Professional Documents
Culture Documents
envisaged. As Tranche Two has yet to be finalised, there may be changes to the obligations under the AML Act.
These obligations will apply to practices which provide designated services. Designated services have yet to be finalised, but will most likely reflect the Financial Action Task Force (FATF) Recommendation 12 3 for lawyers when they prepare for or carry out transactions for clients concerning the following activities: buying and selling of real estate; managing of client money, securities or other assets; management of bank, savings or securities accounts; organisation of contributions for the creation, operation or management of companies; and creation, operation or management of legal persons or arrangements, and buying and selling of business entities.
ILLUSTRATION JIM TSINGANOS
M O N E Y L AU N D E R I N G
LEGAL PRACTITIONERS NEED TO BE PRO-ACTIVE IN UNDERSTANDING AND REDUCING MONEY LAUNDERING AND TERRORIST FINANCING RISKS. BY PADDY OLIVER
satisfied that a client is who they claim to be;5 and collecting and verifying minimum know your customer (KYC) information.
complicated business structures which make it difficult to ascertain the real or beneficial owners; complex, unusual or uneconomic transactions; and no underlying legal service. These client ML/TF risks are closely aligned to the risks overall faced by a practice. If a practice keeps potential high risk clients from becoming clients, it reduces the overall risk profile of the practice and the ML/TF risk.
AML/CTF program
A regulated practice will be required to have, and to comply with, an AML/CTF program: ss81 and 82. An AML/CTF program has two parts: Part A general; and Part B client identification: s84. A non-regulated practice could consider using these as a basis for an AML/CTF program. Part A relates to the identification, management and mitigation of the ML/TF risks that the regulated practice may reasonably face, including (Ch 8): ensuring systems are in place to assess the ML/TF risk of designated legal services provided; screening staff prior to employment and ongoing screening; training staff in ML/TF risks, internal systems and processes, and the consequences of non-compliance; and ongoing client due diligence, including the monitoring of client matters. Part B relates to client identification procedures and includes (Ch 4): establishing methods for identifying clients (and their agents), to enable the reg ulated practice to be reasonably
Business risks
Client risk factors
Clients with the following ML/TF risk indicators may pose a higher risk to a practice: cash businesses with the potential to co-mingle legitimate and illegitimate funds;
41
M O N E Y L AU N D E R I N G
UNDER THE RISKBASED SYSTEM, IT WILL BE FOR THE PR ACTICE TO JUSTIFY THE REASONABLENESS OF ITS DECISIONS, SYSTEMS AND PROCESSES TO AUSTR AC OR, POTENTIALLY, A COURT.
Regulatory risks
A regulated practice faces regulatory risk by breaching the civil penalty provisions of the AML Act. These include: failure to report a suspicious matter (s41); failure to keep records (Pt 10); and failure to identify a client (Pt 2). Regulatory risk is mitigated by putting systems and controls in place to ensure that these obligations are not breached and by auditing those systems.
Result of the RA
The outcome of the RA will be information which will allow the practice to rank the ML/TF risks as high, medium or low. The ranking is the product of the chance of the risk happening (likelihood) and the impact if the risk happened (consequence). After ranking, an informed decision can be made as to the risk mitigation strategy and controls. One mitigation strategy for high risks may be to stop providing a service or servicing a segment of clients. Alternatively, high risk services and/or clients may have extra controls placed on them. The practice may accept all the low and medium ML/TF risks, but place extra controls around the medium risks.
The concepts are complementary. Client acceptance procedures include: identifying the client, who is providing the instructions, and the extent of those instructions; assessing client risk, including ML/TF risk; politically exposed persons (PEP) risk;9 prohibited persons subject to sanctions risk; conf licts of interest; client financial risk; location does the client come from a jurisdiction or area with a higher ML/TF risk?; work type does the practice carry out the type of work required?; the ability and capacity of the practice to do the work to the required standard in the timeframe available; the client accepting standard, and AMLrelated, terms and conditions; and the overall terms of the retainer.
help from inside organisations to assist and facilitate ML/TF. EDD ensures that a regulated practice will: determine whether and how to screen any prospective staff member who, if employed, may be in a position to facilitate an ML/TF offence; determine whether and how to re-screen a staff member whose role changes and thereafter may be in a position to facilitate an ML/TF offence; and manage any staff member who fails to comply with the AML/CTF program: (Ch 8.3). All staff members, including accounts staff, fee-earners, solicitors and partners, should be considered for EDD as there are ML/TF risks at all levels.
