

• the relevant person is a holds a deposit-taking licence and proposes to establish a correspondent banking relationship; and

• the nature of the situation is such that a higher risk of money laundering is likely.


15. A relevant person must, as a part of its ongoing identification procedures, establish appropriate customer activity and transaction monitoring procedures that scrutinise the activity and transactions of its customers.

16. The monitoring procedures must require more intensive scrutiny of higher risk customers (including PEPs) and higher risk products/services.

17. The monitoring procedures must:

Section 5.2.1 Revised 22 July 2010 71






• involve a relevant person applying its understanding of its business (i.e. the outcome of its business risk assessment – Section 2.3.1) to determine the nature of usual activity and its expectations for unusual and higher risk activity and transactions;

• be designed to result in the identification of unusual and higher risk activity or transactions;

• require that, in particular, special attention is paid to specific higher risk activity and transactions (see 18 below);

• require the examination of any unusual or higher risk activity or transaction by an appropriate person to determine the background and purpose of the activity or transaction;

• in connection with the above examination, involve the collection of additional information (where appropriate);

• establish whether there is a rational explanation (an apparent economic or visible lawful purpose) for the unusual or higher risk activity or transaction, and document these findings in writing; and

• result in appropriate action being taken as a result of the findings of the above procedures.

18. When conducting monitoring procedures, the following are to be considered to be higher risk activity and transactions:

• complex transactions;

• unusual large transactions;

• unusual patterns of transactions, which have no apparent economic or lawful purpose;

• activity and transactions: (i) connected with jurisdictions which do not, or insufficiently apply, the FATF Recommendations; or (ii) which are the subject of UN or EU countermeasures; and

• activity and transactions that may be conducted with persons who are the subject of UN or EU sanctions and measures.

19. A relevant person must have policies and procedures in place to address any specific risks associated with customer relationships established where the customer was not physically present for identification purposes (i.e. non-face to face).

GUIDANCE NOTES

20. Appropriate monitoring systems. In determining the nature of the monitoring procedures appropriate for a business, a relevant person may have regard to the following factors:

• its business risk assessment;

• the size and complexity of its business;

• its ability to monitor transactions or activity in real time (i.e. before customer instructions are put into effect);

• whether it is possible to establish appropriate standardised parameters for unusual activity; and

• the monitoring procedures that already exist to satisfy other business needs.


Part 1: Section 5 – Monitoring activity and transactions

Effective from: 4 February 2008 Section 5.2.1 Revised 22 July 2010 73

21. Identifying unusual activity/transactions. Appropriate factors to consider in determining whether activity or transactions are unusual include:

• the expected frequency, size, volume and origin/destination of customer funds whether specific to an individual customer, or for a generic customer type or product type; and

• the presence of risk factors specific to the nature of the activity and customer base of the relevant person. A relevant person should determine risk factors based on its knowledge of its customer base (refer to Section 2.3.1) and should have regard to typologies (whether external or developed from its own experiences) relevant to the nature of business activities.

22. Examining unusual and higher risk activity. A relevant person may demonstrate that it is appropriately examining unusual and higher risk activity and transactions where it:

• reviews the identified activity/transaction in light of the customer risk assessment and the customer due diligence information that it holds;

• makes further enquiries to obtain any further information required to enable a determination as to whether the activity/transaction has a rational explanation; and

• considers the activity or transaction in the context of any other relationships connected with the customer.

23. The examination of unusual and higher risk activity or transactions may be conducted either by customer facing staff, or by an independent reviewer. In any case, the reviewer must have access to relevant customer due diligence information, and the enquiries made and the conclusions reached by the reviewer must be appropriate. Refer to Section 8 for record keeping requirements in relation to the examination of higher risk activity and transactions.

24. Appropriate follow up action may include:

• Updating customer due diligence information to record the results of the enquiries made;

• Reviewing the appropriateness of the customer risk assessment in light of the unusual activity and/or additional customer due diligence information obtained;

• Considering whether tuning of the monitoring system is required, e.g. to result in further staff training in the identification of unusual or higher risk activity and transactions, refinement of the monitoring system’s parameters, enhancement of controls for more vulnerable products/services/business units;

• Applying increased levels of monitoring to particular relationships;

• Where the activity or transaction does not have a rational explanation, considering whether the circumstances require a suspicious activity report to be submitted to the relevant person’s MLRO (Section 6).

25. In line with enhanced due diligence requirements for higher risk customers (Section 3.4), more intensive scrutiny of customer activity and transactions may involve, for example:

• More frequent review and updating of customer due diligence information;

• More regular review of customer activity and transactions against the customer’s expected activity profile;

• The application of lower thresholds for the monitoring of customer activity and transactions;

• Customer reviews being conducted by persons not directly involved in managing customer relationships.



5.2.1 Countries and territories that do not, or insufficiently, apply FATF Recommendations

OVERVIEW

26. The risk that relationships are tainted by funds that are the proceeds of crime or are used to fund terrorism is increased where the relationship has a connection with a jurisdiction that does not apply, or insufficiently applies, the FATF Recommendations, as a weak framework to combat money laundering and the financing of terrorism increases the risk that the proceeds of crime or terrorist funding can enter the financial system, and remain undetected. For example, where the requirements for customer due diligence procedures are weak, or where there is an absence of transparency or regulatory measures for legal bodies or express trusts.


27. Countries and territories in Group 1 of Appendix D are to be treated as countries and territories that do not apply, or insufficiently apply, the FATF Recommendations under Article 15(3A) of the Money Laundering Order.

5.3 AUTOMATED MONITORING METHODS

OVERVIEW

28. Automated monitoring methods may be effective in recognising unusual and higher risk activity or transactions.

29. Exception procedures and reports can provide a simple but effective means of monitoring all transactions to or from particular geographical locations or accounts, and any activity that falls outside of pre-determined parameters - based on thresholds that reflect the nature and level of activity and the risk profiles or the relationships that are being monitored.

30. Large or more complex relevant persons may also use automated monitoring systems to facilitate the monitoring of significant volumes of transactions, or - in an e-commerce environment - where the opportunity for human scrutiny of individual transactions is limited.

31. However, use of automated monitoring systems does not remove the requirement for a relevant person to otherwise remain vigilant. Factors such as staff intuition, direct contact with a customer, and the ability, through experience, to recognise activity and transactions that do not seem to make sense, cannot be automated.

32. In the case of monitoring activity and transactions that may be conducted with individuals who are the subject of countermeasures, applied under UN and EU sanctions and measures, the use of electronic external data sources may be particularly effective.




