T&T Securities and Exchange Commission
IN THIS week’s article, the respective roles of the regulator and registrants in ensuring compliance with Anti-Money Laundering and Combating the Financing of Terrorism (AML/ CFT) requirements will be discussed. The registrant plays an important role in ensuring that AML/CFT measures adopted in the market are robust and in this regard, the function of the Compliance Officer (CO) within registrant companies is of paramount importance and will be the specific area of focus.
The Financial Action Task Force (FATF) Standards and Recommendations are the global benchmark for assessing the strength and effectiveness of a country’s AML/CFT regime. A key element of FATF’s Recommendations 2012, is the application of a risk-based approach to AML/CFT supervision. Under the risk-based approach, countries and financial institutions are expected to:
i. understand, identify and assess their risks;
ii. take appropriate actions to mitigate those risks; and
iii. allocate their resources efficiently by focusing on higher risk areas.
Given its role as regulator, it is incumbent on the TTSEC to be familiar with the AML/CFT risks that may develop within the securities sector, and to ensure that measures to mitigate the attendant risks are implemented. In fulfilling this mandate, Figure 1 outlines the six (6) measures that have been employed by the TTSEC.
What is a CO?
The CO is responsible, inter alia, for the implementation of the AML/CFT policies and practices within registrant firms and will be guided by the existing legislation in this regard. In carrying out their function, the main role of the CO is to ensure that the registrant is not exposed to criminal risk, and does not inadvertently or deliberately facilitate financial crime.
Regulation 3(1) of the Financial Obligations Regulations, 2010 (the FORs), stipulates that each financial institution must designate a manager, or official employed at managerial level as its CO. Regulation 4(2) of the FORs requires approval by the relevant supervisory authority of the CO designated by the financial institution/registrant. These requirements are also set out in Guidelines 6 and 7 of the Commission’s AML/CFT Guidelines for the Securities Sector , which was updated and amended in November, 2018. The guidelines also state that the CO of a financial institution; that is part of a financial group, may be designated as the CO for more than one of the financial institutions within the financial group, providing that the CO is employed within the financial group.
The TTSEC assesses each CO application and considers whether the person designated is fit and proper to function in the position of CO. As part of the assessment process, the TTSEC will additionally review :
I. The educational and professional experience of the CO.
II. Confirm that the CO is employed at a managerial level and can therefore effectively carry out their duties, which includes reporting to, and gaining support from, the Board (or equivalent executive body).
III. The reputation, character, reliability and financial integrity, of the CO.
The major responsibilities of the CO
The CO has the overall responsibility for the implementation of the Registrant’s AML/CFT compliance programme. At a minimum, the CO must perform the functions and duties as prescribed in Regulation 4(1) of the FORs and among other things should:
1. Have oversight of the AML/CFT control activity in all relevant business areas;
2. Ensure that the AML/CFT compliance programme is adequate in relation to the Registrant’s identified inherent risks, with consideration given to local and international developments;
3. Ensure that regular and proper risk assessments of the inherent ML and TF risks are carried out. This would include timely assessments of new products, services and client on boarding procedures in order to identify potential Money Laundering/Terrorism Financing (ML/TF) risks and develop appropriate control mechanisms;
4. Ensure that periodic assessments of AML/CFT control mechanisms are carried out, to confirm their continued relevance and effectiveness in addressing changing ML/TF risks. Continually assess operational changes, including the introduction of new technology and processes in order to ensure that ML/TF risks are addressed;
5. Ensure that system resources, including those required to identify and report suspicious transactions, are adequate and effective.
6. Ensure that AML/CFT policies and procedures are formalised, kept up to date and approved by the Board of Directors;
7. Ensure that ongoing AML/CFT training programmes are carried out for all new and existing employees, senior management and the Board of Directors and ensure that such AML/CFT training programmes are up-to-date and relevant to the Registrant’s business;
8. Ensure that systems and other processes that generate information used in reports to senior management are adequate and appropriate;
9. Report relevant information to the Board of Directors and/or senior management regarding the adequacy of the AML/CFT; and
10. Ensure that any changes to the AML/CFT compliance programme are disseminated to all employees and assist departments in the implementation of the AML/CFT compliance programme.
As we continue to explore the many facets of the AML/CFT compliance programme, we will focus on the Compliance Programme, Customer Due Diligence and Beneficial Owners in our next article in Express Business .