Pt 7. Anti Money Laundering, Data Protection and Complaints

Question 1

What is money laundering?

Answer 1

The process by which money is obtained illegally is converted into apparently legitimate funds.

Question 2

What is the 3 stage process to money laundering?

Answer 2

1. Placement - the movement of illicit cash into, for example, bank or building society accounts or life assurance policies and other packaged investments.
2. Layering - this involves a series of transactions intended to conceal the origins of the illicit money.
3. Integration - the process by which laundered money is finally converted into the proceeds of a legitimate business or investment portfolio.

Question 3

At which stages of the money laundering process would most likely involve a financial services business?

Answer 3

• Placement and layering

Question 4

What are the main rules to combat money laundering?

Answer 4

• Specific legislation
• applies to everyone and defines what represents a criminal offence and the penalties for such offences.
• Money Laundering Regulations
• applies to a stated range of financial sector businesses, such as life assurance companies.
• FCA rules and guidance
• applies in different ways to various categories of FCA regulated businesses.

Question 5

What is the Proceeds of Crime Act 2002?

Answer 5

It created the following criminal offences:

• concealing, disguising, converting or transferring criminal property or removing it from the UK.
• acquiring, possessing or using criminal property.
• failing to disclose that someone else is engaged in money laundering.

Question 6

What is NCA?

Answer 6

• National Crime Agency
• They exist to recover the proceeds of criminal activity.

Question 7

What are Money Laundering Regulations 2017 (MLR)?

Answer 7

• They implement the requirements of the EU’s Fourth Money Laundering Directive, since supplemented by the Fifth MLD, which came into force in UK in January 2020.
• It requires systems to be created and maintained for the prevention and control of money laundering for effective training to be in place.

Question 8

What are the 3 types of due diligence?

Answer 8

Customer Due Diligence (CDD) - includes verifying the identity of the customer, and obtaining information on the purpose for the business relationship.

Simplified Due Diligence (SDD) - measures to a particular business relationship or transaction if it determines that, taking into account its risk assessment, the business relationship or transaction presents a low degree of risk.

Enhanced CDD - needed if customer is not present for the transaction or a PEP, measures are required such as production of additional documents to establish identity, confirmation of identity from an appropriate FI or payments through an account with credit institution in customer’s name.

Question 9

How to establish client verification?

Answer 9

• Valid passport
• ID card
• Photocard driving license (Full or provisional)
• Firearms certificate
• Shotgun licence

Question 10

What are alternative methods for client verification?

Answer 10

• Old-style driving licence supported by an additional document such as a utility bill showing current address.
• Home visit, if clear the house is the client’s personal residence, as 1 of 2 means of identification.
• Client’s bank or other reputable FI asked to verify their identity.

Question 11

When does client verification occur?

Answer 11

• It should take place before any transactions are completed.
• Clients records should be kept for 5 years.

Question 12

What is Electronic Identity Verification (eIDV)?

Answer 12

• Systems that use public and private databases to confirm an individual is who they claim to be; using personal information such as name, date of birth, National Insurance number and address.

Question 13

When verifying companies, what following details must be established?

Answer 13

• Company registration number
• Registered address
• Evidence the individual has authority to act for the business

Question 14

What is a Money Laundering Reporting Officer (MLRO)?

Answer 14

The appointment of, and the policies and procedures put in place by, the MLRO.

Question 15

What is Customer Due Diligence (CDD)?

Answer 15

Verifying the ID of customers and information about the intended nature of business reationship.

Question 16

What is ongoing monitoring?

Answer 16

Scrutinising transactions to ensure they are consistent with previous knowledge of the client.

Question 17

What are identification procedures?

Answer 17

2 stages:

1. Obtaining information from a client (name, address, DOB etc).
2. Verifying this using a reliable independent source.

Question 18

What is staff awareness and training?

Answer 18

To make sure all staff are aware of relevant legislation, and have received training on ID procedures, and how to recognise suspicious transactions.

Regular re-training is also necessary.

Question 19

What is enforcement?

Answer 19

The right to enter and inspect premises, and impose penalties, with partners and directors imprisoned for up to 2 years if they fail to comply.

Question 20

What is suspicious activity reporting?

