COVID-19 – FCA statement on how firms should handle post and paper documents
The FCA published a statement on the 13th May 2020 which sets out its position on the requirements for post and paper-based processes during the COVID-19 pandemic.
The FCA states that firms should try to ensure that all customers are not disadvantaged because of delays and make particular efforts to contact customers who do not use online services. The FCA is concerned that vulnerable customers, who are often more likely not to use online services, are still protected.
The FCA suggest that firms collect post and process paper-based work as frequently as they can, if this is not possible daily; and ensure they return client funds promptly, where they are unable to proceed with a transaction due to a delay and/or change in situation.
Firms are expected to provide general updates on how it will treat incoming and outgoing post, and cheques, through its website and social media. Communications should update customers on market conditions, explain they can check their financial statements (which may arrive late) and invite customers to contact the firm if they wish.
The FCA expects firms to notify them where it is not possible to comply with the requirements at firstname.lastname@example.org and to provide updates on the treatment of incoming and outgoing post and cheques, through websites and social media channels.
The FCA recognises that face-to-face meetings are not possible, and they would expect firms to use other methods to conduct a suitability assessment, such as phone calls and relevant due diligence checks online and to send out the suitability assessment without delay, whether online (for those customers that use online or email services) or by post.
Firms should ask those who have sent instructions or cheques which have not been processed to contact the firm urgently by telephone or electronic means. Where a customer has made a payment by cheque which has not been processed, we expect firms to consider the potential harm caused by not being able to cash the cheque on a case-by-case basis and ensure, where possible, they receive the services/cover they require (for example, retrospective cover).
Where the uncashed cheque represents client money under the Client Assets Sourcebook (CASS) regime and the firm provides the service/cover without cashing the cheque, firms must consider whether proceeding in this way might breach CASS and expose other clients to the risk of a client money shortfall. For further information on CASS and COVID-19 see the FCA statement published on 6 April 2020.
For specific information for authorised fund managers on paper-based and manual processes, see the FCA’s dedicated web page
Financial crime systems and controls during coronavirus situation
On 6 May 2020, the Financial Conduct Authority (FCA) issued a statement outlining its expectations on how firms should apply their systems and controls to combat and prevent financial crime during this COVID-19 pandemic.
Among other things, the FCA noted that whilst the current climate may give rise to operational challenges in relation to financial crime systems and controls, firms should not seek to address operational issues by changing their risk appetite. That being said, while continuing to operate within the legislative framework for anti-money laundering and counter-terrorist financing, firms may need to re-prioritise or reasonably delay some activities.
The FCA is aware that the current climate may give rise to operational challenges for firms but that firms should not seek to address these by changing their risk appetite. For example, firms should not change or switch-off any screening or monitoring controls to reduce operational burdens. The FCA states it will consider some delays in monitoring or review work such as ongoing customer due diligence reviews, or reviews of transaction monitoring alerts, as reasonable, if:
- done on a risk basis; and
- there is a clear plan to return to business as usual as soon as possible.
Customer Due Diligence
The FCA expects firms to continue to comply with their obligations on client identity verification but states that there is some flexibility within existing requirements.
Rather than closing an existing customer account, for example, where information is not provided, firms may consider other ways of being reasonably satisfied with the customer’s identity and make reasonable efforts to collect the information.
The FCA also sets out a list of potential alternative means of verification, but states that these do not mean that there is a relaxation of requirements and that they are not necessarily suggesting that taking one of the methods in isolation would be appropriate or sufficient verification for any clients.
The methods the FCA suggests include:
- accept scanned documentation sent by e-mail, preferably as a PDF
- seek third-party verification of identity to corroborate that provided by the client, e.g. from their lawyer or accountant
- asking clients to submit digital photos or videos for comparison with other forms of identification gathered as part of the on-boarding process
- place reliance on due diligence carried out by others, such as the client’s primary bank account provider, where appropriate agreements are in place to provide access to data
- use commercial providers who triangulate data sources to verify documentation provided
- use digital identity solutions to identify customers where a firm considers that the solution provides an appropriate level of assurance as to a person’s identity
- gather and analyse additional data to triangulate the evidence provided by the client, such as geolocation, IP addresses, verifiable phone numbers
- verify phone numbers, emails and/or physical addresses by sending codes to the client’s address to validate access to accounts, and
- seek additional verification once restrictions on movement are lifted for the relevant client group.