Part 1: Section 6 - Reporting Money Laundering and Financing of Terrorism Activity and Transactions


6 REPORTING MONEY LAUNDERING AND FINANCING TERRORISM ACTIVITY AND TRANSACTIONS


1. This section outlines the statutory provisions concerning disclosure of information where a relevant person has knowledge, suspicion, or reasonable grounds for knowledge or suspicion that the business itself, or another person, is involved in money laundering or financing terrorism, and the requirements for reporting procedures. It also provides guidance on making internal and external suspicious activity reports. Additional information on these statutory provisions is contained within Part 2 of the Handbook.

2. This section describes disclosures made under the Proceeds of Crime Law, Drug Trafficking Offences Law and Terrorism Law, and reports made according to a relevant person’s reporting procedures (as required by the Money Laundering Order) as suspicious activity reports. Although referred to here as suspicious activity reports, depending on the circumstances the reports may involve knowledge of money laundering or financing of terrorism, rather than suspicion (or reasonable grounds for knowledge or suspicion).

3. There are three situations in which a relevant person, or one of its employees, will make a suspicious activity report:

• where the relevant person (or one of its employees) believes that the business may have, itself, committed a money laundering or financing of terrorism offence, for example by becoming concerned in an arrangement facilitating money laundering or the financing of terrorism;

• where legislation contains an offence of failure to make a suspicious activity report to JFCU that another person is connected with either money laundering or the financing of terrorism; and

• as a result of obligations under the Money Laundering Order for a relevant person to have procedures in place to disclose that another person is engaged in money laundering or the financing of terrorism.

4. Often, a single report may cover two separate provisions. For example, internal reporting procedures at a relevant person may lead to a suspicious activity report (under Article 21 of the Money Laundering Order) that another person (“person A”) is engaged in money laundering. Where the same relevant person also knows or suspects that it has become concerned in an arrangement with person A, then the suspicious activity report may also relate to Article 32 of the Proceeds of Crime Law - so that it does not commit an offence under that article.

5. Throughout this section, references to an “applicant for business” or “applicant” relate to a prospective customer, and references to a “customer” relate to a person with whom a business relationship has been formed or transaction conducted.

6.2 DISCLOSURE OF KNOWLEDGE OR SUSPICION TO THE JFCU


6. Article 32 (assisting another to retain the benefit of criminal conduct) and Article 33 (acquisition, possession or use of proceeds of criminal conduct) of the Proceeds of Crime Law state that where a person is concerned in an arrangement involving the proceeds of crime, or has possession of the proceeds of crime, he will not have committed an offence if he discloses knowledge or suspicion of his involvement in money laundering to a police officer (or to the MLRO in accordance with his employer’s procedures):

• before any further actions, and if any further actions are done with the consent of a police officer, or

75





Handbook for regulated financial services businesses Part 1: Section 6 - Reporting Money Laundering and Financing of Terrorism Activity and Transactions


• after an action, so long as the disclosure is made as soon as is reasonably possible.

7. Articles 37 and 38 of the Drug Trafficking Offences Law contain similar provisions. Article 22 of the Terrorism Law contains similar provisions in circumstances where offences would otherwise be committed under Article 15 (fund-raising), Article 16 (use and possession of property), Article 17 (funding arrangements) and Article 18 (money laundering).

8. Article 40 of the Drug Trafficking Offences Law also contains an offence where any person fails to report to a police officer (or to the MLRO in accordance with his employer’s procedures) knowledge or suspicion that another person is involved in drug money laundering, where that person acquired the knowledge or suspicion in the course of his trade, profession, business or employment. Article 20 of the Terrorism Law contains a similar offence of failure to report knowledge or suspicion of the financing of terrorism or money laundering, where the knowledge or suspicion arose during the course of a trade, profession, business or employment, other than that of a financial services business.

9. Article 23 of the Terrorism Law contains a further offence, where a person fails to report another person’s involvement in the financing of terrorism or money laundering, where he has knowledge, suspicion, or where there are reasonable grounds for knowledge or suspicion (the objective test), and where this arose during the course of financial services business.

6.3 PROCEDURES FOR REPORTING TO THE JFCU


10. Article 37 of the Proceeds of Crime Law enables the Treasury and Resources Minister to prescribe reporting procedures to be followed by a relevant person.

11. The reporting procedures have been set down in Part 5 of the Money Laundering Order.

12. Article 21 requires that a relevant person must establish and maintain reporting procedures which:

• communicate the identity of the MLRO (and any deputy MLROs) to the relevant person’s employees;

• require that a report is made to the MLRO (or to a deputy MLRO) of any information or other matter coming to the attention of any member of staff handling financial services business which, in the opinion of that person, gives rise to knowledge, suspicion or reasonable grounds for knowledge or suspicion that another person is engaged in money laundering or the financing of terrorism;

• require that a report is considered promptly by the MLRO (or a deputy MLRO) in the light of all other relevant information for the purpose of determining whether or not the information or other matter contained in the report gives rise to knowledge, suspicion or reasonable grounds for knowledge or suspicion of money laundering or financing terrorism;

• allow the MLRO (or a deputy MLRO) to have access to all other information which may be of assistance in considering the report; and

• provide for the information or other matter contained in a report to be disclosed as soon as is reasonably practicable by the MLRO (or deputy MLRO) to the JFCU in writing, where the MLRO (or deputy MLRO) knows, suspects or has reasonable grounds to know or suspect that another person is engaged in money laundering or the financing of terrorism.

13. Article 22 of the Money Laundering Order states that if a deputy MLRO, on considering a report, concludes that it does not give rise to knowledge, suspicion or reasonable grounds for knowledge or suspicion that another person is engaged in money laundering, the deputy MLRO need not forward it to the MLRO. If a deputy MLRO, on considering a report, has concluded that it does give rise to knowledge, suspicion or reasonable grounds for knowledge or suspicion that another person is engaged in money laundering, the MLRO need not consider that question.

http://www.jerseylaw.je/law/display.aspx?url=lawsinforce%2fconsolidated%2f08%2f08.580_DrugTraffickingLaw1988_RevisedEdition_1January2010.htm#Toc231536927


http://www.jerseylaw.je/law/display.aspx?url=lawsinforce%2fconsolidated%2f17%2f17.860_TerrorismLaw2002_RevisedEdition_1January2010.htm#Toc231531658















6.3.1 Internal reporting procedures


14. A relevant person must provide that:

• Where an applicant for business or customer fails to supply adequate customer due diligence information, or adequate documentation verifying identity (including the identity of any beneficial owners and controllers), consideration is given to making a suspicious activity report.

• Internal reporting procedures encompass the reporting of attempted transactions and business that has been turned away.

• Staff make internal suspicious activity reports containing all relevant information to the MLRO (or a deputy MLRO) as soon as it is reasonably practicable after the information comes to their attention – in writing.

• Suspicious activity reports include as full a statement as possible of the information giving rise to knowledge, suspicion or reasonable grounds for knowledge or suspicion of money laundering or financing terrorism activity and full details of the applicant for business or customer.

