Upon the introduction of the Criminal Justice (Money Laundering and Terrorist Financing) Act 2010 (“the 2010 Act”) in July 2010, Irish financial service providers hurried to implement a new and significantly amended anti money laundering regime across their institutions.
Now, following the signing into law of the Criminal Justice Act 2013 (“the 2013 Act”) on 13 June 2013, the time has come again for financial service providers to consider and, where necessary, amend their Anti Money Laundering (AML) and Counter Terrorist Financing (“CTF”) arrangements in this context.
Although, the requirements introduced by the 2013 Act appear far less onerous than those of its predecessor it is important to note that they may have a significant impact on your business operations. In particular changes to CDD and PEP identification obligations may require noteworthy process changes, while increased procedural requirements may necessitate the drafting of additional documentation to support processes and address potential deficiencies.
With the exception of three minor provisions, the 2013 Act came into force on 14 June 2013 and makes a total of sixteen amendments to the 2010 legislation, the majority of which are of moderate significance to financial service providers. The following is a summary of the main provisions of the 2013 Act.
The definition of an ‘occasional transaction’, as set out in Section 24 of 2010 Act, has been amended to include reference to payment service providers and private members clubs, requiring them to apply CDD for ‘linked’ transactions of monetary values above €1000 and €2000 respectively. This is a significant change for these type entities that previously operated under a CDD threshold of €15,000.
A subtle, yet important amendment has been made to Section 33(1)(C) in respect of the requirement to complete CDD in certain circumstances by the substitution of the phrase ‘reasonable grounds to believe that there is a real risk’ with ‘reasonable grounds to suspect’. In conjunction with this, Section 39 of the Act has been replaced and now introduces a new concept of ‘heightened risk’. This new provision requires that enhanced due diligence must be applied where an institution has ‘reasonable grounds to believe that the circumstances relating to a customer, beneficial owner, service product or transaction may present a heightened risk of money laundering or terrorist financing’.
The completion of CDD has always been a cornerstone of institutions’ AML/CTF regimes and these changes, although slight, are still important and must be reflected in procedures, training and policy documents.
The Fourth AML Directive has proposed the removal of the exemption from the requirements in respect of domestic PEPs, however the 2013 Act has surprisingly not reflected this change. Instead, it now clarifies that the associated obligations extend to existing customers and beneficial owners who transition into PEP roles.
While many institutions will already have processes and systems in place to scan their existing client book to address their economic sanctions responsibilities, it is now important that these arrangements are revisited to ensure that they are adequate, reliable and take place on a sufficiently frequent basis.
In addition, consideration must be given to process and procedural changes which may be necessary in respect of the obligation to attain senior management approval for transactions involving existing clients and potential issues which may arise in this space.
With the introduction of the concept of ‘specified’ products and customers in Section 34 of the 2010 Act, institutions were provided with an exemption from the obligation to complete CDD in respect of certain very low risk products or customers. While fortunately this exemption is still retained by the 2013 Act, an amended Section 34 now reads that an institution must take ‘such measures as are necessary to establish if the customer is a specified customer or the product is a specified product’.
Documented evidence of associated decisions to apply the exemption must therefore be produced by the institution in each case. While compliance with this requirement may be relatively straightforward to demonstrate in respect of products, customer exemptions may have to be addressed on a case by case basis requiring process, procedural, training and documentation amendments.
Although, the AML Guidance Notes are explicit and detailed in respect of regulatory expectations in the context of policies and procedures, the requirements contained in the 2010 Act were relatively limited in this area. Section 54(3) of the 2013 Act has expanded the list to include additional policies and procedures which institutions now have a statutory obligation to have in place to include on-going CDD arrangements for existing clients, enhanced CDD and technological developments.
Since the introduction of the 2010 Act, many institutions have struggled with the obligation to retain records within the State. Positively, this obligation has now been removed from the legislation allowing for the retention of documents outside the State, subject to certain defined conditions.
In recent years, Ireland have seen an increased focus on AML/CTF issues both nationally and internationally. The Financial Action Task Force (“FATF”) has made recommendations in respect of the Irish regime, some of which are sought to be addressed by this legislation. The CBI, for their part continues to prioritise the subject from both a supervisory and enforcement perspective and the Enforcement Directorate have confirmed that they shall pursue actions in the area in 2013.
In 2012, two separate settlement agreements, to a value of €85,000 were agreed with the CBI for issues of non-compliance, causing reputational and financial damage to the associated firms. These factors put an even greater pressure on businesses to ensure that they are fully compliant with both the 2010 and 2013 Act and to meet regulatory expectations in this space.
Since the introduction of the 2010 Act, Deloitte have been at the forefront of AML/CTF issues in Ireland. Through the drafting of the Core Guidance Notes, Deloitte worked with both the industry and regulators, gaining a comprehensive and unique understanding of the challenges in the area. Deloitte have a team of anti-money laundering specialists who are there to assist you in this implementation as well as evaluating your on-going performance.
The President of Ireland signed the Criminal Justice (Money Laundering and Terrorist Financing) Act 2010 into legislation on 5 May 2010, with the legislation becoming effective from 15 July 2010. This Act did not change the definition of money laundering; it broadened it to include the proceeds of criminal conduct. It also introduced new obligations on ‘designated persons’ under the Act and revolutionised the approach to money laundering verification checking in Ireland.
The Criminal Justice (Money Laundering and Terrorist Financing) Act 2010 placed less of an emphasis on the collection of utility bills and passports and more of an emphasis on the judgement and policy an organisation has taken in relation to anti money laundering. It is certainly more challenging for designated persons than the previous legislation and the ‘one size fits all approach’ will no longer be an acceptable approach for designated persons to use. It is fair to say that there are some significant issues and challenges to be overcome at industry and individual entry level for the implementation of the Act.
The attached document is a summary of the main provisions of the Criminal Justice (Money Laundering and Terrorist Financing) Act 2010.