7 minute read

Client onboarding

Client onboarding

Onboarding is the start of your business relationship with your client. It is essential to take anti money laundering regulations into consideration from the outset, as Richard Simms explains.

When you onboard a client, do you take anti money laundering (AML) into consideration? Many accountants I speak to have used the same onboarding process for years. They collect some information about their client, take a passport copy… and that’s it. Many are unaware that this does not constitute sufficient checks and, in fact, means they are non-compliant with AML regulations. So what should you be doing and why should you follow the regulations to the letter?

Complying with the AML regulations is a vital part of your responsibility to maintain the integrity and trustworthiness of the accounting profession. In view of this, the regulations set out specific guidelines to be adhered to by accountants and other regulated professionals. Failure to comply can also lead to severe penalties, including fines, disciplinary action and even imprisonment.

The fundamental purpose of a comprehensive onboarding process and client due diligence is to make sure you know and verify a client’s identity, their business activities (including in many cases the source of funds) and the nature and purpose of the relationship. This is so you can properly manage any money laundering, terrorist financing or proliferation financing risks.

Where do you start?

Onboarding is the start of your business relationship with your client. You’re keen to get going. But before you do, you need to know that this new client doesn’t pose you any risk – for your own sake, as well as for the safety of the wider economy. There are three key steps to how you determine that risk.

1. Identification: This is the first stage of gathering information about the identity of the client, the purpose and nature of the intended business relationship and the source of funds. In the case of companies and other organisations, you must establish the identity of who ultimately owns or controls the client (the ultimate beneficial owner).

2. Risk assessment: Next, carry out an initial risk assessment based on the information gathered. This involves evaluating the potential risks and vulnerabilities that a client may pose in terms of money laundering, terrorist financing and proliferation financing. You should consider a number of factors such as: the client’s business activities and industry; the geographic location of the client; the complexity of the client’s ownership structure; and the client’s potential exposure to high-risk jurisdictions, industries or individuals.

The outcome of this risk assessment may prompt you to gather additional information to complete stage one (identification) and will help you to adopt the risk based approach to determine the appropriate levels of client due diligence, ongoing monitoring and other steps required to mitigate any potential risks.

Once you have completed stage three (verification), you may need to update your risk assessment so please bear that in mind.

3. Verification: Evidence from an independent and authoritative source is required to verify the identity information gathered in the first stage. You need to be able to demonstrate that what you have been told is true. Knowing who the client is and demonstrating that they are who they claim to be is fundamental to AML. You must give the correct information to the National Crime Agency if the client raises suspicion or you obtain knowledge of money laundering.

Level of client due diligence

The level of client due diligence required depends on the assessed risk level of the client (the risk based approach). I would recommend that you adopt a set approach to your initial client due diligence and ensure that all staff are aware of exactly what process to follow (according to your AML policies, controls and procedures).

Where required, enhanced due diligence (for high-risk clients) should include gathering additional information and, as far as reasonably possible, examining the background and purpose of the engagement, and increasing the degree and nature of monitoring of the business amongst other measures.

The regulations discuss the option of carrying out simplified due diligence for certain very low risk clients. However, there is no explanation or definition of this process other than: ‘[T]he extent and timing may be adjusted to reflect the assessment of low risk; for example, in determining what constitutes reasonable verification measures. Ongoing monitoring for unusual or suspicious transactions is still required.’ This lack of clarity is one of the reasons I recommend a set approach for your firm’s circumstances, other than when enhanced due diligence is required in a high-risk situation.

In addition, if you have adopted simplified due diligence and then the risk status increases, full client due diligence and possibly enhanced due diligence will be required. Documenting this process in detail could be difficult. Also, it may be difficult to set out policies, controls and procedures that specify exactly when standard due diligence is required, which may lead to confusion and potential errors.

Note: You must make sure you carry out sanctions checks, as well as your other checks, against the UK’s Sanctions lists to make sure that your client isn’t subject to any economic restrictions imposed by national or international authorities.

Discrepancy reporting

The Economic Crime (Transparency and Enforcement) Act 2022 introduced changes to the regulations, particularly in the area of discrepancy reporting. Accountants are now required to report material discrepancies between the information on the Companies House register and the information they hold on their clients if they suspect that they conceal details or are linked to money laundering or terrorist financing.

A material discrepancy can include differences in information about:

● people with significant control (PSC) of a company;

● PSCs of a limited liability partnership (LLP);

● PSCs of an eligible Scottish partnership; and

● the registrable beneficial owner of an overseas entity (from 1 April 2023).

Lookout!

Accountants play a crucial role in detecting and preventing economic crime. So you must be vigilant in identifying potential concerns during the onboarding process. Unusual transactions, complex ownership structures, transactions or relationships involving highrisk jurisdictions or industries, and attempts to obscure the source or destination of funds are all examples.

By law, your firm’s policies, controls and procedures must set out what to do when a potential money laundering situation is identified or suspected. For example, you have a legal obligation to make an internal Suspicious Activity Report to your Money Laundering Reporting Officer (MLRO). The MLRO will have the expertise to assess the matter and ensure that any suspicious activities are reported to the National Crime Agency as required by the regulations.

You should exercise caution and avoid tipping off the client about a potential investigation. This can lead to serious criminal consequences for you.

How AMLCC can help

The regulations have placed significant responsibilities on the accountancy sector. As the MLRO of my own firm, I’ve seen at first hand the challenge of getting it right – which is why I created AMLCC back in 2008. My aim is to make AML compliance, risk management and education easier for regulated professionals. AMLCC contains all the tools your firm needs to conduct each step of your onboarding – and assess and manage your firm’s risk when changes occur.

To date, we have more than 15,000 users in the accountancy sector and have helped thousands of firms to pass their supervisory visits. To see how we can keep your firm compliant, visit AMLCC.com

This article is from: