Changes to the Anti-Money Laundering Regulations:
- Application to unregulated (including closed ended/private equity) entities - requiring implementation by 31 May 2018
- Enhancement of existing AML Regime to include a comprehensive risk-based approach
- Appointment of Anti-Money Laundering Compliance Officer ("AMLCO"); Money Laundering Reporting Officer ("MLRO") and Deputy Money Laundering Reporting Officer (Deputy MLRO") by 30 September 2018
Recent changes to the Cayman Islands anti-money laundering legislation (the "AML Regime"), adopted to ensure that it more closely aligns with the revised Financial Action Task Force ("FATF") Recommendations, have (i) extended the scope of the AML Regime to apply to unregulated investment entities that are not registered with the Cayman Islands Monetary Authority ("CIMA") including venture capital, private equity or other closed-ended investment funds, structured finance and investment related insurance entities (refer NOTE) and (ii) enhanced the existing AML procedures, including a requirement for the appointment of certain designated officers (AMLCO, MLRO and Deputy MLRO), which now apply to all entities in scope of the AML Regime (such entities termed 'financial service providers' ("FSPs")).
Notwithstanding that unregulated entities may not have previously specifically fallen within the scope of the AML Regime, international best practice has prompted most such entities to implement anti-money laundering ("AML") and combatting of terrorist financing ("CTF") checks, policies and procedures ("AML Policies"). Unregulated entities will also likely have collected information on their investors with respect to automatic exchange of information obligations under the Foreign Account Tax Compliance Act ("FATCA") and the OECD's Common Reporting Standard ("CRS") which will assist with respect to the requirements under the AML Regime.
Whilst it is not expected that the recent changes will materially affect existing AML Policies, FSPs should consider the current requirements highlighted below and update their AML Policies (including the appointment of AMLCO, MLRO and Deputy MLRO), as necessary.
The appointment of a natural person as AMLCO, MLRO and Deputy MLRO for all existing funds must be effected by 30 September 2018 (with notification for any CIMA registered funds being made to CIMA) and for new funds registering on or before 1 June 2018, on registration (for CIMA registered funds) or launch.
Otherwise, unregulated entities must be generally compliant with the AML Regime by 31 May 2018.
AML Regime Legislation
The primary legislation of the AML Regime includes:
- The Anti Money Laundering Regulations 2018 (the "AML Regulations");
- The Proceeds of Crime Law (2018 Revision) (the "PCL");
- The Terrorism Law (2018 Revision);
- The Proliferation Financing (Prohibition) (Amendment) Law (2017 Revision); and
- The Guidance Notes on the Prevention and Detection of Money Laundering and Terrorist Financing (the "Guidance Notes").
Requirements of the AML Regulations (as amended)
Taking into account the changes to the AML Regulations (but noting the Equivalent Jurisdiction provisions highlighted below where delegation occurs) and having regard to the Guidance Notes, AML Policies should now incorporate/reflect the following:
- Internal AML/CFT policies, procedures and controls, including appropriate compliance management arrangements – FSPs should develop and monitor a comprehensive AML/CTF compliance programme to comply with the applicable laws and obligations, and prevent and report on AML/CTF matters. An AMLCO who is a natural person should be appointed at management level to oversee the compliance function and such person may also be appointed as the MLRO for internal and regulatory reporting purposes. An MLRO and Deputy MLRO must also be appointed;
- Client due diligence ("CDD") – identification and verification of the FSP's applicant for business ("AFB", being the person(s) looking to form a business relationship with a FSP - i.e. primarily its investors in the case of a fund) including the AFB's beneficial owners, (being a natural person who ultimately owns/controls the AFB - including a 10% or more voting ownership); ensuring the FSP understands the business of the AFB;
- Policies and procedures reflecting a Risk Based Approach (“RBA”) – the AML Policies adopted should be commensurate with the risks identified and tailored to the business of the FSP and of its AFB(s) (including its AFB(s)' geographical location/operations);
- Sanctions checks – adequate systems to identify AML/CTF risks relating to persons, countries and activities which should include checks against all applicable sanctions and FATF non-compliant territory lists;
- Record keeping procedures – maintenance of records including with respect to the applicable RBA; internal policies and decisions as well as actual CDD documentation;
- Internal reporting procedures – written procedures to ensure staff are aware of the reporting chain/procedures and appointment of the MLRO and a Deputy MLRO to whom suspicious activity should be reported;
- Employee screening and training – screening procedures to ensure high standards when hiring employees; development and maintenance of an appropriate employee training programme;
- Audit and monitoring function – to test the AML/CFT system – commensurate with the business and risks profile of the FSP and ensure it remains appropriate for the FSP's business and its AFB profile on an ongoing basis; and
- Group-wide AML/CFT programmes – where a FSP has operation/branches in different countries it should consider the AML regimes in the applicable countries and ensure a minimum standard reflecting the AML Regime.
