The most obvious development is that the 2007 MLR was 45 pages long and the new 2017 MLR is 106 pages long. In response to the increasing complexity of financial crime prevention and the prevalence of money laundering the regulations has become more detailed and more prescriptive.
Although always a component part of the MLR, there is a greater emphasis throughout the new regulations that firms must take a risk-based approach and responsibly take decisions according to risk-weighted decisions. It is now expected that firms have a more mature risk appetite statement that links to and drives operational decisions. Senior managers are deemed responsible for these outcomes and it is consequently important that comprehensive records are kept of decisions made and the motivation for them.
The MLR 2017 is structured in 11 Elements. The following sections summarise each of these, highlighting the main impacts that will affect an Estate Agent Businesses EABs.
Unfortunately, everyone (including us) used the final published draft as the, well, final rules, but there were 4 major changes in the final legislation laid before Parliament on the 22nd June. Additionally, a lot of professional “advisers” have got all in a fluster about the risk assessment and reporting, that many have missed the fundamentals.
Sign Up For Our Information Service & Get Sent PDFs About How You Are Affected
Check Out Our Other Posts at
Who Must Register – Money Laundering Supervision for Estate Agents
MLR 2017 – Estate Agents – How It Will Affect You? Part 2
Money Laundering Supervision for Estate Agents – Fees
Part 1 – Introduction
This component sets out the definitions and meanings that apply throughout the regulations and the supervisory authorities for those persons within the scope of the regulations.
SCOPE
The first and probably the most basic change that will impact every EAB, both large and small, is that
the scope of the MLR now extends to purchasers as well as sellers.
In the section explaining ‘Meaning of Business Relationship’, regulation 4 (3) states:
” For the purposes of these Regulations an estate agent is to be treated as entering into a business relationship with a purchaser as well with as a seller”.
This will, at least double the Customer Due Diligence (” CDD”) burden on every EAB, who must now also complete CDD before taking part in a business relationship with a purchaser. Along with the operational resource requirements, this will involve stating in the firm’s policies, when a purchaser turns into a customer and ensuring that the onboarding and periodic review methods are also updated to show this change.
The guidance on lettings is less clear; Recital 8 of the directive states that “estate agents could be understood to include letting agents where applicable”. In the UK, lettings agents are already in, and will continue to be within scope of the Money Laundering Regulations where they conduct estate agency activity and if you also provide letting services, then under the occasional transactions regulation you will need to include them on your CDD radar. The NRA stated that while lettings agents may be an attractive target for criminals seeking to disguise or hide the proceeds of crime, lettings remain an “intelligence gap”. The government will update the NRA before the end of the year, and will seek further evidence on the risks in the estate agency sector, including on the risks related to lettings activity.
GOVERNANCE AND ACCOUNTABILITY
There always needed to be a Nominated Person within an EAB, but the new regulations extend this to requiring a firm to also appoint a director (or equivalent) as having overall responsibility for money laundering. We see this as following the lead of the financial services regulators who introduced a Senior Persons and Certification Regime (SMCR) in 2016, with the intention of strengthening accountability within financial services. This new regime makes individuals within organisations directly responsible for the actions of the firm, with significant criminal penalties if they are found to have been at fault.
The new regulations also describe the rules around ownership and management restrictions of the EAB. This is found in the following section.
Part 2 – Money laundering and Terrorist Financing
This section identifies the “relevant persons” to whom the money laundering provisions in these Regulations apply (regulations 8 to 15). Regulations 16 to 25 impose requirements for risk assessments to be undertaken by the Treasury and the Home Office, the supervisory authorities and relevant persons to identify and assess the risks of money laundering and terrorist financing. They also require relevant persons to have policies, controls and procedures to mitigate and manage effectively the risks of money laundering and terrorist financing identified through the risk assessments. Regulation 26 prohibits anyone from being the beneficial owner, officer or manager of certain firms unless that person has been approved by the firm’s supervisory authority.
