THE ROLE OF THE MONEY LAUNDERING

REPORTING OFFICER
2023 THEMATIC REVIEW
ICAEW PROFESSIONAL STANDARDS MONEY LAUNDERING REPORTING OFFICER THEMATIC REVIEW 2023   2

CONTENTS

SECTION 1: THIS REVIEW 3 SECTION 2: THE FINDINGS 5 SECTION 3: RESOURCES 21

Understanding the role of the MLRO 4 Authority and seniority 6

Why did we conduct this review? 4 The money laundering reporting officer 6
Methodology for this review 4 (MLRO) — about their role

How we set out our findings 4

Time, capacity and resources 8
Challenges facing the MLRO 8
Succession planning and cover 9
How MLROs keep up to date 10
Training 10
Consultation 13

Regulatory compliance and reporting 14

Suspicious activity reporting 14
Money laundering emerging themes and 16
risks facing firms
AML compliance review 17
The MLRO's role in CDD 20
ICAEW PROFESSIONAL STANDARDS MONEY LAUNDERING REPORTING OFFICER THEMATIC REVIEW 2023   3

SECTION 1: THIS REVIEW

ICAEW PROFESSIONAL STANDARDS MONEY LAUNDERING REPORTING OFFICER THEMATIC REVIEW 2023   4

UNDERSTANDING THE ROLE OF THE MLRO

WHY DID WE CONDUCT THIS REVIEW? METHODOLOGY FOR THIS REVIEW HOW WE SET OUT OUR FINDINGS
ICAEW has an important role as the largest accountancy For this thematic review, we contacted the MLRO The findings are split into three sections. The first two
professional body supervisor in the UK, supervising at 240 accountancy firms from our supervised sections address the regulatory expectations of the
around 11,000 firms for anti-money laundering (AML) population of around 11,000 firms. We asked them role. The MLRO should have the:
compliance. Our strategy is to provide robust AML to respond to several detailed questions about
supervision through a risk-based regime, focusing our the role. • appropriate level of authority and seniority within
efforts on firms where the risk that they will be used to the firm; and
enable money laundering is highest. We have a risk-based approach to monitoring. Every
• the time, capacity and resources to fulfil their
firm we supervise is assigned a risk score. This score
regulatory obligations.
The Money Laundering Regulations require every is based on the risk profile of the firm’s clients, the
relevant organisation to appoint a nominated officer, services provided, the location of clients, and whether The third section considers the regulatory
responsible for reporting suspicion of money the firm handles client money. All the firms selected requirements and how MLROs ensure their firms
laundering to the National Crime Agency (NCA), had a high or high-medium risk profile. comply with the Money Laundering Regulations.
and a money laundering compliance officer (MLCO),
responsible for the firm’s compliance with the Money This thematic review also forms part of our supervisory This thematic review highlights the many challenges
Laundering Regulations. Most firms combine these monitoring program, so all firms were required for MLROs in our supervised firms, the most
two appointments into one role: the money laundering to respond. We have followed up on any areas of significant of which are the volume of work and the
reporting officer (MLRO). The importance of the role concern with the relevant firms. level of technical knowledge required to be effective.
cannot be underplayed. This person(s) must ensure We held a focus group discussion with a team of our In each section we have summarised our key
the firm complies with the regulations and submits the AML quality assurance reviewers, who visit over 1,000 reflections, setting out where we think firms and
appropriate suspicious activity reports (SARs) to the NCA. firms a year. We asked them about the role of the MLROs may be vulnerable to a weaker compliance
In this thematic review we sought to understand who MLRO, the qualities required and examples of good framework. Firms should use this information to
the MLRO is and how they fulfil their responsibilities. practice. We have included their observations and reflect on the effectiveness of their firm's procedures
We asked about the challenges they face, training, recommendations throughout the report. and the MLRO.
SAR reporting, compliance monitoring and emerging For 87% of our firms the MLRO takes on dual
risks within their client base. This review brings responsibility for reporting suspicion to the NCA and
together these findings, provides insight and for ensuring their firm’s compliance with the Money
guidance from our perspective as an AML supervisor Laundering Regulations. When we talk about the
and includes resources MLROs may find helpful. MLRO in this report, we are assuming that they are
The results of the report will also direct ICAEW’s tasked with these dual responsibilities.
future AML training and resource provision.
We thank all the respondents for their contributions.
ICAEW PROFESSIONAL STANDARDS MONEY LAUNDERING REPORTING OFFICER THEMATIC REVIEW 2023   5

SECTION 2: THE FINDINGS

ICAEW PROFESSIONAL STANDARDS MONEY LAUNDERING REPORTING OFFICER THEMATIC REVIEW 2023   6

AUTHORITY AND SENIORITY

THE MONEY LAUNDERING REPORTING OFFICER (MLRO) – ABOUT THEIR ROLE

We asked: is there another person at the firm We asked: how much time do you spend on We asked: what qualifications do you hold?
who is assigned the role of the money laundering your anti-money laundering role and what other
compliance officer (MLCO)?

