Chapter 4 - Customer due diligence

4.1 General comments

Customer due diligence (CDD) is required by the Money Laundering Regulations 2007 because you can better identify suspicious transactions if you know your customer and understand the reasoning behind the instructions they give you.

Top of page

4.2 Application

You must conduct CDD on those clients who retain you for services regulated under the regulations (see Chapter 1). Chapter 1 of the Solicitors Code of Conduct 2011 is also relevant.

Top of page

4.3 CDD in general

4.3.1 When is CDD required?

Regulation 7 requires that you conduct CDD when:

• establishing a business relationship
• carrying out an occasional transaction
• you suspect money laundering or terrorist financing
• you doubt the veracity or adequacy of documents, data or information previously obtained for the purpose of CDD

The distinction between occasional transactions and long-lasting business relationships is relevant to the timing of CDD and the storage of records.

Where an occasional transaction is likely to increase in value or develop into a business relationship, consider conducting CDD early in the retainer to avoid delays later. As relationships change, firms must ensure they are compliant with the relevant standard.

There is no obligation to conduct CDD in accordance with the regulations for retainers involving non-regulated activities.

Existing business relationships before 15 December 2007

You must apply CDD measures at appropriate times to existing clients on a risk-sensitive basis. You are not required to apply CDD measures to all existing clients immediately after 15 December 2007. Where you have verified a client's identity to a previously applicable standard then, unless circumstances indicate the contrary, the risk is likely to be low. If you have existing high risk clients that you have previously identified you may consider applying the new CDD standard sooner than for low risk clients. Read more.

Top of page

4.3.2 What is CDD?

Regulation 5 says that CDD comprises:

• identifying the client and verifying their identity on the basis of documents, data or information obtained from a reliable and independent source
• identifying, where there is a beneficial owner who is not the client, the beneficial owner and taking adequate measures, on a risk-sensitive basis, to verify his identity so that you are satisfied that you know who the beneficial owner is. This includes understanding the ownership and control structure of a legal person, trust or similar arrangement.
• obtaining information on the purpose and intended nature of the business relationship.

Identification and verification

Identification of a client or a beneficial owner is simply being told or coming to know a client's identifying details, such as their name and address.

Verification is obtaining some evidence which supports this claim of identity.

A risk-based approach

Regulation 7(3) provides that you must:

• determine the required extent of customer due diligence measures on a risk-sensitive basis depending on the type of client, business relationship, product or transaction
• be able to demonstrate to your supervisory authority that you took appropriate measures in view of the risks of money laundering and terrorist financing

You cannot avoid conducting CDD, but you can use a risk-based approach to determine the extent and quality of information required and the steps to be taken to meet the requirements.

You need only obtain information on the purpose and intended nature of your client's use of your services when you are in a business relationship with them. However, it's good practice to obtain such information to ensure you fully understand instructions and closely monitor the development of each retainer, even if it is for an occasional transaction or transactions below the threshold.

Top of page

4.3.3 Methods of verification

Verification can be completed on the basis of documents, data and information which come from a reliable and independent source. This means that there are a number of ways you can verify a client's identity including:

• obtaining or viewing original documents
• conducting electronic verification
• obtaining information from other regulated persons

Independent source

You need an independent and reliable verification of your client's identity. This can include materials provided by the client, such as a passport.

Consider the cumulative weight of information you have on the client and the risk levels associated with both the client and the retainer.

You are permitted to use a wider range of sources when verifying the identity of the beneficial owner and understanding the ownership and control structure of the client. Often only the client or their representatives can provide you with such information. Apply the requirements in a risk-based manner to a level at which you are satisfied that you know who the beneficial owner is.

Documents

You should not ignore obvious forgeries, but you are not required to be an expert in forged documents.

Electronic verification

This will only confirm that someone exists, not that your client is the said person. You should consider the risk implications in respect of the particular retainer and be on the alert for information which may suggest that your client is not the person they say they are. You may mitigate risk by corroborating electronic verification with some other CDD material.

When choosing an electronic verification service provider, you should look for a provider who:

• has proof of registration with the Information Commissioner's Office to store personal data
• can link an applicant to both current and previous circumstances using a range of positive information sources
• accesses negative information sources, such as databases on identity fraud and deceased persons
• accesses a wide range of 'alert' data sources
• has transparent processes enabling you to know what checks are carried out, the results of the checks, and how much certainty they give on the identity of the subject
• allows you to capture and store the information used to verify an identity.

When using electronic verification, you are not required to obtain consent from your client, but they must be informed that this check will take place.

While we believe electronic verification can be a sufficient measure for compliance with money laundering requirements, there may be circumstances where it will not be appropriate. For example, the Council for Mortgage Lenders notes that electronic verification products may not be suitable for fraud prevention purposes, such as verifying that a person's signature is genuine.

Top of page

 4.3.4 Reliance and outsourcing

Reliance has a very specific meaning within the regulations and relates to the process under Regulation 17 where you rely on another regulated person to conduct CDD for you. You remain liable for any failure in the client being appropriately identified. Reliance does not include:

• accepting information from others to verify a client's identity when meeting your own CDD obligations
• electronic verification, which is outsourcing

You need

• the consent of the person on whom you rely for your reliance
• agreement that they will provide you with the CDD material upon request
• the identity of their supervisor for money laundering purposes. Consider checking the register of members for that supervisor, although a personal assurance of their identity may be sufficient where you have reasonable grounds to believe them.

We believe you should ask what CDD enquiries have been undertaken to ensure that they actually comply with the regulations, because you remain liable for non-compliance. This is particularly important when relying on a person outside the UK, and you should be satisfied that the CDD has been conducted to a standard compatible with the third directive (PDF, 302kb), taking into account the ability to use different sources of verification and jurisdictional specific factors. It may not always be appropriate to rely on another person to undertake your CDD checks and you should consider reliance as a risk in itself.

Top of page

Reliance in the UK

You can only rely on the following persons in the UK :

• a credit or financial institution which is an authorised person
• a consumer credit financial institution
• a person in the following professions who is supervised by a supervisory authority listed in Schedule 3 of the regulations:
  • auditor
  • insolvency practitioner
  • external accountant
  • tax adviser
  • independent legal professional
   

Reliance in an EEA state

You can only rely on the following persons in an EEA state:

• a credit or financial institution
• auditor, or EEA equivalent
• insolvency practitioner, or EEA equivalent
• external accountant
• tax adviser
• independent legal professional

if they are both:

• subject to mandatory professional registration recognised by law, and
• supervised for complying with money laundering obligations under Chapter 5, Section 2 of the third directive (PDF, 302kb).

A person will only be supervised in accordance with the third directive if the third directive has been implemented in the EEA state. You can check on the International Bar Association's website on the progress of implementation across Europe.

Top of page

You can rely on the following persons outside of the EEA:

• a credit or financial institution, or equivalent
• an auditor, or equivalent
• an insolvency practitioner, or equivalent
• an external accountant
• a tax adviser or
• an independent legal professional.

The must also satisfy all of the following conditions:

• being subject to mandatory professional registration recognised by law
• being subject to requirements equivalent to those laid down in the third directive
• being supervised for complying with money laundering obligations to a standard equivalent to that under Chapter 5, Section 2 of the third directive (PDF, 302kb).

On behalf of member states, the European Commission publish a list of countries considered to have equivalent AML/CTF systems.

• Consult the European Commission's list
• Consult the JMLSG's guidance on equivalence.
• Consult a list of national money laundering legislation around the world, and whether it applies to lawyers.

Passporting clients between jurisdictions

Many firms have branches or affiliated offices ('international offices') in other jurisdictions and will have clients who utilise the services of a number of international offices. It is not considered proportionate for a client to have to provide original identification material to each international office.