• Reports are not filtered out by supervisory staff or managers such that they do not reach the MLRO (or deputy MLRO).

• Reports are acknowledged by the MLRO (or a deputy MLRO).

15. A relevant person must establish and maintain arrangements for disciplining any member of staff who fails, without reasonable excuse, to make an internal suspicious activity report where he or she has knowledge, suspicion or reasonable grounds for knowledge or suspicion of money laundering or financing terrorism.

GUIDANCE NOTES

16. A relevant person may demonstrate that disclosure of knowledge, suspicion or reasonable grounds for knowledge or suspicion is made to the JFCU as soon as is reasonably practicable by:

• Having in place reporting lines that are as short as possible with the minimum number of people between the employee initiating the internal suspicious activity report and the MLRO (or deputy MLRO). While a relevant person may allow its staff to discuss relationships and transactions with line managers before making a suspicious activity report, it will be the decision of the staff member whether to make the internal report to the MLRO.

• In the case of a larger relevant person, or to cover temporary absences of the MLRO, appointing deputy MLROs to assist the MLRO.

17. A relevant person may demonstrate that it has established and maintained appropriate arrangements for disciplining staff, where employment contracts and employment handbooks provide for the imposition of disciplinary sanctions for failing to report knowledge, suspicion or reasonable grounds for knowledge or suspicion without reasonable excuse.

6.3.2 Evaluation of suspicious activity reports by the MLRO


18. A relevant person must provide that:

• All relevant information is promptly made available to the MLRO (or deputy MLRO) on request so that internal suspicious activity reports are properly assessed.

• Each suspicious activity report is considered by the MLRO (or deputy MLRO) in light of all relevant information.

• The MLRO (or deputy MLRO) documents the evaluation process followed and reasons for the decision to report or not to report to the JFCU.

Handbook for regulated financial services businesses Part 1: Section 6 - Reporting Money Laundering and Financing of Terrorism Activity and Transactions


GUIDANCE NOTES

19. In order to demonstrate that a report is considered in light of all relevant information when evaluating a suspicious activity report, the MLRO (or deputy MLRO) may:

• Review and consider transaction patterns and volumes, previous patterns of instructions, the length of the business relationship and customer due diligence information.

• Examine other connected accounts or relationships. Connectivity can arise through commercial connections, such as transactions to or from other customers or common introducers, or through connected individuals, such as third parties, common ownership of entities or common signatories. However, the need to search for information concerning connected accounts or relationships should not delay the making of a report to the JFCU.

6.3.3 Reporting to the JFCU


20. A relevant person must require that the MLRO makes external suspicious activity reports containing all relevant information directly to the JFCU as soon as is reasonably practicable, in a format approved by the JFCU (Appendix A). Relevant information includes:

• Full details of the customer and as full a statement as possible of the information giving rise to knowledge, suspicion or reasonable grounds for knowledge or suspicion.

• If a particular type of criminal conduct is suspected, a statement of this conduct.

• Where a relevant person has additional relevant evidence that could be made available, the nature of this evidence.

• Statistical information to assist the JFCU in its analysis of reports.

6.4 TIPPING OFF


21. Article 35 of the Proceeds of Crime Law and Articles 41 and 44 of the Drug Trafficking Offences Law make it an offence for any person to disclose to a third party any information likely to prejudice an investigation where that person knows or suspects that a suspicious activity report has been made, or that an investigation is under way or proposed. Under Article 35 of the Terrorism Law, the offence is committed where the person discloses information likely to prejudice an investigation when he has reasonable grounds to know or suspect that either a suspicious activity report has been made or will be made, or that an investigation is proposed or under way.

GUIDANCE NOTES

22. In order to prevent committing a tipping off offence, at the time of acknowledging receipt of an internal suspicious activity report, the MLRO (or deputy MLRO) may provide a reminder to the member of staff submitting the report of the risk of communicating information that might prejudice law enforcement enquiries.

6.4.1 The customer due diligence process

OVERVIEW

23. Article 13(1) the Money Laundering Order requires identification information to be obtained and verified before the establishment of a business relationship or before carrying out a one-off transaction except in some limited circumstances. Article 13(1)(c) of the Money Laundering Order further requires that identification measures be applied, where a relevant person suspects money laundering or has doubts about the veracity or adequacy of documents, data or information previously obtained under customer due diligence measures.

http://www.jerseyfsc.org/pdf/Appendix%20A%20SAR%20Template%20June%202009.pdf










24. Where a relevant person suspects money laundering, the performance of identification measures could unintentionally lead to the customer being tipped off, where the process is managed without due care.

25. Where there is a particular risk that the performance of identification measures could lead to the customer being tipped off, then under Article 14(6) of the Money Laundering order it is not necessary to undertake such measures, where a suspicious activity report has been made to the JFCU and the relevant person is acting with the consent of that officer.

GUIDANCE NOTES

26. In circumstances where a suspicious activity report has been filed with the JFCU, and where there is a requirement to conduct identification measures, the risk of tipping off a customer (and its advisers) may be minimised by:

• Ensuring that employees undertaking identification measures are aware of tipping off provisions and are provided with adequate support, such as specific training or assistance from the MLRO.

• Obtaining advice from the JFCU where a relevant person is concerned that undertaking identification measures will lead to the customer being tipped off.

6.4.2 JFCU consent

OVERVIEW

27. While waiting for the JFCU to provide consent to proceed with an activity or transaction (where it is necessary for consent to be provided), or in the event that the JFCU notifies a relevant person that consent will not be given, where a relevant person fails to act on a customer instruction it should be aware of the risk of committing a tipping off offence.

28. Refusal to act upon a customer’s instruction (for example, as a result of the JFCU refusing to give consent for a transaction to proceed) may also lead to civil proceedings being instituted by the customer.

GUIDANCE NOTES

29. The risk of tipping off a customer (or its advisers) whilst waiting for JFCU consent to proceed (or where consent has been refused by the JFCU) may be minimised by promptly notifying the JFCU of a customer’s instruction and seeking its advice, or by seeking legal advice on the information that the relevant person is able to disclose.

30. It may be necessary in circumstances where a customer has instigated civil proceedings for the relevant person to seek the directions of the court.

6.4.3 Terminating a relationship

OVERVIEW

31. Unless required to do so by the JFCU, a relevant person is not obliged to continue relationships with customers if such action would place them at commercial risk.

GUIDANCE NOTES

32. If a relevant person, having filed a suspicious activity report, wishes to terminate a relationship and is concerned that, in doing so, it may prejudice an investigation, it should seek advice from the JFCU. This is to avoid the danger of tipping off. The decision to terminate a relationship, however, remains with the relevant person.