Most firms have one person who takes on both the

responsibilities do you have?

Most MLROs (86%) spend less than 20% of their time

56% are professionally qualified accountants.

role of reporting to the National Crime Agency (the on the role, with only 3% spending most of their time

2%
nominated officer) and responsibility for the firm’s on their MLRO responsibilities.
compliance with the Money Laundering Regulations. have a relevant financial crime qualification

88% (ICA/ACAMS/STEP).

13%
of our respondents hold other
of firms have one person acting as the compliance roles in the firm.
nominated officer for reporting SARs and a second
principal responsible for compliance with the 2% have a professional law/tax qualification.
regulations.
63% of the MLROs are also the managing
partner/director.

We asked: are you a principal in the firm?

96% of MLROs are a principal in their firm.

1/240 Only one MLRO in our sample does
not also perform client facing work.
Many of the sample may be sole practitioners,
nevertheless this is a good indicator of the
significance many firms rightly give to the role.
ICAEW PROFESSIONAL STANDARDS MONEY LAUNDERING REPORTING OFFICER THEMATIC REVIEW 2023   7

REGULATION ICAEW KEY REFLECTIONS

LEGAL REQUIREMENTS Most MLROs are juggling this role alongside other QUALIFICATIONS/TRAINING
compliance and client-facing responsibilities. Our review findings suggest very few MLROs have
The Money Laundering Regulations state the person However, the report indicates that MLROs are rising
responsible for the firm’s compliance with the role-specific qualifications. This is understandable
to the challenge. For example, we were pleased to given that most are client facing and, as we show
regulations must be: see the effectiveness of MLROs in protecting their later in this review, they find the volume of work a
• a member of the board of directors (or if there is firms from the risk of taking on a client that could be challenge. However, there are organisations offering
no board, of its equivalent management body); or involved in money laundering. qualifications in this area.
• a member of its senior management as the officer Firms should reflect on the risk profile of their firm
COMBINED ROLE
responsible for the relevant person’s compliance to make sure MLCOs and MLROs are adequately
with these regulations. Most firms combine the role of nominated officer trained to spot red flags and risk.
and money laundering compliance officer into
Therefore, firms need to ensure the person assigned one role: the MLRO. We believe for most firms this New CPD requirements (effective 1 November
responsibility for money laundering compliance has makes practical sense and works well. Larger firms 2023) require that MLCOs/MLROs, who are ICAEW
this level of seniority in the firm. This is something we often prefer to split the roles due to the volume of members meet the wider CPD requirements for
are particularly mindful of when we visit our firms and work involved. verifiable hours. We recommend that they complete
if we have concerns about your firm’s compliance with some AML-related CPD each year.
the regulations, we may challenge the effectiveness JOB SPECIFICATION
and seniority of the MLRO. Consider creating a job description/specification WHAT CHARACTERISTICS MAKE FOR
for the role of MLRO. This defines the firm’s A GOOD MLRO
expectations and is a great reference point for the During the focus group discussions, our AML quality
QUOTES FROM OUR REVIEWERS individual taking on the role. Often this feels like assurance reviewers discussed the characteristics of a
a role that is assigned without due consideration. good MLRO. They consider a good MLRO should be:
But, given the potential impact on your firm of • Approachable
non-compliance with the Money Laundering • Sceptical
It’s very important that the individual wants the Regulations, your firm must ensure the MLRO is a
role: it was not foisted on them. competent individual who fully understands the • A good auditor
extent of their responsibilities. • Prepared to challenge
• A good communicator
Larger firms, and firms with more complex • A good delegator.
clients, need a technical expert at this level.
ICAEW PROFESSIONAL STANDARDS MONEY LAUNDERING REPORTING OFFICER THEMATIC REVIEW 2023   8

