Why the FATF will Challenge the U.K. Again in its 2018 Evaluation | Wolters Kluwer
  • Insights

  • Why the FATF will Challenge the U.K. Again in its 2018 Evaluation

    By Martyn Oughton

    Published March 21, 2018

    The U.K. faces arguably the biggest test to its reputation as a territory with strong controls against money laundering (AML) and terrorist financing (CTF), when it faces the next mutual evaluation from the Financial Action Task Force (FATF) during 2018. These evaluations are carried out on a peer review basis against all territories who are members of the FATF, in order to establish the extent to which they comply with the FATF’s 40 Recommendations and the nine Special Recommendations on money laundering and terrorist financing. For this latest round of evaluations, the FATF will also be testing the effectiveness against what it calls “Immediate Outcomes”, which include the overall effectiveness of terrorist financing prevention measures, as well as the strength of the supervisory regime.

    At first glance, the U.K. appears to have several factors predisposing it to a healthy outcome from this evaluation. For a start, this will be the first evaluation since 2007, and in 2009, the U.K. was removed from the regular follow-up process, where specific concerns are raised as to the extent of compliance in key areas. Put together with the amount of activity that has taken place in terms of improving the AML/CTF framework, and the U.K. seems like it has little to worry about – but a soft landing is not necessarily guaranteed.

    Looking back at the previous review in 2007, the FATF raised particular concerns about the U.K. being rated only Partially Compliant in the area of customer due diligence (CDD). However, by the time of the follow-up report in 2009, the U.K. had been credited with taking enough action towards plugging these gaps, as a result of introducing the 2007 Money Laundering Regulations. Whilst this was the major area of concern back in 2007, there were still nine areas where the U.K. had been rated only Partially Compliant and three areas rated Non-Compliant, so this report was far from a clean bill of health. When the timetable for the next round of mutual evaluations was announced, this gave the U.K. government sufficient opportunity to assess the strengths and weaknesses for itself, and to make changes where necessary.

    As a result, much has changed since 2009, but the question is, against a backdrop of evolving financial crime risks, revised regulatory expectations and changes to the assessment methodology by the FATF, how will the U.K. fare this time around?

    A mutual understanding?

    Firstly, though, what is a mutual evaluation? Very simply, it is a process whereby peer territories review the extent to which the FATF’s Recommendations have been implemented by a particular territory. Therefore, for the UK, the review is most likely to be conducted by representatives from three or four other territories that are also FATF members. The process looks to determine firstly, the effectiveness of the AML/CTF processes operating in the territory, and then drills down into the detail of the technical compliance, usually completed by reviewing local laws and regulations. After a plenary session, when all FATF members review the findings from the review, a report is published detailing the findings.

    For the U.K.’s next evaluation, the fieldwork is expected to start in February 2018, with the final report scheduled to be published towards the end of the year.

    As the previous evaluation was published in 2007, the easy way to deal with the next one would be to look at the issues outstanding and deal with these, which would lead to a clean bill of health. However, like the financial services regulatory environment, the FATF’s approach has moved on, and the tests now include 11 Immediate Outcomes, which reflect what an effective programme of AML/CTF measures should be achieving. For an example, the U.K. can look to Ireland, which underwent an evaluation in 2017, including tests against each of these Outcomes. Examples of the Outcomes where Ireland scored strongly included its international co-operation measures, the strength of its supervisory regime and the money laundering investigation and prosecution measures. This gives a flavour of what is to come for the U.K.

    The major issue is the open-ended nature of these Outcomes, which arguably are subjective measures. For the Outcome relating to money laundering investigation and prosecution measures, the test is that offences and activities are investigated, and that offenders are prosecuted with effective and dissuasive sanctions. How will the U.K. fare? Will the FATF conclude that the criminal investigation and prosecution regime is effective? Alternatively, will they consider that the number of convictions is too low given the number of incidents that arise? Back in 2007, the FATF seemed comfortable with the enforcement activity the U.K. was taking but, eleven years later, will this still be the case?

    Getting prepared

    Back in 2007, the major areas of concern raised by the FATF centred around the strength of CDD measures, systems in place to deal with unusual transactions and the strength of the measures required to be implemented by Designated Non-Financial Businesses and Professionals (DNFBPs). There were other concerns, which will now have been taken care of by the introduction of the 3rd and 4th E.U. Money Laundering Directives. For example, measures on recording beneficial ownership and control of legal arrangements, obligations with regard to Politically Exposed Persons, the requirement for third parties and introducers to make CDD information available and additional checks on transfers to high-risk countries, although the latter appears to be being deferred to the 5th Money Laundering Directive.

    Conducting a high-level gap analysis against the findings from the 2007 evaluation would suggest there is not much left to close off, and the U.K. will be in good shape. So, what has the U.K. done, outside of adopting E.U. legislation, to prepare for the next evaluation?

    The biggest thing it has done twice is to carry out a National Risk Assessment of money laundering and terrorist financing. The first of these was carried out in 2015, and was followed up in 2016 by an action plan to correct the deficiencies identified. Such actions included the introduction of the Criminal Finances Act, including the ability to issue Unexplained Wealth Orders. There were also reforms to the suspicious activity regime, designed to improve the quality and reduce the quantity of suspicious activity reports (SARs) made to the National Crime Agency, as well as the development of a Joint Money Laundering Intelligence Taskforce, a public-private sector partnership designed to tackle high-end money laundering and emerging threats. However, given that the FATF’s major concerns centred around CDD and the measures taken to control money laundering and terrorist financing in DNFPBs, it is surprising that these did not feature in the assessment, although there was a nod to the risks emerging from the gambling industry. There was, however, alignment in one area between the two bodies; that of identifying concerns with the effectiveness with which SARs are handled.

