With the recent enforcement of FinCEN’s Final Rule on Customer Due Diligence and the associated alignments of regulations by bodies such as FINRA, money laundering compliance and due diligence is sharply back in focus. Here we look at the role of the MLRO, how it should be performed effectively and efficiently and bust some of the myths that surround anti-money laundering due diligence.
What does being a MLRO involve and who should occupy the role?
A MLRO is appointed to the fund legal entity and assumes responsibility for customer due diligence, which in this case means looking at investors and shareholders, both the customers and the actual “beneficial owners” of the fund. Shareholders may include individuals, trusts, corporations, nominee accounts and other financial institutions. In order to comply with the Final Rule on CDD, a MLRO must:
- Gather, record and verify customer identities
- Gather, record and verify the identities of ultimate beneficial owners
- Understand the nature of the customer relationship to develop a customer risk profile
- Monitor their customer transactions and, based on their risk model, maintain and update customer information on an ongoing basis
With this in mind, a MLRO must be someone with the experience and understanding of the legal and regulatory requirements around AML and the seniority to enforce those requirements, either first hand or through a designated administrator. They should have been vetted and approved by the exec management of the firm.
What do MLROs need to know to do the role effectively?
MLROs, whether through an administrator or personally, need to develop a framework of policies and procedures that will enable them to capture and use the information they need to be compliant with AML rules. This system should:
- Ensure that CDD documentation for new shareholders and outstanding documentation for existing shareholders is actively pursued.
- Capture changes to a shareholder’s profile such as a change in corporate ownership structure, authorized signatories, residential status or bank account details.
- Monitor shareholder activity for a pattern of unusual or suspicious transactions which have no apparent economic rationale and so would give rise for concern.
A MLRO and their administrator need to also be fully informed on the current methods used by money launderers, including trends in placement, layering and integration techniques. These currently include:
- Organized identity theft and impersonation fraud.
- Recognizing forged CDD documentation.
- Recognizing market abuse, bogus or terrorist financing transactions.
- Understanding the complex trusts and company service structures that are increasingly in use by shareholders.
- Employ investigative measures to carefully examine the identity and veracity of shareholder information provided.
What elements of the work of a MLRO can be delegated to an administrator?
The fund is able to delegate most of the actual execution of its CDD duties to the administrator, for instance establishing the actual identification and verification of shareholders in the fund, collecting and retaining all shareholder identity documentation and transaction records to understand each shareholder’s profile and monitoring for unusual or suspicious shareholder transactions.
The essential thing to remember is that ultimate responsibility for ensuring the fund complies with regulations rests with the board of directors of the fund and the Fund MLRO. It is therefore essential that the Fund MLRO closely monitors the activities of the administrator on AML functions as part of their duties.
What framework should a MLRO use to monitor an administrator?
A new MLRO will likely be unclear as to how they go about monitoring their administrator. Here are a few essentials to form a framework:
- The first part of your due diligence as MLRO is to perform regular reviews of the administrator’s AML policies, procedures and controls. The review also covers an inspection of the adequacy of shareholder documentation held by the administrator.
- The second part of a MLRO’s responsibilities is to undertake an assessment of the level of training and understanding of AML at their chosen administrator, to ensure that staff members have training in AML procedures and are aware of their legal obligations.
- Finally, and most importantly, the fund MLRO is responsible for evaluating suspicious transactions by shareholders in the fund and determining whether a report should be filed. The fund MLRO must develop competency in this area and understand the monitoring procedures used by the administrator to capture potential suspicious transactions.
Anti-money laundering (AML) myths
There are a couple of commonly held beliefs that can damage your AML and CDD efforts:
- Identification equals protection: Just because someone has valid identification documentation doesn’t mean they can’t be involved in money laundering. Don’t be fooled by this false security blanket.
- AI will take care of CDD: Many people assume that artificial intelligence can fully replace the human work in AML monitoring. This is not only untrue but the increase amount of data identified by AI as meriting further evaluation will actually create more work for humans not less, but result in a more thorough process.
- A risk assessment is all that’s required: A risk assessment is an essential tool when doing AML monitoring. However, relying on them is no substitute for assuring yourself that the people, knowledge and culture required for a clean operation are present.
- Banks equal clean funds: Whilst banks are also subject to CDD compliance, it doesn’t automatically follow that funds that pass through them are clean. They can make the same mistakes that anyone else in the industry can, they are not inviolable.