On the 30th March 2022, The Financial Intelligence Analysis Unit (the ‘FIAU’) issued a report to subject persons to provide details on the thematic review carried out in the last quarter of 2021 on Company Service Providers (‘CSPs’) that was aimed at assessing their level of compliance with beneficial ownership obligations.
Scope of the review
CSPs play a crucial role in preventing persons from using the financial system and corporate vehicles for the purpose of Money Laundering and Funding of Terrorism (ML/FT). In this respect, CSPs were required to implement robust AML/CFT control frameworks in line with the requirements stipulated in the Prevention of Money Laundering and Funding of Terrorism Regulations (‘PMLFTR’) and as further elaborated in the Implementing Procedures (IPs) Part I and Part II issued by the FIAU, allowing them to act as effective gatekeepers in combatting ML/FT. In the last quarter of 2021, the thematic review was undertaken by the FIAU to assess compliance with beneficial ownership obligations by CSPs in accordance with the requirements stipulated in the PMLFTR.
The analysis from the thematic examinations yielded positive results. From these results, it was evident that most CSPs are compliant with their beneficial ownership related obligations, and non-compliance was limited to exceptional cases. The CSPs subject to the thematic review showed that they have established adequate written policies and procedures, which stipulate how beneficial ownership related obligations are to be fulfilled. Robust beneficial ownership identification and verification procedures seem to be embedded in the examined CSPs’ AML/ CFT control framework and extensive checks are applied to independently verify the ownership and control structure of the customer company for the purpose of understanding the link between the customer and the beneficial owner.
Areas to improve
Despite the overall positive results from the review, the FIAU highlighted some particular areas of improvement. The areas of improvement stipulated in the thematic review have been summarised below:
- CSPs should ensure that the written policies and procedures are subject to regular review to ensure they reflect any changes in the CSP’s activities and legislative changes.
- CSPs must take the necessary steps to inform their officers and employees of updates and/or changes in procedures, and what is expected of them when applying such procedures.
- In addition to obtaining the ownership and control structure, CSPs should subsequently conduct independent research to verify the information on the structure chart. This can be done by consulting online commercial databases, company registries, relevant audited accounts or by obtaining certification by any of the persons referred under Section 188.8.131.52(i)(b) of the (“IPs”).
- Recognising the senior managing official as the beneficial owner of the customer should only be resorted to after having exhausted all other means to identify a BO. A record of the actions taken to try to identify a BO should be retained by the CSP as part of its recording keeping obligations.
- With respect to verification of identity of the beneficial owners, the CSPs’ written procedures need to define which sources meet the criteria of ‘independent’ and ‘reliable’ when obtaining identity verification documentation and ensure that officers and employees are aware of these procedures.
- The frequency of reviews as part of the ongoing monitoring should be based on the level of customer risk assessed by the CSP in line with the risk-based approach concept and based on the expected changes. In this regard, the FIAU highlighted that, when changes in beneficial ownership are expected to take place during a business relationship due to the nature of the customer (e.g. a recently set-up collective investment scheme) or due to information available (e.g. advising a customer during on-boarding stage in relation to a planned share transfer), it is of utmost importance that the frequency of periodic reviews reflect these expectations.
- In case of business relationships assessed to pose higher risks, reviewing the validity of beneficial ownership information as part of ongoing monitoring procedures needs to include obtaining fresh independent documentation from reliable sources, rather than relying solely on customer declarations.
- CSPs ought to obtain proof that any identified changes in beneficial ownership information were communicated accordingly to the designated company register by the customer.
- CSPs must familiarise themselves with beneficial ownership concealment red flags which may become apparent during the provision of CSP services.