RISK MANAGEMENT AND ASSESSMENT
Risk assessment is central to the MLR and impacts almost every aspect of the legislation. The rules have been dramatically extended, now covering six pages instead of the one page found in the 2007 MLR. EABs are required to produce and maintain a detailed and comprehensive risk and control register. Risk management and assessment must broadly cover two perspectives:
1. Enterprise Risk identification and management for the safe pursuit of the firm’s strategy. This must be declared through a Risk Statement including a Risk Appetite statement.
2. Identification and Assessment of risks presented by customer engagement and transacting, in accordance with existing regulations and driving the appropriate level of CDD.
The regulations are so much more detailed when specifying the need for a comprehensive and integrated risk management framework and specify that this must be documented and made available to the supervisory authority. Risk and control frameworks must include self-assessment mechanisms that are embedded within the day-to-day operation of the firm.
POLICIES, CONTROLS AND PROCEDURES
As an extension to the risk management framework and a step up from the existing regulations, the rules specify that firms must establish and maintain written policies, controls and procedures. Firms must ensure that they implement processes to ensure that these are reviewed regularly to ensure that are embedded and up-to-date. The regulator will require sight of these documents along with the method for maintaining them and ensuring they remain reliable.
Firms must have established risk and control self-assessment procedures in place.
Part 3 – Customer due diligence 
This section makes provision for customer due diligence strategies. Regulations 27 to 32 identify what CDD measures must be undertaken by relevant persons, as well as when those measures must conducted. Regulations 33 to 35 identify when enhanced customer due diligence measures must be applied by the relevant person along with the general customer due diligence measures required by regulations 27 to 32. Regulations 36 to 37 identify when simplified customer due diligence measures may be applied by the relevant person.
PROVISION OF INFORMATION
Here we see a fundamental change that will have a significant impact to the way all CDD is conducted by EABs. Under MLR 2017 an obligation has been placed on a party to provide information within 2 days of it being requested. This concerns parties being ‘relied’ upon, corporate bodies and trusts. This obligation is referenced several times throughout the MLR, but for example regulation 42( 1) states:
” When a UK body corporate enters into a relevant transaction with a relevant person, or forms a business relationship with a relevant person, the body corporate must on request from the relevant person (and at the latest within two working days) provide the relevant person with-.
(1a) information identifying-.
( i) its name, registered number, registered office and principal place of business;.
( ii) its board of directors, or members of its management body;.
( iii) its senior management;.
( iv) the law to which it is subject;.
( v) its legal owners, and.
( vi) its beneficial owners, and.
(1b) its memorandum of association or other governing documents.
(2) If, during the course of a business relationship, there is any change in the identity of the individuals or information falling within paragraph (1), the UK body corporate must notify the relevant person of the change and the date on which it occurred within two working days.”.
It is difficult to see how this will operate and how enforceable it will be. However, if effective, this could greatly reduce the burden on CDD teams.
THREE-TIERED APPROACH.
A three-tiered approach to CDD still exists, with customer due diligence being the default level. The concept of both simplified and enhanced due diligence remains, but the regulation is now more prescriptive about how these may be applied. It is essential that all firms have a clear and robust risk assessment methodology that can be applied routinely to each new client before deciding what level of due diligence is appropriate.
BENEFICIAL OWNERSHIP.
Beneficial ownership, bodies, corporates or partnerships still only extends to control or ownership of 25% or more.
Regulation 26 (1) states, “No person may be the beneficial owner, officer or manager of a firm within paragraph (2) (” a relevant firm”) [a list including estate agents] unless that person has been approved as a beneficial owner, officer or manager of the firm by the supervisory authority of the firm.”.
Estate agents must ensure that before 26 June 2018 that they have applied to the supervisory authority for approval. You will not be in breach concerning this regulation if applications that have been made before 26 June 2017 have not been determined.
