Very happy with the service provided

Midshore provided our business with fantastic FATCA and CRS support during an incredibly busy period in 2017, following a large scale system migration, removing the stress of FATCA / CRS reporting and even assisting with the creation of a system specific FATCA and CRS reporting procedure to assist the business going forward. The assistance of Midshore provided us with the ability to work on other projects, whilst taking comfort in the fact that this important obligation was being handled professionally and in line with agreed targets. Since then, we have engaged Midshore to provide us with ad hoc FATCA and CRS advice, as well as delivering training to all our staff on this complex subject.

We are very happy with the service provided by Midshore and would happily recommend them to others.

Regulation Services

Regulation & Compliance

Local and international regulation is constantly changing and evolving. Businesses need to adapt on a timely basis, changing procedures and processes and often remediating client files to ensure the documentation held continues to meet the various regulatory requirements. It is also prudent to test whether the procedures or processes of a business remain compliant with existing regulation and that the compliance monitoring programme remains robust.

We are able to quickly and efficiently help with standard Guernsey regulations such as:

  • CRS
  • BEPS
  • MiFID II & MiFIR
  • GFAS
  • GDPR, and
  • AML / CFT Handbook.

Whatever sector the change relates to we can assist by:

  • Identifying the requirements of the regulation
  • Implementing appropriate changes to business processes
  • Mapping your compliance with the regulations
  • Enhancing your monitoring programme
  • Ascertaining the need for remediation
  • Undertaking the remediation required
  • Providing a final report detailing all work undertaken

Different levels of service are available from consultation/advice to full programme management with a team of analysts & administrators to assist with remediation. Correcting or completing the documentation held on client files is one of the easy, but often overlooked, ways to ensure you remain in line with current regulatory requirements.

Midshore can provide a Compliance Officer and/or Money Laundering Reporting Officer for your business. Data Protection Officer services can also be provided.

Regular Training – More than just a Regulatory Burden!

Business regulated by or registered with the Alderney Gambling Control Commission (AGCC), the Guernsey Financial Services Commission (GFSC) and the Jersey Financial Services Commission (JFSC) have requirements under the relevant AML/CFT (Anti Money Laundering and Combating the Financing of Terrorism) handbooks or guidelines to ensure regular ongoing training for their staff in this area.

The requirement to train staff in this area is not new, however often training is carried out in these areas alone, and is directed if not carried out by the Money Laundering Reporting Officer (MLRO). How many times have experienced practitioners been forced to take time out from their working day to sit through an hour-long in-house seminar and are able to repeat “placement – layering – integration” or “maximum of 14 years in prison and an unlimited fine” verbatim at their course leader simply from hearing it so many times. Also, how many people have been forced to watch an AML DVD with dodgy acting from Z-list actors portraying farcical characters?

Running in-house training sessions during lunch breaks inevitably leads to:

  • Running multiple training sessions, taking up the valuable time of the MLRO
  • Running additional training sessions for those who are unexpected unable to attend at the last minute (sickness or business)
  • New staff members joining the company who need to have the training provided as part of their induction, which will often be at a time when regular staff training is not scheduled
  • Knowing that someone has been physically present without being able to prove that they were mentally present
  • Lack of quantitative proof of the effectiveness of the training

Clearly, this is not the best solution to a regulatory training need.

Convenience and Scalability

In the modern era we often talk about flexibility, and this is now something that can be offered in the ongoing training space. Let’s take an example.

Company A decides that its employees need to complete their regular AML/CFT training in line with regulatory requirements. The company has engaged with an online training provider (who happen to be called Midshore) to use their online training solution. Taking the experiences of various executives of the company:

  • The Managing Director decides to login from his tablet at home one evening to complete the training – leading by example is important
  • The Sales Director has a rare few days in the office so decides he will complete it one lunchtime whilst eating a sandwich at his desk
  • The Operations Manager doesn’t have enough time during the working day so takes her mobile phone to the gym, logs into their Wi-Fi and burns calories on the cross-trainer at the same time
  • The MLRO and the Human Resources Manager receive regular reports on who has completed the training, together with the score that each employee has received for their end of course test

Midshore Online Training (MOT)

Midshore Online Training (MOT) is the online training solution brought to you by Midshore Consulting. Regularly updated, the Midshore AML/CFT training includes sections on Proliferation Financing, Sanctions and Anti-Bribery and Corruption (ABC) alongside the standard AML/CFT subject matter.

