Central Bank of Ireland Calls for Fund ManCos to Enhance their AML Frameworks
On 9 November 2021, the Central Bank of Ireland (“Central Bank”) published its Anti-Money Laundering Bulletin – Issue 7 (“Bulletin”) which identifies a number of areas where funds and fund management companies (“Firms”) must introduce enhancements to ensure compliance with the Criminal Justice (Money Laundering and Terrorist Financing) Act 2010, as amended (the “CJA”).
- Published
- in Industry Updates
The Central Bank’s findings are based on supervisory engagement it has had with Firms since 2019. Across four discrete areas (referenced below), it sets out (a) the weaknesses it identified in the anti-money laundering and terrorist financing (“AML / CFT”) practices of the Firms it reviewed (“Findings”) and (b) the measures it expects Firms to adhere to (“Expectations”):
Governance
In the area of governance, the Findings include a range of observations where Firms failed to demonstrate effective oversight, implementation and management of their AML / CFT frameworks. Included in the Expectations was a reminder that Firms must implement a robust assurance testing framework to assess the effectiveness of their AML control frameworks.
Business Risk Assessment
The Findings ranged from Firms not putting a Business Risk Assessment (“BRA”) in place to BRAs failing to appropriately assess or reflect inherent money laundering / terrorist financing (“ML / TF”) risks and exposures. The Expectations, highlight that a robust BRA, commensurate with the nature, scale and complexity of a Firm’s business activities, is a fundamental component in the development of an AML framework.
Outsourcing
In the case of AML activities outsourced to third parties, the Findings identify deficiencies in the documentation, review and assessment of formalised outsourcing arrangements. The Expectations on outsourcing remind Firms that an effective governance framework extends to oversight of outsourced AML activities and ensuring robust assurance testing, reporting and monitoring processes are in place.
Customer Due Diligence
Among the Findings on customer due diligence (“CDD”), non-compliance with the requirement that all CDD is in place prior to processing transactions, including initial subscriptions, was highlighted as a particular concern. The Expectations remind Firms to establish and implement comprehensive policies and procedures for the identification and verification (where appropriate) of customers, and that Firms have ultimate responsibility for CDD compliance and must be able to demonstrate effective oversight of any delegate CDD processes.
Next Steps
The Bulletin states that the Central Bank requires all Firms to critically assess their frameworks in the context of the Expectations. Noting that compliance with the Bulletin requirements will continue to be a focus for the Central Bank, it expects Firms to be able to demonstrate that appropriate governance structures are in place to manage and oversee existing and emerging ML / TF and financial sanctions risks, including addressing the deficiencies highlighted in the Bulletin.
How We Can Help
Our Financial Services Regulatory Group has extensive experience in designing AML / CFT and financial sanctions frameworks and carrying out operational reviews of existing AML / CFT and financial sanctions frameworks to ensure they align with the CJA and relevant regulatory guidance and expectations. The team can also assist with drafting and reviewing BRAs and the provision of up to date AML / CFT and financial sanctions training to board of directors, compliance officers and all relevant staff.
Further Information
Further information on our Irish Financial Services Regulatory Group, and the services we provide is available on our website page and in our brochure.
If you would like further information, please liaise with the below or your usual Maples Group contact.