Some firms may have a central international database of CDD material on clients to which they can refer. Where this is the case you should review the CDD material to be satisfied that CDD has been completed in accordance with the third directive. If further information is required, you should ensure that it is obtained and added to the central database. Alternatively, you could ensure that the CDD approval controls for the database are sufficient to ensure that all CDD is compliant.

Other firms may wish to rely on their international office to simply provide a letter of confirmation that CDD requirements have been undertaken with respect to the client. This will amount to reliance only if the firm can be relied upon under the terms of Regulation 17 and the CDD is completed in accordance with that regulation.

Finally, firms without a central database may wish to undertake their own CDD measures with respect to the client, but ask their international office to supply copies of the verification material, rather than the client themselves. This will not be reliance, but outsourcing.

It is important to remember that one of your international offices may be acting for a client who is not a PEP in that country, but will be when they are utilising the services of your office. As such, you will need to have in place a process for checking whether a person passported into your office is a PEP and, if so, undertake appropriate enhanced due diligence measures.

UK-based fee earners will have to undertake their own ongoing monitoring of the retainer, even if the international office is also required to do so.

Top of page

4.3.5 Timing

Regulation 9 requires you to verify your client's identity and that of any beneficial owner, before you establish a business relationship or carry out an occasional transaction.

Regulation 11 provides that if you are unable to complete CDD in time, you cannot:

• carry out a transaction with or for the client through a bank account
• establish a business relationship or carry out an occasional transaction

You must also:

• terminate any existing business relationship
• consider making a disclosure to SOCA

Evidence of identity is not required if a one-off transaction involves less than €15,000 or if two or more linked transactions involve less than €15,000 in total. This exception does not apply if there is any suspicion of money laundering or terrorist financing.

Top of page

Exceptions to the timing requirement

There are several exceptions to the timing requirement and the prohibition on acting for the client.

However, you should consider why there is a delay in completing CDD, and whether this of itself gives rise to a suspicion which should be disclosed to SOCA.

Normal conduct of business

Regulation 9(3) provides that verification may be completed during the establishment of a business relationship, (not an occasional transaction), where:

• it is necessary not to interrupt the normal conduct of business, and
• there is little risk of money laundering or terrorist financing occurring

You must complete verification as soon as practicable after the initial contact.

Consider your risk profile when assessing which work can be undertaken on a retainer prior to verification being completed.

Do not permit funds or property to be transferred or final agreements to be signed before completion of full verification.

If you are unable to conduct full verification of the client and beneficial owners, then the prohibition in Regulation 11 will apply.

Ascertaining legal position

Regulation 11(2) provides that the prohibition in 11(1) does not apply where:

'A lawyer or other professional adviser is in the course of ascertaining the legal position for their client or performing their task of defending or representing their client in, or concerning legal proceedings, including advice on instituting or avoiding proceedings.'

The requirement to cease acting and consider making a report to SOCA when you cannot complete CDD, does not apply when you are providing legal advice or preparing for or engaging in litigation or alternative dispute resolution.

This exception does not apply to transactional work, so take a cautious approach to the distinction between advice and litigation work, and transactional work.

Top of page

4.4 Ongoing monitoring

Regulation 8 requires that you conduct ongoing monitoring of a business relationship on a risk-sensitive and appropriate basis. Ongoing monitoring is defined as:

• scrutiny of transactions undertaken throughout the course of the relationship, (including where necessary, the source of funds), to ensure that the transactions are consistent with your knowledge of the client, their business and the risk profile.
• keeping the documents, data or information obtained for the purpose of applying CDD up-to-date. You must also be aware of obligations to keep clients' personal data updated under the Data Protection Act.

You are not required to:

• conduct the whole CDD process again every few years
• conduct random audits of files
• suspend or terminate a business relationship until you have updated data, information or documents, as long as you are still satisfied you know who your client is, and keep under review any request for further verification material or processes to get that material
• use sophisticated computer analysis packages to review each new retainer for anomalies

Ongoing monitoring will normally be conducted by fee earners handling the retainer, and involves staying alert to suspicious circumstances which may suggest money laundering, terrorist financing, or the provision of false CDD material.

For example, you may have acted for a client in preparing a will and purchasing a modest family home. They may then instruct you in the purchase of a holiday home, the value of which appears to be outside the means of the client's financial situation as you had previously been advised in earlier retainers. While you may be satisfied that you still know the identity of your client, as a part of your ongoing monitoring obligations it would be appropriate in such a case to ask about the source of the funds for this purchase. Depending on your client's willingness to provide you with such information and the answer they provide, you will need to consider whether you are satisfied with that response, want further proof of the source of the funds, or need to discuss making a disclosure to SOCA with your nominated officer.

To ensure that CDD material is kept up-to-date, you should consider reviewing it:

• when taking new instructions from a client, particularly if there has been a gap of over three years between instructions
• when you receive information of a change in identity details

Relevant issues may include:

• the risk profile of the client and the specific retainer
• whether you hold material on transactional files which would confirm changes in identity
• whether electronic verification may help you find out if your clients' identity details have changed, or to verify any changes

Top of page

4.5 Records

You are required to keep records of your CDD material.

Top of page

4.6 CDD on clients

Your firm will need to make its own assessments as to what evidence is appropriate to verify the identity of your clients. We outline a number of sources which may help you make that assessment.

4.6.1 Natural persons

A natural person's identity comprises a number of aspects, including their name, current and past addresses, date of birth, place of birth, physical appearance, employment and financial history, and family circumstances.

Evidence of identity can include:

• identity documents such as passports and photocard driving licences
• other forms of confirmation, including assurances from persons within the regulated sector or those in your firm who have dealt with the person for some time.

In most cases of face to face verification, producing a valid passport or photocard identification should enable most clients to meet the AML/CTF identification requirements.

It is considered good practice to have either:

• one government document which verifies either name and address or name and date of birth
• a government document which verifies the client's full name and another supporting document which verifies their name and either their address or date of birth.

Where it is not possible to obtain such documents, consider the reliability of other sources and the risks associated with the client and the retainer. Electronic verification may be sufficient verification on its own as long as the service provider uses multiple sources of data in the verification process.

Where you are reasonably satisfied that an individual is nationally or internationally known, a record of identification may include a file note of your satisfaction about identity, usually including an address.

Top of page

UK residents

The following sources may be useful for verification of UK-based clients:

• current signed passport
• birth certificate
• current photocard driver's licence
• current EEA member state identity card
• current identity card issued by the Electoral Office for Northern Ireland
• residence permit issued by the Home Office
• firearms certificate or shotgun licence
• photographic registration cards for self-employed individuals and partnerships in the construction industry
• benefit book or original notification letter from the DWP confirming the right to benefits
• council tax bill
• utility bill or statement, or a certificate from a utilities supplier confirming an arrangement to pay services on pre-payment terms
• a cheque or electronic transfer drawn on an account in the name of the client with a credit or financial institution regulated for the purposes of money laundering
• bank, building society or credit union statement or passbook containing current address
• entry in a local or national telephone directory confirming name and address
• confirmation from an electoral register that a person of that name lives at that address
• a recent original mortgage statement from a recognised lender
• solicitor's letter confirming recent house purchase or land registry confirmation of address
• local council or housing association rent card or tenancy agreement
• HMRC self-assessment statement or tax demand
• house or motor insurance certificate
• record of any home visit made
• statement from a member of the firm or other person in the regulated sector who has known the client for a number of years attesting to their identity - bear in mind you may be unable to contact this person to give an assurance supporting that statement at a later date

Top of page

Persons not resident in the UK

Where you meet the client you are likely to be able to see the person's passport or national identity card. If you have concerns that the identity document might not be genuine, contact the relevant embassy or consulate.