The training module consists of:

  • Online training video
  • Printable course notes
  • 15-question end of module test (75% pass mark)
  • Printable certificate of completion

Using MOT also means that staff located in other jurisdictions (including those in outsourced or offshored operations) can receive identical training to local staff.

MOT – more than AML/CFT

Regulation and legal requirements are changing all the time, additionally local businesses are not just impacted by local law and regulation. Staff in regulated businesses should receive more than just AML/CFT training on a regular basis to ensure that they remain aware of their responsibilities in a number of key areas. This is why the MOT suite of modules will also include:

At this point, it almost seemed appropriate to include a pun about booking staff in for a MOT! However, should you be interested in a scalable and cost-effective solution to ensuring your staff have up to date regulatory knowledge please contact us.

Midshore can also run in-house training, including practical workshops tailored to the needs of your business.

Key Changes to Up-Coming Regulation

We would like to highlight to you two key changes in the local regulatory environment, which have an immediate impact and where we could assist you.

Beneficial Ownership Law

This came into effect on 15 August 2017, and requires that the resident agent of any Guernsey company, foundation of limited liability partnership must register beneficial of that entity with the Guernsey Registry either by 31 October 2017 (foundations & limited liability partnerships) or 28 February 2018 (companies).

Clearly there is an immediate requirement to start pulling together the information for reporting, which may be complex where one of these entity types is held within a trust arrangement. If you need help with any stage of this please contact us to discuss your requirements.

Pension Regulatory Regime

The new Pension Regime is live, and places requirements both on the licensee and the pension or gratuity scheme.

Under the transitional provisions full compliance is not required until 30 September 2018, however by 30 September 2017 a licensee carrying on pension or gratuity scheme business must conduct an assessment of their internal controls to identify and plan for any amendments required.

To assist licensees in complying with this we are offering a gap analysis at a fixed price of £1,750. We are also happy to discuss any further services you may require.

Compliance – A Pragmatic Approach to Regulation

Too many times we hear financial services professionals complaining that they are at odds with their confrontational compliance department, more often than that business generation units refer to their anti-money laundering team referred to as a business prevention unit.

Whilst there are many pieces of financial services law, regulation, rules, guidance & codes in existence (even in a small jurisdiction such as Guernsey) they have at their heart a few key goals:

  • Protecting the financial services consumer
  • Protecting the financial services system
  • Preventing use of financial services for crime

So, how do we fix the often-confrontational approach that seems to prevail within the compliance / anti-money laundering space? Here are a few suggestions:

Not all business is high risk

Many Money Laundering Reporting Officers (MLROs) are very risk-averse, after all they run the risk of prosecution if they do not fulfil their duties properly. However, it is important that a business has appropriate risk-rating for clients.

A MLRO may want to investigate each client to the nth degree, however that flies in the face of the purpose of risk-rating – ensuring that client relationships that really are high risk have more time spent on them then lower risk client relationships. How can a business spend more time when it has to perform enhanced due diligence (EDD) across all clients?

Ensure that when the board reviews the organisation’s in-house Anti-Money Laundering (AML) Handbook that risk-rating is covered with clear detail as to what could constitute a higher risk relationship. The board has the decision to control the risk of the business, and the MLRO cannot override the board is setting this policy as they are the instrument ensuring compliance with the policies.

Regular review by senior management will help to ensure that an overly zealous MLRO is not jeopardising the profitable functioning of the business.