TIME, CAPACITY AND RESOURCES

CHALLENGES FACING THE MLRO ICAEW KEY REFLECTIONS REGULATION

We asked: as an MLRO, what are the top three The volume of work and responsibilities are key SENIORITY AND SUPPORT
challenges facing you? challenges for MLROs. And, as described above, The role of the MLRO can be challenging for all the
most MLROs spend under 20% of their time on reasons identified by the MLROs that replied to the
The principal challenge reported by MLROs is a lack the role. All, bar one, are client facing, and most thematic review. Firms should ensure the individuals
of time to commit to the role because of the volume have other compliance responsibilities. who agree to take on this role are given the support
of work and too many other responsibilities. they need to comply with their own and the firm’s
Firms MUST ensure their MLRO has the time and legal responsibilities. If the role encompasses that
Many MLROs also find the technical aspects of the resources to effectively fulfil their legal obligations. of the MLCO then they should have the seniority to
role a challenge. design and enforce AML policies and procedures.
We are concerned that some MLROs don't
We also asked whether MLROs feel they have enough have the time to regularly reflect on the firm's In our sample, the majority of MLROs were able to
support within their firm to fulfil their role. It’s pleasing to submit a SAR without approval from others within
procedures and compliance.
see that overwhelmingly MLROs in our supervised firms the firm. Three responded negatively. It may be
feel supported (89% with a further 10% responding that they consult with others within the organisation
N/A, largely because they are sole practitioners). before submitting a SAR, and that is fine, but the legal
responsibility lies with the MLRO. Under section 330
of the Proceeds of Crime Act (POCA), the nominated
What are the challenges facing the MLRO?
officer may commit an offence if they do not disclose
their knowledge or suspicion of money laundering to
Lack of authority within the firm
the NCA. Therefore, the MLRO should be the ultimate
Lack of understanding of authority on SAR reporting.
AML in the firm
Ineffective systems TECHNICAL ASPECTS OF THE ROLE
Conflicting responsibilities We believe this is one of the greatest challenges for
an MLRO. This is not just about understanding the
Lack of good training materials
Money Laundering Regulations but MLROs also need
Lack of guidance on to understand the money laundering risks and how to
a particular area
mitigate them and take responsibility for staff training.
Understanding the technical
aspects of ML The complexity and level of understanding required
Too many other responsibilities
is often underestimated by firms. MLROs need to be
allocated time for training if they are to be effective in
The volume of work
their role. ICAEW has a webpage dedicated to AML
0 10 20 30 40 50 60 70 80% training resources, icaew.com/amlresources
ICAEW PROFESSIONAL STANDARDS MONEY LAUNDERING REPORTING OFFICER THEMATIC REVIEW 2023   9

SUCCESSION PLANNING AND COVER ICAEW KEY REFLECTIONS

We asked: how long have you held the role
USE OF CONSULTANTS/OUTSOURCING DEPUTY MLROs
of MLRO?
We have been asked if a firm can outsource If it is possible to do so, we recommend firms
Most are very experienced. this role to a consultant. We do not recommend appoint a deputy. This person should understand
this. The MLRO, particularly if taking on the the firm’s AML policies and procedures and be able
70% have been an MLRO for over five years.
responsibility for compliance, should be an
employee of the firm. Regulation 21 (3) states an
to discuss suspicions, if any arise, with staff, in the
absence of the MLRO.
individual in the relevant person’s firm must be

46%
appointed as a nominated officer.
SUCCESSION PLANNING
have been an MLRO for over 10 years.
It is important to have a succession plan. MLROs tell
PERFORMANCE METRICS
us that one of the challenges is understanding the
Performance metrics based solely on fees and technical aspects, as well as finding time for the role.
We asked: what arrangements are in place in client engagement could lead to a reluctance Therefore, firms should ensure there is a succession
the event of your absence? to turn down clients that may be higher risk. plan in place, and someone, aside from the current
Consider building in performance metrics that MLRO, is prepared to take on that role, who has had

64%
reward compliance. some training in the technical aspects.
of firms have cover in the event of the
MLRO’s absence. For a few sole practitioners, this is
not practicable, however, many stated that they are
contactable even when absent from work.

44% of firms have a deputy MLRO. Again for

a few firms this is not practical, and/or the co-partner
took on this role by default.
ICAEW PROFESSIONAL STANDARDS MONEY LAUNDERING REPORTING OFFICER THEMATIC REVIEW 2023   10

HOW MLROs KEEP UP TO DATE TRAINING

We asked: do you consult externally, and if so, We asked: what training/support do you feel We asked: how do you address your firm’s
with whom? would be most useful to your role? training needs?

67% of MLROs in our supervised firms

consult externally.
73% stated webinars. 63% provide internal AML training.

48% of MLROs consult ICAEW on AML queries.

56% stated email updates. 58% use external training.

10% of MLROs talk to other MLROs.

39% stated a webpage dedicated to MLROs. 24% create regular bulletins.

50%
Forums were the least popular choice (11%).

23%
use ad-hoc training as required.
of MLROs talk to a training partner/
provider for guidance. We asked: what training do you undertake to fulfil
your role?