The client's address may be obtained from:

• an official overseas source
• a reputable directory
• a person regulated for money laundering purposes in the country where the person is resident who confirms that the client is known to them and lives or works at the overseas address given

If documents are in a foreign language you must take appropriate steps to be reasonably satisfied that the documents in fact provide evidence of the client's identity.

Where you do not meet the client, the Regulations state that you must undertake enhanced due diligence measures.

Top of page

Clients unable to produce standard documentation

Sometimes clients are unable to provide standard verification documents. The purpose of the regulations is not to deny people access to legal services for legitimate transactions, but to mitigate the risk of legal services being used for the purposes of money laundering. You should consider whether the inability to provide you with standard verification is consistent with the client's profile and circumstances or whether it might make you suspicious that money laundering or terrorist financing is occurring.

Where you decide that a client has a good reason for not meeting the standard verification requirements, you may accept a letter from an appropriate person who knows the individual and can verify the client's identity.

For example:

• Clients in care homes might be able to provide a letter from the manager.
• Clients without a permanent residence might be able to provide a letter from a householder named on a current council tax bill or a hostel manager, confirming temporary residence.
• A refugee might be able to provide a letter from the Home Office confirming refugee status and granting permission to work, or a Home Office travel document for refugees.
• An asylum seeker might be able to provide their registration card and any other identity documentation they hold, or a letter of assurance as to identity from a community member such as a priest, GP, or local councillor who has knowledge of the client.
• A student or minor might be able to provide a birth certificate and confirmation of their parent's address or confirmation of address from the register of the school or higher education institution.
• A person with mental health problems or mental incapacity might know medical workers, hostel staff, social workers, deputies or guardians appointed by the court who can locate identification documents or confirm the client's identity.

Professionals

Where other professionals use your services, you may consult their professional directory to confirm the person's name and business address. It will not be necessary to then confirm the person's home address. You may consult directories for foreign professionals, if you are satisfied it is a valid directory, eg one produced and maintained by their professional body, and you can either translate the information, or understand it already.

Top of page

4.6.2 Partnerships, limited partnerships and UK LLPs

A partnership is not a separate legal entity, so you must obtain information on the constituent individuals.

Where partnerships or unincorporated businesses are:

• well-known, reputable organisations
• with long histories in their industries, and
• with substantial public information about them, their principals, and controllers

the following information should be sufficient:

• name
• registered address, if any
• trading address
• nature of business

Other partnerships and unincorporated businesses which are small and have few partners should be treated as private individuals. Where the numbers are larger, they should be treated as private companies.

Where a partnership is made up of regulated professionals, it will be sufficient to confirm the firm's existence and the trading address from a reputable professional directory or search facility with the relevant professional body. Otherwise you should obtain evidence on the identity of at least the partner instructing you and one other partner, and evidence of the firm's trading address.

For a UK LLP, obtain information in accordance with the requirements for companies as outlined below.

Top of page

4.6.3 Companies

A company is a legal entity in its own right, but conducts its business through representatives. So you must identify and verify the existence of the company. You should consider whether the person instructing you on behalf of the company has the authority to do so

A company's identity comprises its constitution, its business and its legal ownership structure. The key identification particulars are the company's name and its business address, although the registration number and names of directors may also be relevant identification particulars.

Where a company is a well-known household name, you may consider that the level of money laundering and terrorist financing risks are low and apply CDD measures in a manner which is proportionate to that risk.

Where you commence acting for a subsidiary of an existing client, you may have reference to the CDD file for your existing client for verification of details for the subsidiary, provided that the existing client has been identified to the standards of the 2007 regulations.

You will also need to consider the identity of beneficial owners where simplified diligence does not apply.

Top of page

Public companies listed in the UK

Where a company is either:

• listed and its securities are admitted to trading on a regulated market, or
• a majority-owned and consolidated subsidiary of such a company

simplified due diligence applies.

For a listed company, this evidence may simply be confirmation of the company's listing on the regulated market. Such evidence may be:

• a copy of the dated page of the website of the relevant stock exchange showing the listing
• a photocopy of the listing in a reputable daily newspaper
• information from a reputable electronic verification service provider or online registry

For a subsidiary of a listed company you will also require evidence of the parent/subsidiary relationship. Such evidence may be:

• the subsidiary's last filed annual return
• a note in the parent's or subsidiary's last audited accounts
• information from a reputable electronic verification service provider or online registry

The regulated market in the UK is the London Stock Exchange. AIM is not considered a regulated market within the UK , but under the risk-based approach you may feel that the due diligence process for listing on AIM gives you equivalent comfort as to the identity of the company under consideration.

Where further CDD is required for a listed company (ie when it is not on a regulated market) obtain relevant particulars of the company's identity.

Verification sources may include:

• a search of the relevant company registry (such as Companies House)
• a copy of the company's certificate of incorporation
• information from a reputable electronic verification service provider

You are still required to conduct ongoing monitoring of the business relationship with a publicly-listed company to enable you to spot suspicious activity.

Top of page

Private and unlisted companies in the UK

Private companies are generally subject to a lower level of public disclosure than public companies. In general however, the structure, ownership, purposes and activities of many private companies will be clear and understandable.

The standard identifiers for private companies are:

• full name
• business / registered address
• names of two directors, or equivalent
• nature of business

Other sources for verifying corporate identification may include:

• certificate of incorporation
• details from the relevant company registry, confirming details of the company and of the director, including the director's address
• filed audited accounts
• information from a reputable electronic verification service provider

Top of page

Public overseas companies

Simplified due diligence applies when:

• a company or its subsidiary is listed on a regulated market subject to specified disclosure obligations

Specified disclosure obligations are disclosure requirements consistent with specified articles of:

• The Prospectus Directive [2003/71/EC]
• The Transparency Obligations directive [2004/109/EC]
• The Market Abuse directive [2003/6/EC]

If a regulated market is located within the EEA, under a risk-based approach you may wish to simply record the steps taken to ascertain the status of the market. Consider a similar approach for non-EEA markets that subject companies to disclosure obligations which are contained in international standards equivalent to specified disclosure obligations in the EU.

On behalf of member states, the European Commission publish a list of countries considered to have equivalent AML/CTF systems.

• Consult the European Commission's list
• Consult the JMLSG's guidance on equivalence.
• Consult a list of national money laundering legislation around the world, and whether it applies to lawyers.

Evidence of the company's listed status should be obtained in a manner similar to that for UK public companies. Companies whose listing does not fall within the above requirements should be identified in accordance with the provisions for private companies

Top of page

Private and unlisted overseas companies

Obtaining CDD material for these companies can be difficult, particularly regarding beneficial ownership.

You should apply the risk-based approach, looking at the risk of the client generally, the risk of the retainer and the risks presented as a result of the country in which the client is incorporated. Money laundering risks are likely to be lower where the company is incorporated or operating in an EEA state or a country which is a member of FATF.

The company's identity is established in the same way as for UK private and unlisted companies.

Where you are not obtaining original documentation, you may want to consider on a risk-sensitive basis having the documents certified by a person in the regulated sector or another professional whose identity can be checked by reference to a professional directory.

Top of page

4.6.4 Other arrangements or bodies

Trusts

A trust is not a separate legal entity. Your client may be the settlor, the trustee(s) or occasionally the beneficiaries.

UK common law trusts are used extensively in everyday situations and often pose limited risk. They can become more risky if:

• the client requests a trust be used when there seems to be little reason to do so
• the trust is established in a jurisdiction which has limited AML/CTF regulation

In a higher risk situation you should consider either conducting further CDD or enhanced monitoring. This could include:

• conducting CDD on all the trustees, or on the settlor even after the creation of the trust
• asking about the purpose of the trust and the source of the funds used to create it
• obtaining the trust deed or searching an appropriate register maintained in the country of establishment

Your client, whether they are the trustee(s), settlor or beneficiaries, must be identified in accordance with their relevant category, (ie natural person, company etc). Where you are acting for more than one trustee it is preferable that you verify the identity of at least two of the trustees. Where the trustee is another regulated person, you may rely on their listing with their supervisory body.

