AML is a such hot topic. New entrants to the market are gearing up to the provide Cayman funds with this service and existing Cayman fund providers are refamiliarizing themselves with the recent changes included in the Proceeds of Crime Law (2018 Revision) (the “Law”), the Anti-Money Laundering Regulations (2018 Revision) (the “Regulations”) and the Guidance Notes on the Prevention and Detection of Money Laundering and Terrorist Financing in the Cayman Islands (the “Guidance Notes”), taken together, the “Cayman AML Regime”. These stakeholders must also pay attention to notices issued by the Cayman Islands Monetary Authority (“CIMA”) from time to time. As a guide to new stakeholders, set out below are some cliff notes regarding the Cayman AML Regime.
Who Must Comply With The Cayman AML Regime?
Any person carrying out relevant financial business must comply with the Cayman AML Regime. For a discussion of relevant financial business, please see the previous information update.
Appointment Of Anti-Money Laundering Reporting Officer
Each person carrying out relevant financial business shall, for the purpose of ensuring compliance with the requirements set out in the Regulations designate a person at the managerial level as the Anti-Money Laundering Compliance Officer (“AMLCO”) and Money Laundering Reporting Officer (“MLRO”). A manager or official employed at managerial level must also be designated as the Deputy Money Laundering Reporting Officer (“DMLRO”) and who shall in the absence of the Money Laundering Reporting Officer discharge the functions of the Money Laundering Reporting Officer. As per the recent notice from CIMA, a natural person must be initially designated to perform these roles. The AMLCO may combine his role along with the MLRO role if the person is competent and has sufficient time to perform both roles efficiently and understands the roles and responsibilities of each function.
To satisfy the requirements of the Regulations, a person carrying out relevant financial business may delegate the performance of any function to a person or rely on a person to perform any function required to be performed. According to the recent CIMA notice, such delegation or reliance presupposes that the designation of a natural person for the role of AMLCO/MLRO/DMLRO has first taken place in accordance with the Regulations.
A person carrying out relevant financial business must also adopt and apply the principles related to outsourcing under the Guidance Notes when delegating the performance of any function to a person. This requires an assessment of associated risks including the country risk. Where the associated risks cannot be effectively managed and mitigated, the financial services provider shall not enter into that outsourcing arrangement. Due diligence must also be conducted on the proposed service provider to whom it intends to outsource as appropriate and the person delegating must ensure that the service provider (“OSP”) is fit and proper to perform the activity that is being outsourced.
Where the outsourcing arrangement allows for sub-contracting, the OSP may sub-contract any of the outsourced activities that are allowed for subcontracting. The person carrying out relevant financial business shall ensure that while sub-contracting, the OSP follows the outsourcing standards equivalent to that of the person falling within the definition of relevant financial business.
Where the OSP operates from a country outside the Cayman Islands in which the standards are lower when compared to the Cayman Islands, then the OSP should adopt the Cayman Islands standards. Where the sub-contractor is from a country whose standards are lower when compared to the Cayman Islands, the sub-contractor should adopt the standards of the Cayman Islands.
Regarding delegation, CIMA has noted its expectation that, where any person carrying out relevant financial business is relying on a person to perform any function, such arrangements should include provisions to:
** ensure that the person on whom reliance is being placed has adequate and appropriate knowledge and expertise to perform the function
** conduct a risk assessment of the person before entering into an agreement with the person and placing reliance
** have a formalised agreement with the person on whom reliance is being placed, setting out the responsibilities of each party
** review policies and procedures of the person prior to entering into the reliance agreement and test them, from time to time
** ensure that the person adopts the Cayman Islands standards in relation to the performance of the function (for which reliance is being placed), where the person operates from a country outside the Cayman Islands in which the relevant standards are lower when compared to the Cayman Islands.
Delegation Does Not End Responsibility
The reality of delegation is that, notwithstanding the ability to delegate and sub-delegate, the responsibility for compliance with the requirements of the Regulations is that of the person carrying out relevant financial business. This is a critical point because parties sometimes get relaxed and take comfort in the terms of a delegation agreement thinking that someone else has now assumed ultimate responsibility for the discharge of functions. Cayman fund directors are familiar with this concept as they are tasked with the periodic evaluation of Cayman fund service providers to whom functions are frequently delegated, primarily to ensure that the party is performing their duties and that the relevant delegation remains appropriate.
Speaking of Cayman fund directors, they would be logical choices for the MLRO, DMLRO and AMLCO designations since a natural person must initially designated as MLRO, DMLRO and AMLCO and the person is required to be at the managerial level. However, a Cayman fund director may consider how much any such designation may add to his existing director responsibilities, especially if he has many directorship appointments. Also, where a director acts as MLRO and his fellow director is a director-shareholder and AML issues arise in respect of that director-shareholder, there could be a risk that the director acting as MLRO may inadvertently make a disclosure to the director-shareholder of suspected activity, which is likely to prejudice any AML investigation. In fact, this would be deemed tipping off under the Law and is an offence.
Obligation To Notify CIMA
Whether a director or a third-party expert is designated as the MLRO, DMLRO or AMLCO, all Cayman funds must be able to demonstrate to CIMA their compliance with such requirement, by the submission of the requisite information via CIMA’s REEFS portal, on or before September 30, 2018. For Cayman funds registering as at June 1, 2018, such compliance must be demonstrated by the provision of the requisite information at the time of the submission of the registration application via CIMA’s REEFS portal.
About The Author
Alric Lindsay is a Cayman Islands corporate/funds lawyer and an independent fund director approved by the Cayman Islands Monetary Authority and licensed under The Directors’ Registration and Licensing Law. Alric also acts as voluntary liquidator to Cayman Islands entities. Alric can be contacted at firstname.lastname@example.org