Feeds

Top money men face up to 2 YEARS in slammer for neglecting to spot crim-cash activity

HMRC warns fines could also be imposed

Website security in corporate America

Senior managers at "money service businesses" face up to two years imprisonment and an unlimited fine if their neglect leads to money laundering or terrorist financing activities, HM Revenue & Customs (HMRC) has warned.

In new guidance on its supervision of money services businesses under anti-money laundering rules (65-page/195KB PDF), HMRC said that senior managers at those businesses, which include currency exchanges, money remittance providers or those delivering third party cheque cashing services, could be held "personally liable" in cases where failings in anti-money laundering checks are identified in their company.

"Senior managers must: identify, and manage effectively, the risks that their business may be exploited to launder money or finance terrorists; take a risk-based approach that focuses more effort on higher risks; appoint a nominated officer to report suspicious activity; [and] devote enough resources to deal with money laundering and terrorist financing," the guidance said.

HMRC said that senior managers at money service businesses are responsible for carrying out a risk assessment to identify where their business is "vulnerable to money laundering and terrorist financing" and for preparing policies and procedures that outline how the company will manage those risks identified.

In addition, the senior managers must ensure that staff are sufficiently trained to implement the anti-money laundering policies and that systems are in place to "help them" do so. Responsibility for monitoring the effectiveness of the anti-money laundering policy and controls in place, and for updating them with improvements when necessary, also falls to senior managers, according to the guidance.

HMRC said that money service businesses must carry out customer due diligence checks before processing transactions in certain cases, including prior to entering into an ongoing business relationship with a customer, where transactions from customers are occasional only, if they suspect money laundering or terrorist financing activity or where they doubt the reliability or adequacy of the information about customers obtained as part of due diligence checks.

The guidance sets outs the types of checks money service businesses have to carry out in those cases, and references checks to verify customers' identity, the identify of the beneficial owner of the customer who that customer is acting for, and "obtaining information on the purpose and intended nature of a business relationship".

Money service businesses' customer checks might also involve continued monitoring of their relationship with individual customers "to ensure transactions are consistent with what the business knows about the customer, and the customer’s risk profile", HMRC said.

HMRC said that whilst it is likely that a standard due diligence checking process will apply to the majority of a money service business' customers, those companies may have to conduct additional checks on some customers depending on the " the risks and warning signs" identified and assessed.

"The extent of customer due diligence measures depends on the degree of risk," HMRC said. "It depends on the type of customer, business relationship, product or transaction... It goes beyond simply carrying out identity checks to understanding who you’re dealing with. This is because even people you already know well may become involved in illegal activity at some time, for example if their personal circumstances change or they face some new financial pressure. Your due diligence measures should reduce the risk of this, and the opportunities for staff to be corrupted."

"This means that you must consider the level of identification, verification and ongoing monitoring that’s necessary, depending on the risk you assessed. You should be able to demonstrate that the extent of these procedures is appropriate when asked to do so," it said.

HMRC said that customers' identify can be verified electronically, but said that money service business must check at least two sources online to satisfy themselves that a customer is who they say they are and stressed that they must also "verify key facts that only the customer may know, to establish that they are who they say they are".

Copyright © 2014, Out-Law.com

Out-Law.com is part of international law firm Pinsent Masons.

Internet Security Threat Report 2014

More from The Register

next story
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
JINGS! Microsoft Bing called Scots indyref RIGHT!
Redmond sporran metrics get one in the ten ring
Driving with an Apple Watch could land you with a £100 FINE
Bad news for tech-addicted fanbois behind the wheel
Murdoch to Europe: Inflict MORE PAIN on Google, please
'Platform for piracy' must be punished, or it'll kill us in FIVE YEARS
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
Found inside ISIS terror chap's laptop: CELINE DION tunes
REPORT: Stash of terrorist material found in Syria Dell box
Sony says year's losses will be FOUR TIMES DEEPER than thought
Losses of more than $2 BILLION loom over troubled Japanese corp
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.