Enforcement Action: CBI fines company €280,000 for AML breaches

In May of this year the Central Bank of Ireland reprimanded and imposed a fine of €280,000 on Campbell O’Connor & Company, as part of an investigation and enforcement process.

The firm admitted the breaches which took place between July 2010 and November 2016.  The Central Bank’s investigation identified five breaches of the CJA 2010, namely: 

  1. Risk Assessment

Contrary to Section 54(1) and (2) of the CJA 2010, the Firm failed to conduct any risk assessment of ML/TF risk for over three years following the enactment of the CJA 2010.  The risk assessment conducted between November 2013 and November 2016 failed to consider a number of key risks.  Specifically:

  • The Firm failed to carry out an adequate assessment of the customer and geographic risks facing its business.
  • The Firm failed to carry out any assessment of the risk of terrorist financing facing its business.

A thorough risk assessment of a firm’s customer profile, the type of services offered to those customers and the countries in which those customers reside or conduct business is integral to ensuring that firms adopt policies and procedures to mitigate all relevant ML/TF risks. 

  1. Policies and Procedures

Contrary to Section 54(1) and (2) of the CJA 2010, the Firm did not have documented AML/CFT policies and procedures in place for over three years following the enactment of the CJA 2010.  The policies and procedures implemented between November 2013 and November 2016 were deficient in a number of respects.  Specifically:

  • The Firm’s AML/CFT Manuals identified third party payments as high-risk customer activity, however, the Firm failed to adopt adequate policies and procedures to mitigate the risk.
  • The Firm failed to adopt policies and procedures for preventing and detecting the commission of terrorist financing or mitigating the risk that its customers could be involved in terrorist financing activities.
  • The Firm failed to adopt policies and procedures to ensure that the Firm’s board of directors formally reviewed and, where appropriate, revised the Firm’s AML/CFT policies and procedures on an ongoing basis.
  1. Transaction Monitoring

Contrary to Section 35(3) of the CJA 2010, the Firm’s transaction monitoring process failed to consider the customer’s source of wealth, business activities and pattern of previous transactions. Instead, the Firm relied on an assumption that its staff had sufficient personal knowledge of its customers to mitigate ML/TF risk. The Firm’s approach was inadequate to enable it to comply with its obligations under the CJA 2010.

The Central Bank expects firms to implement robust transaction monitoring processes to determine whether a transaction and/or series of transactions could be suspicious and should be reported to An Garda Síochána and the Revenue Commissioners. 

  1. Staff Training

Contrary to Section 54(6) of the CJA 2010, the Firm failed to demonstrate that the training it provided met the required standard from July 2010 until September 2015.  In addition, the Firm failed to provide ongoing training to staff on the identification of suspicious transactions relevant to the Firm’s business.

Failure to provide adequate AML/CFT training increases the risk that staff fail to fully understand key ML/TF risks and fail to identify suspicious transactions, which should be reported to the relevant authorities.

  1. Third Party Reliance

In accordance with Section 40(4) of the CJA 2010, the Firm was only permitted to rely on third parties to conduct customer due diligence on the Firm’s customers provided that an appropriate arrangement was in place between the Firm and the third party.

The Central Bank’s investigation found that, over the course of a six year period, the Firm relied on a number of third parties without ensuring that all the necessary arrangements were in place in respect of each third party.  As a result, the Firm could not have been satisfied that the third parties had conducted the required customer due diligence on the Firm’s customers.  In addition, the Firm could not have been satisfied that the third parties could, upon request, provide the customer due diligence documents or other relevant customer information to the Firm.

Further information in relation to this investigation and outcome can be found on the Central Bank website (Central Bank Media Relations). Similar investigations have taken place in the Credit Union sector and further on-site visits from the Central Bank are expected.   If you have any queries relating to the AML/TF, CUDA training of CUDA material on AML/TF please do not hesitate to contact us.