Not all countries are the same

This is an important mantra for two very different reasons:

  • Lists of low risk countries and sensitive jurisdictions issued by the regulator can assist with risk-rating clients in those countries; as can sanctions lists issued by governments
  • Not all clients in all countries can easily provide the required documentation

The former is important – firstly the Guernsey Financial Services Commission (GFSC) has published a list of jurisdictions that it considers to have equivalent AML frameworks (Appendix C) in its’ AML Handbook. The AML requirements are already quite complex, and whilst clearly the board should determine whether it wants to adopt the entire list of Appendix C countries as low risk the MLRO should provide the board with reasons why any of the list should be discounted. Furthermore, ignoring the GFSC list of sensitive jurisdictions, or countries which appear prominently on the sanctions lists, could potentially imperil a business.

I once had reason to question a Deputy MLRO as to why a certain country was on their list of high risk jurisdictions. The answer was “because I want to know if any business is done from that country”. When asked what they would do with that information the answer “I just want to know” indicated that there would be no special process for dealing with a client from that country, however arbitrarily including that country on the high risk list means that any potential client would face providing EDD without good reason.

The second bullet point is an important one, and often vexes MLROs. What do you do when a client can’t provide proof of their address in the form of one of the documents listed in the GFSC’s AML Handbook? The answer is to think outside the box, and to suggest alternatives at an early stage. Maybe two independent statements of the client living there could be provided in place of a utility bill? There are some countries where standard proof of address is near impossible to provide and the GFSC would simply want you to be comfortable that you have sufficient proof even in a non-proscribed form.

Don’t reject a document – seek additional confirmation

What do I do when the lawyer certifying the document hasn’t used the correct wording and hasn’t said that the photograph is a true likeness of the person they have met? Don’t just reject the certified passport out of hand – it nearly meets the requirements. How about emailing the lawyer asking them to confirm that it is a true likeness of the person they have met?

Not all business is high risk – Take 2

It is tempting for a MLRO to give any structure where a PEP is involved a high-risk rating even if there is no risk of the PEP illicitly obtaining funds based on the structure used and the financial services product they are using.

Let’s take the example of a UK-registered quasi-governmental entity that is regulated for financial services business and can be found on the FCA’s financial services register. There is a PEP on the board, however the entity is investing into a fund and will only receive monies from an account in the name of the entity and will only pay out to an account in the name of the entity. How can the PEP use the investment to illicitly obtain funds? They can’t. Therefore, what is the risk? It’s a regulated financial services business in a low-risk jurisdiction – the risk is low.

Codes are Codes and Guidance is Guidance

Sometimes the GFSC issues codes and guidance.

Codes can often be seen as best practice, however not all codes will precisely fit all business. Be willing to document where you don’t comply with a code and why. Table this before a board meeting and have the board approve the reason for non-compliance.

Guidance is just that, never take is a proscriptive. Guidance will often provide one route towards achieving a regulatory objective, don’t feel obliged to apply the guidance rigidly. Be willing to employ a pragmatic solution that meets the requirements of your own business, and again get the board to approve this. So long as the controls effectively ensure the law, rule or regulation is complied with the guidance does not need to be strictly observed.

If all else fails…

Sit down and discuss what you have and where the deficiencies lie. A Compliance Officer MLRO should never simply dictate to the business. Maybe remedial action can take place. Maybe a small number of additional documents need to be obtained. Maybe a policy or procedure in place is no longer appropriate for all of the business being carried out and needs to be reviewed and updated. Be willing to be flexible and pragmatic.

The Midshore Solution

We can offer a pragmatic compliance/AML solution for our clients. We can review your compliance monitoring programme along with any of your procedures and policies, offering advice on where to improve them. We can also act as compliance officer or provide a MLRO for your business, ensuring that these functions are carried out in a way that ensures your business continues to comply with regulation without compromising business flows.

We can also provide regulatory refresher training to your team, including all Guernsey laws, rules & regulations; MiFID II & MiFIR; GDPR; CRS/FATCA; BEPS; AIFMD; and AML. We also offer training for the following CISI level 3 regulatory modules:

  • Combating Financial Crime
  • Managing Cyber Security
  • Global Financial Compliance
  • Risk in Financial Services