GFSC publish AML failings of a regulated firm, its directors and the compliance officer
As Comsure reported in December 2020 the Guernsey Financial Services Commission ("the GFSC") issued fines totaling 176k (firm (£100k) and individuals (76K))
The GFSC has now published some details as follows:-
- In 1981, the Licensee was established in Guernsey. It was granted a full fiduciary licence in September 2002.
- Mr Bach has been the 100% shareholder and managing director of the Licensee during the period under review.
- Mr Good has been a director of the Licensee since October 2014.
- Mr Whitworth has been a director of the Licensee since June 2015.
- Mr Dickinson was a director of the Licensee between April 2015 and December 2018.
- Miss Ozanne has been the Firm's Money Laundering Reporting Officer ("MLRO") since May 2014 and was the Compliance Officer between May 2014 and January 2017.
- The firm is a licensed fiduciary company which enables high net worth individuals to create companies to own and manage aircraft and luxury yachts.
- The firm provides Directors to run these companies and administers the companies through which high-value assets are brought, managed and sold; bank accounts and credit cards are operated, and sizeable sums of money are moved.
- The services offered by the Licensee are considered by the Commission as an inherently high risk due to:
- a client base of ultra-high net worth individuals, many of whom are High Risk,
- many of whom are also Politically Exposed Persons ("PEPs"), and/or
- who live in or operate businesses (some of a high-risk nature) in countries identified as high risk.
- The nature of the Licensee's services makes it vulnerable to be used to facilitate the laundering of the proceeds of crime.
- The Commission conducted an on-site visit to the Licensee in October 2016.
- The aim of the visit was to examine the appropriateness and effectiveness of the Licensee's policies, procedures and controls in accordance with the requirements of the Regulations and the Handbook2.
- In doing so, the Commission reviewed (among other things) thirteen client files.
- Of the thirteen files reviewed, breaches of the Regulations and Rules were identified in at least nine files, equating to a 70% failure rate.
The issues fell broadly into SEVEN CATEGORIES and examples of these are detailed below.
FAILURE 1ST CATEGORY
- Failure to properly conduct relationship risk assessments, taking into account relevant high-risk factors and to regularly review relationship risk assessments.
- The Regulations and the Rules require that in order for a financial services business to consider the extent of its potential exposure to the risk of money laundering and terrorist financing it must assess the risk of any proposed business relationship prior to the establishment of a business relationship, and any occasional transaction; and there must be clear documented evidence as to the basis on which the assessment is made and the risk assessment must be regularly reviewed to keep it up to date3.
- This company was incorporated in Guernsey in 2006 and the Licensee was the administrator of the company.
- The purpose of the company was to own a motor yacht valued at circa 5 million euros.
- The client was an ultra-high net worth individual from a high-risk country. During the business relationship the Licensee identified that the client was working with and being associated with individuals who were politically exposed, and the client himself was identified as being involved in the management and control of state (high-risk country) owned organisations linked to armaments, the extractive industry and IT services for the military.
- The Licensee failed to identify the client as a PEP for the first ten years of the relationship, despite reviews in 2009, 2011, 2012 and 2014 having noted material which should have readily identified the client as a PEP4.
- The Licensee failed to conduct annual reviews of this High Risk client, despite this being a requirement of the Licensee's own procedures. Risk assessments were incomplete and/or ineffective, with risk assessments not always being approved by a manager and warning signs identified in risk assessments not being followed up.
- The company was set up and administered by the Licensee in 2009.
- The purpose of the company was for the purchase of a circa £7 million motor yacht, which would be run on a commercial basis as a charter vessel.
- The charter vessel was sold in 2015 for approximately £3.7 million (having been advertised originally at £6.9 million). The funds from this sale were paid into the customer's personal bank account.
- Later in 2015, the Licensee was informed that the client had purchased a high value luxury asset for approximately £1.4 million. The funds for this luxury asset were reported to have come partly from the sale of the charter vessel.
