Uncategorised

At a well attended recent ACOI event Seána Cunningham, Director of Enforcement and Anti Money Laundering at the Central Bank of Ireland, set out current priorities in the two areas within her remit. Although such presentations do not represent official guidance by senior Central Bank officials, they always provide useful insight into the regulator’s current thinking and areas of focus. The main takeaways I took from the presentation and the Q&A session that followed it were:

AML/CFT:

• The Central Bank’s focus has moved on from ensuring that regulated firms understand and meet their basic obligations. They are now interested in assessing the depth, quality and sophistication of controls that firms have in place to ensure that they do not inadvertently facilitate money laundering or terrorist financing.
• Although the Fourth EU AML Directive has not yet been implemented in Ireland its provisions are well known and I took away from remarks made in the Q&A session that there is an expectation on the part of the regulator that firms should be taking steps now to comply with requirements of the Directive, rather than waiting until the legislation is enacted later this year. In her presentation the Director of Enforcement and Anti-Moneylaundering said that “I would emphasise, in particular, the importance of firms bringing their risk assessment and policies and procedures in line with the Fourth EU AML Directive”
• The presentation touched on a very common theme with the Central Bank, namely that “Outsourcing is not a defence for regulatory failings.” In this instance the context was the use of FinTech solutions to assist with AML/CFT obligations

Enforcement:

The main point that resonated with me from this part of the presentation was the increasing emphasis of the Central Bank on holding individuals accountable for regulatory failings, currently by using its enforcement powers against individuals holding Pre-Approved Control Functions (“PCF”) or Control Functions within regulated financial services providers. While the Central Bank has never publicly refused a PCF application, an increasing number of PCF applications are being withdrawn following discussions with the regulator.

The Central Bank is also committed to the introduction of a Senior Executive Accountability Regime in Ireland and made a proposal in this regard to the Law Reform Commission earlier this year. During the Q&A session the Director of Enforcement and Anti Money Laundering noted that the Central Bank is working with the Department of Justice in this regard and will consult with industry before introducing the regime.

I am delighted to announce the launch of my new business, The Compliance Consultant. I got my first job in Compliance when it was a new discipline in Irish financial services, in the early 1990s, so I have seen lots of change and worked through a few boom and bust cycles since then. When I was offered that first job I wasn’t quite sure what Compliance was, but my boss convinced me that my background of a law degree and professional accountancy qualification equipped me well for the role and luckily, he was right. Down through the years I have developed some golden rules that have stood me in good stead as an in-house Compliance expert and which I will apply to my new venture:

• The Customer is King – at the heart of good Compliance is ensuring that the interests of your clients are always put first. If any proposed action or activity might compromise this then, even if it complies with the letter of the law, it’s not good Compliance and shouldn’t go ahead
• I have found that the “Keep It Simple Stupid” principle also applies to complying with regulatory requirements; the difficulty and expertise is in finding out what simple is!
• Ask questions – If I’m asked to provide regulatory guidance or advice on a specific issue I always answer the question with at least one question to ensure that I fully understand what the issue is. In my experience the real question might turn out to be very different from the first question I was asked
• One size does not fit all – although regulatory requirements are generic; judgement is always required to ensure that requirements are correctly interpreted and applied to individual businesses and business lines
• Talking is good – I very much look forward to hearing from you I can be contacted at paula@thecomplianceconsultant.ie to start a conversation