You must consider beneficial ownership issues where you are acting for the trustee(s).

Top of page

Foundations

A foundation is the civil law equivalent to a common law trust and operates in many EEA countries. You should understand why your client is using a solicitor outside of the jurisdiction of establishment, and the statutory requirements for the establishment of the foundation. Then obtain similar information as you would for a trust.

Where the foundation's founder is anonymous, you may consider whether any intermediary or agent is regulated for AML/CTF and whether they can provide assurances that verify the identity of relevant persons involved with the foundation.

Foundations can also be a loose term for charitable institutions in the UK and the USA - where that is the case they must be verified in accordance with the procedures for verifying charities set out below.

Top of page

Charities

Charities may take a number of forms. In the UK, you may come across five types of charities:

• small
• registered
• unregistered
• excepted, such as churches
• exempt, such as museums and universities

For registered charities, you should take a record of their full name, registration number and place of business. Details of registered charities can be obtained from:

• the Charity Commission of England and Wales at www.charity-commission.gov.uk
• the Office of the Scottish Charity Regulator at www.oscr.org.uk

Other countries may also have charity regulators which maintain a list of registered charities. You may consider it appropriate to refer to these when verifying the identity of an overseas charity. Currently in Northern Ireland there is no regulator for charities.

For all other types of charities you should consider the business structure of the charity and apply the relevant CDD measures for that business structure. You can also generally get confirmation of their charitable status from HMRC. Further, in applying the risk-based approach to charities it is worth considering whether it is a well-known entity or not. The more obscure the charity, the more likely you are to want to view the constitutional documents of the charity.

Due to the increased interest in some charities and not-for-profit organisations from terrorist organisations you may want to also consult the HM Treasury's consolidated list of persons designated as being subject to financial restrictions to ensure the charity is not a designated person.

Top of page

Deceased persons' estates

When acting for the executor(s) or administrators of an estate, you should establish their identity using the procedures for natural persons or companies set out above. When acting for more than one executor or administrator, it is preferable to verify the identity of at least two of them. You should consider getting copies of the death certificate, grant of probate or letters of administration.

During the administration of the estate, Regulation 6(8) provides that the beneficial owner is:

• the executor, original or by representation, or
• the administrator for the time being of a deceased person

This definition is wide enough to cover you when you deal with foreign deceased estates that are in the course of administration.

If a will trust is created, and the trustees are different from the executors, the procedures in relation to trusts will need to be followed when the will trust comes into operation.

Top of page

Churches and places of worship

Places of worship may either register as a charity or can apply for registration as a certified building of worship from the General Register Office (GRO) which will issue a certificate. Further, their charitable tax status will be registered with HMRC. As such, identification details with respect to the church or place of worship may be verified:

• as for a charity
• through the headquarters or regional organisation of the denomination or religion

For UK charities, identification details may be verified:

• with reference to the GRO certificate
• through an enquiry to HMRC

Schools and colleges

Schools and colleges may be a registered charity, a private company, an unincorporated association or a government entity and should be verified in accordance with the relevant category.

The Department of Education and Skills maintains lists of approved educational facilities which may assist in verifying the existence of the school or college.

Top of page

Clubs and associations

Many of these bear a low money laundering risk, but this depends on the scope of their purposes, activities and geographical spread.

The following information may be relevant to the identity of the club or association:

• full name
• legal status
• purpose
• any registered address
• names of all office holders

Documents which may verify the existence of the club or association include:

• any articles of association or constitutions
• statement from a bank, building society or credit union
• recent audited accounts
• financial statements presented to the annual general meeting
• listing in a local or national telephone directory

Top of page

Regulation 13 (7)(c) provides that simplified due diligence is permitted where:

'A pension, superannuation or similar scheme which provides retirement benefits to employees, where contributions are made by an employer or by way of deduction from an employee's wages and the scheme rules do not permit the assignment of a member's interest under the scheme (other than an assignment permitted by section 44 of the Welfare Reform and Pensions Act 1999 (disapplication of restrictions on alienation) or section 91(5)(a) of the Pensions Act 1995 (inalienability of occupational pension)).'

So you only need evidence that the product is such a scheme and so qualifies for simplified due diligence. Such evidence may include:

• a copy of a page showing the name of the scheme from the most recent definitive deed
• a consolidating deed for the scheme, plus any amending deed subsequent to that date.

Pension funds or superannuation schemes outside the above definition should be subject to CDD according to their specific business structure.

For information on how to conduct CDD on other funds please see the Joint Money Laundering Steering Group's guidance.

Top of page

4.6.5 Government agencies and councils

The money laundering and terrorist financing risks associated with public authorities varies significantly depending on the nature of the retainer and the home jurisdiction of the public authority. It may be simple to establish that the entity exists, but where there is a heightened risk of corruption or misappropriation of government monies, greater monitoring of retainers should be considered.

The following information may be relevant when establishing a public sector entity's identity:

• full name of the entity
• nature and status of the entity
• address of the entity
• name of the home state authority
• name of the directors or equivalent

Simplified due diligence applies to UK public authorities and to some non-UK public authorities. See 4.8.2.

Where simplified due diligence does not apply, you may get information verifying the existence of the public sector from :

• official government websites
• a listing in a national or local telephone directory

Top of page

4.7 CDD on a beneficial owner

4.7.1 General comments

When conducting CDD on a client, you will need to identify any beneficial owners within the meaning of regulation 6 of the Regulations. Note that this definition goes beyond the traditional understanding of the meaning of a beneficial owner.

To identify the beneficial owner, obtain at least their name and record any other identifying details which are readily available. You may decide to use records that are publicly available, ask your client for the relevant information or use other sources.

To assess which identity verification measures are needed, consider the client's risk profile, any business structures involved and the proposed transaction.

The key is to understand the ownership and control structure of the client. A prudent approach is best, monitoring changes in instructions, or transactions which suggest that someone is trying to undertake or manipulate a retainer for criminal ends. Simply ticking boxes is unlikely to satisfy the risk-based approach.

Appropriate verification measures may include:

• a certificate from your client confirming the identity of the beneficial owner
• a copy of the trust deed, partnership agreement or other such document
• shareholder details from an online registry
• the passport of, or electronic verification on, the individual
• other reliable, publicly available information

Top of page

4.7.2 Assessing the risk

Issues you may consider when assessing the risk of a particular case include:

• why your client is acting on behalf of someone else
• how well you know your client
• whether your client is a regulated person
• the type of business structure involved in the transaction
• where the business structure is based
• the AML/CTF requirements in the jurisdiction where it is based
• why this business structure is being used in this transaction
• how soon property or funds will be provided to the beneficial owner

Only in rare cases will you need to verify a beneficial owner to the same level that you would a client.

When conducting CDD on beneficial owners within a corporate entity or arrangement, you must:

• understand the ownership and control structure of the client as required by Regulation 5(b)
• identify the specific individuals listed in Regulation 6

The level of understanding required depends on the complexity of the structure and the risks associated with the transaction. For example, it may be sufficient to review the trust deed or partnership arrangement and discuss the issue with your client. In the case of a company, you may obtain a company structure chart from your client directly, their website or their annual reports.

It is vital to understand in what capacity your client is instructing you to ensure that you are identifying the correct beneficial owners.

If for example you are acting for Bank A, which is a corporate entity, to purchase new premises for Bank A, then it would be the shareholders and controllers of Bank A who are the beneficial owners. However, if Bank A is a trustee for XYZ Trust and they have instructed you to sell trust property, then Bank A is instructing you on behalf of the arrangement which is XYZ Trust in their capacity as trustee. The beneficial owners in that transaction will be those with specified interests in and/or control of the XYZ Trust.

