The FCA have published another ‘Dear CEO’ letter, this time on firms that provide trade finance services. As with the previous letter in June this year the recipients are not identified.
It is apparent that a more proactive strategy is being followed, the FCA are clearly communicating their expectations to the financial services industry, which is to be welcomed. However, if firms fail to take appropriate action there will be consequences.
Risk assessment is identified as the key control that needs to be effective. The FCA acknowledge that most firms have enterprise-wide risk assessments, but these are at a generic level and not sufficiently specific to address higher financial crime risk areas.
The inference is that firms will need to undertake supplementary risk assessments in higher risk areas to be able to demonstrate that they have fully assessed the risks that the firms are facing and have implemented appropriate controls to manage the risk.
As part of this assessment, client risk and transactional risk will need to be assessed with regard to the distinct risks applicable to trade finance.
There is a direction of travel from the FCA that firms need to take a more nuanced approach to due diligence within higher financial crime risk areas.
The archetypical client classification of high/medium/low will not be sufficient, additional due diligence on a risk-based approach will be required at a client level and on certain transactions.
Firms will also need to evidence what they have undertaken in respect of assessing their risks and ensure that there are documented policies and procedures.
One of the risks that is specifically mentioned in the letter is the use of dual goods. Dual use items (which may include software and technology) are items that can be used for civil and military purposes.
The term also includes all goods which have non-explosive uses or might assist in any way with the manufacture of nuclear weapons or other nuclear explosive devices. Exporting such controlled items without a licence is a criminal offence.
The requirement for firms to include the risk of Proliferation Financing is currently being proposed by H.M Treasury in a consultation document on proposed changes to the Money Laundering Regulations. It would appear that there is likely to be increased focus in this area going forward.
The role of the Money Laundering Reporting Officer (SMF17) is also highlighted. There is a clear expectation that whilst the MLRO is not responsible for the completion of the risk assessment, they are responsible for the governance, oversight and challenge.
Many of the controls and processes that are used to prevent financial crime are also used to prevent firms being defrauded.
Knowing your customer is far wider reaching that purely obtaining documentation to verify identity and ownership.
Knowing your customer is understanding the nature and purpose of their business, what products they are using, who they are trading with, what volume of transactions they undertake, what trading strategies they are using and where in the world they trade.
Monitoring, oversight and controls need to be sympathetic to these risks in order to provide an effective control environment.
The FCA expect that those firms who provide trade finance services complete a gap analysis of the issues that are raised in this letter. If firms identify that they have issues, a remediation plan should be initiated at the earliest.
If you wish to discuss any of the implications of this “Dear CEO letter” and what actions can be taken to meet the UK requirements, please contact a member of the Gracechurch Financial Crime Prevention team.
John Flynn
17 September 2021