- The Licensee set up a holding company for this luxury asset.
- The Licensee became aware in August 2016 of media reports detailing that the client had been arrested in another jurisdiction for a multi-million pound fraud, reportedly linked to organised crime. The news report detailed that as a result of the fraud the customer had opened up a web of bank accounts and money from these accounts was linked to, amongst other things, the purchase of luxury vessels.
- In 2018, the customer was sentenced to eight years imprisonment and fined 20 million euros for the above fraud. A media report at the time detailed the client's ownership of the charter vessel and specifically named Guernsey as one of the locations where the customer's bank accounts were held.
- Throughout the relationship, there were risk indicators which were not followed up or investigated, most notably:
- The failure to investigate the source of any of the funds for the purchase and maintenance of the assets held throughout the relationship;
- The failure to investigate unexplained cash withdrawals on the credit cards issued on Company 2's bank accounts, these ranging from circa 52,000 euros to circa 82,000 euros;
- Why funds from the chartering the motor yacht were paid direct to the client and not into Company 2's bank accounts; and
- The lack of any documented rationale as to why the vessel was sold at such reduced price.
- The Licensee took on the administration of the company in 2010.
- The purpose of the company was to hold a motor yacht valued at circa 3.9 million euros. The clients (a father and son) behind this company also owned a large extraction company located in a jurisdiction listed by the Commission at the time as a jurisdiction which required a financial services business to exercise a greater deal of caution when dealing with business from the jurisdiction.
- In 2014, news articles began circulating relating to the clients; these referred to:
- Allegations of fraud, embezzlement and forgery;
- The assets of the client’s extraction company had been frozen following a large industrial accident; and
- One of the clients was under arrest in relation to the industrial accident.
- In 2016, the motor yacht was sold on request of the client. In 2018, one of the clients was sentenced to 15 years of imprisonment in relation to the industrial accident.
- A client risk assessment was conducted by the Licensee in September/October 2014, which highlighted the above high-risk indicators, along with general CDD/EDD failings. The Licensee failed to take any measurable steps to address these severe risks.
- Risk assessments for this high-risk client were not carried out sufficiently regularly once serious issues were raised re due diligence, and failings were not reviewed by Managers and action points or warnings raised were not investigated or followed up.
FAIL CATEGORY 2
- Failure to carry out Client Due Diligence (“CDD”) and Enhanced Due Diligence (“EDD").
- Regulations 4 and 5, and the relevant provisions of the Handbook detail the requirements needed to identify a customer and the extra measures required to establish the Source of Funds/Source of Wealth of high-risk customers.
- The enquiries made of this high-risk PEP client regarding their Source of Wealth were met with the response ‘Own business.’ There was no evidence that the Licensee corroborated this statement.
- The Licensee never established or corroborated the Source of Funds for the customer’s motor yacht valued at circa 5 million euros.
- The Licensee, as at October 2016 (some ten years after the client had been taken on), still did not have a certified copy of the client’s passport; and did not have a certified copy of a utility bill by which the client’s address could be verified.
- The Licensee failed to establish the source of funds used to purchase the £7 million motor yacht and failed to establish the source of funds for the high-risk client.
- The Licensee failed to establish the source of wealth or source of funds for this high-risk client, with both being simply detailed as ‘own business.’
- The Licensee accepted some CDD documents in a foreign language with no explanation of how the Licensee understood the information provided.
- Failing to hold compliant CDD for the client for over 6 years. Failing to carry out appropriate or any investigation so as to establish and corroborate the high-risk client’s source of wealth or source of funds for the purchase of a £4.6 million motor yacht.
- Source of wealth recorded for the PEP client was recorded on the 2014 client risk assessment as ‘own businesses mainly based in DRC [Democratic Republic of Congo].’ No evidence was identified of any corroboration of this.
FAILURE CATEGORY 3
- Failure to monitor existing business relationships.
