• wblogo
  • wblogo
  • wblogo

SDD - where are we now?

Regulatory team, BDO, London, 24 July 2019

articleimage

BDO and the Association of Foreign Banks have collaborated to produce a report about simplified due diligence, a concept that has been under some attack from the Financial Action Task Force and the European Union of late. The fourth Money Laundering Directive has stopped firms from taking a blanket approach to SDD, but is this a truly significant change?

For years, regulated firms have conducted SDD ['due diligence,' a phrase originally from the US Securities and Exchange Act 1934, consists of checking such things as people's backgrounds and monitoring such things as transactions] on clients whom they think pose a low "money laundering risk" [i.e. they believe that the possibility that they might be facilitating money laundering is low], mainly because it is easy for them to inspect the way in which their type of legal entity works; in particular, regulated institutions and publicly listed companies. When the European Commission published its blueprint for a fourth Money Laundering Directive (4MLD) in 2015, regulated firms’ eyes were drawn to the change it proposed to make to SDD.

Nowhere in the British Money Laundering Regulations 2017 does it say that the financial sector is not allowed to continue using SDD as an effective means to on-board or monitor client relationships. In fact, Regulation 37 lists the circumstances in which relevant persons can and cannot apply it. Despite this, as the report shows, some banks have given up on it. Is this due to a misunderstanding of the purpose of the regulations? Or is it because regulated institutions are too concerned about what limited 'due diligence' might bring, the expensive wrath of the regulator and social opinion?

A survey

The Association of Foreign Banks (AFB), earlier this year, received a query from the Editorial Panel of the Joint Money Laundering Steering Group (JMLSG) regarding how regulated firms were undertaking SDD in the manner prescribed by 4MLD. The AFB subsequently sent out a four-question survey to its members to capture the latest thinking with respect to SDD processes in practice. The four questions were:

  • Are you still applying SDD to other equivalently regulated financial institutions?
  • If so, what criteria do you use in assessing whether such financial institutions pose a low money laundering/terrorist financing risk?
  • What does SDD actually look like at your firm?
  • Are there other types of client, aside from financial institutions, to which you are applying SDD?

It received 32 responses – 13 from banks in the European Economic Area and 19 from banks outside it. It invited BDO to analyse the results.

Vital statistics

More than 20% of respondents indicated that they no longer applied SDD to other equivalently regulated financial institutions. EEA banks felt less comfortable about being "simply duly diligent" than others, with many stating that they no longer did it. 34% of respondents that did still apply SDD only assessed two factors when deciding whether to do so, rather than undertaking a holistic assessment of "customer risks." Almost 90% of respondents noted "country risk" as a main consideration when they were deciding whether SDD was appropriate. More than 50% of respondents stated that the "screening" of (i.e. searching for open source data about) "politically exposed persons" or PEPs, sanctions and adverse media to do with this-or-that customer played a vital part in any decision they made to assess a customer as "low risk." 10% of respondents are not identifying the customer’s beneficial owners when applying SDD - a breach of the Money Laundering Regulations 2017

Although all respondents broadly understood that SDD represented a loosened form of "customer due diligence" or CDD [the European Union's answer to the phrase "know your customer"] rather than an exemption from it, the results showed that they differed wildly when deciding what information and/or documents to collect when doing it. The AFB takes this to suggest that the banking community is "uncertain" about the meaning of SDD.

International law and custom

The Financial Action Task Force not only imposes its famous 40 Recommendations on the jurisdictions of the world; it also issues notes in which it interprets them. One such note, for Recommendation 10 (which establishes the requirement to apply CDD) states that 4MLD removed the so-called ‘blanket exemption’ or carte blanche (previously applicable under 3MLD) whereby a bank could apply SDD to a list of types of customer drawn up by their government. Generally speaking, the list consisted of customers who were regulated entities in their own right.

4MLD, for the first time, said that firms ought to determine the level of risk posed by a customer before applying SDD and ought to write down a rationale and justification for it. Annex II of 4MLD includes a non-exhaustive list of factors and types of evidence of potentially lower risk for that purpose.

The Money Laundering Regulations

On 26th June 2017, 4MLD was enshrined in British law through the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017. Regulations 27 and 28 provide the primary reference point for when and how firms should conduct CDD. Broadly speaking, Regulation 28 states that firms can do it when:

  • identifying the customer and verifying his identity using documents and information from a reliable source which is independent of that person;
  • assessing (and, where appropriate, obtaining) information about the purpose and nature of the business relationship;
  • identifying beneficial owners and taking reasonable steps to verify their identities; and
  • various other things that help it to identify bodies corporate.

Regulation 37 concentrates on SDD, stating that: "A relevant person may apply simplified customer due diligence measures in relation to a particular business relationship or transaction if it determines that the business relationship or transaction presents a low degree of risk of money laundering and terrorist financing."

As with previous iterations of the Money Laundering Regulations, the guidelines provided by the Joint Money Laundering Steering Group (JMLSG) are there to help banks obey them. Sections 5.3.136 – 5.3.138 of these guidelines state that SDD might involve:  

  • asking the home country's central bank or relevant supervisory body for certain facts;
  • checking with another office, subsidiary, branch or correspondent bank in the same country;
  • checking with a regulated correspondent bank of the overseas institution; and
  • asking the relevant institution to provide evidence of its licence or authorisation to conduct financial and/or banking business.

Latest Comment and Analysis

Latest News

Award Winners

Most Read

More Stories

Latest Poll