Handbook for regulated financial services businesses Part 1: Section 7 – Vetting, awareness and training of employees


7 VETTING, AWARENESS AND TRAINING OF EMPLOYEES


1. One of the most important controls over the prevention and detection of money laundering and the financing of terrorism is to have appropriately vetted staff who are: (i) alert to money laundering and financing terrorism risks; and (ii) well trained in the identification of unusual or higher risk activities or transactions, which may indicate money laundering or financing terrorism activity (Section 5).

2. The effective application of even the best designed systems and controls can be quickly compromised if staff lacks competence or probity, are unaware of or fail to apply systems and controls, and are not adequately trained.

3. It is essential that a relevant person has a clear and well articulated policy for ensuring that appropriate staff are:

• competent and have probity;

• aware of their obligations under the Proceeds of Crime Law, Drug Trafficking Offences Law, Terrorism Law, United Nations Measures and the Money Laundering Order (and by extension, also the Handbook); and

• trained in the identification of unusual or higher risk activities or transactions, which may indicate money laundering or financing terrorism activity (Section 5), and in the business’ customer due diligence reporting and record keeping procedures.

4. In particular, customer facing employees and those who handle or are responsible for the handling of customers and transactions will provide the business with its strongest defence, or its weakest link.

5. A relevant person should also encourage its staff to “think risk” as they carry out their duties within the legal and regulatory framework governing money laundering and the financing of terrorism.

7.2 OBLIGATION TO PROMOTE AWARENESS AND TO TRAIN

OVERVIEW

6. The Money Laundering Order’s requirements concerning both training and awareness apply to employees whose duties relate to the provision of financial services (hereafter referred to as “relevant employees”), and not to all employees of a relevant person. However, primary money laundering and financing of terrorism offences are wider in scope, and all employees will need to have a basic understanding of money laundering and the financing of terrorism and an awareness of internal reporting procedures (including the identity of the MLRO).


7. Article 37 of the Proceeds of Crime Law enables the Treasury and Resources Minister to prescribe training procedures to be followed by a financial services business.

8. The policies and procedures have been laid down in Article 11(9) and (10) of the Money Laundering Order.

9. Article 11(9) and (10) requires that a relevant person must, in relation to employees whose duties relate to the provision of financial services:

• take appropriate measures from time to time for the purposes of making them aware of:





Part 1: Section 7 – Vetting, awareness and training of employees


a. the customer due diligence record keeping and internal reporting procedures, and such other procedures of internal control and communication as may be appropriate for the purposes of preventing and detecting money laundering and the financing of terrorism; and

b. the enactments in Jersey relating to money laundering and the financing of terrorism;

• provide those employees from time to time with training in the recognition and handling of transactions carried out by or on behalf of any person who is or appears to be engaged in money laundering or the financing of terrorism; and

• establish and maintain procedures that monitor and test the effectiveness of the relevant person’s systems, employees’ awareness and the training provided to employees.

• regulatory requirements.


10. The term employee must not be limited to individuals working under a contract of employment, but must also include temporary and contract staff, and the staff of any third parties fulfilling a function in relation to a relevant person under an outsourcing agreement.

GUIDANCE NOTES

11. When determining whether an employee is a relevant employee, a relevant person may take into account the following:

• whether the employee is undertaking any customer facing functions, or handles or is responsible for the handling of business relationships or transactions;

• whether the employee is directly supporting a colleague who carries out the above activity; and

• whether an employee’s role has changed to involve the above activities.

12. Relevant customer facing employees will include, for example, relationship managers, trust and company administrators, and stock-brokers. Non-customer facing relevant employees will include, for example, the MLRO, the MLCO and individuals processing and book-keeping customer transactions. Relevant employees will also include the Board and senior managers.

7.3 VETTING OF RELEVANT EMPLOYEES


13. A relevant person must vet and monitor the competence and probity of relevant employees.

GUIDANCE NOTES

14. A relevant person may demonstrate that vetting procedures are appropriate where (at the time of recruitment or subsequent change in role) it carries out one or more of the following activities, as appropriate for the nature of the employee’s role and responsibilities:

• Obtains and confirms references.

• Obtains and confirms employment history and qualifications disclosed.

• Obtains details of any regulatory action taken against the individual (or absence of such action).

• Obtains and confirms details of any criminal convictions12 (or absence of such convictions).

12 Enquiries into an individual’s criminal record must be subject to the Rehabilitation of Offenders (Jersey) Law 2001, which

prevents a relevant person requesting information from its directors, senior managers and other employees (and prospective directors, senior managers and other employees) about convictions that are "spent", except where provided for by the Rehabilitation of Offenders (Exceptions) (Jersey) Law 2002 (“the Regulations”).



7.4 AWARENESS OF EMPLOYEES


15. A relevant person must have appropriate measures in place to make relevant employees aware of:

• The relevant person’s systems and controls (including policies and procedures) designed to prevent and detect money laundering and the financing of terrorism.

• The statutory obligations under which the business operates and under which employees may be held personally liable.

• The implications of failing to report information in accordance with procedures, and that as well as criminal or regulatory sanctions, disciplinary proceedings can also arise.

7.4.1 All relevant employees (customer facing and non-customer facing)

GUIDANCE NOTES

16. A relevant person may demonstrate that it has appropriate measures in place where it:

• Provides relevant employees with a copy of the relevant person’s procedures manual for anti-money laundering and countering the financing of terrorism.

• Provides relevant employees with a document outlining the relevant person’s and their own obligations and potential criminal liability under the Proceeds of Crime Law, Drug Trafficking Offences Law, Terrorism Law, United Nations Measures and the Money Laundering Order (and by extension, also the Handbook).

• Requires employees to acknowledge that they have received and understood the business’ procedures manual and document outlining statutory obligations.

• Periodically tests employees’ awareness of policies and procedures and statutory obligations.

17. It is not sufficient to provide employees with a copy of the Handbook, as the Handbook is designed to provide a base from which a relevant person can design and implement systems and tailor its own policies and procedures appropriate to its business.

7.4.2 Non-relevant employees

18. A relevant person may demonstrate that it has appropriate measures in place where it:

• Informs staff of the identity of the MLRO and the procedures to make internal suspicious activity reports.

• Provides staff with a document outlining the relevant person’s and their own obligations and potential criminal liability under the Proceeds of Crime Law, Drug Trafficking Offences Law, Terrorism Law, United Nations Measures and the Money Laundering Order (and by extension, also the Handbook).

• Requires employees to acknowledge that they have received and understood the business’ procedures for making internal suspicious activity reports and document outlining statutory obligations.

7.4.3 Ongoing awareness (all employees)

OVERVIEW

19. With the passage of time between training initiatives, the level of employee awareness of the risk of money laundering and financing of terrorism decreases. The utilisation of techniques to maintain a high level of awareness can greatly enhance the effectiveness of a relevant person’s defences against money laundering and the financing of terrorism.