- Regulation 11 and Rules 274-278 of the Handbook stipulate that identification data for high-risk relationships or customers should be reviewed on an ongoing basis; and scrutiny should be made of transactions, in particular those that appear unusual.
- One of the client’s companies made three loans of approximately 500,000 Euros to Company 1.
- The Licensee did not document the commercial rationale for these transactions and thus could not demonstrate that it understood their purpose.
- As part of the administration of the company, the Licensee monitored the transactions re credit cards issued on the company’s bank accounts. However,
- In 2011, approximately 50,000 euros was withdrawn in cash. These withdrawals were missed completely during the 2011 client risk assessment; and
- In 2012 and 2014, approximately 30,000 euros and 80,000 euros were withdrawn in cash.
- The Licensee had no evidence of what these large sums of cash were used for.
- Furthermore, the vessel owned by Company 2 was used as charter vessel and the arrangements for these charters were made through a company unconnected to the Licensee. Between, 2010 and 2014, approximately 4.9 million euros was recorded as having been earned as a result of chartering, of which approximately 2.3 million of this was attributable to fees paid by the client.
- The Licensee claimed that there was nothing unusual about a client chartering his own vessel or the amount paid.
- The Commission noted that was no evidence that the Licensee had ever given consideration to the money laundering risks associated with an individual chartering a vessel owned by himself and the charter fees being paid back to him, particularly in circumstances where the Licensee held no evidence on source of wealth or source of funds for the purchase of the vessel.
- Red flags identified during a 2014 client risk assessment included:
- 2014 media reports which contained allegations against the clients re fraud and tax evasion;
- 2014 media reports detailing that the assets of one of the clients had been frozen; and
- Due diligence was not up to date.
- These red flags were ignored and no action was taken to address these known risks. CDD documents requested in December 2015 were not provided until March 2017.
- Funds were received into company accounts administered by the Licensee from unknown 3rd parties and without carrying out and obtaining appropriate due diligence of the source of those payments.
- Monitoring of the business relationship was non-existent, leading to a situation in 2016 where it appeared from the information held on the file that the Licensee had no knowledge of: who the new UBO was (the original UBO had died in 2011); the location of the vessel held by the company; whether it was insured or who was using it.
- Failure to comply with Instruction 6 issued in 2009.
- Instruction 6 issued by the Commission in November 2009 required firms to review the policies, procedures and controls in place for existing customers to ensure that by close of business on 31 March 2010 the requirements of the Regulations and Chapter 8 of the Handbook were met for customers taken on before the 2007 Regulations came into force, and that the firm had taken any necessary action to remedy any identified deficiencies and satisfy itself that CDD information which was appropriate to the assessed risk was held for those customers.
- As is apparent from what has been set out above, the Licensee failed to comply with Instruction 6.
FAILURES CATEGORY 4
- Failure to comply with timing of identification and verification requirements and the requirement to terminate the business relationship.
- Regulation 4(3)(a)-(d) details the requirements for verifying the identity of a customer and beneficial owner.
- Regulation 7 stipulates that identification and verification of identity pursuant to Regulations 4 and 5 must be carried out before or during the course of the establishment of a business relationship.
- Regulation 9 stipulates that where a financial services business cannot comply with any of the provisions of Regulation 4(3)(a) to (d) [on verification of identity], it must terminate the relationship, or not enter into a proposed business relationship.
- Despite occasional requests for verification of identity and address documentation resulting in no further documentation being obtained, consideration was not given by the Licensee to termination of the relationship with the client, due the inability to comply with Regulation 4(3)(a)-(d), until the Licensee terminated the relationship in June 2017.
- As a result of the failures including those in relation to identification and verification of this customer, the Licensee was exposed to the potential risk of having been used to facilitate money laundering and the Licensee is not in a position to defend itself by being able to show that it had identified and assessed this risk and was fully compliant with the Regulations and Rules designed to protect fiduciaries from this risk.