Top of page

4.7.3 Agency

Regulation 6(9) says a beneficial owner generally means any individual who ultimately owns or controls the client or on whose behalf a transaction or activity is being conducted.

In these cases, it is presumed the client is himself the beneficial owner, unless the features of the transaction indicate they are acting on someone else's behalf. So you do not have to proactively search for beneficial owners, but to make enquiries when it appears the client is not the beneficial owner.

Situations where a natural person may be acting on behalf of someone else include:

• exercising a power of attorney. The document granting power of attorney may be sufficient to verify the beneficial owner's identity.
• acting as the deputy, administrator or insolvency practitioner. Appointment documents may be sufficient to verify the beneficial owner's identity.
• an appointed broker or other agent to conduct a transaction. A signed letter of appointment may be sufficient to verify the beneficial owner's identity.

You should be alert to the possibility that purported agency relationships are actually being utilised to facilitate a fraud. Understanding the reason for the agency, rather than simply accepting documentary evidence of such at face value, will assist to mitigate this risk. Where a client or retainer is higher risk, you may want to obtain further verification of the beneficial owner's identity in line with the suggested CDD methods to be applied to natural persons.

Top of page

4.7.4 Companies

Regulation 6(1) defines the beneficial owner of a body corporate as meaning:

Any individual who:

• as respects any body other than a company whose securities are listed on a regulated market, ultimately owns or controls (whether through direct or indirect ownership or control, including through bearer share holdings) more than 25 per cent of the shares or voting rights in the body, or
• as respects any body corporate, otherwise exercises control over the management of the body

This regulation does not apply to a company listed on a regulated market. It does apply to UK limited liability partnerships.

Shareholdings

You should make reasonable and proportionate enquiries to establish whether beneficial owners exist and, where relevant as determined by your risk analysis, verify their identity. These may include:

• getting assurances from the client on the existence and identity of relevant beneficial owners
• getting assurances from other regulated persons more closely involved with the client, particularly in other jurisdictions, on the existence and identity of relevant beneficial owners
• conducting searches on the relevant online registry
• obtaining information from a reputable electronic verification service

Where the holder of the requisite level of shareholding of a company is another company, apply the risk-based approach when deciding whether further enquiries should be undertaken.

A proportionate approach

It would be disproportionate to conduct independent searches across multiple entities at multiple layers of a corporate chain to see if, by accumulating very small interests in different entities, a person finally achieves more than a 25 per cent interest in the client corporate entity. You must simply be satisfied that you have an overall understanding of the ownership and control structure of the client company.

Voting rights are only those which are currently exercisable and attributed to the company's issued equity share capital.

Companies with capital in the form of bearer shares

These pose a higher laundering risk as it is often difficult to identify beneficial owners and such companies are often incorporated in jurisdictions with lower AML/CTF regulations. You should adopt procedures to establish the identities of the holders and material beneficial owners of such shares and ensure you are notified whenever there is a change of holder and/or beneficial owner. This may be achieved by:

• requiring that the shares be held by a regulated person
• getting an assurance that either such a regulated person or the holder of the shares will notify you of any change of records relating to the shares

Control

A corporate entity can also be subject to control by persons other than shareholders. Such control may rest with those who have power to manage funds or transactions without requiring specific authority to do so, and who would be in a position to override internal procedures and control mechanisms.

You should remain alert to anyone with such powers while you are obtaining a general understanding of the ownership and control structure of the corporate entity. Further enquiries are not likely to be necessary. Monitor situations within the retainer where control structures appear to be bypassed and make further enquiries at that time.

Top of page

4.7.5 Partnerships

Regulation 6(2) provides that in the case of a partnership (but not a limited liability partnership) the following individuals are beneficial owners:

• any individual ultimately entitled to or who controls, (whether directly or indirectly), more than 25 per cent of the capital or profits of the partnership or more than 25 per cent of the voting rights in the partnership, or
• any individual who otherwise exercises control over the management of the partnership

Relevant points to consider when applying this Regulation:

• the property of the entity includes its capital and its profits

• control involves the ability to manage the use of funds or transactions outside of the normal management structure and control mechanisms

You should make reasonable and proportionate enquiries to establish whether beneficial owners exist and, where relevant, verify their identity in a risk-based manner.

Enquiries and verification may be undertaken by:

• receiving assurances from the client on the existence and identity of relevant beneficial owners
• receiving assurance from other regulated persons more closely involved with the client, particularly in other jurisdictions, on the existence and identity of relevant beneficial owners
• reviewing the documentation setting up the partnership such as the partnership agreement or any other profit-sharing agreements

Top of page

4.7.6 Trusts

Regulation 6(3) sets out three types of beneficial owners of a trust:

• Part A: individual with specified interest – those with at least a 25 per cent specified interest in trust capital
• Part B: class of persons to benefit – those in whose main interest the trust operates
• Part C: individuals who control a trust

You must identify persons within all relevant categories.

Non-individual beneficiaries

While generally the beneficiaries of a trust will be individuals, they may at times be a company, an entity or an arrangement, such as a charity.

Regulation 6(5) says you will have to apply Regulation 6(1) to a beneficiary company to determine their beneficial owners. This means that:

You should consider for all companies whether anyone exercises control over the beneficiary company outside of the normal management structures. Identify them as a beneficial owner of the client trust. You may ask the client if they are aware of any such person, as this information would not be on a publicly available register and it will generally not be proportionate for you to have direct dealings with the beneficiary company.

• Where the beneficiary company is a private or unlisted company, you should consider whether they have shareholders with more than a 25 per cent interest in the beneficiary company. This can be done by a simple search on Companies House or equivalent online registry.
• If you locate such a shareholder, you should note their identity as a beneficial owner of the client trust. You will have already verified the identity through the company register check. Where there is a tiered structure, eg where, through its shareholding in a such shareholder, another company has more than a 25 per cent interest in the beneficiary company enquire of the client why there is a tiered structure in use and make a risk-based decision, considering the risk of the client generally and the whole retainer, as to whether:
  • further identity enquiries are required
  • you simply identify the second company as the beneficial owner of the client trust and then conduct closer monitoring of any transactions
  • you have a suspicion warranting a disclosure to SOCA, and consider withdrawing from the retainer
   

The further you look for beneficial owners within beneficial owners the smaller the interest and the harder it is to exercise control. Therefore the risk of laundering or terrorist financing is lower. Consider this when setting proportionate CDD.

If you do not find an individual within either of the above categories, then simply list the beneficiary company as the beneficial owner of the client trust.

Regulation 6(5)(a) does not apply to beneficiaries that are non-corporate entities or another trust. You should still identify them as a beneficial owner of the client trust and consider whether you need to know more about them.

Individual with specified interest (Part A)

A person has a specified interest if they have a vested interest of the requisite level in possession or remainder or reversion, defeasible or indefeasible.

Vested interest

This is an interest not subject to any conditions precedent. It is held by the beneficiary completely and inalienably, even if it is still under the control of the trustees at that time.

Contingent interest

This interest is subject to the satisfaction of one or more conditions precedent, such as attaining a specified age or surviving a specified person. Failure to satisfy all conditions precedent results in the failure of the interest.

Interest in possession

This interest is the right to enjoy the use or possession of the fund and under the regulations relates solely to an interest in the capital of the fund.

Interest in remainder

This is the beneficiary's right to the capital of the fund which is postponed to one or more prior interests in possession in the income of the fund.

Interest in reversion

This is the right of the settlor to receive any part of the fund at the end of the trust. It occurs in cases including when the trust fails because all of the beneficiaries die or a life interest terminates and there are no remainder beneficiaries.

