The AML CTF Function and MLRO
Imagine a captain steering a ship through uncharted, treacherous waters.
Their radar scans for hidden icebergs, ensuring the vessel avoids unseen threats.
They analyze every signal, chart a safe course, and keep the crew informed.
Without them, the ship risks running aground or sinking altogether.
Something similar happens when firms and businesses operating within the United Kingdom do not appoint MLROs: they are unable to navigate through the tough waters of AML CTF requirements. So what is an MLRO officer, and why are they so important?
A Money laundering reporting officer plays an important role in anti-money laundering and counter-terrorist financing regulations described under the FCA handbook.
Additionally, MLRO is an important body for NCA’s AML/CFT compliance. An AML CTF compliance officer would:
- Identify financial risks such as money laundering and terrorist financing
- Enforce safeguards and mechanisms to protect institutions from harm
- Conduct money laundering risk assessment
- Conduct anti-money laundering audits for companies
So, does that mean all financial institutions need to hire an MLRO? The answer is both yes and no- it actually differs from country to country.
UK’s money laundering regulations 2007 make it mandatory for financial institutes under section 59 of the act to hire an MLRO. While specific legal requirements vary by jurisdiction, many countries have established mandates for these institutes to appoint MLRO.
From 2007 to Today: The Rise of the MLRO Role
The requirement for hiring an MLRO was first seen under the UK’s Money Laundering Regulations 2007. This regulation has since evolved with the introduction of the Money Laundering, Terrorist Financing, and Transfer of Funds (Information on the Payer) Regulations 2017, which reinforced the MLRO’s critical role in combating financial crime.
Globally, similar regulations exist, such as the USA’s Bank Secrecy Act (BSA) and the Patriot Act. These require financial institutions to appoint compliance officers, including MLROs, to implement AML CTF frameworks.
Additionally, the European Union’s AML Directives (AMLD), including the 6th AML Directive, also mandate member states to ensure organizations have a designated officer responsible for AML compliance.
The Three Lines of Defence: Where Do MLROs Exist?
Within the AML reporting risk management framework, the three lines of defense model is regularly used. Its primary job is to ensure that institutions set clear goals, define roles and responsibilities, and hold people accountable for managing financial risks adequately. It includes
- The anti-money laundering program
- The counter-terrorism financing program
The aml/CFT governance structure is headed by the board of directors and senior management of a company. Their primary job is to oversee the three lines of defense and ensure each is working in sync with the other.
Additionally, they are required to ensure the second and third lines of defense work independently.
AML CTF Compliance and MLRO
The board of directors within a company will often create a board-level sub-committee to monitor compliance culture and compliance. Here is a breakdown of the hierarchy involved.
Role of an MLRO
The primary role of an MLRO is that they have to adopt a risk-based approach to ensure that the firm or the business is complying with the AML rules. Here is a breakdown of the money laundering reporting officer’s responsibilities.
- Develop and implement AML policies and procedures that align with any current regulations in the jurisdiction.
- Conduct Risk Assessments to identify any risks with clients, locations, services, or products.
- Oversee the due diligence process of customers to preemptively detect any suspicious activities.
- Monitor Financial Transactions to investigate any financial anomalies.
- Train other employees on AML compliance and ensure all the stakeholders realize the risks.
- Serve as the primary point of contact between regulatory bodies and businesses.
- Report to Senior Management or Board of Directors and recommend any remedial actions.
- Ensure the company does not facilitate money laundering, terror financing, and fraud incidents
- Ensure the company complies with all KYB and KYC processes.
Additional responsibilities include:
- Ensure compliance with MLR 2017 and CCAB guidance.
- Get knowledge of risks
- Carry out detailed and in-depth assessments of the risk.
- Complete and periodically review and update compliance
Apart from these, an MLRO is also supposed to conduct SARS reporting. Here is how that works.
Pre-requisites for an MLRO: Selecting an MLRO
For starters, the MLRO’s appointment needs to be documented. Within the United Kingdom, an MLRO:
- Needs to be approved by the Financial Services Authority (FSA)
- They have to be somebody with a considerable amount of authority so that they can easily enforce rules.
- Should be a sole practitioner.
- Should have subscriptions to relevant resources and news to keep up with day-to-day activities and trends in AML compliance.
Additionally, they must have
- A deep understanding of the business/firm and clients.
- Sufficient seniority to execute their function
- Both time and resources to fulfill compliance needs.
Businesses that Need MLRO
Any financial and credit institution that accepts deposits and offers financial services needs adequate AML systems.
- Banks
- Credit Unions
- Insurance Companies
- Electronic Money Institutions (e-money solutions)
- CryptoAsset Exchange Providers
Additionally, non-financial institutions categorized as DNFBP or Designated Non-Financial Businesses and Professionals also need to hire an MLRO according to the British Virgin Islands Law. According to regulation 13 of the AML Regulations and AML Code sections 16 and 17, it is mandatory for DNFBP institutes to comply with AML regulations. Section 18 of the same code requires MLRO to report SARS.
These include
- Auditors, External Accountants, and Tax Advisors
- Law Firms, Notaries, and Independent Legal Professionals
- Trust or Company Service Providers
- Estate Agents or Letting Agents
- High-value Dealers
- Casinos and Gambling Services Providers
Who Isn’t Obligated To Hire an MLRO?
Non-obliged businesses are not required to hire an MLRO. However, they may still choose to implement internal AML policies to safeguard their own and national interests. Some examples include:
- Retail businesses that sell lower-value goods with no large transactions
- Small service providers that do not handle any money from the clients
So How Important Is It to Hire An MLRO for AML CTF? Final Thoughts
Hiring a Money Laundering Reporting Officer (MLRO) is more than just a regulatory requirement. It’s a strategic decision that safeguards your business. An effective MLRO not only ensures compliance with AML CTF laws but also fosters a culture of integrity and accountability within your organization.
If you’re unsure how to proceed, start by identifying candidates with a deep understanding of risk management, regulatory frameworks, and excellent communication skills. Look for people with a sufficient amount of experience in the field and a deep interest in knowing more about the compliance ecosystem.