In a welcome development, the Central Bank of Ireland ("CBI") has clarified its expectations for financial and credit institutions when dealing with customers who fail to provide customer due diligence ("CDD") documentation or information. This is an issue which can often present practical and legal challenges in practice so the CBI's Bulletin should serve as a useful reference point and ensure a greater consistency of approach going forward.

Background

The obligations to discontinue a business relationship or to refuse to execute a service / transaction on behalf of a customer in circumstances where CDD standards are not met are set out at section 33(8) of the Criminal Justice (Money Laundering and Terrorist Financing) Act 2010 as amended ("CJA 2010").

Financial and credit institutions may find themselves having to consider such obligations where they have permitted accounts to be opened for customers prior to receipt of full CDD documentation or where they are dealing with customers who were on-boarded prior to the introduction of anti-money laundering legislation.

CBI requirement for appropriate remediation plan

An in-scope firm is not permitted to conduct business on behalf of customers in circumstances where it cannot verify or has insufficient documentation on file to verify the identity of its customers. Where such gaps in CDD exist, the CBI expects firms to have remediation plans in place to address any CDD shortfalls and to prevent the situation from perpetuating.

CDD steps advised by the CBI

The CBI distinguishes between new customers and existing customers in terms of the required approach as follows:

New Customers

  •  In general, firms should seek to carry out CDD prior to the establishment of a business relationship with a customer. Where a firm intends to identify and verify its customers during the establishment of the business relationship, the firm should be in a position to demonstrate to the CBI that there is no real risk of money laundering or terrorist financing ("ML/TF") involved in such an approach. In addition, the firm should have policies and procedures in place which specify the timeframe for completion of the CDD process, with such timeframe being set at a level which minimises the risk of being unable to contact or return funds to the customer;
  •  Where a firm acquires a book of business, its anti-money laundering function should be involved in the due diligence process in order to assess the extent of any CDD compliance deficiencies;
  •  Firms should ensure that customer contracts address the section 33(8) obligations and customer consent should be obtained to discontinue the business relationship if necessary as part of the onboarding process;
  •  Firms should implement processes for the returning of funds to their source of origin, though care must be taken so as not to convert or legitimise any such funds. Firms should remain vigilant with regards to their reporting obligations for suspicious transactions.
  •  The CBI helpfully recognises that firms should act at all times in the best interests of customers and should exhaust all avenues before taking any action that might disadvantage customers.

Existing Customers

  •  Firms should review existing customers records to identify any CDD shortfalls;
  •  Firms should implement a remediation plan to address any shortfalls in CDD. When addressing CDD deficiencies, firms should prioritise remediation for customers who pose a higher risk of ML/TF;
  •  Firms should explore all available options when remediating CDD, including sourcing alternative identification documents and information in line with the customer's ML/TF risk profile. Firms should also explore all options regarding communication with uncontactable customers;
  •  In cases where CDD shortfalls remain despite all best efforts, firms should implement policies and procedures for the management of the associated ML/TF risk and / or the discontinuance of the business relationship with the customer. This may involve ring fencing or discontinuing accounts and flagging them for additional measures in the event the customer re-engages with the firm;
  •  In cases where there are grounds for suspicion regarding CDD shortfalls, firms should ensure that suspicious transaction reporting obligations are fulfilled.

Conclusion

In light of the CBI's guidance on this topic, firms should review their current AML policies and procedures and their template customer documentation to ensure that they are in line with CBI's expectations. The guidance provides for a reasonable degree of flexibility and different approaches may be required in certain circumstances e.g. where a customer has debts outstanding to a firm.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.