AML Frequently Asked Questions

The AML FAQs have been updated in June 2021 to reflect current legislation and are available here

If you have any other queries not covered in the document please contact us.

 

Do you have any guidance on meeting client due diligence (CDD) requirements where not meeting clients face to face?

Many business and tax services are now increasingly provided through online delivery methods. It may therefore be helpful to have a reminder of how to meet CDD requirements where clients are not met face to face.

As a starting point remember that The Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 as amended (the Regulations) require a risk based approach and the assessment of risk has an impact on the level of CDD required.

Members take a variety of approaches to meeting the CDD requirements with a growing number of firms using electronic identification verification and others sticking to more traditional methods.  Guidance is set out below in relation to both and members should remember that an appropriate record of the steps taken and/or copies of the evidence obtained to identify the client should be kept.

 

 

What are my CDD options without meeting the client face to face?

A number of firms require clients to come into their office with the identification documentation in order to meet CDD requirements. Where face to face contact is not possible members might want to consider the following options:

  1. Use of Zoom, Microsoft Teams  and similar programmes video call packages enable you to interact with a client in much the same way as a physical meeting.  If a client emails you a copy of their identity documentation etc they could show you the originals during a call and of course having sight of the client as part of the Zoom video call will enable you to confirm the passport does relate to that individual. Ensure you are particularly mindful of GDPR and data protection requirements in your handling of documents emailed to you.
  2. This could be the time to explore use of electronic ID verification packages.  For further guidance on factors to consider when choosing and using electronic verification packages please see below.
  3. It is acceptable to have certified copies of client due diligence so if another professional such as a solicitor is involved with the client, they may be able to provide certified copies of CDD and email this to you. 
  4. The Post Office also provide an identity document certification service
  5. If other forms of identity verification are not possible you might want to consider asking the client to email copies of their documents and undertake additional checks such as:
    • Google searches identifying any public information about the client.
    • References or other confirmatory information from trusted professionals who have worked with the client.
    • making telephone contact with the client on a home or business number which has been verified electronically.
    • requiring the client to pay you through an account held in their own name with a UK or EU regulated credit institution or one from an equivalent jurisdiction.
  6. Ensure you are checking to make sure the client is not on the list of organisations and individuals subject to financial sanctions.  The lists can be accessed on the Treasury website or the Home Office’s Proscribed terrorist groups or organisations information 
What guidance is there on use of electronic verification?

Electronic verification can be relied on for identity verification provided the electronic process is free from fraud and provides sufficient assurance of the identity of the individual.  Therefore, those members using an appropriate electronic ID provider may find it considerably easier to meet CDD requirements in circumstances where they are unable to meet clients.  Note that use of electronic ID packages is not mandatory under the Regulations although the ATT have been aware that some of the providers have suggested this to be the case in their publicity literature.

Lists of some of the electronic id providers available can be found on our website.  When choosing an electronic verification service provider you should note the guidance included in AML Guidance for the Accountancy Sector (AMLGAS):

5.4.18 Before using any electronic service, firms should ensure they understand the basis of the systems they use and question whether the information is reliable, comprehensive and accurate. The process should be secure from fraud and misuse and capable of providing an appropriate level of assurance that the person claiming a particular identity is in fact the person with that identity, to a degree that is necessary for effectively managing and mitigating any risks of money laundering and terrorist financing. Consider the following:

  • Does the system draw on multiple sources? A single source (e.g., the electoral register) is not usually sufficient. A system that combines negative and positive data sources is generally the more robust.
  • Are the sources checked and reviewed regularly? Systems that do not update their data regularly are generally more prone to inaccuracy.
  • Are there control mechanisms to ensure data quality and reliability? Systems should have built-in data integrity checks which, ideally, are sufficiently transparent to prove their effectiveness.
  • Is the information accessible? It should be possible to either download and store search results in electronic form, or print a hardcopy that contains all the details required (name of provider, original source, date, etc.).
  • Does the system provide adequate evidence that the client is who they claim to be? Consideration should be given as to whether the evidence provided by the system has been obtained from an official source, e.g., certificate of incorporation from the official company registry.”
What about enhanced due diligence requirements?

Members are reminded that enhanced due diligence may be necessary for some clients and in these cases more due diligence is required and the member may need to use more than one of the above methods to ensure they have obtained adequate CDD.  Relevant clients include those who are Politically Exposed Persons, where there is a transaction and either of the parties is established in a high risk third country or where clients are high risk of being involved in money laundering or terrorist financing based on the high risk factors set out in the Regulations. 

There are a number of risk factors set out in the Regulations which should be considered when deciding if there is a high risk of the client being involved in money laundering or terrorist financing.  Following the changes in January 2020 this includes a  high risk factor which relates to clients not met face to face and not subject to electronic identification verification.  Enhanced due diligence may be required in these cases although the circumstances would need to be considered alongside other risk factors. Firms should make sure they are risk assessing individual clients and can explain the assessments reached. 

If supervised firms have any other queries relating to CDD or other areas of AML compliance then they should contact the Professional Standards team [email protected].