One could argue that with the above list the FCA is not offering anything new in terms of the methods already used by firms.
Maintaining the integrity of the financial market is a key objective for the FCA. In the current climate, it is important for firms to maintain effective systems and controls to prevent money laundering and terrorist financing.
It is important that firms remain vigilant to new types of fraud and amend their control environment where necessary to respond to new threats. This should include the timely reporting of Suspicious Activity Reports.
FATF publishes report on COVID-19-related Money Laundering and Terrorist Financing
Further to its communication published last month the Financial Action Task Force (FATF) has now published a report into COVID-19-associated money laundering (ML) and terrorist financing (TF) risks and expected policy responses.
Key ML/TF risks
The report identified the following key ML and TF risks:
- Increased remote transactions – given the closure of many physical branches, there is an increase in use of online services and banks’ ability to adequately verify their customers has been limited if not postponed. In particular, some of these institutions are not adequately equipped to make use of any online verification tools and there is a risk they may on board customers who have not been subject to a satisfactory or sufficient customer due diligence (CDD) screening.
- Unfamiliarity with online platforms – certain customers, such as the elderly or low-income groups, may not be as familiar with online banking platforms. This may make them more susceptible to fraud, and FATF notes there has been an increase in bank fraud incidents targeting account or financial information.
- Increased use of unregulated financial services – this is a recurrent theme which has been observed during the past economic crises. Individuals struggling financially may turn to alternative, unlicensed lenders, which may include criminal groups. This may then be overlooked by the traditional financial institutions which are preoccupied with maintaining business continuity leading to potentially not identifying suspicious transactions as promptly.
- Economic downturn – criminals may be turning to investing their money in real estate or troubled businesses to generate cash and launder illicit proceeds. They may also seek to restructure their lines of credit or existing loans to introduce criminal proceeds into the economy. In addition, existing struggling businesses may increasingly divert their budget away from combatting ML/TF as they seek to survive.
- Increased physical transactions – individuals have been seen to liquidate their portfolios, transferring large amounts of funds electronically and withdrawing substantial cash sums which can be used to purchase less traceable assets, such as gold redeposited once the economy stabilises; or a result of a cash-out scheme, where criminals take control over individual’s bank account.
Local government responses
FATF continues to call on individual governments to continue communicating and cooperating with the private sector in relation to those ML/TF risks and how they can be addressed. FATF has noticed governments’ efforts to tackle ML/TF, including supervisory visits, enforcement actions as well as policy initiatives, are being postponed or put on hold with focus being limited to business continuity. Local supervisory, enforcement authorities and financial intelligence units are being encouraged to share information and intelligence with the sector in relation to emerging or increasing ML/TF risks and to publish policies to reinforce their expectations.
The UK’s response
Law Enforcement Agencies have produced threat assessment and published advice on the risk of Covid-19 fraud.
The Financial Conduct Authority (FCA) has written to the CEOs of firms providing services to retail investors with advice and detail of the FCA’s response to Covid-19.
The Institute for Chartered Accountants of England and Wales (ICAEW) has published advice for its firms on how they can continue to meet their AML/CTF obligations.
What firms could do
FATF recommends the following:
- Make full use of a risk-based approach to CDD and (reliable) digital identification solutions to the extent possible.
- Appreciate the new and recurring ML/TF risks and seek to adjust their operational responses or at least, focus their efforts on increasing the monitoring of the customers they have identified as most vulnerable in this challenging environment.
- Engage in information sharing with their peers, particularly where suspicious activity is involved, a suspicious activity report needs to be submitted to the National Crime Agency and there is evidence of suspicious funds or the activity being linked to other financial institutions.
Help and advice
If you require any assistance in understanding the implications of Covid-19 on your firm or with financial crime systems and controls in general, please do not hesitate to contact us.