MLRO forums

Attend MLRO conferences

Use training organisations,

outside of ICAEW

Attend ICAEW AML webinars

Read to support their role

Additional training related

specifically to their role as the MLRO
0 20 40 60 80 100 %
ICAEW PROFESSIONAL STANDARDS MONEY LAUNDERING REPORTING OFFICER THEMATIC REVIEW 2023   11

QUOTES FROM OUR FIRMS

ICAEW KEY REFLECTIONS

We were really pleased to see that all respondents • The role of the MLRO: beyond compliance We use face-to-face training with the
felt they had a good understanding of the firm’s • AML telephone monitoring reviews: a two-way MLRO once a year, circulate the AML –
service/product offerings and the AML risk attached process the essentials issues among staff, and
to those services/products. provide ad hoc memos and video training
• The MLRO in practice: uncovering economic
This is a fundamental aspect of the role and anyone crime when needed. All new staff undertake a
taking on the role of the MLRO should ensure they face-to-face talk with the MLRO and an
have this level of understanding and maintain it As AML webinars and emails are the favoured introduction course.
sources of guidance, we will continue to provide
We highly recommend using our range of free AML a regular series of webinars, bitesize videos,
resources to keep up to date: and email correspondence such as AML – the
• Our AMLbites video series. essentials and risk alerts. We will also ensure topics AML bulletins are shared with all staff.
Topics include customer due diligence (CDD), highlighted in this review, for example, the role of Annual reviews and updates shared with
suspicious activity reporting and risks and the MLRO and expectations on monitoring visits, staff. Regular discussions with senior team.
red flags. These are ideal for MLROs and to are covered in our future webinars and guidance.
supplement staff training. All AML resources On-demand webinars can be found on
including articles, webinar recordings and icaew.com/AMLresources
previous thematic reviews are available from
icaew.com/AMLresources
ICAEW PROFESSIONAL STANDARDS MONEY LAUNDERING REPORTING OFFICER THEMATIC REVIEW 2023   12

ICAEW WEBINARS AND AML BULLETINS ICAEW KEY REFLECTIONS

We asked: do you attend ICAEW webinars and What ICAEW AML webinars did you watch? Many MLROs watch our AML webinars. There is no
read our AML bulletins? charge to attend, and we run at least two a year.
Suspicious activity reports
and the accountancy sector Recordings are also available to view any time
65% of MLROs watch our series of free
AML webinars. The graph highlights which
Customer due diligence
at icaew.com/amlresources. These webinars can
count towards your verifiable CPD requirements
DAMLs and tipping off after 1 November 2023.
webinars they watched.
Money laundering risks We note that there was a low take up on the
Defence against money laundering (DAMLs) and

93% How to verify your client tipping off webinar. We come across firms in our
read AML – the essentials and our risk monitoring reviews that do not understand the
Crypto assets – how to spot
bulletins. Past copies of AML – the essentials are money laundering red flags purpose of a DAML. MLROs should understand the
available from icaew.com/AMLessentials Money laundering risks –
purpose of a DAML and when to make one – we
a practical guide recommend that all MLROs watch this webinar.
0 10 20 30 40 50%
The ICAEW technical helpline is a confidential
free resource for your firm. If you have a query in
relation to AML procedures, then do contact them.
ICAEW PROFESSIONAL STANDARDS MONEY LAUNDERING REPORTING OFFICER THEMATIC REVIEW 2023   13

CONSULTATION QUOTES FROM OUR FIRMS

ICAEW KEY REFLECTIONS
We asked: do your staff consult you on economic
crime/money laundering matters? Consults rarely happen. Generally, clients are trying CONSULT YOUR MLRO
to claim tax allowances to which they are not entitled. We can see that MLROs are regularly providing

77%
useful guidance to staff at their firms.
stated yes. We recommend that staff are regularly reminded
Whether something is reportable in terms of
and encouraged to consult their MLRO on all
‘suspicious activity’ and/or the level of risk.
matters relating to money laundering. The MLRO's
contact information should be easily available.
We asked: what did your staff consult you on? How to do CDD where overseas ultimate beneficial CHANGES IN RISK
When staff consulted on CDD, it was often related owners and complex groups are involved.
Regarding updates to CDD, ICAEW quality
to higher risk clients, adequacy of verification and assurance reviewers noted many firms may pick up
determining beneficial owners. on certain themes such as changes in legislation on
Concerns about ineligible COVID-19 support claims.
higher risk jurisdictions but will miss subtleties like art
dealerships (high end) being highlighted as higher
risk. It is advisable to keep abreast of the changes
Tax evasion and accounting errors on, for example,
in the risk landscape, for example by reading, and
VAT returns.
sharing with staff, the ICAEW risk bulletins.