- The requirements for identification and verification of identity were not met before or during the course of the establishment of the relationship and no consideration was given to terminating the relationship as a result.
FAILURES – CATEGORY 5
- Failure to establish and maintain appropriate and effective procedures and controls to ensure compliance with the requirements to make disclosures.
- Regulation 12(f) stipulates that a financial services business shall ensure that it establishes and maintains appropriate and effective procedures and controls as are necessary to ensure compliance with requirements to make disclosures under Part 1 of the Disclosure (Bailiwick of Guernsey) Law 2007, as amended and sections 15 and 15A of the Terrorism and Crime (Bailiwick of Guernsey) Law 2002, as amended.
- In September and October 2014, a Client Risk Assessment recorded the following details:
- An arrest warrant had been issued for one of the clients;
- The second client behind the company had been arrested and charged; and
- An open source check had revealed that an individual linked to the company owned by the clients was involved in potential fraudulent activity and tax evasion.
- However, a formal disclosure was not made by the Licensee until December 2016.
- The Commission therefore concludes that the Licensee’s policies and procedures before December 2016 for identifying suspicious activity were inadequate, thus breaching Regulation 12(f).
FAILURES CATEGORY 6
- Failure to establish effective policies, procedures and controls for forestalling, preventing and detecting money laundering and terrorist financing; and+
- failure to establish and maintain an effective policy for the review of compliance, ensuring that a review of compliance was discussed and minute at a meeting of the board at appropriate intervals.
REVIEW OF COMPLIANCE MATTERS BY THE BOARD.
- It is apparent from the Board minutes and the matters which emerged from the file reviews that prior to a remediation project instigated in 2014:
- The Licensee had no effective means of reviewing compliance or the effectiveness of its AML/CFT policies and no compliance monitoring programme;
- The MLRO position was not sufficiently resourced;
- Client relationships had not been either risk assessed or monitored; and
- Client due diligence requirements had not been complied with.
- The 2014 remediation project. Reports compiled by separate outsourced compliance companies, the Commission’s 2016 on-site visit and the client file reviews detailed, showed that the steps taken by the Licensee between 2014 and 2016 were not effective to resolve the compliance failures.
RESOURCING OF THE MLRO FUNCTION.
- Miss Ozanne was appointed to the roles of MLRO and Compliance Officer with no previous experience; roles which are of central importance to a financial services business. However, the Board also required her to deal with such things as staff HR, oversight of compliance projects, client matters, budgets, holding weekly staff meetings, and to be the link between the Managing Director, staff and managers.
- The investigation into the Licensee identified that Miss Ozanne did not have either the time or the experience or expertise to carry out the function of MLRO effectively5.
- In particular, Miss Ozanne failed to:
- Ensure on a number of occasions that risk warnings were followed up or ensure that compliance failures were addressed;
- Ensure that the Board was adequately warned of the compliance risks faced by the Licensee during the 2014-2016 period;
- Complete client risk assessments and failed to inform the Board that the MLRO function was inadequately resourced, that the necessary tasks were not being completed and that it was not possible for her as MLRO to do so.
FAILURES CATEGORY 7
EFFECTIVENESS OF THE BOARD.
- The Board of the Licensee was dominated by one person, Mr Bach during the period considered during the investigation.
- Mr Bach’s leadership has been characterised by a failure to accord sufficient priority to matters of compliance and a failure to ensure that compliance failings were remediated in an effective manner.
- Although the Licensee had sought to strengthen the Board with the addition of Mr Good and Mr Whitworth as non-executive Directors and Mr Dickinson as the Finance Director, their introduction did not ensure the transformation of the compliance health of the Licensee.
- It was apparent to the Commission that none of the Directors were aware of the extent of the compliance failings and risks faced by the Licensee until they were pointed out by outsourced compliance companies and the Commission.
- The Commission’s investigation identified that Mr Bach failed to demonstrate that he acted with competence, soundness of judgement, diligence; or with the knowledge and understanding of his legal and professional obligations.
