The Financial Action Taskforce (FATF) is an intergovernmental body that sets international standards to help prevent money laundering and terrorist financing.
In October 2020, The FAFT revised its Anti-Money Laundering/Counter-Terrorist Financing (AML/CTF) Standards requiring countries and entities subject to AML Regulations to identify, assess, monitor, manage, and mitigate proliferation financing risks.
The new standards require relevant public and private sector bodies to conduct risk assessments and then apply a risk-based approach to mitigating proliferation financing. In June 2021, the FAFT released its Guidance on Proliferation Financing Risk Assessment and Mitigation to assist in interpreting and implementing the new standards.
Proliferation financing guidance
- What is proliferation financing?
- What are the counter-proliferation financing rules?
- What are the practical implications?
- How could proliferation financing affect your firm?
- How important are internal sanctions protocols?
The Guidance provides an updated list of indicators of the potential breach, non-implementation, or evasion of proliferation financing targeted financial sanctions. The UK, and other FAFT members, have passed legislation to implement these standards into national law.
What is proliferation financing?
The FAFT defines proliferation financing as raising, moving, or making available funds or other economic resources/assets to assist for, in whole or in part, with the proliferation of nuclear, chemical, or biological weapons, i.e., weapons of mass destruction (WMDs).
Proliferation in this context includes the manufacture, acquisition, possession, development, export, brokering, transport, transfer, stockpiling, or use of WMDs as well as their means of delivery or related materials. It would also include dual-use technologies and goods used for non-legitimate purposes.
What are the counter-proliferation financing rules?
In the UK, the counter-proliferation financing rules are found both in the AML/CTF regulations and in sanctions legislation.
From 1 September 2022, the Money Laundering and Terrorist Financing (Amendment) (No. 2) Regulations 2022 created a new obligation for regulated entities to identify, assess and mitigate the risk of proliferation financing. This obligation must use a risk-based approach, similar to the treatment of other AML risks.
Companies can create a new risk assessment specific to proliferation financing, or incorporate proliferation financing into the existing AML/CTF risk assessments. The relevant assessments should consider national and industry-specific risk assessments relating to proliferation financing.
Companies are required to implement policies, controls, and procedures to mitigate any identified or potential risks effectively. The Financial Conduct Authority (FCA) has the power to impose fines and other civil penalties on companies found to be in breach of their AML/CTF obligations, and there is also the possibility of criminal sanctions being applied.
The amending regulations empower AML/CTF regulators and supervisors (such as the FCA) to access SARs submitted to the National Crime Agency, where this is necessary for them to fulfill their functions. The new regulations also create an obligation on companies to report to Companies House any material discrepancies in beneficial ownership found during its due diligence process.
A key part of mitigating risks associated with proliferation financing involves strict adherence to the sanctions regime. The UK government, like other states and multinational bodies, uses sanctions as part of their counter-proliferation financing programmes to undermine the capacity to manufacture or purchase WMDs, control access to WMDs, and disrupt networks trading in WMDs.
Sanctions mandated by counter-proliferation financing programmes also aim to influence intent, dissuading participation in WMD-related activities. All companies should establish and maintain policies, controls, and procedures to ensure effective compliance with the sanctions legislation.
Breaching sanctions is a serious criminal offence with harsh penalties, including unlimited fines and prison sentences of up to seven years. The Office of Financial Sanctions Implementation (OFSI) also has the power to impose large fines for sanctions breaches (up to £1 million or 50% of the value of the transaction, whichever is greater).
Furthermore, as of March 2022, the Economic Crime (Transparency and Enforcement) Act 2022 makes a breach of sanctions a strict liability civil offence, when enforced directly by the OFSI. In other words, before issuing a civil penalty (including fines or naming and shaming), the OFSI can simply rely on the fact that a breach occurred and no longer needs to be satisfied that a person knew or had reasonable cause to suspect a breach.
What are the practical implications?
There is now a legal requirement to complete a risk assessment of proliferation financing risks that may affect your company. The risk assessment may be completed as a standalone process or integrated into the existing business risk assessment.
This, in turn, should be considered when conducting client and transactional risk assessments, affecting due diligence procedures. Your training programmes and company policies must also reflect your counter-proliferation financing obligations.
Should the worst occur, and your company is inadvertently linked to proliferation financing, intention is your leg to stand on. From an 'intent' standpoint, your best defence is that you had appropriate policies, training, and procedures in place to counter the threat of your business being involved in proliferation financing.
Customer Due Diligence
Your customer due diligence (CDD) obligations will not change much. However, it becomes even more important for your company and its representatives to complete appropriate checks at the onboarding stage and then intermittently during the business relationship, particularly in relation to the beneficial ownership of legal persons and arrangements.
Staff and management should use external sources when conducting their due diligence and use resources such as media reports, supervisory circulars, and independent threat analysis reports. Everyone working for or on behalf of your company must be aware of and adhere to the company's sanctions protocols.
Any customer with a link to the trade or export of dual-use goods would need to be looked at more closely. Dual-use goods are goods that, although designed for commercial applications, may have military applications or potentially be used as precursors or components of WMDs.
