Complying with the Money Laundering Regulations (MLR) can be confusing. Add in the additional rules set by supervisory authorities such as the HMRC and FCA and you may be left wondering which way to turn!
This page provides simple guidance to help you decide which documents are mandatory for your business. If you are choosing from our AML policy templates, the information provided here will also narrow down which product is best suited to you.
One of the good things about complying with the anti money laundering requirements is that most of the rules are standard for all industries. However, as with any regulation, you should always consider the nature, scope and size of your business when drafting or buying policies.
How To Use This Page
There is a lot of information involved in money laundering prevention. There are also some rules that only apply to certain industries. To make our guidance as user-friendly as possible, we have set out the content in a ‘drop-down-menu’ format. This means you can pick and choose the information most relevant to you. Each section heading can be clicked to expand the relevant guidance and information.
The first thing to do is check whether your company type has obligations under the MLR. Many businesses have policies and processes in place to manage risk and carry out due diligence. However, not all are legally bound to comply with these requirements. Part 8(2) of The Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 states that “the regulations apply to the persons acting in the course of business carried on by them in the United Kingdom.”
Supervised by the FCA
- Credit institutions
- Financial institutions
- Cryptoasset exchange providers
- Custodian wallet providers
- Electronic money institutions
- Auction platforms
- Credit unions in Northern Ireland
Supervised by the FCA if authorised. Otherwise, supervised by the HMRC…
- Trust or company service provider
- Bill payment service providers
- Telecommunication payment service providers
- Digital and IT payment service providers
Supervised by the HMRC
- Estate agents
- Letting agents
- High value dealers
- Art market participants
- External accountants
- Tax advisers
The Gambling Commission are the third main Supervisory Authority. There are also 25 professional bodies that have been authorised to supervise AML. They are overseen by The Office for Professional Body AML Supervision (OPBAS) which ensures a high standard of supervision by the bodies overseeing the legal and accountancy sectors.
- Casinos (Gambling Commission)
- Independent legal professionals (SRA)
- Insolvency practitioners (IPA)
A common misconception with anti money laundering compliance is that the rules only apply to larger firms or that the policies you need are dependant on the size of your business.
The scope and content of your AML policies and procedures will correlate to the size and nature of your business. For example, a single accountant will not need as many controls as a large financial institution. However, the documents and controls themselves are not optional and must be maintained in writing and be regularly, reviewed regardless of your size.
For businesses of any size; when determining what measures are appropriate in relation to the content and scope of your policies, controls and procedures, you should consider: –
- The nature and activities of your business, as well as the products and services you offer.
- Your size, both in terms of employees and client base.
- The type, impact and extent of the risks of money laundering relevant to your business and activities.
- Any additional rules or guidance set out for your business type or industry by a Supervisory Authority (i.e. the FCA or HMRC)
You will know from the above information that you are required to have certain policies and procedures in place to comply with the Money Laundering Regulations regardless of your size or business type. When it comes to anti money laundering compliance, most of the requirements and internal controls are standard for all industries. The main deviation for different sectors are the risks of money laundering. These depend heavily upon your size, scope, nature, activities and client base.
Mandatory Policies & Controls for All Businesses & Sole Traders
- A written AML risk assessment to identify and assess the risks of money laundering to which your business is subject.
- Keep an up-to-date, written record of your AML risk assessments.
- Establish and regularly review policies, controls and procedures to mitigate and manage the risks of money laundering, including, but not limited to: –
- anti-money laundering policy and procedures
- AML risk assessment procedures
- risk management practices
- employee screening procedures to assess skills, knowledge and expertise (where applicable)
- due diligence procedures and controls
- record keeping practices
- compliance audit and monitoring controls
- transaction monitoring procedures
- Maintain written copies of the policies, controls and procedures.
- Communicate those policies, controls and procedures to all person’s within the business.
- Appoint an individual as a nominated officer (exempt for individuals without employees or acting alone.)
- Procedures for submitting Suspicious Activity Reports (SARs) to the National Crime Agency (see section on SARs).