We asked: what did your staff consult you on? HOW TO MITIGATE RISKS
Where the client is a higher risk, firms tend to seek
out additional verification that the client is who
Other
they say they are, rather than mitigating the real
Covid related claims/fraud money laundering risk. For example, if your client
is resident in a high-risk third country, obtaining
Other potential suspicious activity additional evidence that they are who they say
they are does not mitigate the country risk. Think
Possible tax evasion/vat issues/tax queries about other mitigations, perform online searches,
client screening searches, get an understanding of
CDD related queries
sources of wealth and funds, and then verify them.
0 5 10 15 20 25 30 35%
ICAEW PROFESSIONAL STANDARDS MONEY LAUNDERING REPORTING OFFICER THEMATIC REVIEW 2023   14

REGULATORY COMPLIANCE AND REPORTING

SUSPICIOUS ACTIVITY REPORTING REGULATION

We asked: does your firm have a login for the We asked: what internal/external reporting Firms must remind staff that if they receive
UK Financial Intelligence Unit (UKFIU) portal, process does your firm follow? information that gives rise to a suspicion, or provides
SARs Online? reasonable grounds for suspecting, that another

53% have registered to use SARs Online.

75% of MLROs process internal reports
as soon as they arrive and if an external report is
is engaged in money laundering, an offence is
committed by failing to make a report under section
330, regardless of whether it subsequently transpires
required, they report to the UKFIU within a week. that the money laundering cannot be proven, or that
it did not occur.
We asked: is the MLRO confident that staff
make all the necessary reports?
71% document their reasons for reporting

12%
or not reporting a SAR to the UKFIU.
of MLROs are not confident that staff are
making the necessary reports to the MLRO. If applied
across the ICAEW AML-supervised population, this
would equate to around 1,200 firms.

41% of MLROs who receive internal SARs said

that it was easy to understand the cause for suspicion
and the proceeds of crime. Anecdotally, MLROs told
us they discuss SARs with staff before submission
and this enhances the quality.

22% find the quality of internal SARs variable,

some are well-constructed, and some are not. This
suggests a need for further training for staff.
ICAEW PROFESSIONAL STANDARDS MONEY LAUNDERING REPORTING OFFICER THEMATIC REVIEW 2023   15

ICAEW KEY REFLECTIONS

TRAINING STAFF ON SARS REPORTING The SAR portal makes it easier for firms to submit ENSURE YOU KEEP COPIES OF SARS
Do ensure your firm is an open environment structured, meaningful and comprehensive We will ask to see these when we visit your firm
where staff feel comfortable to discuss concerns or SARs. Increased data quality of submissions will and it is also good practice. You may need to
suspicions. The following training materials should provide enhanced intelligence to the UKFIU, law
reference it in the future and the SAR reporting tool
help you train staff to spot the risks and red flags. enforcement agencies and government departments
does not allow you to review submitted SARs.
in their fight to disrupt criminal activity.
• All Too Familiar — our award-winning, anti-
money laundering training film produced in It is aligned to Government Digital Standards, with
DOCUMENT YOUR REASONS FOR
collaboration with HMRC embedded guidance to support reporters through
SUBMITTING OR NOT SUBMITTING A SAR
their submission.
• Suspicious activity reporting guidance If you are challenged by law enforcement or your
• AMLbites ESSENTIAL READING supervisory body, you must be able to explain
— SARs why you did or did not submit a SAR. It may be
• The NCA has issued a number of SAR guidance
— Risks and red flags publications that there were no proceeds of crime, or you
considered the bar for suspicion was not met.
• We advise firms to use the NCA online reporting Whatever the reason, document it. Make sure
tool for filing SARs and we have listed some
THE NEW SAR PORTAL your documentation is based on the fact pattern
useful resources below.
We were surprised that only 53% of firms have surrounding the transaction.
— Register for the new SARs portal
registered to use SARs Online. We expect all firms
to have registered to use the online reporting tool, — Watch: how to register for the portal
KEEP A SARS LOG
even if they have not yet submitted a SAR. — Access guidance on the portal
This should involve logging the initial internal
SARs Online is a secure, web-based system — How to submit a SAR via SARs online report and any follow-up action taken, and
through which you can submit SARs to the UKFIU. • We also update our SAR webpage on a regular basis. recording reasons for the decisions made.
ICAEW PROFESSIONAL STANDARDS MONEY LAUNDERING REPORTING OFFICER THEMATIC REVIEW 2023   16

MONEY LAUNDERING EMERGING

THEMES AND THE RISKS FIRMS FACE QUOTES FROM OUR FIRMS

We asked: what are the emerging threats and

We have faced very few issues. Our clients
vulnerabilities facing your firm?
approach us to assist them with being
The graph illustrates the number of responses in compliant. Biggest issue emerging is not
each category. necessarily having a close relationship with
client, owing to a more transient/flexible
‘workforce’, so not always local. However, most
Emerging threats clients approach us, as we are local to them.