Answer 20

• This must be reported to the MLRO, who will then consider the matter in light of all relevant information available, and decide whether or not to make disclosure to National Crime Agency (NCA).
• MLRO is required to make reports to NCA, where they know or suspect or have reasonable grounds for knowing or suspecting, that a person is engaged in money laundering or terrorist financing.

Question 21

What is firm annual reporting?

Answer 21

• MLRO must report annually to senior management and the firm’s governing body about the effectiveness of its systems and controls.

Question 22

What is record keeping?

Answer 22

• Records of a clients ID must be kept for 5 years after the end of customer relationship or 5 years from when transaction was completed.

Question 23

What are protection measures?

Answer 23

• The names of those reporting suspicious transactions must be kept confidential.

Question 24

What are financial sanctions?

Answer 24

• A criminal offence to make payments, or allow payments to be made to targets on sanctions list maintained by HM Treasury.
• Firms need to have appropriate means of monitoring payment instructions to ensure no payments are made to targets or their agents.

Question 25

What are examples of suspicious activity reporting (SAR)?

Answer 25

• When a client is using intermediaries to protect their identity or hide their involvement.
• A sudden significant improvement in client finances, but they are unable to explain where money came from.
• Money being paid by a third party, who does not appear to have any connection with the client.

Question 26

Who does GDPR apply to?

Answer 26

• Data controllers - those who say how and why personal data is processed, with processors required to maintain records of personal data and processing activities.
• Data processors - those who act on behalf of controllers, must ensure their contacts with processors comply with GDPR.

Question 27

What is Data Protection Act (DPA) 2018?

Answer 27

This is wider in scope than GDPR covering:

• the processing of general data
• law enforcement processing
• national security processing
• regulation and enforcement

Question 28

What are the 6 data protection principles for personal data?

Answer 28

1. Processed lawfully, fairly and in a transparent manner in relation to individuals.
2. Collected for specified, explicit, and legitimate purposes, and not further processed in a manner that is incompatible with those purpose.
3. Adequate, relevant and limited to what is necessary in relation to purposes for which they are processed.
4. Accurate, and where necessary kept up to date.
5. Kept in a form which permits identification of data subjects for no longer than necessary for purpose for which personal data is processed.
6. Processed in a manner ensures appropriate security of personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.

Question 29

Where should all businesses handling personal data register to?

Answer 29

• They may register with Public Register of Data Controllers maintained by Information Commissioner’s Office (ICO).
• Firms must provide information about the type, and purpose of data they process and identify who has access to it.
• All firms have a duty to report certain types of data breach to ICO.

Question 30

What are the GDPR rights to individuals?

Answer 30

• Right to be informed
• Right of access
• Right to rectification
• Right to erasure
• Right to restrict processing
• Right to data portability
• Right to object
• Rights in relation to automated decision making and profiling.

Question 31

What is a complaint?

Answer 31

Under FCA rules, a complaint is any oral or written expression of dissatisfaction, whether justified or not from or on behalf of a person about the provision of or failure to provide a financial service.

The complaint should allege the complainant has suffered financial loss, material distress or material inconvenience which related to an activity which comes under jurisdiction of the Financial Ombudsman.

Question 32

What are eligible complainants?

Answer 32

• Consumers
• Micro-enterprises with fewer than 10 employees and turnover or balance sheet total of no more than 2m euro.
• Charities with annual income of less than £6.5m
• Trustees of a trust with net asset value of less than £5m
• Consumer buy-to-let (CBTL) consumers
• Small business with annual turnover of less than £6.5m and fewer than 50 employees or a balance sheet total of less than £5m.
• Guarantors

Question 33

What should a firm do if it receives a complaint?

Answer 33

• Should supply a copy of the complaints procedure to the complainant, unless matter is resolved within 3 business days.
• Firm is only required to send a summary resolution document.

Question 34

What is a summary resolution document?

Answer 34

• Refers to the fact that the complainant has made complaint and the matter is considered to be resolved.
• Tells the complainant they have the right to refer the matter to FOS.
• Indicates whether time limits for doing so will be waived.
• Provides the FOS website address.
• Refers to the availability of further information on the FOS website.

Question 35

What are the complaints timescale?

Answer 35

• Firm must acknowledge complaint within reasonable time (for the firm to decide what is reasonable and be able to justify this).
• Firm must keep the complainant informed of the process.
• Firm must provides a final or other response within 8 weeks from the date of written acknowledgement of the complaint.

