DIFC and DFSA Latest Developments

The DFSA has announced that it has fined Enness Limited (“Enness DIFC”) $105,000 for engaging in unauthorised activity outside the scope of its representative office licence.

As a representative office, Enness DIFC’s activities are limited to the marketing of mortgage services offered by its head office in the UK.

The DFSA found that between November 2017 and January 2019, Enness DIFC was:

  • Arranging mortgages for its clients
  • Providing mortgage advice to its clients

Enness DIFC was not authorised to provide these financial services as it did not have permission under its representative office licence and was, therefore, fined for breaching DFSA laws. They are now seeking the necessary licence needed to authorise arranging and advising on credit in or from the DIFC.

Firms are reminded to:

  • Implement adequate and effective systems and controls to ensure their firm and its employees operate within the scope of their licence.
  • Provide periodic training to relevant employees to ensure they aware of the firms’ permitted business activities, including any restrictions, where relevant.
  • Conduct periodic monitoring to confirm that business is conducted within the scope of the firm’s licence.
  • Review the regulatory business plan on an ongoing basis and assess whether the current and proposed business activities are within the scope of the firm’s license.
  • Seek permission from the DFSA to vary the scope of the firm’s licence to add or remove financial services, where necessary.
  • Any changes should be reflected within the firm’s policies and procedures.

In February the DFSA sent all Money Laundering Reporting Officers (MLRO) of authorised firms six “Dear MLRO” letters regarding changes made to the United Nations Security Council Assets Freeze and Sanctions List.

Firms were informed of the following to be added to the UN Security Council’s sanctions list:

  • one individual with links to ISIL (Da’esh) and Al‑Qaida (letter dated 06/02/2020)
  • one Congolese individual (letter dated 09/02/2020)
  • two individuals with links to ISIL (Da’esh) and Al‑Qaida (letter dated 25/02/2020)

A letter (dated 20/02/2020) informed firms of the approval to remove two entries with links to ISIL (Da’esh) and Al‑Qaida from its sanctions list.

The fifth letter and sixth letter (both dated 26/02/2020) informed firms of the amendments made to the current information held on a Congolese sanctioned individual and a Libyan individual.

An updated version of the consolidated list can be found on the UN Security Council website.

Firms are reminded to:

  • Update details of those included on the Committee Sanctions List.
  • Renew client databases with the added and removed names.
  • If necessary, take action to report positive matches to the applicable national and international competent authorities and organisations.
ADGM and FSRA Latest Developments

Further to the Financial Services Regulatory Authority’s (FSRAs) Consultation Paper No.4 of 2019, the FSRA has implemented the proposed changes in the associated rulebooks.

Miscellaneous changes have been made to FSMR, COBS, FUNDS and AML rulebooks and relate to a number of typographical or inadvertent errors such as missing definitions. Other amendments to the rulebooks provide greater clarity to the existing regulatory framework.

Key changes include:

  • MLROs must prepare a semi-annual MLRO report to the governing body or senior management covering matters outlined in the AML rulebook. A copy of each semi-annual report must be provided to the regulator, including a record of any actions taken by the governing body or senior management in response to findings or deficiencies raised in the report. Firms are encouraged to include this semi-annual reporting obligation in the regulatory reporting schedule and relevant AML policies and procedures.
  • Previously, wording in the AML rulebook referred to a “prescribed form” for reporting the MLRO report. This wording has been removed, however the MLRO is still required to report on specific matters as outlined by the FSRA in the AML rulebook including, for example, the firms’ compliance with applicable AML laws.
  • The FUNDs rulebook has been amended to provide clarity on AML obligations for fund administrators and managers. The new rule notes that AML rules are applicable to fund administrators acting on behalf of a foreign fund manager and clarifies that ADGM-based fund managers also bear an AML obligation.

The FSRA has enacted amendments to its regulatory framework concerning the authorisation and supervision of virtual asset activities carried out in and from the ADGM.

Key changes include:

  • The term “Crypto Asset” has been changed to “Virtual Asset” so as to align with Financial Action Task Force (FATF) terminology. Guidance on the regulation of crypto asset activities has been updated to “virtual assets” as a result. Firms are encouraged to review and update policies and procedures to reflect the terminology change.
  • Rules and regulations concerning virtual assets were previously included in a bespoke category of “Operating a Crypto Asset Business”. The rules and regulations have now been moved to the respective underlying regulated activities to better reflect the nature of the underlying activities, for example Providing Custody, Operating a Multilateral Trading Facility, Dealing in Investments, etc. Firms are encouraged to update the business plan and relevant policies and procedures to reflect changes to regulated activities.
Middle East Regulatory Updates

FATF’s plenary meeting on 21 February included a discussion on the joint FATF-MENAFATF assessment of the United Arab Emirates and concluded that the country has implemented many recent measures to strengthen its system to combat Money Laundering (“ML”) and Terrorist Financing (“TF”), including  developing a national risk assessment, AML/CFT strategy and effective measures to investigate and prosecute TF.

FATF identified that the country needs to refine its understanding of ML/TF risks, enhance ML investigations and prosecutions, and strengthen international cooperation. It should also better focus on preventing the abuse of legal persons and arrangements, supervision, and ensure that assets with links to terror or the financing of weapons of mass destruction are frozen without delay.

These reports will be published after a quality and consistency review, in April.

The Saudi Arabian Monetary Authority (SAMA) has made various steps to develop its insurance sector, in order to ensure the protection and efficiency of transactions and contribution to stable and fair transactions, one of which is introducing the “Governing Insurance Aggregation Activities Rules”. These rules will regulate insurance aggregation activities by:

  • setting the minimum requirements and controls necessary for granting a licence to conduct insurance online aggregation activities
  • regulating the relationship between the insurance online aggregator and insurance companies.

SAMA has also published draft rules for a public consultation governing bancassurance activities, the selling of life assurance, as well as other insurance products and services by banking institutions. The proposed rules aim to expand the scope of distribution and marketing of insurance products through banks, and to facilitate the access of insurance products by obtaining a client's financial needs from one place.

International Updates

FATF has updated the list of jurisdictions with strategic deficiencies, adding seven countries to those that have strategic deficiencies and removing one country which is no longer subject to FATF’s on-going global AML/CFT compliance process. The update comes after the February plenary meeting which included an ongoing review of the standards of countries across the world and identifies those that have deficiencies, but who work with FATF to develop an action plan to combat these shortcomings.

The list of jurisdictions with strategic deficiencies are:

  • Albania – new addition
  • The Bahamas
  • Barbados – new addition
  • Botswana
  • Cambodia
  • Ghana
  • Iceland
  • Jamaica – new addition
  • Mauritius – new addition
  • Mongolia
  • Myanmar – new addition
  • Nicaragua – new addition
  • Pakistan
  • Panama
  • Syria
  • Uganda – new addition
  • Yemen
  • Zimbabwe

Resulting from the significant progress made in rectifying the deficiencies identified by FATF in November 2017 Trinidad and Tobago is the only country which have been taken off the list and is no longer subject to ongoing AML/CFT compliance processes.

Firms are encouraged to:

  • Review existing country risk lists against the FATF update and update it accordingly
  • Update their business AML risk assessments to include the updated FATF country risk lists

Further to Section 3.1 above, FATF’s plenary meeting on 21 February 2020 also included a discussion on the implementation and impact of its new standards to address the potential ML and TF risks of virtual assets, including the progress made towards fully implementing the “travel rule”, which requires transparency about the originator and beneficiary of payments.

FATF will report to the G20 in July 2020 on its analysis of ML/TF risks associated to so-called ‘stablecoins’ and the application to them of the FATF standards.

A discussion on FATF’s guidance paper on digital identity was held, with a view to helping public and private stakeholders to develop a clearer understanding of how digital ID systems work. The guidance explains FATF’s requirements for customer identification, verification and ongoing due diligence and it also explained how these can align with key components of digital ID systems. In addition, the guidance sets out the risks and the benefits of digital ID, such as potentially increasing financial inclusion.