- For example, Mr Bach:
- Failed to recognise the significance of warnings from staff or the independent compliance reports commissioned;
- Failed to take appropriate and/or effective action to remedy the failings or prevent failings in the future;
- Failed to dedicate sufficient resources at a sufficiently early stage to bring the Licensee into a compliant position; and
- When directly involved with making decisions on compliance matters, clients were allocated inappropriate risk ratings, insufficient due diligence was conducted and insufficient monitoring was undertaken.
- The Commission’s investigation identified that Mr Good failed to demonstrate that he acted with diligence.
- For example, Mr Good:
- Failed to give sufficient priority to compliance issues and failed to grasp the severity of the situation the Licensee was in between 2014-2016;
- Failed to question sufficiently what the Licensee was doing in terms of compliance, despite having held the position of MLRO at other firms.
- The Commission’s investigation identified that Mr Whitworth failed to demonstrate that he acted with diligence.
- For example, Mr Whitworth:
- Failed to give sufficient priority to compliance issues and failed to grasp the severity of the situation the Licensee was in between 2014-2016;
- Failed to make adequate enquiries as to compliance matters; and
- Failed to investigate or realise the general extent of failings in the Licensee’s general compliance or the risks that the Licensee was exposed to through compliance failings.
- The Commission’s investigation identified that Mr Dickinson failed to demonstrate that he acted with diligence.
- For example, Mr Dickinson:
- Failed to give sufficient priority to compliance issues and failed to grasp the severity of the situation the Licensee was in between 2014-2016; and
- Failed to raise enquiries or concerns as to the level of outstanding risk reviews or the inadequacy of the resources allocated to compliance.
- The Commission’s investigation identified that Miss Ozanne was not a fit and proper person to be a Money Laundering Reporting Officer of a licensed fiduciary.
- For example, Miss Ozanne:
- Failed to follow up on deficiencies identified in client file reviews;
- Failed to conduct sufficient due diligence and sufficient monitoring, carried out inadequate or inaccurate assessments of risk and in some cases inexplicably downgraded client structures from High Risk to Standard Risk;
- Failed to make clear to the Board the seriousness of the compliance situation and the fact that the position of MLRO was not sufficiently resourced; and
- Failed to demonstrate a soundness of judgement when dealing with a number of high risk clients, thus exposing the Licensee to the risk of being used for the purpose of laundering the proceeds of crime.
- In the imposition of the penalty on Miss Ozanne, the Commission has taken into account the fact that Miss Ozanne is a salaried employee and not a director of the Firm and that a 5 year prohibition order has also been made.
The result of the failings was that the Licensee was unable to assess the risks posed to it and the Bailiwick in terms of financial crime. This was particularly serious given the high proportion of clients with High Risk or High Risk and PEP status.
The Licensee’s failings exposed the Bailiwick to the risk of financial crime.
In two of the client files reviewed there is a high possibility that structures administered by the Licensee may have been used for transactions involving the proceeds of crime, which is a matter which jeopardises the reputation of the Bailiwick as an international finance centre.
Since the compliance failings were identified in 2014 the Licensee has made efforts to rectify the contraventions and non-fulfilments through remediation projects.
At all times the Licensee, the Directors and the MLRO co-operated with the Commission during the investigation.
- 1 AND ALSO SCHEDULE 4 TO THE POI LAW, SCHEDULE 4 TO THE IMII LAW, SCHEDULE 3 TO THE BANKING LAW AND SCHEDULE 7 TO THE INSURANCE BUSINESS LAW, SETS OUT THE MINIMUM CRITERIA UNDER THESE LAWS.
- 2 ALL REFERENCES TO THE HANDBOOK RELATE TO THE HANDBOOK IN USE AT THE TIME.
- 3 REGULATION 3 AND HANDBOOK RULES 52-61.
- 4 A BREACH OF REGULATION 4 AND RULE 179 OF THE HANDBOOK.