Question 36

What are the stages of a complaint timescale?

Answer 36

1. Prompt - within 5 working days, send copy of complaints procedure, assign someone to handle complaint, provide contact detaisl of referral.
2. ‘Keep the client informed’ - within 4 weeks, send summary of complaint, investigate summary, details of offer, and time limit, and details of FOS.
3. Within 8 weeks - send final response as at 4 weeks, explain when firm will be able to resolve complaint, and customers right to refer FOS within next 6 months.

Question 37

What is true about the Financial Ombudsman Service (FOS)?

Answer 37

• Time limits apply to making of a complaint to the FOS.
• FOS decisions binding on both complainant, and respondent to compliant.
• Max. binding award FOS can make against respondent to complaint is generally £355,000 plus associated costs.
• FOS jurisdiction is restricted to activities carried on, in or from a UK establishment.

Question 38

What is the FOS liability status?

Answer 38

• Consists of a chief ombudsman, and panel of ombudsmen.
• Not liable for their actions unless bad faith or breach of Human Rights Act 1998.

Question 39

When should eligible complainant refer matter to FOS, within earliest of?

Answer 39

• 6 months after firms final response
• 6 years after event complained about,or if later
• 3 years after complainant knew, or should have known, that they had cause for complaint.

Question 40

When can FOS conside complaints outside certain time limits?

Answer 40

• In exceptional circumstances, or in certain cases involving pensions.

Question 41

What is the decision process for FOS?

Answer 41

• Must notify decisions with reasons in writing to both parties.
• Complainant must accept or reject decision within specified time limit.
• If accepted, its bind on respondent.
• If rejected, they are free to pursue matter in court.
• If ‘no response’, treated as rejection by complainant and respondent no longer bound by decision.

Question 42

When can the FOS assign awards?

Answer 42

• For distress or inconvenience, interests and costs.
• Recommend a higher award against respondent, but not binding.
• Respondent cannot be awarded against claimant, but complainant can be charged with own costs if conduct has been unreasonable.
• Directions award tells firms what action they must take to put things right for the customer.

Question 43

What is meant by compulsory jurisdiction for FOS?

Answer 43

• Takes in all regulated activities, plus mortgages and unsecured lending, paying money by plastic card, ancillary banking services and consumer credit.
• Can also deal with complaints about NS&I.

Question 44

What is a Pensions Ombudsman?

Answer 44

• They have a memorandum of understanding with FOS for personal pensions and small occupational schemes.
• Under agreement, FOS deals with compliants concerning circumstances of sale, while Pension Ombudsman handles any problems concerning management or admin of scheme.

Question 45

What is FSCS?

Answer 45

• Financial Services Compensation Scheme
• The compensation fund of last resort for customers of authorised financial services firms, if firm becomes insolvent or ceases trading the FSCS may pay compensation.
• Covers private individuals, and smaller businesses.
• Most eligible in respect of LT insurance, and all for compulsory insurance.

Question 46

What is ‘in default’ elibility mean by FSCS?

Answer 46

• The firm is unable (or likely unable) to satisfy protected claims against it (e.g. protected deposit, protected insurance contract, protected investment business).

Question 47

When will a claim to FSCS relate to?

Answer 47

• A protected deposit
• A protected insurance contract
• A protected investment business

Question 48

What are the compensation limits for the FSCS?

Answer 48

1. Deposits, Investments & Home Finance - 100% of first £85,000 per person, per authorised firm.
2. LT Insurance Business - No upper limit on amount of protection; product providers - 100% of claim with no upper limit, intermedaries - 90% with no upper limit.
3. Pensions - Pension provider - 100% of claim, SIPP operator - 100% of claim up to £85,000.
4. General Insurance - 90% of claim no upper limit for non- compulsory insurance; 100% of claim/unexpired premiums with no upper limit for compulsory insurance (e.g. employers liability insurance).

Question 49

When can FSCS reduce compensation?

Answer 49

• Evidence of contributory negligence by claimant.
• Paying full amount would provide greater benefit than claimant might reasonably have expected.
• Payment would provide greater benefit than avaiable on similar investments with other firms.

Question 50

What are additional duties of FSCS?

Answer 50

• Try to make arrangements to secure continuity of insurance for LT insurance policyholders by transferring business to another insurer.
• Safeguard policyholders of insurance companies in financial difficulties.