Defeasible interest

An interest is defeasible if it can be terminated in whole or in part, without the consent of the beneficiary, by the happening of an event, such as the failure of a condition subsequent or the exercise by the trustees of a power to terminate or vary the interest.

Indefeasible interest

An interest is indefeasible if it cannot be terminated in whole or in part without the consent of the beneficiary by the happening of any event.

Defeasible and indefeasible interests are included, so that you consider the beneficiaries who are going to get the property as at the time you are instructed, and conduct CDD on them.

Top of page

Class of persons to benefit (Part B)

Part B of the definition in Regulation 6(3) covers any trust that includes persons who do not fit within Part A. Within Part B, you must identify the class of persons in whose main interest the trust operates. All discretionary trusts will fall within Part B.

Note: If a trust has one or more persons who are individuals with a 25 per cent specified interest, as well as other beneficiaries, identify the individuals who fit within the first part of the definition, then consider the rest of the beneficiaries as a class under Part B.

Identification of a class is by description, such as:

• the grandchildren of X
• charity Y
• pension holders and their dependents

When considering in whose main interest a trust is set up or operates, and there are several classes of beneficiary, consider which class is most likely to receive most of the trust property. For example:

• Where a trust is for the issue of X, then the class is the issue of X as there is only one class.
• Where a trust is for the children of X, if they all die, for the grandchildren of X and if they all die, for charity Y, then the class is likely to be the children of X as it is unlikely that they will all die before the funds are disbursed.
• Where a discretionary trust allows for payments to the widow, the children, their spouses and civil partners, the grandchildren, and their spouses and civil partners, then all interests are equal and all classes will need to be identified.

Where in doubt about which class has the main interest, you should identify all classes.

Note: Interests in parts of the trust property can change significantly between retainers, particularly with discretionary trusts. So it is good practice to obtain an update on any changes from the trustees with each set of new retainers your firm receives in relation to a discretionary trust.

Top of page

Control of the trust (Part C)

Control is defined as a power, either:

• exercisable alone
• jointly with another person
• with the consent of another person

under the trust instrument or by law to either:

• dispose of, advance, lend, invest, pay or apply trust property
• vary the trusts
• add or remove a person as a beneficiary or to a class of beneficiaries
• appoint or remove trustees
• direct, withhold consent to or veto the exercise of a power such as is mentioned in the options above

The definition of control can include beneficiaries acting collectively where they have the power to take or to direct action.

Regulation 6(5)(b) specifically excludes from the definition of control:

• the power exercisable collectively at common law to vary or extinguish a trust by all of the beneficiaries – see Saunders v Vautier [1841] EWHC Ch J82 .
• the power of members of a pension fund to influence the investment of the fund's assets
• the power to consent to advancement implied to a person with a life interest under section 32(1)(c) of the Trustee Act 1925
• the powers of beneficiaries to require the appointment or retirement of trustees under Trusts of Land and Appointment of Trustees Act 1996.

Top of page

Identifying trust beneficial owners in practice

You are only required to make reasonable and proportionate enquiries to establish whether beneficial owners exist and, where relevant, verify their identity. If unsure whether a beneficiary or other person is a beneficial owner, you may consider taking legal advice from a trust practitioner, or identify them and consider whether verification is required.

Enquires and verification may be undertaken by:

• getting assurances from trustees on the existence and identity of beneficial owners
• getting assurances from other regulated persons more closely involved with the client, particularly in other jurisdictions, on existence and identity of beneficial owners
• reviewing the trust deed
• obtaining information from a reputable electronic verification service on details of identified beneficiaries.

View practical examples of how various interests and powers of control may appear

Top of page

4.7.7 Other arrangements and legal entities

Regulation 6(6) provides that where you are dealing with a client who is not a natural person, nor a corporate entity or a trust, then the following individuals are beneficial owners:

• where the individuals who benefit from the entity or arrangement have been determined, any individual who benefits from at least 25 per cent of the property of the entity or arrangement
• where the individuals who benefit from the entity or arrangement have yet to be determined, the class or persons in whose main interest the entity or arrangement is set up or operates
• any individual who exercises control over at least 25 per cent of the property of the entity or arrangement

Unincorporated associations and foundations are examples of entities and arrangements likely to fall within this regulation.

When applying this Regulation relevant points to consider are:

• the property of the entity includes its capital and its profits
• determined benefits are those to which an individual is currently entitled
• contingent benefits or where no determination has been made should be dealt with as a class as benefit has yet to be determined
• a class of persons need only be identified by way of description
• an entity or arrangement is set up for, or operates in, the main interest of the persons who are likely to get most of the property
• control involves the ability to manage the use of funds or transactions outside the normal management structure and control mechanisms
• where you find a body corporate with the requisite interest outlined above, you will need to make further proportionate enquiries as to the beneficial owner of the body corporate

You should make reasonable and proportionate enquiries to establish whether beneficial owners exist and, where relevant, verify their identity in a risk-based manner.

Enquires and verification may be undertaken by:

• asking the client and receiving assurances as to the existence and identity of beneficial owners
• asking other regulated persons more closely involved with the client (particularly in other jurisdictions) and receiving assurances as to the existence and identity of beneficial owners
• reviewing the documentation setting up the entity or arrangement such as its constitution or rules

Top of page

4.8 Simplified due diligence

Regulation 13 permits simplified due diligence to be undertaken in certain circumstances.

4.8.1 What is simplified due diligence?

You simply have to obtain evidence that the client or products provided are eligible for simplified due diligence. You will not need to obtain information on the nature and purpose of the business relationship or on beneficial owners. You will need to conduct CDD and ongoing monitoring where you suspect money laundering .

4.8.2 Who qualifies for simplified due diligence?

The following clients and products qualify:

• a credit or financial institution which is subject to the requirements of the money laundering directive (PDF, 309kb)
• a credit or financial institution in a non-EEA state which is supervised for compliance with requirements equivalent to the money laundering directive (PDF, 309kb)
• companies listed on a regulated EEA state market or a non-EEA market which are subject to disclosure obligations specified in regulation 2
• beneficial owners of pooled accounts held by a notary or independent legal professional, ie financial services firms are not required to apply CDD to the third party beneficial owners of omnibus accounts held by solicitors, provided the information on the identity of the beneficial owners is available upon request
• UK public authorities
• a non-UK public authority which:
• is entrusted with public functions pursuant to the treaty on the European Union or the Treaties on the European Communities, or Community secondary legislation
• has a publicly available, transparent and certain identity
• has activities and accounting practices which are transparent
• is accountable to a community institution, the authorities of an EEA state or is otherwise subject to appropriate check and balance procedures
• certain insurance policies, pensions or electronic money products
• products where:
• they are based on a written contract
• related transactions are carried out through a credit institution which is regulated under the money laundering directive or subject to equivalent requirements
• they are not anonymous
• they are within relevant maximum thresholds
• realisation for the benefit of a third party is limited
• investment in assets or claims is only realisable in the long term, cannot be used as collateral and there cannot be accelerated payments, surrender clauses or early termination

For further details on the requirements for qualification for simplified due diligence, see Regulation 13 and Schedule 2 of the regulations.

On behalf of member states, the European Commission publish a list of countries considered to have equivalent AML/CTF systems.

• Consult the European Commission's list
• Consult the JMLSG's guidance on equivalence.
• Consult a list of national money laundering legislation around the world, and whether it applies to lawyers.

Top of page

4.9 Enhanced due diligence

Regulation 14 provides that you will need to apply enhanced due diligence on a risk-sensitive basis where:

• the client is not dealt with face-to-face
• the client is a politically exposed person (PEP)
• there is any other situation which can present a higher risk of money laundering or terrorist financing

The regulations do not set out what will be enhanced due diligence for the last option.

