Professional Documents
Culture Documents
A majority of CIMA members in practice have small local businesses so the risk of being
exposed to ML/TF may be considered low. The services provided are generally lower risk and
clients are often well known to the member in practice. The 2007 Money Laundering
Regulations still oblige accountants to apply client due diligence regardless of whether the
practice is small or if the client is a long-standing and well known one, as these factors will
only indicate lower risk surrounding the application of CDD.
Client needs will change as time goes by and they Where you have existing clients, the Joint Money
may require additional services. If this arises you laundering Steering Group state the following:
must consider whether the change will increase risk ‘Where the identity of an existing customer has
for your practice or if the new services are known to
already been verified to a previously applicable
be at risk of abuse by launderers.
standard then, in the absence of circumstances
The higher you assess the risk to be the more indicating the contrary, the risk is likely to be low. A
information which you should gather at the outset. range of trigger events, such as an existing customer
This should help you to decide whether to take on the applying to open a new account or establish a new
client, whether the level of risk is reasonable to the relationship, might prompt a firm to seek appropriate
practice and also to quickly spot a red flag indicator evidence.’
or a sudden and unexplained direction or activity
during the relationship. In short, the more you know Therefore, requesting new identity checks every year
about the client the easier it is to see unusual activity. can be frustrating for the client and an inadequate
use of your resources. However waiting 5 years to
Simplified and Enhanced due diligence request new copies of identity documents is a higher
Simplified due diligence is outlined under Reg. 13 of risk because a lot of information and changes in
the 2007 Regulations. That regulation provides that personnel can change in that time. Your professional
SDD is applied in respect to bodies who are judgement and a risk-sensitive basis should enable
themselves regulated such as banks, companies you to decipher when to refresh client identification
listed on a stock exchange or public authorities. checks.
If you do not deal with these type of clients regularly
you will need to have CDD processes in place, Long-standing well known clients
implemented on a risk-sensitive basis as already
While long-standing or well-known clients pose little
outlined above.
risk, there is no blanket exemption from client due
In respect to enhanced due diligence, Reg. 14 is of diligence processes for them, nor is there a simplified
more significance for members. It provides that when due diligence approach.
the customer has not been physically present for You should speak with any such clients and
identification purposes, or if a client is politically emphasise that the 2007 Money Laundering
exposed, then a relevant person must take specific regulatory requirements under Regulation 19 (2)
and adequate measures to compensate for that include the obligation to record copies of client
higher risk. However the application of the risk based identification documents, irrespective of the longevity
approach will ensure that other higher risk clients or of the relationship. Under the Money Laundering
services are identified and managed accordingly. regulations you are obliged to have copies of
identification documents recorded and failing to do so
Regulation 14 outlines control measures to take in carries a penalty of up to 2 years, to a fine or to both.
enhanced due diligence cases including: additional
identification data, confirmation or documents from
regulated institutions supporting the client Keep records
demonstrating they previously met the CDD Ensure that you record all client identity checks which
requirements elsewhere. you have done, either electronically or through paper
files, for a period of 5 years. You must have all
The individual accountancy practice should decide identity information when making a suspicious activity
what additional measures or documentary report or if CIMA attend your office for a supervision
requirements it wishes to see to manage the visit. You should be able to justify the level of risk you
perceived risk, such as additional years of bank have measured a client to pose by reference to
statements, tax returns etc. You could request a paperwork.
reference from another professional adviser or a
regulated institution who has dealt with the client
before.