- Establish and maintain procedures that enable you to respond fully and rapidly to enquiries from: –
- Financial investigators accredited under section 3 of the POCA
- Persons acting on behalf of the Scottish Ministers
- Constables or equivalent officers of any law enforcement authority.
Additional LEGAL Requirements for Businesses With Employees
- Communicate the above policies, controls and procedures to all person’s within the business.
- Ensure that all employees are aware of their obligations under the Regulations.
- Implement procedures and guidance to ensure all employees report any known or suspected suspicious activity to the nominated officer or other relevant person.
- Provide regular training to all employees on anti money laundering basics and how to recognise and deal with transactions and other situations which may be related to money laundering.
- Maintain a written training record for each employee or relevant agent on the AML training given.
Additional Requirements Dependant on Business Nature, Scope and Size
- Appoint an individual who is a member of the board of directors, its equivalent management body or of its senior management as the officer responsible for the company’s compliance with the MLR.
- Carry out screening of your employees if their role/duties relate to any requirement in the MLR.
- Establish an independent audit function to examine and evaluate the adequacy and effectiveness of the policies, controls and procedures and to make recommendations in relation to these.
Section 19(4)d of the Money Laundering Regulations requires businesses and their employees to report known or suspected suspicions of money laundering or terrorist financing to the National Crime Agency (NCA). The requirements are for the business to have procedures in place to comply with Part 3 of the Terrorism Act 2000 and/or Part 7 of the Proceeds of Crime Act 2002 (POCA).
A person commits an offence if information comes to them in the course of their business and they do not disclose their knowledge or suspicion that another person is engaged in terrorist financing or money laundering. Disclosures must be made as soon as is practicable and are known as Suspicious Activity Reports (SARs).
Submitting a SAR to the NCA helps to protect your business and UK financial institutions from the risks associated with laundering the proceeds of crime. It is important to have comprehensive procedures for recording suspicious activities. The information you submit directly affects the investigation, decision and outcome. The easiest way to submit a SAR is via the NCA’s secure online system.
Many businesses assume that if they have an Anti Money Laundering Policy in place alongside a written AML risk assessment, they do not need procedures for due diligence to comply with the Regulations.
However, Part 3, Chapter 1 of the MLR note that a business must apply customer due diligence measures when they: –
- Establish a business relationship (i.e. customers, service providers or employees.)
- Suspect money laundering or terrorist financing.
- Doubt the veracity or adequacy of documents or information previously obtained for the purposes of identification or verification.
- Have a legal duty in the course of the calendar year to contact an existing customer for the purpose of reviewing any information which is relevant to company’s risk assessment for that customer, and relates to the beneficial ownership of the customer.
- Have to contact an existing customer in order to fulfil any duty under the International Tax Compliance Regulations 2015.
- Become aware that the circumstances of an existing customer relevant to the risk assessment for that customer have changed.
- Identify that it is appropriate for existing customers in accordance with their risk based approach.
- Carry out an occasional transaction exceeding 1,000 euros that amounts to a transfer of funds (i.e. any transaction at least partially carried out by electronic means through a payment service provider)
The Regulations also specify that certain businesses must apply customer due diligence measures for other purposes and activities. These relate to different business types or industries and are detailed below.
- An art market participant in relation to any trade in a work of art when they carry out any transaction whose value amounts to 10,000 euros or more.
- An art market participant in relation to the storage of a work of art when it is the operator of a freeport and the value of the works of art amounts to 10,000 euros or more.
- A cryptoasset exchange provider utilising a machine for automated processes in relation to any such transaction carried out using that machine.
- A letting agent in relation to any transaction which consists of the conclusion of an agreement for the letting of land for a term of a month or more, and at a rent which during at least part of the term is a monthly rent of 10,000 euros or more.
Customer due diligence measures must be applied when carrying out occasional transactions. This can either be as a single transaction or several linked operations.
