A new frontier in the boundary between professional and private life – solicitors’ undertakings
On 11 November 2016, the Financial Conduct Authority (the “FCA”) published the template for its new financial crime report (known as “REP-CRIM”). The relevant parts of the FCA Handbook will come into force on 31 December 2016. This blog post provides some context to, and an explanation of, the new REP-CRIM requirements.
Q. What is the background to REP-CRIM?
In its business plan for 2016-17, the FCA said that one of its key priorities would be tackling financial crime and ensuring anti-money laundering compliance. The FCA recognised that the “UK financial system is a major global hub which attracts investment and activity from across the world”. However “this can also attract criminals and terrorist organisations seeking to hide the proceeds of crime among the huge volumes of legitimate business”.
In its business plan, the FCA stated its commitment to more actively supervise firms whose business models present a higher inherent risk of money laundering. Such supervision in the field of financial crime is however reliant on “ad hoc data requests” to gather information about firms’ systems and controls. The FCA does not routinely gather information from firms about financial crime, exposure to risks, or how they manage risks.
To remedy this gap, the FCA is introducing REP-CRIM requirements, as detailed in a 29 July 2016 FCA policy statement (PS16/19).
Q. How will REP-CRIM work?
The FCA will collect data through its electronic reporting system, GABRIEL. The FCA is using this system so that the data it receives will be in a standardised format, allowing for “improved consolidation, peer-group analysis and cataloguing”.
Alongside the 11 November 2016 publication of the REP-CRIM template, the FCA also published a data guide. This is meant to assist firms in completing their REP-CRIM return.
Q. When will REP-CRIM take effect?
As noted above, the requirement to complete a REP-CRIM return will take effect from 31 December 2016. The relevant parts of the FCA Handbook (see chapter 16 of the Supervision manual) will come into force on this day.
Following concern raised during a previous consultation period, the FCA has extended the time-frame to make returns from 30 days to 60 days. Firms will only be required to submit the report on a “best endeavours” basis given that this is a new regime and the rules will only be finalised during this period.
The first REP-CRIM returns for firms with a year end of 31 December will be due in March 2017.
Q. What will the data be used for?
The FCA state in PS16/19 that the data will be used to support the FCA’s financial crime supervision strategy and improve its ability to identify financial crime risks and trends as well as emerging issues. The FCA hopes to obtain better quality and more consistent comparable data, to allow the FCA to accurately risk-rate firms. This will allow the FCA to better target its specialist resources on firms that pose the highest financial crime risk - reducing the burden on lower risk firms.
Q. Who will be required to submit a REP-CRIM?
PS16/19 sets out that the new regime will apply to firms subject to the Money Laundering Regulations (“MLRs”), including:
Firms that are subject to the reporting requirement will only be required to submit a REP-CRIM for the areas of their business subject to the MLRs.
Moreover, for some institutions, a form of threshold is introduced where certain firms do not need to submit a REP-CRIM return. This threshold is calculated from all regulated and unregulated income, whether or not it comes from MLR-relevant business. These include:
General insurers (“GI”), GI intermediaries and credit unions have been removed from scope following the consultation.
The £5 million threshold will be reviewed after 3 years.
Q. Are there any requirements to list fraud-related risks?
PS16/19 notes that the FCA is seeking information on the top three most prevalent frauds and whether such are decreasing or unchanged. Firms are not obliged to provide this information. The FCA state in PS16/19 that:
“This question is designed to obtain the firm’s view on the most prevalent frauds relevant to the firm’s business and will be used by the FCA to understand whether the organisation is aware of the fraud risks identified by the broader industry”.
Q. What about high risk jurisdictions and PEPs?
PS16/19 provides clarification in relation to high risk jurisdictions and Politically Exposed Persons (“PEPs”) as well as how to deal with a group submission rather than on the basis of single authorised entity. A firm operates in a jurisdiction “where the firm has a physical presence through a legal entity or actively markets its services”. This includes those jurisdictions in which the firm has representative offices and jurisdictions into which the firm passports its services.
Information is also asked in relation to sanctions, including whether the firm uses automated systems to conduct screening against relevant sanctions lists and how many “true” sanctions were detected in the reporting period. Whether the firm conducts repeat screening for customer against sanctions list is also asked.
Q. What about staffing and representatives details?
The REP-CRIM seeks information on the number of FTE (UK staff) with financial crime roles and the percentage of which is dedicated to fraud responsibilities. Questions are also asked of the number of relationships maintained with individuals or corporates which introduce business to the firm. Additional information as to whether these relationships have been exited due for financial crime reasons is also required.
The REP-CRIM asks for the “number of SARs disclosed to the National Crime Agency (the “NCA”) within the reporting period, as at the end of the reporting period”. It also asks for the number of those SARs which saw the regulated entity seeking consent from the NCA under section 335 of the Proceeds of Crime Act 2002 (“POCA”).
In response to concerns raised in the previous consultation, the FCA confirms in PS16/19 that it does not consider that the information provided in response to the questions on the proposed return in cumulative form would be sufficiently specific to amount to ‘tipping off’ offence. It goes on “Furthermore, Part 7 of POCA sets out various circumstances in which a tipping off offence will not have been committed and one such circumstance (set out in S333D) is where the disclosure is made ‘to the authority that is the supervisory authority for that by virtue of the Money Laundering Regulations’”.
Q. What should those regulated firms subject to the new requirements be doing now?
Those firms subject to the new REP-CRIM requirements should study the template and, in particular, the data guide. Given the importance of submitting accurate information, firms should start preparing in draft form their REP-CRIM returns in preparation for the end of the financial year.
Although the question is not mandatory, perhaps the most vexing question for firms to answer will be that relating to the firm’s view of “the top three most prevalent frauds which the FCA should be aware of and whether they are increasing, decreasing or unchanged”. Any response submitted will need to be carefully considered, not least because, if completed, any answer should include details about the “suspected perpetrators”, including internal employees. Any disclosure by a firm which is atypical from its peer firms may give rise to an investigation by the FCA.
This question is therefore indicative of the new regime. The purpose of providing a REP-CRIM return through Gabriel is to allow the FCA to compute and analyse the data so as to pinpoint those firms that have issues with their financial controls. To give another example, if a firm is seen as having submitted fewer suspicious activity reports than its competitor firms, this may give rise to concerns on the part of the FCA about the firm’s approach to tackling financial crime risks. The firm is thus likely to be subject to further enquiries and, ultimately, a referral to the FCA’s Enforcement Division.
Skip to content Home About Us Insights Services Contact Accessibility