Taken literally, this means that all firms must submit applications to HMRC for approval of their members and senior managers. Logistically this represents a significant amount of extra work the firm, but nothing compared with the administration that HMRC will have to complete.
PEPS.
The definition of a PEP now includes domestic PEPs but the time limit from when a person ceases to be considered a PEP has not been changed and is still 12 months from leaving a politically exposed position; longer at the discretion of the firm conducting CDD. All EABs will must have significant controls and on-going tracking of any PEP relationship they establish.
Firms must have established risk and control self-assessment procedures in place.
Sign Up For Our Information Service & Get Sent PDFs About How You Are Affected
Check Out Our Other Posts at
Who Must Register – Money Laundering Supervision for Estate Agents
MLR 2017 – Estate Agents – How It Will Affect You? Part 1
MLR 2017 – Estate Agents – How It Will Affect You? Part 2
Money Laundering Supervision for Estate Agents – Fees
Part 4 – Reliance and record keeping.
This section lays out the circumstances where a relevant person may rely upon another person to apply customer due diligence measures (regulation 38). It also explains as to which records relevant persons are required to keep, and when they are to be deleted (regulation 39), and clarifies the requirements concerning data protection (regulation 40).
RELIANCE.
Reliance has been extended, making things easier to use a 3rd party for part or all CDD. The regulations are more prescriptive and significantly include other estate agents. However, it should be noted that the risks of relying on a 3rd party are generally greater than the benefits. Barriers to reliance are that 3rd parties might be slow in supplying copies of identification documentation to help identify the customer or its beneficial owner. To mitigate this, the regulations specify that a 3rd party must abide by the two-day rule for providing information and updating on changes.
Proceed with caution; it may now be easier to depend on others, but be aware that the risk of this being information being inadequate or wrong still lies with you.
The regulations describe the form of written arrangement that must be put in place when exercising reliance, together with additional record keeping requirements. Firms must ensure that when placing reliance on any 3rd party, that they comply carefully to the rules and that detailed files are kept as these may be called on for as many as five years after the completion of the transaction or business relationship. If you are the relevant person being ‘relied’ upon, you must also keep your own records for the same period.
RECORD KEEPING.
Detailed records must be kept for a minimum of five years from the date the transaction or customer relationship ended. Under the MLR 2017 an estate agent must delete records held after the required period of five years has elapsed. The only exception to this is when there may be other legal reasons for retaining the information, for instance, an ongoing investigation.
Separate to the MLR is the General Data Protection Regulation (GDPR) targeted at securing customer and personal data and ensuring that an individual has access to their data, kept by organisations. This is a separate legislation, but applies completely to EABs. It is intertwined with the MLR and comes into force in May 2018. Firms would do well to adopt its recommendations in front of the implementation date.
TRAINING.
Training is an obligatory requirement and there is an increased importance on the importance of training. The regulator sees culture being at the heart of combating financial crime and believes that it should belong to everybody’s everyday job. This begins with recognition which emerges from training. Senior managers will be incriminated for a lack of training which could bring about punitive damages. Firms must ensure that they have assessed and enhanced training to meet the new requirements in the MLR. This must be well documented and evidenced; without which there is no other way to prove it happens.
What should you do?
HM Treasury has left little time for firms to acclimatise to the new regulations and with the June deadline fast approaching, firms must act now to ensure they understand and adopt the new rules in time.
Compliance Consultant can help provide you with the tools you need to implement, train and embed the new rules, and we can move quickly, getting your firm and your people up to speed in a short space of time, including training and awareness.
Call us today on 0207 097 1434 or
Get Our Solution
Sign Up For Our Information Service & Get Sent PDFs About How You Are Affected
Check Out Our Other Posts at
Who Must Register – Money Laundering Supervision for Estate Agents
MLR 2017 – Estate Agents – How It Will Affect You? Part 2
Money Laundering Supervision for Estate Agents – Fees