Money laundering - the new regime

Michael Furness QC

The Regulations apply to insolvency practitioners (as did the 2003 Regulations) but introduce a new and potentially more rigorous regime for money laundering checks.

Customer due diligence
The Regulations refer to a person to which they apply as a "relevant person". They introduce "customer due diligence" ("CDD") procedures, obliging the relevant person to identify not merely their customer also the "beneficial owner", where the customer is not the beneficial owner. In general, CDD has to be carried out whenever a relevant person establishes a business relationship, carries out an occasional transaction, suspects money laundering or terrorist financing or doubts the veracity or adequacy of identification evidence previously obtained. In addition, there is a new obligation to carry out "ongoing monitoring" of a business relationship, meaning a scrutiny of transactions undertaken in the course of the relationship to ensure that they are consistent with the relevant person's knowledge of the customer and his business and risk profile. All this will have to be documented and records kept. A major theme of the Regulations is that CDD is not just a one-off process at the outset of the business relationship but an ongoing responsibility.

What does CDD involve? It involves identifying and verifying the identity of the customer, and where the customer is not the beneficial owner, identifying and taking "adequate measures on a risk sensitive basis" to enable the relevant person to be satisfied he knows who the beneficial owner is. It also involves obtaining information on the purpose and intended nature of the business relationship. The Regulations also make provision for a limited range of circumstances where "simplified due diligence" may be undertaken and another range of circumstances where "enhanced due diligence" is required. This article concentrates on the basic CDD requirements.

The beneficial owner
So who is the beneficial owner? This is defined in regulation 6. There is a general definition to the effect that the beneficial owner is the individual who ultimately owns or controls the customer. But in most cases one of a series of specific definitions will apply, depending on the identity of the customer. In the case of a corporate body, the beneficial owner is any individual who directly or indirectly owns more than 25% of either the shares or the voting rights (this test does not apply to listed companies) or who "otherwise exercises control over the management" of the corporate body. The difficulties of attempting to apply this test are obvious. It will often be impossible to find out which individuals own the shares or voting rights in a company, especially if offshore companies are involved. And who might be said "otherwise" to control the company?

If the customer is a partnership other than an LLP the beneficial owner is anyone who controls more than 25% of the capital or profits of, or votes in, the partnership and any person who otherwise exercises control over the partnership. If the customer is a trust you have to apply some rather complex provisions to work out who are the beneficial owners of the trust. These will require careful attention to the terms of the trust deed and, often, specialist legal advice - it is for example necessary to appreciate the difference between an interest which is vested but defeasible and one which is merely contingent. The trust definitions (which were the product of lobbying by trust professionals) though complex, are at least reasonably certain in their operation, which is more than can be said for the other definitions. For "legal entities" or "legal arrangements" falling outside the categories referred to above, an obscure test lifted from the Directive has to be applied to determine the beneficial owner. If the individuals who benefit from the entity or arrangement have been "determined" then the beneficial owner is any individual who benefits from at least 25% of the property of the entity or arrangement. If they have not been determined then it is the class of persons in whose main interest the entity or arrangement operates. In addition it is any individual who controls more than 25% of the property of the entity or arrangement.

It should be noted that there is no obligation to verify the identity of the beneficial owner on the basis of documents (which is the case with the customer). It is merely necessary that the relevant person takes measures to verify his identity "so he knows who the beneficial owner is". In addition "in the case of a legal person, trust or similar legal arrangement" the relevant person must take measures to understand the ownership and control structure of the person, trust or arrangement. The Regulations also provide that where the relevant person has to apply CDD to trusts and non-corporate legal entitles or arrangements which operate for the benefit of a class of beneficiaries (eg the children or remoter issue of X) there is no need to identify each member of the class.

A risk-sensitive approach
According to the Treasury (who drafted the Regulations) the saving grace in all this is that the Regulations require that the extent of CDD must be determined on a risk-sensitive basis depending on the type of customer, the business relationship, and the product or transaction. So it would appear that CDD In its full rigour may be capable of being dispensed with in some cases. But in which cases, and to what extent it need not be fully applied is wholly unclear. As under the previous regime, Treasury approved professional guidance must be taken into account by a court in deciding if an offence under the Regulations has been committed. But as yet there is no such guidance, and there will be none for the immediate future.

As before, there is a requirement to maintain systems to ensure that the relevant person and his staff comply with the Regulations. These and the associated record keeping, are going to be more onerous than before, in particular because of the requirement for ongoing monitoring, and also because of the need to adjust CDD from one customer to the next by taking a risk based approach to it.

Published by Insolvency Practitioner, 23rd January 2008