In applying the risk-based approach to the situation you should consider whether it is appropriate to:

• seek further verification of the client or beneficial owner;s identity
• obtain more detail on the ownership and control structure of the client
• request further information on the purpose of the retainer or the source of the funds, and/or
• conduct enhanced ongoing monitoring

4.9.1 Non face-to-face clients

A client who is not a natural person can never be physically present for identification purposes and will only ever be represented by an agent. The mere fact that you do not have face-to-face meetings with the agents of an entity or arrangement does not automatically require that enhanced due diligence is undertaken. You should consider the risks associated with the retainer and the client, assess how well standard CDD measures are meeting those risks and decide whether further CDD measures are required.

Where a client is a natural person and they are not physically present for identification purposes, you must undertake enhanced due diligence.

Regulation 14 (2) outlines possible steps which can be taken above standard verification procedures to compensate for the higher risk of non face-to-face transactions. The regulations suggest the following options, although this list is not exhaustive:

• using additional documents, data or information to establish identity. This may involve using electronic verification to confirm documents provided, or using two or three documents from different sources to confirm the information set out in each.

• using supplementary measures to verify or certify the documents supplied or obtain confirmatory certification by a credit or financial institution which is subject to the money laundering directive. You may consider electronic verification to confirm the documents provided. Alternatively consider getting certified copies of documents:
  • When dealing with foreign passports or identity cards, check the requirements for that country with the relevant embassy or consulate.
  • With all other documents, consider whether the certifying person is regulated with respect to the regulations or is otherwise a professional person subject to some sort of regulation or fit and proper person test, who can easily be independently contacted to verify their certification of the documents. Such persons include bank managers, accountants, or local GPs. You may also consider accepting documents certified by the Post Office-provided Identity Checking Service.
   
• ensuring the first payment in the retainer is through an account opened in the client's name with a credit institution. EU regulation 1781/2006 says credit institutions must provide the payers name, address and account number with all electronic fund transfers. It entered force on 1 January 2007 and is directly applicable to all member states. Use this to further verify your client's identity.

Further details: Part II – Wire transfers of the JMLSG guidance

If such information is not included on the electronic fund transfer, discuss this with the relevant financial or credit institution. Consider taking up the matter with the FSA, if the institution refuses to give you written confirmation of the details. Take other steps to verify your client's identity.

Top of page

4.9.2 Politically exposed persons

You must take the following steps to deal with the heightened risk posed by having a client who is a PEP:

• have senior management approval for establishing a business relationship with a PEP
• take adequate measures to establish the source of wealth and source of funds which are involved in the business relationship or occasional transaction
• conduct closer ongoing monitoring of the business relationship

You are not required to actively investigate whether beneficial owners of a client are PEPs. However, where you have a beneficial owner who you know is a PEP, you should consider on a risk-based approach what extra measures, if any, you need to take when dealing with that client.

Further, merely doing work for a non-UK public authority does not mean that you are in a business relationship with a PEP. You should however ensure that you have considered the risks associated with the particular public authority and taken steps to address those risks.

Who is a PEP?

A person who has been entrusted within the last year with one of the following prominent public functions by a community institution, an international body, or a state other than the UK:

• heads of state, heads of government, ministers and deputy or assistant ministers
• members of parliament
• members of supreme courts, of constitutional courts, or of other high-level judicial bodies whose decisions are not generally subject to further appeal, except in exceptional circumstances
• members of courts of auditors or of the boards of central banks
• ambassadors, charges d'affairs and high-ranking officers in the armed forces
• members of the administrative, management or supervisory bodies of state-owned enterprises

Middle ranking and junior officials are not PEPs.

In addition to the primary PEPs listed above, a PEP also includes:

• family members of a PEP – spouse, partner, children and their spouses or partners, and parents
• known close associates of a PEP – persons with whom joint beneficial ownership of a legal entity or legal arrangement is held, with whom there are close business relationships, or who is a sole beneficial owner of a legal entity or arrangement set up by the primary PEP

The regulations only apply to persons appointed by governments and authorities outside the UK, but it may be appropriate, on a risk-based approach to apply some or all of the enhanced due diligence requirements to a person appointed in the UK, who would have been a PEP had they been appointed outside the UK.

Top of page

How to identify PEPs

You are not required to conduct extensive investigations to establish whether a person is a PEP. Just have regard to information that is in your possession or publicly known.

To assess your PEP risk profile, you should consider your existing client base, taking into account the general demographic of your client base, and how many clients you currently know would be a PEP.

If the risk of you acquiring a PEP as a client is low, you may simply wish to ask clients whether they fall within any of the PEP categories. Where they say no, you may reasonably assume the individual is not a PEP unless anything else within the retainer, or that you otherwise become aware of, makes you suspect they may be a PEP.

Where you have a higher risk of having PEPs as clients or you have reason to suspect that a person may actually be a PEP contrary to earlier information, you should consider conducting some form of electronic verification. You may find that a web-based search engine will be sufficient for these purposes, or you may decide that it is more appropriate to conduct electronic checks through a reputable international electronic verification provider.

Note: The range of PEPs is wide and constantly changing, so electronic verification will not give you 100 per cent certainty. You should remain alert to situations suggesting the client is a PEP. Such situations include:

• receiving funds in the retainer from a government account
• correspondence on official letterhead from the client or a related person
• general conversation with the client or person related to the retainer linking the person to a PEP
• news reports which actually come to your attention suggesting your client is a PEP or linked to one

Where you suspect a client is a PEP but cannot establish that for certain, you may consider on a risk-sensitive basis applying aspects of the enhanced due diligence procedures.

Top of page

Senior management approval

The regulations do not define senior management, so your firm must decide who that is, on a risk-sensitive basis. Senior management may be:

• the head of a practice group
• another partner who is not involved with the particular file
• the partner supervising the particular file
• the nominated officer
• the managing partner

In any case, it is recommended that you advise those responsible for monitoring risk assessment that a business relationship with a PEP has begun, to help their overall monitoring of the firm's risk profile and compliance.

Establishing source of wealth and funds

Generally this simply involves asking questions of the client about their source of wealth and the source of the funds to be used with each retainer. When you know a person is a PEP, their salary and source of wealth is often publicly available on a register of their interests. This may be relevant for higher risk retainers.

Enhanced monitoring

You should ensure that funds paid into your client account come from the account nominated and are for an amount commensurate with the client's known wealth. Ask further questions if they are not.

Top of page

4.9.3 High risk of money laundering

Enhanced due diligence is also required where there is a higher risk of money laundering.

The Financial Action Taskforce and HM Treasury regularly provide statements on unsatisfactory money laundering controls in overseas jurisdictions. Read the latest list.

You must undertake enhanced due diligence and enhanced ongoing monitoring when acting in relation to transactions involving these jurisdictions.

Top of page

4.10 Existing clients

Regulation 7(2) states you must apply CDD measures to an existing customer at other appropriate times and on a risk-sensitive basis, repealing the previous exemption for customers with whom you had a business relationship prior to 1 March 2004 .

You do not have to ensure all existing clients have been identified and verified by 15 December 2007, nor update all current identification in accordance with the new requirements by that date.

Factors that may trigger a need for CDD include:

• a gap in retainers of three years or more
• a client instructing on a higher risk retainer
• where you develop a suspicion of money laundering or terrorist financing by the client
• an existing high risk client

For all clients, you should ensure ongoing monitoring of the business relationship to identify any suspicious activity.

When conducting CDD on existing clients or a subsidiary of an existing client, you may consider information already on your files which would verify their identity or publicly available information to confirm the information you hold, rather than approaching the client to provide that information initially. It may be appropriate for a fee earner or partner who has known the client for long time to place a certificate on the file providing an assurance as to identity.

