Under the various Codes of Practice issued by the Jersey Financial Services Commission (the “JFSC”) the Boards of regulated businesses are required to undertake and keep an up to date Business Risk Assessment (“Risk Assessment”). Based on the Risk Assessment the Board must consider, on an ongoing basis, its risk appetite, and the extent of its exposure to money laundering and financing of terrorism risks taking into account its organisational structure, its customers, the countries and territories with which its customers are connected, its products and services and how it delivers those products and services. The Risk Assessment must be kept up to date and subject to review in response to changing internal or external events. Failing to compile a Risk Assessment or neglecting to keep it up to date places the business and/or principal persons at very real risk of regulatory sanction.
The Risk Assessment should be regarded as the foundation stone that needs to be put in place before a business strategy can be built around the Risk Assessment to counter the money laundering and financing of terrorism risks. As with any building work, inadequate foundations places all that follows in jeopardy. Effective policies and procedures provide the detail of how the risk of money laundering or financing of terrorism will be managed. Poor policies and procedures or failing to follow your own policies and procedures increasingly places both Principal Persons and Relevant Persons at risk of regulatory sanction.
The Codes of Practice require (not optional) Boards to undertake the following in relation to its Risk Assessment.
Cultural barriers to achieving effective compliance.
The JFSC has helpfully set out examples of what they regard as cultural barriers that might hinder the effective operation of AML systems and controls including,
The culture of the business will dictate how successful the business is in managing its AML/CFT, Regulatory and Reputational risks
From the annual reports published by the JFSC it is very clear that whistle-blowers troubled by the culture within a firm, are prepared to reach out to the regulator and provide a valuable insight into a troubled culture within a firm. Such information inevitably prompts the regulator to take a closer look at such a business often leading to the formal appointment of a reporting professional.
Board reporting on the effectiveness of AML/CFT systems and controls can be demonstrated by the following,
The above list is by no means exhaustive and should be regarded as the bare minimum level of reporting.
Baker Regulatory Services has the experience to enhance Business Risk Assessments and Board reporting on AML/CFT systems and controls thereby managing the risk of exposure to individuals and the business of breaching the Money Laundering (Jersey) Order 2008 and the relevant JFSC Codes of Practice.