120
104 Older clients who may be more vulnerable
100 to fraud.

80
64 Crypto industry is starting to emerge, but
60 clients are very small at the moment.
50
47
40
31
Usual trading risk eg, clients with cash
20 transactions — but this type of client is getting
12 10 less as transactions are now mostly through
the bank.
0
Tax Fradulent Fraud Remote Other Hard to Sanctions
evasion COVID–19 clients determine
grant claims UBOs
ICAEW PROFESSIONAL STANDARDS MONEY LAUNDERING REPORTING OFFICER THEMATIC REVIEW 2023   17

AML COMPLIANCE REVIEW ICAEW KEY REFLECTIONS

We asked: who is responsible for compliance We asked: how does your firm follow up
FOLLOW UP YOUR COMPLIANCE REVIEW
reviews? the findings?
Our quality assurance reviewers recommend

70%
The MLRO is responsible for the AML compliance the following.
review in 92% of the firms. Remember, for sole follow up with staff training. 1. Have a robust follow up to compliance
practitioners, with no relevant staff, there is no
reviews. Reviewers recommend that firms
requirement to perform a formal compliance review.

48%
develop an action plan and review the
prepare an action plan to address the effectiveness of implemented changes

87% review completed customer due

diligence for a sample of clients to ensure it
findings. promptly. Many firms seem to just wait for next
year to find the same errors.
2. Review a sample of files quarterly, rather

31%
complies with the firm's procedures. Most of the
findings arising from firms' compliance reviews than annually.
discuss follow up with management.
stem from this review. 3. Plan and consider how to store CDD.
Often the information is disparate. Our
Note: many of the sample were sole practitioners
for whom some of the options weren’t relevant.
reviewers recommend dedicated folders
for the due diligence information.
ICAEW PROFESSIONAL STANDARDS MONEY LAUNDERING REPORTING OFFICER THEMATIC REVIEW 2023   18

AML COMPLIANCE REVIEW CONTINUED

We asked for examples of findings from AML VERIFICATION KNOW YOUR CLIENT
compliance reviews. We found firms are performing
robust reviews with clear follow-up action to their
findings. These responses alone clearly indicate the We identified that less face-to-face meetings were I conducted a review of a random sample of new clients
compliance review process does add value, particularly happening so needed a better way to obtain and verify (some large, some small, some limited companies/some
when a firm includes a sample of client file reviews. ID. We now use a biometric electronic verification tool. trusts etc) that had been engaged with the firm in the
previous 12 months to ensure that the correct AML/
The selection of comments shown below describe client set-up procedure had been followed.
common findings and how firms addressed the issues INDUCTION
I identified two issues.
which you may find helpful.
1. Appropriate KYC documentation was not held.
New staff unaware of MRLO. Reminder to all staff in the
next team meeting and location of written procedure 2. An appropriate AML risk assessment had not been
ONGOING DUE DILIGENCE AND TRIGGER EVENTS carried out and saved in the appropriate folder.
pointed out to all staff.

In both cases, I reviewed the files, had a one-to-one chat

Spot-check revealed changes in ownership not picked- RISK ASSESSMENTS with the staff involved to ensure they understood fully
up at time of change. Renewed CDD undertaken and
the issues involved and then also ensured that the gaps
highlighted in staff discussions.
on these clients' AML files were addressed.
Knowledge of what constitutes a high-risk client —
provided training to all relevant staff.
Annual client checklist questions for clients were yes/no
SUSPICIOUS ACTIVITY REPORTING
answers which could result in inadequate thought being
applied to the answer. We rephrased the questions to Understanding of assessing risk as part of the CDD Uncertainty of when to report and whether tipping off —
encourage more active thought into the answers and process — we revisited the new client documentation to contacted ICAEW helpline.
discussed the impact from an AML perspective in a improve usability and provide better prompts to staff
training session with all employees. and ran a mandatory training session to revisit the risk
assessment process/indicators of risk/documentation
requirements. We find that the staff respond more
positively to specific examples that reflect their daily
experience, so some examples were shared that were
specific to our client base.
ICAEW PROFESSIONAL STANDARDS MONEY LAUNDERING REPORTING OFFICER THEMATIC REVIEW 2023   19