Top of page

4.11 Sanctions and counter-measures

Your CDD measures should, following a risk based approach, be able to ascertain whether your client is subject to the restrictions or directions listed below.

You should also be able to ascertain whether key beneficial owners or the intended recipient of funds from a transaction you are undertaking are subject to the restrictions or directions listed below, where there is a higher risk of money laundering or terrorist financing.

You should assess each case on its merits. However, examples of higher risk situations may include transactions with:

• complex corporate entities in jurisdictions where there is a high risk of terrorist funding
• senior politically exposed persons from jurisdictions which are subject to sanctions

The Treasury's Asset Freezing Unit maintains a consolidated list of financial restrictions in force in the UK.

Access this list, register for updates and obtain further information on financial restrictions.

See paragraph 7.10 for further information on obtaining a licence from Treasury to carry out transactions with persons or entities subject to financial restrictions.

4.11.1 When counter measures are issued

Where FATF issues counter measures against a country, the country is added to the non-cooperative countries and territories list. There are currently no countries listed as non-cooperative.

Schedule 7 of the Counter-Terrorism Act (2008) provides that when the client is from a country subject to FATF counter measures, HM Treasury may prohibit you from:

• entering into a business relationship
• carrying out an occasional transaction
• proceeding further with a business relationship or occasional transaction.

4.11.2 Financial restrictions – general

The UK government imposes financial restrictions on persons and entities following their designation by the United Nations and/or European Union. The UK also operates a domestic counter-terrorism regime, where the government decides to impose financial restrictions on certain persons and entities.

Statutory instruments are issued for each financial restriction in force. An order will be made freezing the assets of a person or entity, where a financial restriction is imposed. It is unlawful to make payments to or allow payments to be made to that designated person or entity.

These persons and entities will be on HM Treasury's consolidated list.

4.11.3 Restrictions against Al-Qaida and terrorism

The Al Qaida and Taliban (United Nations Measures) Order 2006 and the Terrorism (United Nations Measures) Order 2009 create specific offences for providing funds or economic resources to terrorists.

Persons or entities designated under these orders will be on HM Treasury's consolidated list.

Chapter 7 of the practice note covers the relevant offences.

Top of page

4.12 Annex A – Examples of beneficial ownership for a trust

4.12.1 Example 1

Details

A's will provides that after payment of legacies and testamentary expenses his residuary estate passes to his children in equal shares. Three children survive A, one of whom (B) is under 18.

Application

On A's death each of the children have a vested interest in one third of the residuary estate, notwithstanding that B will not receive his share until he is 18 as he cannot give a valid receipt to the executors, and none of them will be entitled to receive anything until the conclusion of the administration of the estate.

As such all three children should be identified under Part A, after the estate ceases to be in administration.

Top of page

4.12.2 Example 2

Details

C executed an inter vivos trust in 2000 'for the benefit of my grandchildren who shall be born before 31/12/2020'. At the time he had two grandchildren. C died in 2006, and in 2007 your firm is instructed to act for the trustees. There are now four grandchildren.

Application

Each of the grandchildren has a vested interest in possession in one quarter of the trust fund, notwithstanding that further grandchildren may be born before 31/12/2020 and their shares may be reduced. Therefore each grandchild has a specified interest in at least 25 per cent of the capital of the trust property and should be identified under Part A.

Development

In 2015 new trustees are appointed, at which point there are five grandchildren, each of whom has a specified interest in 20 per cent of the fund.

Application

Your firm will have to apply CDD to the new trustees (either as part of the client CDD or a person who has control) and to the class of beneficiaries under Part B, which will be the grandchildren of C.

Top of page

4.12.3 Example 3

Details

C's will provides that after payment of legacies and testamentary expenses his residuary estate passes to 'such of my children as shall survive me and attain the age of 21 years'. Three children survive C, one of whom (D) is under 21.

Application

While the estate is in administration, it is the personal representative who will be the beneficial owner. The two elder children will have been paid out following completion of the administration of the estate, as they have absolute vested interests. D's interest in the one third of the estate is not a specified interest, being subject to a contingency and therefore not vested. As D also does not have control, this leaves you to apply CDD under Part B to the class of one, constituted by D.

Top of page

4.12.4 Example 4

Details

E executes an inter vivos trust on 31/01/2007, creating a life interest in income for his wife, with remainder to such of their children as shall be living at his wife's death. At the time he has two children.

Application

The wife has a vested interest in possession, but it is in income, not in the capital of the trust. Therefore she is not a beneficial owner under Part A. As s32(1)(c) of the Trustee Act 1925 is excluded from being defined as control over the trust, she is not a beneficial owner under Part C either.

The children have an interest in the remainder, but it is contingent on them surviving their mother and does not vest until their mother's death. Therefore they should be identified as a class under Part B.

The settlor would be identified under Part A as he also has a vested interest in reversion as he has not provided for the situation which will arise if all of the children pre-decease their mother. Should this happen there will be a total failure of the trust, which will revert to E, or if he has predeceased his wife, to his estate.

The trustees would also be identified under Part C as a result of their control over the trust.

Top of page

4.12.5 Example 5

Details

F's will provides for a life interest for his wife, with remainder to his children in equal shares. One of the children dies prior to the wife.

Application

The wife is not a beneficial owner. (see example 4)

The child who has pre-deceased his mother has a vested interest in the remainder as there is no condition precedent that he must survive his mother. Therefore the interest survives him and is capable of being bequeathed by his will or passing under his intestacy.

It will depend on the number of children as to the level of interest each has. If it is under 25 per cent then it would simply be under Part B. If each has at least 25 per cent then they will need to be individually identified under Part A and enquiries will need to be made of the trustee as to who is now entitled to the deceased child's interest.

Top of page

4.12.6 Example 6

Details

I's will provides for a life interest in favour of his wife, with remainder to his four children in equal shares. The trustee is given express power to vary the shares, in whole or in part.

Application

This means that the interests of the children are vested but are defeasible. Until the trustee exercises their power to vary the interest, all of the children will be identified under Part A. Once the trustee exercises their power, any children with an interest remaining at 25 per cent or more will continue to be identified under Part A, while the others will be identified under Part B. The trustees will be identified under Part C. The wife is not a beneficial owner (see example 4)

Top of page

4.12.7 Example 7

Details

J by his will created a life interest in favour of his wife, with the remainder to his three children in equal shares. The trustees are given a power, during the life of the widow, to appoint an interest in all or part of the capital of the fund, without her consent, in favour of such charities as they may select.

Application

Until the power of appointment is exercised all three children have a vested interest in the remainder and should be identified under Part A.

If for example the power of appointment is exercised and 50 per cent of the fund is to be paid to one specified charity – prior to the distribution it is recommended that the charity be identified under Part A and the children under Part B. After the distribution is made, the children will then return to having a one-third share each and be identified under Part A. As such it is important to obtain updated information when taking on a new retainer for such a trust.

Top of page

4.12.8 Example 8

Details

N creates an inter vivos trust for his three named grandchildren subject to attaining 21, with substitution for their issue, reserving to himself the power to appoint or remove trustees.

Application

The three grandchildren have contingent interests and so will be identified under Part B. N has control and should be identified under Part C due to the power to appoint or remove trustees.

Top of page

4.12.9 Example 9

Details

O creates an inter vivos trust for his three named grandchildren subject to attaining 21, with substitution for their issue, appointing a protector (P) with power to veto any advancement of capital by the trustees under s32 of the Trustee Act 1925 and to appoint or remove trustees.

Application

The grandchildren have contingent interests and are identified under Part B. Both P and the trustees have control over the trust and should be identified under Part C.

Top of page

4.12.10 Example 10

Details

Application

Both the trustees and the children have control of the trust and are subject to identification under Part C, while the wife and all of the issue are discretionary beneficiaries and are to be identified as a class under Part B.

Top of page