For a better experience on Cayman Islands Monetary Authority, update your browser.
  1. Home
    2.  
  2. Supervisory Information Circulars 
  3. 2022 Review of TCSPs AMLR Compliance – Sanctions Screening

2022 Review of TCSPs AMLR Compliance – Sanctions Screening

Supervisory Information Circulars
Date: Thu, 27 July 2023

Trust and Corporate Services Providers (“TCSPs”) are of systemic importance to the global financial services industry. They are ideally placed to help prevent potential misuse by legal persons and arrangements by ensuring that their clients are not subject to, or seeking to circumvent, targeted financial sanctions (“TFS”). TFS are restrictive measures put in place to limit the provision of certain financial services and/or restrict access to financial markets, funds and other assets to persons or entities designated under the TFS regime and are central to global efforts to prevent financial crime.

Following the heightened actions against Russia by various countries in 2022, there has been a continuous expansion of TFS, including for trustee services to designated persons. The HM Treasury Office of Financial Sanctions Implementation (“OFSI”) has issued several TFS designations that apply to Overseas Territories, including the Cayman Islands, to ensure compliance with TFS obligations. It is important for financial service providers (“FSPs”), including TCSPs, to have systems and controls in place to conduct TFS due diligence to ensure they are not conducting business with designated persons.

In 2022, the Cayman Islands Monetary Authority (“CIMA”) or (‘the Authority”) published the supervisory circular ‘2021 Review of TCSPs Compliance with AMLRs – Sanctions Screening Policies and Procedures' this described CIMA’s assessment of TCSP’s compliance with TFS requirements during 2021, and the controls required to be undertaken to address the identified deficiencies.

During 2022, the Authority continued its risk-based approach to supervision of TCSP’s anti-money laundering/countering the financing of terrorism/countering proliferation financing and TFS (together, “AML/CFT/CPF and TFS”) to assess compliance with statutory obligations, including the TFS obligations as set out in the Anti-Money Laundering Regulations (2023 Revision) (the “AMLRs”), the Guidance Notes on the Prevention and Detection of Money Laundering, Terrorist Financing and Proliferation Financing in the Cayman Islands (2020 Revision) (the “AML Guidance Notes”), as well as other applicable legislation and accepted standards of best practices.

This Circular (the “Circular”) sets out TFS deficiencies identified through onsite inspections to twenty-three (23) TCSPs in 2022. The Circular also compares these results with the Authority’s review in 2021. The scope of the review and methodology is set out in Annex 1 of the Circular.

The Authority requires all FSPs, including TCSPs, to take note of the deficiencies set out in this Circular to ensure that their TFS compliance framework, including screening systems and controls, are reviewed and updated periodically to remain compliant with their TFS obligations as set out in the AMLRs and the AML Guidance Notes.

FSPs are reminded that failure to comply with TFS statutory requirements of the Cayman Islands is a serious criminal offence. Whilst the prosecution and investigation of TFS  offences lie with other relevant authorities, the Authority, within its powers, can impose restrictions and take enforcement action where regulated entities have failed to maintain adequate systems, procedures and controls, to ensure compliance with obligations set out in the AMLRs.

 

Executive Summary of the 2022 Review

The Authority has observed an improvement in compliance by TCSPs since the 2021 inspections and acknowledges the progress that TCSPs have made in applying TFS screening measures in relation to the implementation of AML/CFT/CPF and TFS policies and procedures. Notably:

  • Adequacy of policies for TFS screening at onboarding: In 2022, 78% of the TCSPs inspected had AML/CFT and TFS policies and procedures that adequately provided for TFS screening at client onboarding. This compares to 63% in 2021.
  • Adequacy of policies for ongoing monitoring and TFS screening: In 2022, 91% of the TCSPs had AML/CFT and TFS policies and procedures which adequately provided for ongoing monitoring of customers and transactions against the TFS lists. This compares to 89% in 2021.
  • Overall effectiveness of implementation: In 2022, 30% of the TCSPs inspected were effectively implementing their TFS screening policies and procedures across all the client files reviewed. The remaining 70% had at least one client file with weaknesses around TFS screening of clients (and their related parties) at onboarding or on a periodic basis. This compares with 26% and 74% in 2021, respectively.