GUIDANCE NOTES

20. A relevant person may demonstrate that it has appropriate measures to maintain awareness where it:

• keeps employees aware of anti-money laundering and financing of terrorism developments (such as updates issued by the Commission or JFCU, or developments in international standards) as they occur;

• provides employees with case studies illustrating how products or services provided by the business may be abused;

• advises employees of current news stories involving money laundering and financing terrorism activity; and

• sends e-mail reminders of employee obligations and the need to remain vigilant.

7.5 TRAINING OF EMPLOYEES

OVERVIEW

21. The guiding principle of all training should be to encourage employees, irrespective of their level of seniority, to understand and accept their responsibility to contribute to the protection of the business against the threat of money laundering and the financing of terrorism.

22. There is a tendency, in particular on the part of more junior employees, non-customer facing staff, and support staff to mistakenly believe that the role that they play is less pivotal than, or secondary to, that of more senior colleagues or customer facing colleagues. Such an attitude can lead to failures to report important information because of mistaken assumptions that the information will have already been identified and dealt with by other colleagues.


23. A relevant person must provide employees with adequate training at appropriate frequencies so that employees are kept informed of new developments and risk factors connected with money laundering and the financing of terrorism. Such training must:

• be tailored to the business and relevant to the employees to whom it is delivered;

• highlight to employees the importance of the contribution that they can individually make to the prevention and detection of money laundering and the financing of terrorism; and

• cover key aspects of legislation to prevent and detect money laundering and the financing of terrorism.

7.6 ADEQUACY OF TRAINING

7.6.1 All relevant employees (customer facing and non-customer facing)

GUIDANCE NOTES

24. A relevant person may demonstrate the provision of adequate training to relevant staff where it addresses:

• The Proceeds of Crime Law, Drug Trafficking Offences Law, Terrorism Law, United Nations Measures and the Money Laundering Order.

• Vulnerabilities of services and products offered by the relevant person, and subsequent money laundering and financing terrorism risk.

• Policies and procedures, and employees’ responsibilities.

• Application of risk based CDD policies and procedures.



• Recognition of and dealing with unusual or higher risk activity and transactions, such as activity outside of expected patterns, unusual settlements, abnormal payment or delivery instructions and changes in the patterns of business relationships.

• Money laundering and financing of terrorism developments, including techniques, methods, trends and typologies.

• Management of business relationships or transactions which have been the subject of a suspicious activity report, e.g. risk of committing the offence of tipping off, and dealing with questions from such customers, and/or their advisers.

7.6.2 The Board

GUIDANCE NOTES

25. A relevant person may demonstrate the provision of adequate training where (in addition to training for relevant employees) it addresses the evaluation of the effectiveness of systems and controls (and policies and procedures) in place to prevent and detected money laundering and the financing of terrorism.

7.6.3 The MLCO

GUIDANCE NOTES

26. A relevant person may demonstrate the provision of adequate training where (in addition to training for relevant employees) it addresses:

• the design and implementation of systems and controls to counter money laundering and the financing of terrorism; and

• the design and implementation of compliance testing and monitoring programmes.

7.6.4 The MLRO and deputy MLROs

GUIDANCE NOTES

27. A relevant person may demonstrate the provision of adequate training where (in addition to training for relevant employees) it addresses:

• the handling and validation of internal disclosures;

• liaising with the JFCU and law enforcement;

• management of the risk of tipping off; and

• the handling of production and restraint orders.

7.6.5 Non-relevant employees

GUIDANCE NOTES

28. A relevant person may demonstrate the provision of adequate training where the training promotes an awareness of the threat of money laundering and the financing of terrorism and the reporting procedures that should be followed in the event that unexplained unusual, or higher risk activity or transactions are spotted.

7.7 TIMING AND FREQUENCY OF TRAINING

GUIDANCE NOTES

29. A relevant person may demonstrate the provision of training at appropriate frequencies by:

• Providing all employees with induction training within 10 working days of the commencement of employment and, when necessary, where there is a subsequent change in an employee’s role.




• Delivering training to all employees at least once every two years, and otherwise determining the frequency of training for relevant employees on the basis of risk, with more frequent training where appropriate.

7.8 MONITORING THE EFFECTIVENESS OF PROMOTION AND AWARENESS AND OF TRAINING

GUIDANCE NOTES

30. A relevant person may demonstrate that it has assessed the effectiveness of training provided by:

• Testing employees’ understanding of the business’ policies and procedures to combat money laundering and the financing of terrorism, and also their ability to recognise money laundering and financing terrorism activity.

• Monitoring the compliance of employees with systems and controls (including policies and procedures) to prevent and detect money laundering and the financing of terrorism, and taking any action that may be necessary.

• Monitoring internal reporting patterns and taking any action that may be necessary.

• The routine supervision of employees.

Handbook for regulated financial services businesses Part 1: Section 8 – Record keeping


8 RECORD KEEPING


1. The record keeping obligations of the Money Laundering Order and additional regulatory requirements are essential to facilitate effective investigation, prosecution and confiscation of criminal property. If law enforcement agencies, either in Jersey or elsewhere, are unable to trace criminal property due to inadequate record keeping, then prosecution for money laundering and confiscation of criminal property may not be possible. Likewise, if the funds used to finance terrorist activity cannot be traced back through the financial system, then the sources and the destination of terrorist funding will not be identified.

2. Records may be kept:

• by way of original documents;

• by way of photocopies of original documents (certified where appropriate);

• in scanned form; or

• in computerised or electronic form.

8.2 RECORDING EVIDENCE OF IDENTITY AND OTHER CUSTOMER DUE DILIGENCE MEASURES


3. Article 37 of the Proceeds of Crime Law enables the Treasury and Resources Minister to prescribe record keeping procedures to be followed by a relevant person.

4. Article 19(2)(a) of the Money Laundering Order requires a relevant person to make and retain the following records:

• copies of evidence of identity or information that enables a copy of such evidence to be obtained; and

• all the supporting documents, data and information in respect of a business relationship or one-off transaction which is the subject of CDD measures.

5. Article 19(4) requires a relevant person to keep records in such a manner that they can be made available on a timely basis to the Commission, police or customs officer for the purpose of complying with a requirement under any enactment, e.g. a production order under Article 40 of the Proceeds of Crime Law.

6. Article 20 requires a relevant person to retain records in relation to evidence of identity for at least five years from the end of the relationship with the customer (or the completion of the one-off transaction).

7. Article 20(5) provides for the Commission to require a relevant person to retain CDD information for a period that is more than five years.


8. A relevant person must make and retain orderly records of CDD information for at least five years from the end of the relationship with the customer (or the completion of the transaction, for one-off transactions). This must include information and evidence of identity obtained in line with the requirements of Sections 3 and 4 and any customer files and business correspondence relating to the relationship.