ICAEW KEY REFLECTIONS

We have collated the most common firm findings from next perform an engagement for the client, the AML LACK OF A ROBUST MONEY LAUNDERING
firms' own compliance reviews and summarised them checks are automatically completed. RISK ASSESSMENT
here, along with our key reflections on what firms need This was a reasonably common finding, with
to do to put them right. VERIFICATION firms also stating that they felt staff had failed to
Lack of evidence of verification of the client was just understand what constituted higher risk. Some firms
EXPIRED IDENTIFICATION DOCUMENTS behind ongoing due diligence in common findings provided additional training to staff as a result. It is
Twelve firms identified this as a compliance failure in from AML compliance reviews. important that your firm’s staff training highlights the
their AML compliance review. They then asked their factors that elevate the risk of a client being involved
A few considered a move to electronic verification
clients for updated documentation. in money laundering. The regulations are clear that
an appropriate response to this finding. Under the
ICAEW does not expect you to go back to clients to UK's anti-money laundering regime, information risks are elevated where there are links to high-risk
refresh this documentation if the documents have met from electronic databases is an acceptable form of third countries and/or politically exposed persons.
an expiry date. verification for clients' identities. Electronic identification We do have a number of AMLbites videos on risks
can be used either as part of a wider process or, where and red flags, and these explain factors that may
If you have verified the client then there is no need to heighten the risk of a client being involved in money
appropriate, as the only source of identification. The
ask them again for current documentation, unless you laundering.
regime is not prescriptive; the onus is on businesses
have concerns that the client may have misled you at
to adequately satisfy themselves of clients' identities
the start of the relationship and/or you have become
on a case-by-case basis. But before using these tools, SUSPICIOUS ACTIVITY REPORTING
suspicious that they are not who they claim to be.
businesses should assess for themselves whether the There weren’t too many findings here but where firms
information mined from these databases is sufficiently reported compliance issues, these were linked to
ONGOING DUE DILIGENCE — MOST COMMON
reliable, comprehensive and accurate. weaknesses in process. It was comforting to see firms
FAILING IN FIRMS' COMPLIANCE REVIEWS
identify and address this issue.
Firms are required to regularly review their CDD and KNOW YOUR CLIENT (KYC)
assess whether there have been changes to the risk Firms' response to this failing was to provide
profile of the firm and/or changes to ownership that may This was third in the list of common findings, with
training to staff to ensure they understand the firm’s
require a reassessment of risk and additional verification. firms stating that staff had not gathered enough
procedures and when a SAR should be submitted.
information on the client to inform the risk assessment
Staff should be aware of who to report suspicion to
When reviewing client files, firms found files with no and verification procedures. It is important to ensure
and how to report that suspicion.
evidence of ongoing due diligence. In a few cases you can make an informed decision on risk and the
there had been changes to the client’s ownership KYC gathered is fundamental to this.
structure which had not been recorded and no due TRAINING FOR NEW STAFF
diligence performed on new owners/directors. You should gather information such as the nature of the A few firms reported that their review revealed
client’s trade, the ultimate beneficial owners, location new staff had not had adequate training on money
Ensure you have procedures to regularly review your of the client and linked parties, services provided to the laundering procedures and rectified this.
CDD for all clients and that the procedures include client, sources of funds/wealth where relevant, and if
a requirement to evidence that review. Some firms you will be handling client money. We will expect you Ensure your firm has prompt training for staff on its
choose to link their CDD updates to the planning to have enough information to inform your conclusion anti-money laundering procedures, and when and
section of an engagement file, so that when they on the money laundering risk. how to report a suspicion.
ICAEW PROFESSIONAL STANDARDS MONEY LAUNDERING REPORTING OFFICER THEMATIC REVIEW 2023   20

THE MLRO'S ROLE IN CDD ICAEW KEY REFLECTIONS

We asked: what is your firm’s policy regarding CDD? APPROVING CLIENT TAKE-ON CLIENT ACCEPTANCE
AND CONTINUANCE
40%
We were pleased to see the effectiveness of our
We believe that if the client onboarding process MLROs in protecting their firms from the risk of
of MLROs approve client take-on and
or a review of existing CDD suggests a client is taking on a client that could be involved in money
ongoing acceptance where CDD concludes a client is
higher risk, for example there is a politically exposed laundering.
higher risk.
person or a link to a higher risk jurisdiction, the
We commend MLROs and our supervised firms for
MLRO should have the following.
their risk management.
Many firms also responded that they did not accept
• Sight of the information that suggests the client is
higher risk clients, hence no referral to the MLRO. If the MLRO advises against client acceptance
higher risk.
because of risk, then document this and we would
• Authority to decide whether the client is accepted expect your firm to disengage. If not, ensure the
and/or the business relationship continued. reasons for acceptance are robust and that you are
We asked: does your firm follow your
recommendations on high-risk clients? The MLRO could decide to perform additional not in a position where you could be accused of
verification checks to mitigate risks and/or consult, facilitating or even enabling money laundering/

52%
perhaps with ICAEW. criminal activity.
of firms have disengaged from, or turned
down, a client based on the MLRO’s intervention due
to money laundering risks.

