During mid-2017, a thematic review was undertaken on the financial crime governance, risk and compliance frameworks of a selection of smaller firms in the trust and corporate service provider sector (“TCSP”). The Commission undertook a similar review of fund administrators in 2016 and wished to assess the differences and similarities in approach to governance, risk and compliance frameworks.
This review covered 35 firms collectively managing just over 13% of total fiduciary assets under management, with circa 5,200 business relationships. It predominantly focussed on smaller, privately owned firms with a low impact rating. Our objective in selecting this theme was:
“To understand how smaller firms in the TCSP sector had structured their governance, risk and compliance frameworks to mitigate financial crime risk.”
It was concluded that most firms understood the importance of governance, risk and compliance, which is essential in the mitigation of financial crime, being the focus of this Thematic.
Summary of some key findings are as follows:
The compliance monitoring programmes
a.the GFSC identified deficiencies in the compliance monitoring programmes in a fifth of the firms taking part in this thematic, which warranted the imposition of risk mitigation programmes by the Commission.
b. All firms surveyed had a compliance monitoring programme in place; but the GFSC said
c. it was disappointing to note that for a significant number of firms this was not appropriately tailored to the risks specific to their business.
d. This area of concern was also raised in the thematic on fund administrators.
e. A good risk-based documented compliance monitoring programme, supported by investment in training, will positively affect the firm’s control framework, mitigating risks and justifying the decisions made by the Board, resulting in a more resilient business. A ‘tick box’ approach to regulatory compliance is not considered wise.
Business Risk Assessments
the GFSC said
a.it was positive to note that overall firms had identified in their Business Risk Assessments their exposure to specific financial crime risks, in particular, fraud, tax evasion and bribery and corruption.
b.which from aggregated data the Commission holds on Suspicious Activity Reports made to Guernsey’s Financial Intelligence Unit, are the main underlying predicate offences the sector is identifying.
Client meetings
the GFSC said
a. Furthermore, an encouraging number of TCSPs were actively meeting with their clients on at least an annual basis in order to forge direct relationships. Consequently, there was little use of Reliable Introducer Relationships in the firms surveyed when compared to those surveyed in the Funds sector thematic.
b. This reflects that TCSPs have to obtain verification documents on the clients, beneficial owners and underlying principals in order to open trust and corporate accounts with other Bailiwick financial services business.
The body of this report sets out in detail both good practice and areas with scope for improvement.
1.Part A. Business Risk Management Framework
a.Identifying and Assessing Financial Crime Risks to the Firm 4
b.Risk Appetite
c.Risk Mitigation – Compliance Monitoring Programme (“CMP”)
2.Part B. Financial Crime Governance
a.Board Oversight of Financial Crime Compliance
b.Financial Crime Management Information
3.Part C. Customer Risk Management Framework
a.Customer Take-on Arrangements
b.Ongoing Monitoring of Customers
c.Transaction Monitoring
-Customer Screen
-Client Periodic Risk Reviews
-Risk Review Action Points
Loading...