It is also recognised specifically in the Guidance Notes that FSPs may have AML systems and procedures in place which, whilst not identical to those outlined above and in the Guidance Notes, nevertheless impose controls and procedures which are at least equal to, if not higher than, those contained in the Guidance Notes.
Adoption/Implementation of AML Policies
There are two methods by which FSPs (including unregulated investment entities) can adopt AML Policies, either (i) by delegation to a suitable service provider (as permitted by the AML Regulations and the Guidance Notes) or (ii) by 'in-house' implementation. Whichever method is chosen, the FSP has ultimate responsibility for ensuring that the AML Regulations are complied with.
The Guidance Notes provide that where the delegate is both (i) located in a country or territory deemed to have an equivalent AML Regime to that of Cayman (an "Equivalent Jurisdiction" – including, for example, the United States, United Kingdom, United Arab Emirates, Singapore, Japan, China, Switzerland, Ireland, Hong Kong) and (ii) is actually subject to the AML Regime of that Equivalent Jurisdiction (together the "Equivalent Jurisdiction Delegation Principles"), the delegate can apply that jurisdiction's AML/CFT standards. Based on the most recent guidance notice issued by CIMA however, delegation does not remove the need for a natural person to have been appointed as AMLCO, MLRO and Deputy MLRO (although such offices could be delegated).
Where the delegate does not meet both of the requirements in the paragraph above, an AML Policy must be implemented in accordance with the AML Regime in Cayman.
If the AML function is delegated (or sub-delegated), the Guidance Notes require that:
- There is a clear understanding as to the functions to be performed by the delegate;
- Details of the scope of delegation and written evidence of the suitability of the delegate are to be made to CIMA (or the relevant Cayman supervisory authority) upon request;
- Investor information is readily available to CIMA (or the relevant Cayman supervisory authority) on request and to the Cayman Financial Reporting Authority and law enforcement in accordance with the relevant procedures; and
- The FSP (including an unregulated investment entity) satisfies itself on a regular basis as to the reliability of the delegate's systems and procedures.
Contravention of the AML Regulations is an offence punishable by a fine of up to KYD$500,000 (approximately USD$600,000) (on summary conviction) or by a fine and imprisonment for two years (on conviction on indictment). Where an entity commits an offence with the consent, assistance, or as a result of the negligence of any person in a position of power within that entity (e.g. shareholder, director, partner, manager, secretary or other similar officer of that entity or a person purporting to act in any such capacity) that person and the entity will both have committed the offence and will be liable to prosecution accordingly.
In addition, CIMA has the power to impose administrative fines in relation to breaches of certain prescribed provisions of the AML Regulations pursuant to the Monetary Authority Law (2016 Revision) and the Monetary Authority (Administrative Fines) Regulations, 2017.
SUGGESTED NEXT STEPS
All unregulated investment entities (and FSPs generally) should consider/review their AML Policies (or those of the relevant delegate) currently in place to determine if further measures are deemed necessary in order to become compliant with the AML Regime.
We would advise that whoever is responsible for AML/Compliance matters within an organisation review the AML Regime Legislation generally to consider whether existing AML Policies with the FSP are at least of the same standard as the Cayman AML Regime and a record of such review and determination is kept.
Some FSPs may need to specifically record the appointments of AMLCO, MLRO and Deputy MLRO (i.e. where these are not currently in place).
We anticipate that the Guidance Notes will be further updated during the course of 2018 to provide sector specific guidance with respect to unregulated investment entities and we will provide an update at such time – this is likely to clarify some existing areas of uncertainty with respect to the practical application of the AML Regime to such entities.
Whilst Collas Crill and Collas Crill Corporate Services Limited do not currently provide specific AML/CFT implementation/monitoring services we are also able to make introductions to third party service providers who can assist you in complying with the AML Regime.
If you would like to know more or have any questions please email Collas Crill Corporate Services at: firstname.lastname@example.org
NOTE: The AML Regulations no longer reference "relevant financial business" ("RFB") but instead infer the expanded RFB definition now located in the PCL. The expanded definition includes any entity conducting the business of "investing, administering or managing funds or money on behalf of other persons" and "underwriting and placement of life insurance and other investment related insurance in the Cayman Islands". The term "investing, administering or managing funds or money on behalf of other persons" reflects the language used in the definition of "Investment Entity" under FATCA and CRS.