MGA points to new FIAU guidance note on Money Laundering Reporting Officer

The Malta Gaming Authority (MGA), has pointed its regulated companies to a new Financial Intelligence Analysis Unit (FIAU) Guidance Note on some of the common issues related to obligations around Money Laundering Reporting Officers (MLRO).

In its announcement, the FIAU stated that the Guidance Note is being issued in response to several questions that it has received from Subject Persons on how certain requirements regarding the MLRO role should be interpreted.

The Guidance Note thus seeks to provide clarity on the following topics:

Independence and autonomy

The FIAU issued extensive advice on the importance and role of independence and autonomy in MLRO guidance.

The MLRO must be allowed the necessary independence and autonomy to carry out the functions associated with this role in an effective manner.

However, the MLRO remains accountable for any decision taken or otherwise during the fulfilment of the functions associated with this role.

Conflicts of interest

The FIAU explains that its ‘Implementing Procedures – Part I’ makes repeated references to the need for the individual appointed as MLRO to avoid conflicts of interest, whether real or potential.

The FIAU’s position in this regard can be explained by reference to the often quoted ‘Three Lines of Defence’ model where the MLRO is responsible for overseeing whether decisions taken by the first line of defence, i.e. the customer-facing staff, reflect and respect the subject person’s AML/CFT policies, controls, procedures and measures.

Considering that most MLROs also carry out a compliance monitoring function, having the MLRO revisiting the decisions taken with respect to a given customer or relationship would undermine the very basis of the ‘Three Lines of Defence’, as one cannot be asked to police oneself.

Therefore, in situations where the MLRO has a conflict of interest with any other functions carried out for the subject person, it becomes even more important for there to be regular independent checks and reviews to ensure that the subject person’s AML/CFT policies, controls, procedures and measures are effectively being adhered to.

Outsourcing, secondment and employment

The FIAU has repeatedly addressed the question as to whether an MLRO can be outsourced, but the reply has always been in the negative other than for those instances that are provided for under existing regulations.

However, the FIAU has at times noticed that outsourcing agreements are being repackaged as secondment agreements.

Knowledge, skills and expertise

The FIAU emphasises the importance of MLROs to have the necessary seniority and company for said officer to be knowledgable of the money laundering or financing of terror risks faced by subject persons and of the measures, policies, controls and procedures implemented to mitigate those risks.

Amongst other points, the FIAU emphasises that the MLRO should ideally be able to speak English, especially considering they are main contact point for the regulator and they may be privy to very sensitive information so should be able to communicate with the FIAU independently.

Personal liability

Personal liability of the MLRO is intended to ensure there is an effective deterrent to those who otherwise take on the role of MLRO without sufficiently considering what this entails.

Additionally, the move is intended to further encourage MLROs to keep abreast of any developments which may impact the obligations associated with the role and those of subject persons they work for in that role.

The liability is also intended to ensure that MLROs dedicate the necessary time and attention to fulfilling their obligations with the necessary level of skill and care.

The rule also aims to hold MLROs accountable for anti-money laundering/ counter financing terrorism (AML/CFT) contraventions in cases where, through an act or omission, has caused or contributed to breaches by a subject person.

The FIAU states that it appreciates that the introduction of personal liability for MLROs, in a market where resources are limited, has contributed to additional difficulties in terms of recruitment, and that this has deterred MLROs, even those with the best of intentions, from taking on or retaining the position.

However, it states that the introduction of personal liability highlighted the need for a change in the way the role of the MLRO may have been perceived.

“This shows the significant importance attached to it and the central role this function plays within both a subject person’s and the wider AML/CFT framework,” the FIAU explained adding: “The MLRO’s personal liability does not exempt the subject person from its own responsibilities as it remains primarily responsible to ensure adherence with all AML/CFT obligations.”

Record keeping

The FIAU emphasised that records need to be kept in order on file, be it physical or electronic and easily retrievable when they are requested to be produced by the authorities.

They should also contain sufficient information explaining the reasoning behind the decision taken by the MLRO for ease of reconstructing and understanding the scenario, demonstrate a consistent approach to the decisions being taken, and document the reasons why it was impossible for the MLRO to act in keeping with the requirements of the implementing procedures.

The Malta Gaming Authority urges casino and gaming licensees and their respective MLROs to take note of the guidance note and align themselves to it.

MLROs are also reminded of their obligation to ensure that they satisfy all eligibility requirements to undertake the functions expected of an MLRO, and to notify the Authority and the FIAU forthwith, should there be any changes or developments which render them ineligible to continue occupying the said role.