    The follow-up risk assessment in 2017 picked up the risks arising from professional services businesses, and gave prominence to the risks arising from cash-intensive services; something not raised as a major concern in the FATF’s 2007 evaluation.

    So, after the risk assessments and the associated actions, is the U.K. know in a position to demonstrate the effectiveness of its AML/CTF environment to the FATF?

    The acid test

    Taking the big issue, the strength of CDD measures, although the FATF concluded in its follow-up review in 2009 that the U.K. could be taken out of the regular follow-up process, it did not conclude that every aspect of CDD highlighted under Recommendation 5, had been dealt with satisfactorily. Instead, the conclusion was that “substantive action” had been taken towards addressing the concerns.

    The big concern was the use of the Joint Money Laundering Steering Group (JMLSG) guidance as the proxy for a set of detailed rules on AML and CTF controls. The FATF could see that the FCA was able to point to failure to comply with the guidance used as the basis for enforcement action against MLROs; but the point was left open as to whether this guidance represents “other enforceable means” as set out in the FATF’s AML/CFT methodology. This will no doubt be re-assessed.

    There is still a risk for the U.K. here, as the JMLSG guidance is still the primary source of information on the detail of how to operate AML/CTF controls, having been strengthened as a result of the Money Laundering Regulations 2017, resulting from the 4th Money Laundering Directive. Nevertheless, if the FATF finds that this is still not an appropriate means of establishing measures for enforcement across the territory, not just regulated financial services businesses, then this point could be raised as a concern again.

    The risk here links in to the other concern – that of the myriad of supervisory bodies responsible for policing AML/CTF activity in the various industry sectors. Whilst the FCA may be able to bring about enforcement actions for failings in controls, ultimately it does so for failings against one or more of its Principles for Businesses, using the JMLSG guidance as a tool to help achieve the objective. Other supervisors could be judged to need something more concrete to be able to conduct effective enforcement activity.

    The U.K. has responded in part to this by establishing the Office for Professional Body AML Supervision (OPBAS), hosted within the FCA. However, it is early days for this regulator and for now, its only remit is to review the supervisory approaches taken by various bodies, as well as strengthen the guidance that they issue to the businesses they supervise. OPBAS does not address the issue of how effectively these bodies can bring enforcement action against the firms they supervise, which was at the heart of the FATF’s concerns.

    Lastly, although the government is taking steps to overhaul the SARs regime, the FATF may look carefully at what is happening in practice. The UK’s Financial Intelligence Unit (FIU), the National Crime Agency’s 2017 Suspicious Activity Report for 2017 starts in the Chair’s Statement by saying that the number of SARs received reached a record level in March 2017. That, combined with a decrease in the number of staff allocated to deal with SARs since 2007, will no doubt cause the FATF concerns, especially given that in the 2007 evaluation, the quoted statement was, “The FIU should increase resources in order to meet commitments made.”

    Conclusion: It is all about the technicalities

    The U.K. prides itself on having a robust AML/CTF framework, and considers this an important contributor to the strength of its financial services sector. This is evident from the approach taken when incorporating EU AML legislation into the national framework and the international respect gained for the way in which legislation to combat financial crime has been drafted (the Bribery Act being a good example).

    There is a difference, however, between carrying out a lot of activity designed to strengthen this framework even further, and addressing the key technical and detailed concerns that invariably arise from FATF evaluations.

    Nobody can dispute that the work carried out because of the two National Risk Assessments demonstrates a clear commitment to improving both the overall regulatory framework and the ability to identify and prosecute cases of money laundering and terrorist financing. However, it is a little surprising that the U.K. has chosen not to address in detail some of the concerns raised by the FATF in 2007, but has chosen to plough its own furrow.

    As a result, the likelihood of the FATF raising concerns over the extent of compliance with some of their recommendations is high – perhaps higher than it should be. There is a good chance that they will point to the inconsistency in the strength of the different regulatory bodies, the nature of the JMLSG guidance as the prime source of rules, constraints on resources for dealing with SARs and the resulting challenges these pose to the FIU. In addition, no doubt the FATF will look at the UK’s ability to manage the risks associated with cryptocurrencies, an emerging area of risk since the 2007 evaluation.

    The most likely outcome is that there will still be more work to do for the UK, and the clean bill of health that the government would love to see is unlikely to materialise. Should the FATF raise issues this time around, it would be advisable for the government to address these directly, given the high regard the FATF is held in worldwide, and the reputation of its evaluation work.

    About the author: Martyn Oughton is a financial services professional with over 20 years’ experience in the industry. He has been a compliance professional since 2007. In 2009, he became a Professional Member of the International Compliance Association (ICA), and has recently been an examiner for the ICA, marking exam papers and assignments for their U.K. and International Compliance, Anti-Money Laundering and Financial Crime Diplomas. A regular contributor to Wolters Kluwer Compliance Resource Network, he also regularly writes for the ICA’s members’ journal “inCompliance”, and is also a freelance business-to-business copywriter and article writer.

    If this article was useful to you, we can assist with more in-depth analysis needed to understand the ever changing regulatory environment.  We’ve made OneSumX Compliance Resource Network an all-inclusive information solution. In a single, convenient location, you can quickly and accurately access all pertinent regulations, legislation and updated rulebooks. Sign up for your free trial today.

  • Please take a moment and tell us what you think of our content.