- 5 AS PRESCRIBED AT THE TIME.1 AND ALSO SCHEDULE 4 TO THE POI LAW, SCHEDULE 4 TO THE IMII LAW, SCHEDULE 3 TO THE BANKING LAW AND SCHEDULE 7 TO THE INSURANCE BUSINESS LAW, SETS OUT THE MINIMUM CRITERIA UNDER THESE LAWS.
Safehaven International Limited, Mr Richard John Bach, Miss Tracy Jane Ozanne, Mr David Charles Housley Whitworth, Mr Michael John Good and Mr Stephen John Dickinson - 31st December 2020
General Public Statements Financial Crime Fiduciary
The Financial Services Commission (Bailiwick of Guernsey) Law, 1987 (“the Financial Services Commission Law”).
The Regulation of Fiduciaries, Administration Businesses and Company Directors, etc. (Bailiwick of Guernsey) Law, 2000 (the “Fiduciaries Law”);
The Protection of Investors (Bailiwick of Guernsey) Law, 1987 (the “POI Law”);
The Insurance Managers and Insurance Intermediaries (Bailiwick of Guernsey) Law, 2002 (the “IMII Law”);
The Banking Supervision (Bailiwick of Guernsey) Law, 1994 (the “Banking Law”) and
The Insurance Business (Bailiwick of Guernsey) Law, 2002 (the “Insurance Business Law”) (together “the Regulatory Laws”).
The Criminal Justice (Proceeds of Crime) (Financial Services Businesses) (Bailiwick of Guernsey) Regulations, 2007 as amended (“the Regulations”);
The Handbook for Financial Services Businesses on Countering Financial Crime and Terrorist Financing (“the Handbook”);
Instruction (Number 6) for Financial Services Businesses (“Instruction 6”);
Safehaven International Limited, (the “Licensee” or the “Firm”).
Mr Richard John Bach (“Mr Bach”);
Mr Michael John Good (“Mr Good”);
Mr David Charles Housley Whitworth (“Mr Whitworth”);
Mr Stephen John Dickinson (“Mr Dickinson”) (together “the Directors”).
Miss Tracy Jane Ozanne (“Miss Ozanne” or “the MLRO”).
- To impose a financial penalty of £100,000 under section 11D of the Financial Services Commission Law on the Licensee;
- To impose a financial penalty of £50,000 under section 11D of the Financial Services Commission Law on Mr Bach;
- To impose a financial penalty of £10,000 under section 11D of the Financial Services Commission Law on Mr Good;
- To impose a financial penalty of £10,000 under section 11D of the Financial Services Commission Law on Mr Whitworth;
- To impose a financial penalty of £1,000 under section 11D of the Financial Services Commission Law on Mr Dickinson (reduced from £10,000 in the light of submissions as to personal circumstances);
- To impose a financial penalty of £5,000 under section 11D of the Financial Services Commission Law on Miss Ozanne;
- To make orders under the Regulatory Laws prohibiting Mr Bach from performing the functions of controller, director, partner, manager, money laundering reporting officer, money laundering compliance officer and compliance officer of a regulated entity under any of the Regulatory Laws for a period of 6 years from the date of this public statement;
- To make orders under the Regulatory Laws prohibiting Miss Ozanne from performing the functions of money laundering reporting officer, money laundering compliance officer and compliance officer of a regulated entity under any of the Regulatory Laws for a period of 5 years from the date of this public statement;
- To disapply the exemption set out in Section 3(1)(g) of the Fiduciaries Law in respect of Mr Bach for a period of 6 years; and
- To make this public statement under section 11C of the Financial Services Commission Law.
The Commission considered it reasonable and necessary to make these decisions having concluded that the Licensee and the Directors had failed to ensure compliance with the Regulatory Requirements, and the Firm, the Directors and the MLRO failed to meet the minimum criteria for licensing set out in Schedule 1 to the Fiduciaries Law1.