9. A relevant person must record and store CDD information in a way that facilitates periodic updating of the information.









Part 1: Section 8 – Record Keeping


GUIDANCE NOTES

10. A relevant person may demonstrate adequate recording and storage of CDD information by ensuring that updated information relating to a customer that is obtained through meetings, discussions, or other methods of communication with the customer is recorded and retained.

8.3 RECORDING TRANSACTIONS


11. Article 37 of the Proceeds of Crime Law enables the Treasury and Resources Minister to prescribe record keeping procedures to be followed by a relevant person.

12. Article 19(2)(b) of the Money Laundering Order requires a relevant person to make and retain a record containing details of every transaction carried out with or for the customer in the course of financial services business. In every case, sufficient information must be recorded to enable the reconstruction of individual transactions.

13. Article 19(4) requires a relevant person to keep records in such a manner that they can be made available on a timely basis to the Commission, police or customs officer for the purpose of complying with a requirement under any enactment, e.g. a production order under Article 40 of the Proceeds of Crime Law.

14. Article 20(3) requires a relevant person to retain records relating to transactions for at least five years from the date when all activities relating to the transaction are completed.

15. Article 20(5) provides for the Commission to require a relevant person to retain records of transactions for a period that is more than five years.


16. Records must contain the following details of each transaction carried out with or for a customer in the course of financial services business:

• the name and address of the customer;

• if a monetary transaction, the kind of currency and the amount;

• if the transaction involves a customer’s account, the number, name or other identifier for the account;

• the date of the transaction;

• details of the counterparty, including account details;

• the nature of the transaction; and

• details of the transaction.

17. The records prepared and retained by a relevant person in relation to customer transactions must be orderly and such that the audit trail for incoming and outgoing funds or asset movement is clear and complete.

18. When original documents (such as transaction related vouchers used to input data onto computer systems) that would ordinarily have been destroyed are requested for investigation purposes, a relevant person must ascertain whether the documents have in fact been destroyed.

GUIDANCE NOTES

19. Adequate recording of details of transactions may be demonstrated by including (where appropriate):

• valuation(s) and price(s);

• the form (e.g. cash, cheque, electronic transfer) in which funds are transferred;









• memoranda of instruction(s) and authority(ies);

• memoranda of purchase and sale;

• custody of title documentation; and

• other records in support of transaction records where these are necessary to enable a clear and complete audit trail of fund or asset movements to be established.

20. Adequate recording of details of transactions may be demonstrated by recording all transactions undertaken on behalf of a customer within that customer’s records, enabling a complete transaction history for each customer to be easily constructed. For example, a customer’s records should include all requests for wire transfer transactions where settlement is provided other than from funds drawn from a customer’s account with the relevant person.

21. When original vouchers or documents are used for account entry, for example, and are not returned to the customer or his agent, it is of assistance to the law enforcement agencies if these original documents are kept for at least one year to assist forensic analysis.

8.4 OTHER RECORD KEEPING REQUIREMENTS

8.4.1 Compliance monitoring and procedures


22. A relevant person must keep for at least five years adequate and orderly records to enable the Commission, internal and external auditors and other competent authorities to assess the effectiveness of systems and controls that are maintained by a financial services business to prevent and detect money laundering and the financing of terrorism.

23. A relevant person must keep adequate and orderly records documenting its policies and procedures to prevent and detect money laundering and the financing of terrorism for at least five years from the date those policies and procedures are superseded.

GUIDANCE NOTES

24. A relevant person may demonstrate that it has retained adequate records to permit an assessment of effectiveness of systems and controls where it keeps:

• its business risk assessment;

• compliance reports to the Board; and

• the working papers of the MLCO to the extent that these provide details of the testing programmes conducted.

25. This does not necessitate the retention of all compliance testing working papers.

8.4.2 Suspicious activity reports


26. A relevant person must keep, for a period of five years from the date that a business relationship ends, or, if in relation to a one-off transaction, for five years from the date that a transaction was completed, orderly records containing:

• internal suspicious activity reports and supporting documentation;

• the decision of the MLRO (or deputy MLRO) concerning whether to make an external suspicious activity report and the basis of that decision; and

• any external suspicious activity reports,

in relation to that business relationship or one-off transaction.


Part 1: Section 8 – Record Keeping


8.4.3 Records relating to higher risk activity and transactions


27. A relevant person must keep adequate and orderly records containing the findings of reviews of:

• complex transactions;

• unusual large transactions; and

• unusual patterns of transactions, which have no apparent economic or visible lawful purpose,

for a period of five years from the date the business relationship ends, or, if in relation to a one-off transaction, for five years from the date that the transaction was completed.

28. A relevant person must keep adequate and orderly records containing the findings of reviews of activity and transactions: (i) connected with jurisdictions which do not, or insufficiently, apply the FATF Recommendations; or (ii) which are the subject of UN or EU countermeasures - for a period of five years from the date the business relationship ends, or, if in relation to a one-off transaction, for five years from the date that the transaction was completed.

8.4.4 Training and awareness


29. A relevant person must keep adequate and orderly records for five years detailing the dates on which training on the prevention and detection of money laundering and the financing of terrorism was provided, the nature of the training and the names of employees who received the training.

8.5 ACCESS TO AND RETRIEVAL OF RECORDS


30. A relevant person must record CDD information (including transaction information) in a way that facilitates ongoing monitoring of each relationship - in order to meet obligations that are set out in Section 5.

31. For all other purposes, the records retained by a relevant person must be readily accessible by the person. Unless otherwise specified, records relating to evidence of identity, other CDD measures, and transactions must be accessible within 5 working days (whether held in Jersey or outside Jersey), or such longer period as agreed with the Commission. Other records must be accessible within 10 working days (whether held in Jersey or outside Jersey), or such longer period as agreed with the Commission.

32. A relevant person must periodically review the accessibility of, and condition of, paper and electronically retrievable records and consider the adequacy of the safekeeping of records.

33. A relevant person must periodically test procedures relating to retrieval of records.

34. A relevant person that undergoes mergers, take-overs, or internal reorganisations, must ensure that records remain readily retrievable for the required period when rationalising computer systems and storage arrangements.

35. Records must be maintained in a format that can be made readily available. Where records are kept other than in legible form, they must be maintained so as to be readable at a computer terminal in Jersey - so that they may be produced in legible form.



8.5.1 External record-keeping

OVERVIEW

36. Where documentation is held overseas or by third parties, such as under outsourcing arrangements, or where reliance is placed on introducers or intermediaries, this will present additional factors for a relevant person to consider.

37. Where record keeping is outsourced, a relevant person remains responsible for compliance with all requirements.

38. Where an introducer ceases to trade or have a relationship with a customer that it has introduced to a relevant person, particular care needs to be taken to retain, or hand over, the appropriate customer records. Section 4 sets out the steps to be taken for introduced business.