Risk indicators of proliferation financing
As noted by the FAFT, risk indicators can be used to assess whether particular transactions or relationships represent suspicious activity. A standalone indicator affecting one customer or transaction may not warrant suspicion of proliferation financing on its own, but it may prompt further monitoring and examination.
In fulfilling your due diligence requirements, it may be necessary to cross-refer a risk indicator with data often held by external actors. For example, financial transactions, customs data, and market indices and prices, or to engage with law enforcement authorities or regulators. According to the FAFT, customer risk indicators include situations where:
- A customer provides vague or incomplete information about proposed trading activities or is reluctant to provide additional information when queried.
- A customer or its beneficial owners appear in sanctioned lists or negative media.
- A customer has connections with a country with a high risk of proliferation.
- A customer deals in dual-use goods, goods subject to export control, or goods for which they lack a necessary technical background or appear unrelated to their stated line of activity.
- A customer engages in complex trade deals involving numerous third-party intermediaries in lines of business that are incongruent with their stated business profile.
- A customer engages in rapid high-volume transactions without clear business reasons.
- A customer has links with research bodies working on developing dual-use goods or goods subject to export control.
- Discrepancies between a customer's residence and the location of the customer's assets and transactions cannot be adequately explained.
Assessment of vulnerabilities
When conducting a risk assessment, it is important to give sufficient attention to any area that may represent a vulnerability to proliferation financing. Factors that may need to be considered include the nature, scale, diversity, and geographical footprint of the company's business, the company's target market(s) and customer profiles, and the complexity, volume, and size of transactions.
Financial institutions providing correspondent banking services and trade finance arrangements need to be especially careful to fulfil their due diligence requirements and not simply rely on the work of partner institutions.
The same reporting obligations apply to counter proliferation financing as applies to AML/CTF. Any identified suspicious activity should be reported immediately through the relevant internal reporting mechanisms.
The report's contents must then be communicated to the National Crime Agency through a formal suspicious activity report (SAR). As with the AML/CTF reporting regime, it is important to avoid tipping off the subject of a report.
How could proliferation financing affect your firm?
Because proliferation financing is a financial crime, it has the potential to affect any business, irrespective of size. It usually involves multiple chains of activity that are generally well-disguised.
You need to be incredibly vigilant in complying with sanctions rules, checking beneficial ownership, and complying with due diligence obligations to avoid assisting any part of a chain. Any AML/CTF compliance failings may be costly and damage your reputation.
In June 2022, the FCA fined an insurance broker, JLT Speciality Ltd, £7.8 million for financial crime control failings. The failings led to high-level corruption, with over US$3 million flowing into the pockets of Colombian government officials based at a state-owned insurer.
In the same month, the FCA also fined Ghana International Bank Plc, almost £6 million, for poor compliance practices, even though no evidence of money laundering was detected. The Bank had not performed extra checks when engaging in correspondent banking arrangements, failed to undertake annual reviews of those relationships, and had not established appropriate AML/CTF policies and procedures or sufficient staff training.
More recently, in October 2022, the FCA also fined Gatehouse Bank £1.5 million due to poor financial crime systems and controls. For instance, over two years, it accepted $62 million into an account without conducting due diligence on the source of funds. As a result of these breaches, all these FCA-authorised companies also breached section 6.3 of the Senior Management Arrangement Arrangements, Systems and Controls (SYSC) rules, which highlights the need to set up and regularly assess the adequacy of their financial systems and controls.
How important are internal sanctions protocols?
On the Sanctions front, now that the OFSI has the power to impose financial penalties on a strict liability basis without reference to intent, it is even more important that all staff and representatives of the company comply with our internal sanctions protocols. It is also important not to fall into a check-box attitude to sanctions or AML/CTF compliance.
Remain aware of the bigger picture when assessing risks or when checking sanction lists, especially if there is a possibility that the relevant transaction may be linked to proliferation financing. Some countries or entities that official authorities have not yet sanctioned may still pose a high risk of non-compliance.
For example, a country, or an entity based in a different jurisdiction, may be used as a backdoor to avoid a sanctions regime. Remember that the specific sanctions legislation may extend to the prohibition of activities and trade from which a listed person, entity, or country indirectly benefits – this is especially important to remember when considering the current Russian sanctions.
For this reason, it is important to double-check beneficial ownership and consider the whole transaction to limit the possibility of inadvertently breaching the legislation.
Want to learn more about Financial Crime?
To help you plan and execute compliance in your organisation, we have created a comprehensive anti-money laundry and counter-terrorist financing roadmap.
We also have 100+ free compliance training aids, including assessments, best practice guides, checklists, desk aids, eBooks, games, posters, training presentations and even e-learning modules!
If you'd like to stay up to date with financial crime best practices, industry insights and key trends across regulatory compliance, digital learning, EdTech and RegTech news, subscribe to the Skillcast Compliance Bulletin.
Last but not least, you can interact in person with thought leaders and your peers at one of our popular live webinars and face-to-face events.
If you've any questions or concerns about compliance or e-learning, please get in touch.
We're happy to help!