The table below shows there were also improvements in TFS implementation from 2021 to 2022:

 

 

 

 

 

 

 

 

 

 

 

 

  • Periodic reviews were not conducted in a timely manner, in accordance with the client’s business and risk profile: In 2022, 1% of the files reviewed showed instances where periodic reviews of clients and principal parties were not performed in a timely manner, and in accordance with the client’s business and risk profile. This compares with 14% in 2021.
  • TFS screening results not documented on client files: In 2022, 6% of client files showed instances where the TCSPs were screening their clients and associated parties, against relevant TFS lists, but the results were not documented or retained in the client files. This compares with 11% in 2021.
  • TFS screening not performed at client onboarding: In 2022, 10% of the client files reviewed showed instances where at least one client, or an associated party, was not screened during the client onboarding process and subsequently screened after the business relationships were established. This compares with 14% in 2021.

Notwithstanding the encouraging results above, there were some instances where improvements were not seen:

  • TFS screening not documented for at least one client or associated parties: 16% of the client files reviewed showed instances where the client or its associated parties, such as beneficial owners, directors, signatories etc, were not screened against applicable TFS lists during the onboarding process or on a periodic basis. This compares with 15% in 2021.
  • Clearing or resolving alerts not documented: 5% of the client files lacked documentation to show the measures taken by TCSPs to resolve positive and/or false positive alerts flagged by TFS screening systems. In 2021, 1% of the client files indicated this weakness.
  • TFS screening not conducted through ongoing monitoring or periodic review: 12% of the client files revealed instances where the TCSPs did not screen the clients, or associated parties, against relevant TFS lists as part of their client file review/ongoing monitoring procedures or whenever there was an update to the TFS lists. This compares with 5% in 2021.

The Authority continues to take prompt and robust steps to remedy TFS non-compliance by TCSPs, including issuing requirements and, in some cases, initiating enforcement action. TCSPs subject to requirements are required to remediate within the prescribed timeframes that are monitored by the Authority.

The Authority acknowledges the progress that the TCSPs have made in remediating their requirements within the prescribed timeframe stipulated by the Authority. From the 23 TCSPs inspected, a total of 32 requirements were raised in relation to TFS non-compliance. As of 30 June 2023, 26, or 81%, of the requirements have been classified as ‘completed’ pending follow-up inspections to verify the completion status; four (4), or 13%, requirements are ‘not yet due’; one (1), or 3% are ‘in progress’; and one (1), or 3%, have been classified as ‘past due’ based on the original remediation date.

 

2022 Review Findings: Implementation of AML/CFT/CPF and TFS Policies and Procedures

TFS Screening at Onboarding – Policies and Procedures

The AMLRs and AML Guidance Notes require FSPs to put in place AML/CFT/CPF and Sanctions policies, procedures, systems and controls appropriate for the nature, size and complexity of their business. Specifically, Regulations 5(a)(v) and 5(a)(viiib) of the AMLRs set out the requirements for TFS compliance in relation to policies, procedures, systems and controls that should be maintained by all persons carrying out relevant financial business, including TCSPs; and Part II, sections 13, 14 and 15 of the AML Guidance Notes outlines further guidance as to how compliance can be achieved.

Under the AMLRs and AML Guidance Notes, TCSPs are expected to maintain adequate procedures to ensure compliance with TFS obligations of the Cayman Islands and have systems to screen their customers and relevant parties or transactions to determine whether they are conducting or may conduct business involving any sanctioned person or person associated with a sanctioned person.

The 2022 Review revealed that eighteen (18), or 78%, of the TCSPs inspected, had AML/CFT/CPF and TFS policies and procedures which adequately outline procedures for TFS screening at onboarding. However, the remaining five (5), or 22%, did not have policies and procedures that include or adequately outline provisions for:

  • Ensuring that clients, both new and existing, along with all relevant parties are screened against all TFS lists applicable to the Cayman Islands.
  • Keeping track of all TFS lists, and their updates, applicable to the Cayman Islands.
  • Managing how false and potential matches from database searches should be addressed, disseminated, escalated and the timeframe for clearing matches.
  • Freezing of assets and the reporting obligations for filing a Compliance Reporting Form (“CRF”) when making a report to the Financial Reporting Authority (“FRA”).