- Any business who carries out an occasional transaction that amounts to 15,000 euros or more (excluding a letting agent, a high value dealer, an art market participant, a cryptoasset exchange provider or a casino.)
- A high value dealer who carries out an occasional transaction in cash that amounts to 10,000 euros or more.
- A casino who carries out any transaction that amounts to 2,000 euros or more in relation to the wagering of a stake.
If you already have the mandatory anti-money laundering policies and controls in place, but need templates to comply with the due diligence part of the MLR, our Due Diligence & Client Risk Assessment Toolkit has all the templates you will need.
If you are looking for compliant, professional templates and policies so that you can comply with the MLR without starting from scratch, you have come to the right place! Know Your Compliance Limited supply documents to over 6000 organisations and are experts in anti money laundering compliance.
We provide all of the policies, procedures and controls required by the Money Laundering Regulation, as well as those required by the Supervisory Authorities. Our content has been developed using the rules themselves and so the templates are suitable for any business type or industry.
Individual AML Templates
If you are looking for a single template to add to your existing Anti-Money Laundering compliance program, browse our AML Products or click any of the documents below to read more…
- Anti-Money Laundering Policy Template
- AML Gap Analysis Checklist
- Suspicious Activity Report Procedures
- AML Risk Assessment Procedures & Template
- Anti-Bribery & Corruption Policy Template
- Due Diligence Policy & Questionnaire Toolkit
- Conflict of Interest Policy Template
- Whistleblowing Policy Template
- AML Employee Training Package & Test Papers
AML Bundles & Toolkits
Our Anti-Money Laundering bundles and toolkits combine some or all of our AML and supporting templates. If you are looking for a complete AML compliance program or need to update several existing documents, our AML Toolkits will save you time and money.
From our AML Policy Pack (£45 +vat) that gives you our AML Policy, SAR Procedures, Employee Screening Template, MLRO Form and AML Risk Assessment in one pack.
Through to our 30+ template, best selling AML & Due Diligence Toolkit (£249 +vat) with all of our AML templates and tools alongside all of the mandatory and supporting policies and procedures.
Have you already browsed our AML comparison page but are still unsure of which package is right for you?
If so, you are not alone! This is the most frequently asked question we get about anti money laundering. First, it is important to know that all of our AML templates are drafted using the Money Laundering Regulations. They also include the rules and guidance set out by each Supervisory Authority. This makes them suitable for any business type or industry.
If you have read through the guidance on this page, you will already know that you need to have all of the policies, procedures and controls set out under Sections 19, 20, 21 and 24 and all of Part 3 of the Money Laundering Regulations (we have bullet-pointed these under the ‘Which Policies, Controls & Rules Apply to My Business?”
You can decide which of our packages best suits your needs by considering a few key questions: –
- What do you already have in place for Anti-Money Laundering Compliance?
- Do you have any employees?
- Do you have any additional rules to follow for the FCA or HMRC?
- Do you already have a compliant due diligence program for assessing customers, suppliers and employees?
After considering the questions and your business size and scope, you can choose which of the below is right for you…
- AML Policy Pack – for those who already have some compliance documents in place (i.e. due diligence, anti-bribery, whistleblowing), but need the AML basics.
- AML Bundle – for those who have limited AML compliance, but do have areas such as due diligence covered.
- AML Toolkit – for those who need a complete AML policy, procedure and control solution. Our best selling toolkit contains 30+ policies and templates to comply with all the mandatory anti-money laundering requirements.
- AML Document & Training Toolkit – for firms who want their complete AML Toolkit but also need to comply with the mandatory employee training obligations.
- Due Diligence & Client Onboarding Toolkit – these templates are mandatory for carrying out due diligence and risk assessments on new clients. Already included in the AML Toolkit, but if you want to purchase due diligence alone, this toolkit is for you.
UPGRADE OPTIONS: Don’t worry if you pick one of our packages and later realise that you need a more comprehensive toolkit. All of our AML templates come with upgrade discount codes so that you don’t pay extra for duplicated content.