As we approach the end of the year, many firms will be considering their MLRO report, to be submitted to senior management for review and approval.

MLROs are required to submit the report annually and show why they believe they have adequate resources, systems and controls to manage the risk of their firm being used to assist criminals in moving the proceeds of crime – or more importantly, why they believe they are not able to meet this requirement.

Each year, the FCA highlights the fight against financial crime as one of its top priorities and this year has been no different. The regulator has continued to demonstrate it is not afraid to impose heavy fines on firms that do not meet their standards, as shown by the £102 million fine imposed on Standard Chartered Bank for poor money laundering controls in April of this year.

Firms can sometimes be guilty of overlooking the importance of the MLRO report and this year’s implementation of the SMCR regime may appear to be the more important area on which to focus.

However, the FCA require all firms to show how they are managing the risks of money laundering in their business no matter what other activity is taking place in the regulated sphere.

A strong MLRO Report will go a long way in showing this and engaging senior management in the AML programme implemented by the firm. Being specific about your business, the risks it is exposed to and what you are doing to mitigate those risks should be to the forefront of your report. The report should be sent to the firm’s appropriate senior management governance committee or Board of Directors for review and approval. Senior management should be encouraged to review and question the report to show they are fully engaged with the firm’s AML programme.

As the 4th Money Laundering Directive beds in, we have the 5th Money Laundering Directive being introduced in January 2020. Firms should be able to show they are able to meet the requirements of the new directive as it stands. We are still awaiting guidance on the UK government’s implementation of the 5MLD however, there is plenty that firms can do to prepare should they be affected by it. Firms can use the MLRO Report to show their preparedness and how they are going to deal with the effects of the new Directive.

We find firms often fail to complete an MLRO report or that it is not reviewed by anyone at a firm other than the MLRO.  Other common issues are firms not having an up to date risk assessment or policy.   Hedge funds often state there is no risk and their administrator does everything for them or the only client they have are the funds they manage. This is not the view the FCA would take.

All regulated firms should have the following in place:

An appropriate AML Policy;

Up to date AML risk assessment;

Annual MLRO report;

Regular AML training;

Evidence of administrator oversight; and

Regular MI in relation to investor AML records.

At Comsura, we have an MLRO Report template that firms can use, along with guidance on its completion and a regulatory update. We can also assist firm with general AML documentation and training. Contact us at: