The Isle of Man Regulator shows its teeth

On 5 August 2020, the Isle of Man Financial Services Authority issued three financial civil penalties to companies in the Island’s insurance sector – one each to a life assurance company, an insurance manager and a captive insurer.

This takes the total of penalties issued by the Authority to six totalling £426,010 discounted to £298,208.

Each of the six civil penalties issued to date have one thing in common – a failure to apply the AML/CFT Code – with the business, customer or technological risk assessment featuring in most.

The message? The Isle of Man Financial Services Authority mean business when it comes to regulatory compliance with the AML/CFT Code and in particular they want to see that companies take their obligations seriously and properly evaluate the money laundering and terrorist financing risks to which they are exposed.

So how do firms do this?

The business risk assessment should be prepared taking into account the vulnerability of the company’s products being abused by criminals. Firms should do this by considering the main predicate offences in the markets in which they operate, together with typology reports that provide insight into how products such as theirs are abused. Consideration should be given to target clients, the markets in which they operate and the distribution channels that are used.

The technology adopted to provide services should also be assessed for vulnerability to abuse as well as the technology used in the payment for services.

Finally the risk posed by each individual customer, should be put into context with the business and technological assessments. Does the client’s proposition fall within the normal expectations? Should the standard controls applied be enhanced to reflect the specific risks posed by the customer? Can controls be relaxed because the client genuinely poses a lower risk than that normally anticipated?

We at Rowany AML Solutions Limited are looking to hold a series of interactive seminars from the end of August through September to look at the National Risk Assessment, Business, Technological and Customer risk assessments, how they inter-relate and how, if done properly, they can add value to your business.

You can register to attend one of these seminars by goint to our events section.