39. A relevant person must not enter into outsourcing arrangements or place reliance on third parties to retain records where access to records is likely to be impeded by confidentiality or data protection restrictions.

8.5.2 Requirements on closure or transfer of business

OVERVIEW

40. Where a relevant business terminates activities, or disposes of business or a block of customers to other service providers, record keeping requirements are unaffected by the termination or disposal.


41. Record-keeping arrangements must be agreed with the Commission where a relevant person terminates activities, or disposes of business or a block of customers to another service provider.


Part 1: Section 9 – Existing Customers

9 EXISTING CUSTOMERS


1. FATF Recommendation 5 states that “financial institutions” should be required to apply that Recommendation (which deals with CDD measures) to existing customers on the basis of materiality and risk, and should conduct CDD measures on such existing relationships at appropriate times.

2. For the purposes of the Money Laundering Order, an existing customer means a relationship established before the Money Laundering Order came into force on 4 February 2008.

3. CDD measures are defined in Article 3 of the Money Laundering Order to mean: (i) identification measures; and (ii) ongoing monitoring.

4. Identification measures include identifying and verifying the identity of:

• the customer;

• where the customer is not an individual, the owners and controllers of the customer; and

• any person on whose behalf the customer is acting.

This information is referred to in Section 3 as identification information. Identification measures also include obtaining information on the business relationship. This information is referred to in Section 3 as relationship information.

5. Ongoing monitoring covers: (i) scrutiny of transactions; and (ii) ensuring that documents, data, or information obtained under identification measures are kept up to date.

6. This section deals with the application of identification measures to existing customers.

7. Ongoing monitoring applies to all customers, including existing customers. However, monitoring of existing customers will be based on information that is held by a relevant business, and the requirement to keep documents, data, or information up to date will be understood within the context of what is actually held. Where something is not held then it cannot be kept up to date.

8. In order to apply a risk based approach to existing customers, it is implicit that a relevant person will have conducted a risk assessment of its existing customer base - based on the information that it holds at the time that it conducts the review.

9. Irrespective of risk, identification measures must always be applied to existing customers:

• where a relevant person suspects money laundering; or

• where a relevant person has doubts about the veracity or adequacy of documents, data or information that is held,

except where a relevant person suspects money laundering and does not conduct identification measures with the consent of the JFCU.

9.2 APPLICATION OF IDENTIFICATION MEASURES TO EXISTING CUSTOMERS


10. Article 13(2) of the Money Laundering Order says that, where a relevant person has a business relationship with a customer that commenced before the Money Laundering Order came into force, a relevant person must apply CDD measures that are in line with the Money Laundering Order to that relationship at appropriate times.

11. Article 13(3) of the Money Laundering Order says that “appropriate times” means for the application of identification measures:

Effective from: 1 April 2008 91




Handbook for regulated financial services businesses Part 1: Section 9 – Existing Customers

92 Effective from: 1 April 2008

• times that are appropriate having regard to the degree of risk of money laundering, taking into account the type of customer, business relationship, product or transaction concerned; and

• any time when a relevant person suspects money laundering (unless agreed otherwise with the JFCU).

12. Article 3(2) of the Money Laundering Order sets out what is meant by CDD measures. CDD measures include identification measures. Identification of a person means: finding out the identity of a person; and obtaining satisfactory evidence that is reasonably capable of verifying that the person to be identified is who the person is said to be and satisfies the person responsible for the identification that the evidence does establish that fact.

13. Article 3(6) provides that, in the case of a relationship with a person that is not an individual and/ or is acting (as an intermediary) on behalf of another person, procedures for obtaining evidence of identity must involve reasonable measures - having regard to all the circumstances of the case, including the degree of risk assessed.


14. A relevant person must review its existing customer base in order to determine a risk assessment for each customer.

15. When considering the risk presented by an existing intermediary or introduced customer (as defined in Section 4.10), its review must consider the status of the review of existing customers by that intermediary or introducer.

GUIDANCE NOTES (EXCEPT FOR INTRODUCED AND INTERMEDIARY RELATIONSHIPS)

16. In the case of an existing customer, an appropriate time to conduct identification measures will be at any time when a relevant person suspects money laundering or has doubts about the veracity or adequacy of documents, data or information previously obtained, and a relevant person may demonstrate that it has applied identification measures where it does so in accordance with Section 4.

17. In the case of a higher risk customer, an appropriate time to apply identification measures will also be as soon as is practicable after the risk has been assessed as “higher”, and a relevant person may demonstrate that it has applied identification measures where it does so in accordance with Section 4, taking into account any factors that are relevant to an existing relationship.

18. In the case of standard and lower risk customers, an appropriate time to apply identification measures (excluding obtaining evidence of identity) will also include:

• when a transaction of significance takes place; and

• when a relevant person’s customer documentation standards change substantially.

19. Whilst a relevant person may demonstrate that it has applied identification measures for standard and lower risk customers, where it does so in accordance with Section 4, it may also, in a circumstance covered in paragraph 18:

• take account of other factors when collecting identification information (that are relevant to an existing relationship); and

• delay obtaining evidence of identity until such time (if any) that the relationship is assessed as presenting a “higher risk” (the appropriate time).

20. This means that, in many cases, the identification information that is collected for an existing customer may be different to the identification information that is collected in line with Section 4 and, in the case of a lower or standard risk customer, may not have been verified. It also means that it may not be necessary to collect additional identification information.

21. This guidance will be reviewed within one year of the Money Laundering Order coming into force.




Part 1: Section 9 – Existing Customers

Effective from: 1 April 2008 93

GUIDANCE NOTES FOR INTRODUCED RELATIONSHIPS

22. Separate provisions apply where an existing relationship has been introduced by a financial services business that is overseen for AML/CFT compliance in Jersey or which carries on equivalent business.

23. In the case of an existing customer that has been introduced (and reliance placed on the introducer to have applied an element of customer due diligence), an appropriate time to conduct identification measures will be at any time when a relevant person suspects money laundering or has doubts about the veracity or adequacy of documents, data or information previously obtained, and a relevant person may demonstrate that it has applied identification measures where it does so in accordance with Section 4.

24. In the case of a higher risk customer that has been introduced (and reliance placed on the introducer to have applied an element of customer due diligence), an appropriate time to apply identification measures will also be as soon as is practicable after the risk has been assessed as “higher”.

25. Whilst a relevant person may demonstrate that it has applied identification measures for a higher risk customer where it does so in accordance with Section 4, taking into account any factors that are relevant to an existing relationship, it may also delay obtaining satisfactory evidence of identity until such time as this has been collected by the introducer (the appropriate time) - so long as it receives confirmation from the introducer that identification measures are to be applied by the introducer within a reasonable period of time (and it periodically checks that this is the case). Where confirmation is received that such measures have been applied then this confirmation may be considered to present satisfactory evidence of identity, and there is no need to obtain an assurance from the introducer that is in line with Article 16(4) of the Money Laundering Order.