Policies and Procedures to include TFS screening as part of ongoing monitoring.

Regulation 5(a)(viiia) of the AMLRs requires a person carrying out relevant financial business to maintain appropriate procedures for the assessment of one-off transactions and the ongoing monitoring of business relationships for the purposes of preventing, countering, and reporting money laundering, terrorist financing and proliferation financing and such procedures allowing for the identification of assets subject to TFS applicable in the Cayman Islands.

The 2022 Review noted that twenty-one (21) TCSPs, or 91%, inspected had adequate AML/CFT/CPF and TFS policies and procedures for TFS screening for the assessment of one-off transactions and the ongoing monitoring of business relationships in accordance with Regulation 5(a)(viiia) of the AMLRs. However, two (2) or 9%, had AML/CFT/CPF and TFS policies and procedures that did not include or adequately set out provisions for:

  • Ensuring that clients, new and existing, along with all relevant parties, are screened against all TFS lists applicable to the Cayman Islands as part of the periodic review and ongoing monitoring.
  • Keeping track of updates to all applicable TFS lists to ensure that existing customers are not designated persons.

 

Effectiveness in the Implementation of AML/CFT/CPF and TFS Policies, Procedures, Systems and Controls

TFS Screening at onboarding – Implementation

Under Regulation 5(a)(v) of the AMLRs, TCSPs are required to maintain adequate systems to identify risk in relation to persons, countries and activities which include checks against all applicable TFS lists. 

Part II, Section 13(B)(4) of the AML Guidance Notes also states that FSPs, including TCSPs, shall screen applicants, customers, beneficial owners, transactions, service providers and other relevant parties to determine whether they are conducting or may conduct business involving any sanctioned person or person associated with a sanctioned person/country; in the event of updates to the relevant TFS lists, financial service providers may discover that certain TFS are applicable to one or more of their customers, existing or new.

Of the 529 client files reviewed for TCSPs during the 2022 onsite inspections, 37% demonstrated weaknesses in relation to TFS screening at the client onboarding stage, including:

  • Lack of evidence of TFS screening being carried out in a timely manner for the corporate clients, associated parties, directors, protectors of trusts, and other principal parties  to determine whether they are conducting or may conduct business involving any designated person or person associated with a designated person or country (16% of the files reviewed).
  • TFS screening was performed, however, at least one client, or an associated party, was not screened during the client onboarding process and subsequently screened after the business relationships were established (10% of files reviewed).
  • In cases where screening was performed, documentary evidence of the TFS screening results for clients and associated parties was not maintained on the client files (6% of the files reviewed).
  • Lack of documented evidence of how alerts or false positive results provided by the screening software were being resolved (1% of the files reviewed).

TFS Screening during ongoing monitoring - Implementation

Regulation 5(a)(v) of the AMLRs, requires financial service providers, including TCSPs, to have adequate systems in place to identify risk in relation to persons, countries and activities which shall include checks against all applicable TFS lists. Furthermore, Part II section 15(G)(10) of the AML Guidance Notes outlines that screening should also take place at the commencement of any business relationship. This includes screening existing customers when data changes, e.g., change of director or signatory on account; when new financial TFS notices are issued; and when there are updates to the consolidated list of designated persons.

Of the 529 client files reviewed during the inspections, 12% demonstrated weaknesses in TFS screening as part of the TCSPs’ ongoing monitoring procedures, including:

  • Lack of documented evidence that corporate entities and principal parties within the client’s ownership and control structure were screened on a periodic basis, or whenever there was an update of sanction lists (11% of the files reviewed).
  • Lack of documented evidence to show that reviews were conducted in a timely manner, in accordance with the clients’ business and risk profile, to ensure that the clients’ documents, data, and information were kept current and relevant (1% of the files reviewed)

 

Conclusion and Recommendations

The majority of TCSPs inspected have policies and procedures that adequately include provisions for TFS screening at the onboarding and ongoing monitoring stages of a client relationship. When compared with prior year results, the Authority has seen a notable increase in the level of compliance. However, there is still room for improvement in the effectiveness of the policies and procedures, particularly around ongoing monitoring.