Ongoing RAs
After the initial RA it is important to undertake regular ongoing reviews of the RA. There is an obligation, and best practice for those non-regulated practices, to assess the ML/TF risk posed by: all new designated legal services (e.g. new practice areas); all new methods of delivery of designated legal services; and all new technologies used for the provision of designated legal services: Ch 8.
ECDD
ECDD involves extra procedures that a practice would adopt when a client or matter meets certain defined risk criteria. In the context of legal practice it may be that ECDD will already be standard practice around retainer management. If a practice has robust client and matter acceptance procedures, they will most likely cover the ECDD requirement. ECDD may arise in situations where the client is new, is a non face-to-face client or a PEP. ECDD must be applied when a regulated practice: determines that there is a higher ML/TF risk; or a suspicion has arisen under s41: Ch 15
M O N E Y L AU N D E R I N G
system, it will be for the practice to justify the reasonableness of its decisions, systems and processes to AUSTRAC or, potentially, a court. It is important to keep records of RA decisions throughout a matter, including matter opening and periodic assessments. A contemporaneous note is best practice.
Conclusion
A robust AML/CTF program based on a thorough ML/TF risk assessment and linked to the current risk management system will provide an effective method to mitigate the ML/TF risks reasonably faced by a practice. It may also help improve overall risk management.
PADDY OLIVER is a lawyer, management consultant and director of legal risk with SSAMM Management Consulting. He has worked extensively in the areas of risk management, compliance and anti-money laundering for both legal and financial services organisations in Australia and the UK. Parts and sections in this article refer to the Anti-Money Laundering & Counter-Terrorism Financing Act 2006 (Cth) and chapters refer to the Anti-Money Laundering & Counter-Terrorism Financing Rules 2007 (Cth). 1. This article is a sequel to the authors article Danger in the laundry: risks for all under money laundering laws (2008) 82(11) LIJ 62. All opinions expressed are those of the author and are based on materials publicly available. 2. Practitioners are currently regulated by the Financial Transactions Reports Act 1998 (Cth) (FTRA), requiring reporting of cash payments over $10,000, and will continue to be so regulated until the AML Act supersedes the FTRA in relation to practitioners. 3. FATF, Forty Recommendations on Money Laundering, 2003, http://fatf-gafi.org/pdf/40Recs-2003_en.pdf. 4. FATF, Guidance on the Risk Based Approach to AML, June 2007, para 1.7. 5. It is arguable that practitioners should actually know who the client is before forming a retainer. 6. AUSTRAC Guidance Note , Risk Management and AML/CTF Programs; AS4360:2004, Risk Management. 7. Department of Foreign Affairs & Trade; US State Department. 8. Criminal Code Act 1995 (Cth), Div 400. 9. PEPs are foreign high-ranking government or military officials, their family members and close associates. Names of PEPs and prohibited persons are available from government and commercial watch lists. 10. AUSTRAC, Public Legal Interpretation No 6 of 2008: Suspect transactions and suspicious matters, para 56. 11. AUSTRAC Guidance Note, AML/CTF Compliance Officers, 08/02.
Auditing
There is an obligation to independently audit, internally or externally, the AML/ CTF program: Ch 8.6. A good risk management system will provide for auditing and review of the system. Practices should carry out an annual risk audit which includes the AML/CTF program. A practices ML/TF risk profile will change over time, just as its overall risk profile changes. Partners need to know and understand the risks to allow for strategic risk decisions to be made. The audit findings should be included in the annual AML report to the partners. AML-related checks can be incorporated in general file auditing. Is the client acceptance and file opening procedure being circumvented? Do fee-earners and staff know and understand the overall file opening procedure and the importance of the AML checks? Is the ML/TF risk being considered through the life span of the matter or client relationship?
Fraud surveillance
Although not an AML Act obligation, it would be considered best practice to adopt fraud surveillance systems, especially to identify mortgage and power of attorney fraud.
AMLCO
The AMLCO will be a vital role, both strategic and operational, and therefore should be a partner with seniority who knows and understands the risk profile of the practice: Ch 8.5. The AMLCO has many responsibilities, the most important being decision making around reporting, both internally and externally; audit and review of the AML program; and staff training.11 A good AMLCO could save a practice from criminal prosecution or regulatory action, save its reputation and ensure its continued survival.
List
Ground Floor, 555 Lonsdale Street, Melbourne Ph 03 9225 6444 Fax 03 9225 6464 DX 88 Melbourne Email paulholmes@vicbar.com.au Website www.holmeslist.com.au Mobile 0417 362 010
L
L I J
Paul Holmes
Barristers Clerk
www.holmeslist.com.au
PaulHolmes_4H_1208.indd 1