26. Otherwise, identification measures for lower and standard risk customers may be delayed until such time (if any) that the relationship is assessed as presenting a “higher risk” (the appropriate time).


GUIDANCE NOTES FOR INTERMEDIARY RELATIONSHIPS

28. Separate provisions apply where an existing relationship is with an intermediary that is a financial services business that is overseen for AML/CFT compliance in Jersey or which carries on equivalent business. .

29. In the case of an existing relationship with an intermediary, an appropriate time to conduct identification measures will be at any time when a relevant person suspects money laundering or has doubts about the veracity or adequacy of documents, data or information previously obtained, and a relevant person may demonstrate that it has applied identification measures where it does so in accordance with Section 4.

30. In the case of existing relationships with intermediaries, an appropriate time to apply identification measures will also be as soon as is practicable after the Money Laundering Order has come into force.

31. A relevant person may demonstrate that it has applied identification measures to an existing intermediary where it does so in accordance with Section 4, taking into account any factors that are relevant to an existing customer.

32. Notwithstanding this, in the case set out at paragraph 30, a relevant person may also find out the identity of a third party where it limits the collection of full identification information (in accordance with Section 4) to those third parties that it has assessed as presenting a higher risk. This means that it may collect just the name of a third party where it assesses a third party as presenting a lower or standard risk.

33. In the case of an intermediary that is a trustee, the third parties to be identified are the individuals that are concerned with the trust (in line with Section 4.4).


Handbook for regulated financial services businesses Part 1: Section 9 – Existing Customers

94 Effective from: 1 April 2008

34. In the case set out at paragraph 30, a relevant person may also delay obtaining satisfactory evidence of identity for a third party until such time as this has been collected by the intermediary (the appropriate time) - so long as the relevant person receives confirmation from the intermediary that identification measures are to be applied to all third parties within a reasonable period of time (and it periodically checks that this is the case). Where confirmation is received that such measures have been applied then this confirmation may be considered to present satisfactory evidence of identity, and there is no need to obtain an assurance from the intermediary that is in line with Article 16(4) of the Money Laundering Order.




Glossary


GLOSSARY

a business’ policies and procedures the way in which a business’ systems and controls are implemented into the day-to-day operation of the business

a business’ systems and controls a relevant person’s general framework to combat money laundering and the financing of terrorism

AML/CFT anti-money laundering / countering the financing of terrorism

BB(J)L Banking Business (Jersey) Law 1991

CIF(J)L Collective Investment Funds (Jersey) Law 1988

customer due diligence information comprises both identification information and relationship information

deputy MLRO a person designated by the relevant person to whom suspicious activity reports may be made

designated police or customs officer notices issued under Article 6(1) and 6(2) of the Money Laundering Order providing that police and customs officers that hold posts within the JFCU are designated officers

designated relationship a relationship established by an intermediary on behalf of a single customer, including a relationship involving sub-accounts for each underlying customer

Drug Trafficking Offences Law Drug Trafficking Offences (Jersey) Law 1988

equivalent business being overseas business that:

• if carried on in Jersey would be financial services business;

• may only be carried on in the jurisdiction by a person registered or otherwise authorised under the law of that jurisdiction to carry on that business;

• is subject to requirements to prevent and detect money laundering consistent with those in the FATF Recommendations in respect of that business; and

• is supervised for compliance with those requirements by an overseas regulatory authority

equivalent jurisdiction a jurisdiction which the Commission considers to have in place requirements to prevent and detect money laundering and the financing of terrorism that are consistent with those in the FATF Recommendations

FS(J)L Financial Services (Jersey) Law 1998

his The term “his” when used in the Handbook with reference to any individual should be understood to mean either “his or her”

Handbook for regulated financial services businesses Glossary


IB(J)L Insurance Business (Jersey) Law 1996

IMF International Monetary Fund

Intermediary a person - A - who has, or seeks to establish, a business relationship or seeks to carry out a one-off transaction on behalf of A’s customer with a relevant person, where A becomes a customer of the relevant person

Introducer a person who has a business relationship with a customer and who introduces that customer to a relevant person with the intention that the customer will form a business relationship or conduct a one-off transaction with the relevant person so that the introducer’s customer also becomes a customer of the relevant person

licence a generic term to cover:

• a registration granted under the BB(J)L;

• a permit granted pursuant to the CIF(J)L;

• a certificate issued pursuant to the CIF(J)L;

• a registration granted under the FS(J)L; and

• a permit granted pursuant to the IB(J)L

LLP limited liability partnership

Money Laundering Order Money Laundering (Jersey) Order 2008

PEP politically exposed person

pooled relationship a relationship established by an intermediary on behalf of more than one customer

Proceeds of Crime Law Proceeds of Crime (Jersey) Law 1999

regulated business any business that falls to be licensed under any of the regulatory laws

regulated person a person that carries on a regulated business

regulatory laws Collective name for the: BB(J)L; CIF(J)L; FS(J)L and IB(J)L

relevant employees employees whose duties relate to the provision of financial services

relevant person a person carrying on financial services business in or from within Jersey, and a Jersey body corporate or LLP carrying on financial services business anywhere in the world

sensitive activities this refers to the activities that have been established, as a matter of policy, by the Commission as sensitive activities, and which are listed on the Commission website – sensitive activities

source of funds activity which generates funds for a relationship

http://www.jerseyfsc.org/the_commission/general_information/policy_statements_and_guidance_notes/index.asp

http://www.jerseyfsc.org/the_commission/general_information/policy_statements_and_guidance_notes/index.asp


Glossary


source of wealth activities which have generated the total net worth of a person

Terrorism Law Terrorism (Jersey) Law 2002

the OFAC the Office of Foreign Assets Control

the Commission the Jersey Financial Services Commission

the EEA the European Economic Area

the EU the European Union

the FATF the Financial Action Task Force on Money Laundering

the Handbook Handbook for the Prevention and Detection of Money Laundering and the Financing of Terrorism for Regulated Financial Services Businesses

the JFCU the Joint Financial Crimes Unit

Officers of the JFCU are the designated police and customs officers for the purposes of the Money Laundering Order

the MLCO the Money Laundering Compliance Officer

the MLRO the Money Laundering Reporting Officer

the UN the United Nations

the United Nations Measures Terrorism (United Nations Measures) (Channel Islands) Order 2001, and

Al-Qa’ida and Taliban (United Nations Measures) (Channel Islands) Order 2002

Date post:	12-Oct-2014
Category:	Documents
Upload:	phil-de-gruchy
View:	60 times
Download:	1 times

Phil JFSC test document

Documents