FATF recognises the potential that innovation offers to improve AML/CFT efforts. Robust digital ID systems can improve the reliability, security and efficiency of identifying individuals in the financial sector and reduce the weaknesses of human control measures.

The EU has revised its current list of non-cooperative jurisdictions for tax purposes. The list of non-cooperative tax jurisdictions is part of the EU's external strategy for taxation and is intended to contribute to ongoing efforts to promote good tax governance worldwide.

The EU first established the blacklist in December 2017, and it is based on a continuous and dynamic process of:

  • Establishing criteria in line with international tax standards
  • Screening countries against these criteria
  • Engaging with countries which do not comply
  • Listing and de-listing countries as they commit or take action to comply
  • Monitoring developments to ensure jurisdictions do not backtrack on previous reforms

The blacklist includes jurisdictions that have either not engaged in a constructive dialogue with the EU on tax governance or failed to deliver on their commitments to implement reforms to comply with the EU's criteria on time.

The list of blacklisted jurisdictions is as follows:

  • American Samoa
  • Cayman Islands (new addition)
  • Fiji
  • Guam
  • Oman
  • Palau (new addition)
  • Panama (new addition)
  • Samoa
  • Seychelles (new addition)
  • Trinidad and Tobago
  • US Virgin Islands
  • Vanuatu

Firms are encouraged to consider the impact of changes to the EU’s blacklist in their business AML risk assessment and country risk list, where necessary. Jurisdictions included in the blacklist should also be taken into consideration in customer risk assessments with respect to customers with connections to such jurisdictions.

Enforcement Action

The UK’s Financial Conduct Authority (FCA) has fined a UK car finance provider, Moneybarn Ltd, £2.77million for treating customers unfairly when customers with financial difficulties fell behind with loan repayments.

The firm did not sufficiently communicate the financial consequences of failing to keep up with payments in a way which were clear, fair and not misleading. 1400 customers defaulted on their loans after entering into unsustainable short-term repayment plans. Following discussions with the FCA, Moneybarn Ltd voluntarily paid more than £30million in redress to customers potentially affected by its failings.

Firms can avoid similar issues by:

  • Reviewing customer communications and financial promotions to assess whether they are clear, fair and not misleading
  • Conducting adequate suitability assessments before providing credit related advice or services
  • Periodically reviewing suitability information to identify any changes to customers’ circumstances

The US Securities and Exchange Commission (“SEC”) has settled charges against Wells Fargo Clearing Services and Wells Fargo Advisors Financial Network for failing to reasonably supervise investment advisers and registered representatives, who recommended single-inverse Exchange Traded Funds (“ETF”s) investments to retail investors. The SEC also found the firm lacked adequate compliance policies and procedures with respect to the suitability of those recommendations.

Single inverse ETFs can experience large and unexpected losses when held for longer than a day, particularly in volatile markets. While ETF risk was noted in internal guidance, it was found that between 2012 and 2019 the policies and procedures were not designed to prevent and detect unsuitable recommendations of ETFs.

The firms also did not supervise its employees’ recommendations adequately and employees’ knowledge of the products was lacking due to insufficient training.

  • Governing bodies should ensure that firms are undertaking the activities that are stated in their policies and procedures
  • Adequate and regular training should be provided to employees who advise on complex products
  • Suitability assessments should be overseen and checked regularly
  • Check whether complex products recommended to clients are suitable for retail clients.

The Swiss Regulator, the Financial Market Supervisory Authority (“FINMA”), is investigating individuals in Julius Baer after the bank was found to be dealing with sanctioned Venezuelan graft money. It is expected that employment bans may be issued by FINMA as a means of punishment.

The investigation highlighted that almost all of the 70 business relationships and more than 150 transactions sampled on a risk basis contained irregularities.

Several failures in the KYC process and general compliance and risk processes were found, including the acceptance of a 70 million Swiss franc ($71m) transfer for a Venezuelan customer in 2014, despite knowing the customer was connected to alleged corruption at the Fédération Internationale de Football Association (“FIFA”).

Share this