HM Revenue and Customs have their own dedicated section of their website concentrating on Anti Money Laundering Regulations and advice. The information below is a summary of some of this advice and guidance but we would recommend going direct to HMRC Anti Money Laundering Regulations page to ensure you have up to date information after reviewing the information on this page.
What are anti-money laundering controls?
Anti-money laundering controls are policies and procedures that you must put in place within your business in order to prevent activities related to money laundering and terrorist financing.
They include assessing the risks of your business being used by criminals to launder money; verifying customers' identity; monitoring customers' transactions and reporting suspicious activity to the National Crime Agency (NCA); keeping the right records; and ensuring you have appropriate internal management controls.
You will need to ensure your staff are aware of the Regulations and trained to carry out the necessary anti-money laundering controls.
When do I have to put them in place?
If you are a new business you need to have anti money laundering controls in place and be registered with HMRC before you start trading.
How do I put anti-money laundering controls in place?
Systems of controls and procedures will change according to the size and complexity of each business and the risks involved.
HMRC will not dictate what risk-based measures should be in place for your business, it is for you and your senior managers to decide on a reasonable approach which balances the costs to your business and your customers with a realistic assessment of the risks involved.
Businesses should keep relevant documents relating to the risk assessment and management procedures and processes.
Remember you should write down your risk-based policy and procedures and keep these documents up to date. This is called a policy document. HMRC will ask for details of your policies and procedures. We can provide you with a policy document for less than the cost of a couple of hours of many solicitors time. For more information, see our Money Laundering Policy Document
So I need controls and procedures, but what should they cover?
Your business should establish and maintain appropriate and risk sensitive policies and procedures relating to:
- customer due diligence measures and ongoing monitoring
- reporting
- record keeping
- Internal control
- risk assessment and management
- the monitoring and management of compliance
- the internal communication of such policies and procedures.
What is a risk-based approach?
A risk-based approach means directing resources in accordance with priorities so that the greatest risk receives the highest attention.
This has been introduced to:
- allow public authorities and businesses to concentrate resources in the areas of greatest risk
- to avoid a 'tick-box' approach which can focus on a rigid system of control rather than the actual risks, which are in practice different for each business.
By adopting a risk based approach businesses are able to ensure that measures to prevent money laundering and terrorist financing are appropriate to the level of risk identified.
Applied appropriately this approach should allow businesses to be more efficient and effective in their use of resources, and minimise burdens on their customers.
What is customer due diligence?
Customer due diligence is the term used in the Regulations for the steps that businesses must take to:
- Identify the customer and verify their identity using documents, data or information obtained from a reliable and independent source. Mobunti Ltd can provide online identity checking using the URU recognised data source for verifying identities without requiring photocopies of documents
- Identify any beneficial owner who is not the customer. This is the individual (or individuals) behind the customer who ultimately own or control the customer or on whose behalf a transaction or activity is being conducted. Mobunti can provide copies of incorporation documents or the latest annual return of UK companies to help identify the owners of a limited company. Be aware though that since October 2008, the Companies Act requires that only the shareholder name is reported on Annual Returns and not their address and so you will need to have interactions with your customer to obtain contact details in order to carry out any checks you feel are appropriate
- Where a business relationship is established, you will need to understand the purpose and intended nature of the relationship, for example details of customer's business or the source of the funds.
You must also conduct ongoing monitoring to identify large, unusual or suspicious transactions.
If you are looking to identify politically exposed persons (PEPs), or people on sanctions lists, you can use our anti money laundering id check service - no ongoing monthly fees for being subscribed to the system - just pay for what you use
Online Identity Checks
