A summary of the JFSC Financial crime examinations feedback paper
The JFSC has published findings from its tests, and the following provides a:
- The visit summary
- Summary of key findings
- And visit conclusions
- Out of a total of 6 financial services businesses (14 Relevant Persons) involved in the examinations, all resulted in outcomes.
- Of the sample of Relevant Persons examined by the FCEU (representing the following licence types: Deposit-taking Business, Investment Business, Funds Services Business and Trust Company Business),
- There were 43 findings relating to the relevant areas detailed within the report.
These findings were in respect of:
- The Order and the Statutory Requirements and
- AML/CFT Code(s) of Practice detailed in the Handbook.
KEY THEMES FROM THE FINDINGS
- The JFSC says while all 6 of the financial services businesses examined had implemented a suite of systems and controls (including policies and procedures) to prevent and detect financial crime in line with the obligations of the Order and requirements of the Handbook.
- However, there were a considerable number of findings, which meant that those systems and controls were not considered by the JFSC to be adequate and fully effective in many instances.
These findings are as follows:-
UNDERSTAND FINANCIAL CRIME RISK = The board/senior management of a Relevant Person must be able to demonstrate that it has considered its financial crime risks "in the round" and has subjected its assessment of such threats to adequate challenge and scrutiny.
GOVERNANCE = A robust corporate governance framework, of which risk management is an integral part, is essential to ensure that a Relevant Person is adequately directed and controlled.
- The board/senior management have substantial responsibilities for the prevention and detection of money laundering and financing of terrorism. In fulfilling these responsibilities MLCOs and MLROs are appointed. However, the board must ensure adequate oversight of these roles, to demonstrate adherence to the regulatory framework as well as their tasks
- These tasks and responsibilities should be documented within
- The job descriptions of Principal Persons, Key Persons and
- In terms of reference to crucial risk management forums (e.g. committees).
RISK MANAGEMENT = Also, a robust corporate governance framework will enable the board/senior management to demonstrate that
- There is the appropriate management of its risks,
- That its systems and controls (including policies and procedures) are valid and
- That the board/senior management are taking timely action when deficiencies or other matters are brought to their attention.
POLICY AND PROCEDURES = Adequate policies and procedures are critical to the implementation of effective systems and controls surrounding the prevention and detection of money laundering and the financing of terrorism. PPs enable the employees, and the MLRO/DMLRO and the Relevant Person to all meet their statutory and regulatory obligations.
- Procedures must be:
- Tailored to the business,
- Mapped against the Jersey regulatory requirements,
- Adequately maintained, and
- Effectively adhered to.
- Such reporting procedures must be clear and easy for employees to follow,
- Where to locate a Relevant Person's system for making an internal Suspicious Activity Report
- How to make a report and
- The identity of the MLRO or DMLRO.
- And to avoid barriers to AML adherence, it is also vital that
- Procedures are clear and easy for Relevant Person's employees to understand, use and drive a risk-based approach to the prevention and detection of money laundering and the financing of terrorism.
CMP = It is also vital for Relevant Persons to develop a useful, tailored and risk-based monitoring plan to
- Ensure that such systems and controls are complied with and remain effective over time.
TRAINING = Another essential control over the prevention and detection of money laundering and the financing of terrorism is to have employees who are:
- Alert to money laundering and financing of terrorism risks and
- Well trained in recognition of notable transactions or activity which may indicate money laundering or financing of terrorism activity. Training is to be tailored to the business and reflect the relevant Jersey regulatory requirements. Testing must then be conducted to monitor whether the training provided is useful, and appropriate action is taken if necessary.
- Employees must know:
- Where to locate a Relevant Person's procedure for making an internal "Suspicious Activity Report".
- How to make a report and
- The identity of the MLRO or DMLRO. Such reporting procedures must be clear and easy for employees to follow while enabling the employee, and the MLRO/DMLRO and the Relevant Person to all meet their statutory and regulatory obligations.
In general, FCEU examiners noted high levels of awareness of both financial crime related risks and the consequences of non-compliance with policies and procedures amongst employees of Relevant Persons.
- However, Relevant Persons often had difficulty in demonstrating the involvement of senior management (including the Principal Persons) in the development, scrutiny and use of its BRA.
All Relevant Persons involved in the examination have received direct feedback and
- Where findings have been identified, and they are subject to a formal remediation plan having been submitted to and agreed by the JFSC, setting out actions to be taken and timescales to complete them.
None of the findings detailed in this paper resulted in further action being taken by the JFSC, as the deficiencies were not considered to be sufficiently severe in isolation at each Relevant Person examined. However, that may not have been the case had
- The shortcomings highlighted critical failings of the Relevant Person's systems and controls to prevent and detect financial crime, or
- Been deliberate, or occurred over a long period without being addressed by senior management
Meet the team of industry experts behind ComsureFind out more
Keep up to date with the very latest news from ComsureFind out more
View our latest imagery from our news and workFind out more
Think we can help you and your business? Chat to us todayGet In Touch
As well as owning and publishing Comsure's copyrighted works, Comsure wishes to use the copyright-protected works of others. To do so, Comsure is applying for exemptions in the UK copyright law. There are certain very specific situations where Comsure is permitted to do so without seeking permission from the owner. These exemptions are in the copyright sections of the Copyright, Designs and Patents Act 1988 (as amended)[www.gov.UK/government/publications/copyright-acts-and-related-laws]. Many situations allow for Comsure to apply for exemptions. These include 1] Non-commercial research and private study, 2] Criticism, review and reporting of current events, 3] the copying of works in any medium as long as the use is to illustrate a point. 4] no posting is for commercial purposes [payment]. (for a full list of exemptions, please read here www.gov.uk/guidance/exceptions-to-copyright]. Concerning the exceptions, Comsure will acknowledge the work of the source author by providing a link to the source material. Comsure claims no ownership of non-Comsure content. The non-Comsure articles posted on the Comsure website are deemed important, relevant, and newsworthy to a Comsure audience (e.g. regulated financial services and professional firms [DNFSBs]). Comsure does not wish to take any credit for the publication, and the publication can be read in full in its original form if you click the articles link that always accompanies the news item. Also, Comsure does not seek any payment for highlighting these important articles. If you want any article removed, Comsure will automatically do so on a reasonable request if you email email@example.com.