Two firms continued an engagement, despite

recommendations from the MLRO to disengage.
ICAEW PROFESSIONAL STANDARDS MONEY LAUNDERING REPORTING OFFICER THEMATIC REVIEW 2023   21

SECTION 3: RESOURCES
ICAEW PROFESSIONAL STANDARDS MONEY LAUNDERING REPORTING OFFICER THEMATIC REVIEW 2023   22

ALL RESOURCES ARE AVAILABLE AT icaew.com/AMLresources

AML Risk Bulletins. Our AML – the essentials. Our AMLbites. A series of
quarterly email to MLROs, quarterly round-up of AML- 10-minute videos aimed
setting out emerging AML relevant material published at MLROs, compliance
risks as identified by the each quarter. Issues principals and people in
JMLIT/NCA and within the regularly include material regulatory roles. They are
sector, including our COVID on suspicious activity also useful as training tools
risk bulletin. reports, risk and fraud. for staff.

A R TICLES
Regular articles cover topical
All Too Familiar. ICAEW’s ICAEW technical helpline
issues to help MLROs keep up
first training film focusing
to date. Recent topics include
on economic crime,
how firms should comply with
produced in collaboration
financial sanctions and the
with HMRC.
ban on accounting and audit
services to Russia.

WEBIN A RS THEM ATIC RE V IE WS

A series of live webinars presented This is our fifth thematic review. The previous reviews can be
by an expert panel where key money found at icaew.com/amlresources and by using the links below.
laundering topics are demonstrated
with the help of case studies and • COVID fraud — Thematic Review, guidance and information
Q&As. The recordings are available • Sanctions — Thematic Review, guidance and information
to watch again. Recent topics have • Suspicious Activity Reports — Thematic Review, guidance
included a practical guide to money and information
laundering risks, how to spot red
• Trust and Company Service Providers — Thematic Review,
flags around cryptoassets, and how to
guidance and information
verify clients.
ICAEW’s regulatory and conduct roles Chartered accountants are talented, ethical and committed ICAEW
Our role as an improvement regulator is to strengthen professionals. ICAEW represents more than 202,450 Professional Standards Department
confidence and trust in those regulated by ICAEW. members and students around the world. All of the top Metropolitan House
We do this by enabling, evaluating and enforcing the 100 global brands employ chartered accountants.* 321 Avebury Boulevard
standards expected by the profession, oversight regulators Milton Keynes
Founded in 1880, ICAEW has a long history of serving
and government. MK9 2FZ, UK
the public interest and we continue to work with
ICAEW’s regulation and conduct roles are separated governments, regulators and business leaders globally.
T +44 (0)1908 248 250
from ICAEW’s other activities through internal governance And, as a world-leading improvement regulator, we
E [email protected]
so that we can monitor, support and take steps to ensure supervise and monitor over 12,000 firms, holding them,
icaew.com/amlsupervision
change if standards are not met. These roles are carried out and all ICAEW members and students, to the highest
by the Professional Standards Department and overseen standards of professional competency and conduct.
by the ICAEW Regulatory Board and oversight regulators
We promote inclusivity, diversity and fairness and we give
including the Financial Reporting Council, Office for
talented professionals the skills and values they need to
Professional Body Anti-Money Laundering Supervision, the
build resilient businesses, economies and societies, while
Insolvency Service and the Legal Services Board.
ensuring our planet’s resources are managed sustainably.
We: ICAEW is the first major professional body to be carbon
• authorise firms and individuals to undertake work neutral, demonstrating our commitment to tackle climate
regulated by law: audit, local audit, investment business, change and supporting UN Sustainable Development
insolvency and probate; Goal 13.
• support professional standards in general accountancy
We are proud to be a founding member of Chartered
practice through our Practice Assurance scheme;
Accountants Worldwide, a network of 750,000 members
• provide robust anti-money laundering supervision and
across 190 countries which promotes the expertise and
monitoring;
skills of chartered accountants around the world.
• monitor registered firms and individuals to ensure they
operate in accordance with laws, regulations and expected We believe that chartered accountancy can be a force for
professional standards; positive change. By sharing our insight, expertise and
• investigate complaints and hold ICAEW Chartered understanding we can help to create sustainable economies
Accountants and students, ICAEW-supervised firms and and a better future for all.
regulated and affiliated individuals to account where they
fall short of the required standards; www.charteredaccountantsworldwide.com
• respond and comment on proposed changes to the law www.globalaccountingalliance.com
and regulation; and
• educate through guidance and advice to help ICAEW’s
regulated community comply with laws, regulations and ICAEW is
* Includes parent companies. Source: ICAEW member data
expected professional standards. March 2023, Interbrand, Best Global Brands 2022 carbon neutral

© ICAEW 2023 METCAH20648 11/23