The Authority expects all TCSPs to take note of the deficiencies outlined in the circular and take steps to ensure that their own TFS Compliance Framework is designed to meet their TFS obligations as outlined in the AMLRs, AML Guidance Notes and all other applicable legislations.

TCSPs are reminded that all clients and associated parties should be screened against all TFS lists applicable to the Cayman Islands, both at onboarding and on an ongoing basis, in such a manner that would allow the TCSPs to determine whether they are conducting or may conduct business involving any designated person or person associated with a designated person or country. Documentary evidence of the TFS results should be maintained on the respective client files.

Search results from TFS screening tools/database should be documented to demonstrate timely review and escalation of alerts. Where there is a true match or suspicion, TCSPs are required to take the necessary steps to comply with the TFS reporting obligations, including filing of CRFs to the FRA.  TCSPs are also required to consider whether it is appropriate to file a Suspicious Activity Report with the FRA, and document all the actions undertaken to comply with the TFS regime, and the rationale for each action.

Lastly, TCSPs should provide adequate TFS related training to their staff and periodically assess their own AML/CFT/CPF and TFS compliance programmes to ensure that they are commensurate with the nature, size, and complexity of the businesses.

The Authority will continue to promote its supervisory mandate through both offsite monitoring and onsite inspection processes to assess adherence to applicable legislations, rules, statements of guidance, internal policies, and procedures, as well as best practices. Where deficiencies are identified, these TCSPs will be directed to remediate the deficiencies in a timely and thorough manner.

 

Annex 1 - Scope and methodology

The Circular is based on the inspection findings compiled from 2022 onsite inspections reports of twenty-three (23) TCSPs. A total of 529 client files were reviewed across all the TCSPs inspected. The client files selected during the onsite inspections of the TCSPs were randomly selected.

The percentages of the overall findings in the executive summary of this Circular are expressed as out of the total number of twenty-three (23) TCSPs inspected, and 529 client files reviewed that were inspected during the inspections.

For the purposes of this Circular, the Authority assessed the levels of compliance of TCSPs against the following provisions of the AMLRs:

  • Regulation 5(a)(v) of the AMLRs: A person carrying out relevant financial business shall maintain as appropriate, having regard to the money laundering and terrorist financing risks and the size of its business, adequate systems to identify risk in relation to persons, countries and activities which shall include checks against all applicable sanctions lists.
  • Regulation 5(a)(viiia) of the AMLRs: A person carrying out relevant financial business shall maintain as appropriate, having regard to the money laundering and terrorist financing risks and the size of its business, procedures for the assessment of one-off transactions and the ongoing monitoring of business relationships for the purposes of preventing, countering, and reporting money laundering, terrorist financing and proliferation financing, and such procedures allowing for the identification of assets subject to targeted financial sanctions applicable in the Islands.
  • Regulation 5(a)(viiib) of the AMLRs: A person carrying out relevant financial business shall maintain as appropriate, having regard to the money laundering and terrorist financing risks and the size of its business, procedures to ensure compliance with targeted financial sanctions obligations applicable in the Islands.

The Authority has prepared individual inspection reports for the twenty-three (23) TCSPs from which the dataset was generated from in the preparation of the Circular.

 

References

FSPs are encouraged to review the links below which can provide further guidance on the subject matter. The list is not exhaustive, and FSPs are encouraged to keep abreast of emerging information/material on TFS published by FRA, the Authority or other relevant authorities.

Guidance Notes on the Prevention and Detection of Money Laundering, Terrorist Financing and Proliferation Financing in the Cayman Islands(2020 Revision)

FATF Targeted Financial Sanctions Related to Terrorism and Terrorist Financing (Recommendation 6)

UK Financial Sanctions: General Guidance (December 2020)

FRA Financial Sanctions Guidance (February 2020)

FRA List of Sanctions Targets, by regimes in Force in the Cayman Islands (April 2023)

AML/CFT Activity Report 2021

The Anchor Publications

Sign up for our E-alerts

Be the first to know about releases and industry news and insights.