Money laundering changes for suspicious activity reports and credit and financial institutions

Upcoming changes to the UK’s anti-money laundering regime – Part 2

In July 2021, HM Treasury launched a new AML consultation entitled ‘Amendments to the Money Laundering Terrorist Financing and Transfer of Funds Regulations 2017’. This consultation outlined ways in which the government intended to amend the UK’s money laundering regulations (MLRs) with several time-sensitive updates. The planned updates are required to ensure that the UK continues to meet international AML standards, whilst also clarifying how the UK’s anti-money laundering and counter-terrorist financing (AML/CTF) regime works. 

The changes to the MLRs have been made through draft secondary legislation entitled ‘the Money Laundering and Terrorist Financing (Amendment) (No. 2) Regulations 2022’. Most of the measures in this SI will come into force on 1 September 2022, subject to parliamentary approval.

In this series of blog posts, we take a closer look at what these changes will mean for anti-money laundering compliance.

Suspicious Activity Reports

The consultation sought views on options to improve the consistency of the approach to accessing Suspicious Activity Reports (SARs) by supervisors. The majority of responses supported the proposal, stating that explicit legal power to access SARs would allow supervisors to identify risks to their supervised populations, to assess those populations’ understanding of risk and to determine the quality and consistency of reporting. 

The government decided to take this amendment forward through the SI. This will give a clear legal gateway for AML/CTF supervisors to access, view and consider the quality of the content of SARs submitted. 

Credit and financial institutions (Regulation 10)

The consultation proposed steps to clarify the activities that make a person a credit and financial institution as per Regulation 10 of the MLRs. This clarification would remove ambiguity over whether an activity is in scope and will help all UK regulated firms understand their obligations under MLR requirements. 

However, the government decided that the policy and legal analysis required to appropriately define all forms of credit and financial institution in detail would be too complicated and technical to undertake, and will require longer-term discussions with the industry to ensure that any change to Regulation 10 won’t have unintended consequences. Therefore, the government has decided not to take this measure forward.

VinciWorks’ AML and SRA training and solutions

SRA compliance solution – personalised training and centralised reporting

SRA compliance solutions

Get your entire firm on board with the SRA compliance process with our complete SRA compliance solution. The SRA puts a significant burden on firms to train their staff on the Standards and Regulations in addition to managing compliance registers and processes such as annual declarations, undertakings, diversity surveys and more. Our SRA compliance suite allows firms to comply with every requirement of the SRA through personalised SRA training and centralised SRA reporting.

Anti-money laundering training and client onboarding solution

Our anti-money laundering training is interactive and customisable for any business and any user, anywhere. Our courses are packed with realistic scenarios, real-life case studies and every customisation option you can think of. We have everything from in-depth induction training to refresher courses and five-minute knowledge checks. 

Our AML client onboarding solution offers one central platform to complete client risk assessments, due diligence and ongoing monitoring. Using Omnitrack, our centralised, flexible tracking and reporting tool, our AML solution enhances both the risk assessment and document collection aspects of client onboarding.

If you are interested in any of our solutions, complete the short form below and a member of our team will get in touch.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

“In a world older and more complete than ours they move finished and complete, gifted with extensions of the senses we have lost or never attained, living by voices we shall never hear.”

Picture of James

James

VinciWorks CEO, VInciWorks

Spending time looking for your parcel around the neighbourhood is a thing of the past. That’s a promise.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.