Paradise Papers – Seeing the Wood for the Trees

logoThe now infamous “Paradise Papers” contain personal data obtained from Appleby’s Bermuda office via an illegal hack. This data in part details the utilisation of International Finance Centres (IFC), by high net worth persons and corporates, for tax mitigation purposes. This post makes no comment on the legality or otherwise of using such data. Nor, is it a commentary about tax havens vs IFCs, the ethical considerations of society, and the freedoms for legal persons to engage in trade or invest in or through an IFC. Our focus instead is the failings that Trustees, Foundation Officials, Directors and Employees in Financial Services Businesses (FSB) must learn from in the wake of this saga. We do not purport to be a tax experts and so have not commented on the validity or otherwise of any advice given whether regarding tax or structuring. Our intention is to look at the compliance and “good business practice” considerations at the heart of good corporate governance. With offices in Guernsey, Jersey and having experience of  working in Bermuda we believe analysis of legal and regulatory frameworks by jurisdiction offers a less valuable insight than a clear understanding of the general principles and terms of good corporate governance.

 
Tax Advice
In order for Trustees, Foundation Officials and Directors to fulfil their responsibility and work in the best interest of their clients they must understand and follow the professional tax advice received. They must evidence that they are compliant with this advice and periodically, depending on the type of arrangement they are administering or controlling, ensure that they have up-to-date tax advice on file. They must also evidence that these arrangements remain legal and all tax liabilities are settled when due. The following are instances where those responsible may find that they have failed to attain an appropriate standard:

• Legal arrangements over time becoming tax non-compliant;
• Legal arrangements set up with draft tax advice without the advice ever being formalised;
• Legal arrangements undertaking new activities outside the scope of the original tax advice;
• Failure to follow tax advice fully, e.g. the non-repayment of a commercial loan arrangement;
• Tax advice provided by those who are not appropriately qualified;
• Tax advice held by the client but never shown to the Trustees, Foundation Officials and Directors.

Control
To ensure tax and legal compliance the Trustees, Foundation Officials and Directors must exert control. Here again to fulfil their responsibilities they must clearly document evidence that they have overarching control of the activities of the legal arrangement. The following are instances where those responsible may find that they have failed to attain an appropriate standard:

• Beneficiaries committing the legal arrangement to a business arrangement without due consideration and approval of the Trustees, Foundation Officials and Directors in the first instance;
• Those responsible acting without due consideration;
• Those responsible committing the legal arrangement to business activities which do not accord with the arrangement’s rationale;
• Those responsible lack sufficient independence from the client;
• Those responsible are unable to evidence their control of the assets and/or activities of the arrangement.

Investments
The Paradise Papers have also raised questions regarding the suitability and legality of investments undertaken by legal entities. Trustees, Foundation Officials and Directors must ensure that the investments or business activities undertaken by the entity are in line with its intended purpose. Those responsible must also ensure the legality of any investment or business activity does not breach any international sanctions. Though investments or business activities do not require due diligence to the same standard of beneficial ownership due diligence, sufficient research and evidence must be attained to ensure such activity is in the best interest and in line with the objective of the legal arrangement. At the same time sufficient checks must be undertaken to ensure legal compliance and suitability with its objectives both at initiation and on an on-going basis thereafter. The following are instances where those responsible may find that they have failed to attain an appropriate standard:

• Investing or engaging in a business relationship with legal entities related to a sanction regime or jurisdiction;
• Not undertaking sufficient due diligence to ensure that the investment or business engagement does not involve sanctioned legal persons or sanctions breaches;
• Investing or business relationships that are out of line with the entity’s purpose.

Source of Wealth and Funds
Trustees, Foundation Officials and Directors must ensure that they have sufficient understanding and evidence of their clients’ Source of Wealth and Funds (commensurate with their risk classification) to prevent and detect criminality and terrorist financing. Understanding the origin of assets and their usage assists those responsible in forming a picture of the true beneficial ownership, intention and nature of the relationship. This also allows those responsible to have sufficient transparency and enable effective reporting required by international regulatory and legal bodies.

 
Ethics of Doing Business
Those responsible must ensure that they have given ethical consideration to the activities of any legal arrangement. Ethical considerations must accord with the documented risk appetite and it must be understood that legal arrangements engaged in aggressive tax mitigation or higher risk industries pose a higher reputational risk to the Trustees, Foundation Officials and Directors, their business and those of the jurisdictions in which they are active. As such, these relationships must be properly understood and documented as they may be open to future challenge.

 
The ethics of doing business must also consider whether sufficient knowledge, qualifications and experience are inherent in those responsible. Trustees, Foundation Officials and Directors must document and evidence their consideration of whether a business relation, either new or continuing is within their realm of knowledge, understanding and experience. Where this is not the case they should remove themselves from responsible positions or obtain suitably experienced individuals as their replacement.

 
The integrity and professional actions of those responsible will ultimately be assessed by the authorities to ensure that the best interests of stakeholders have been met at all times. This responsibility includes timely reporting of non-compliance with appropriate authorities.

 
Compliance
While the Trustees, Foundation Officials and Directors remain responsible and accountable for both and their own and the legal arrangements activities, a suitably resourced compliance function is required to assist and advise. Compliance must be a proactive force within a FSB rather than merely a tick box exercise. It must assist in ensuring that the business has attained appropriate tax and legal advice as well as ensuring it is understood and followed. Those responsible must demonstrate the required control and oversight of activities undertaken for and on behalf of the legal arrangement. Findings and recommendations must be reported back to those responsible and any remediation must be tracked to ensure that the business can demonstrate compliance, integrity and appropriate levels of knowledge and understanding of the entity’s activities.

 
Data Security
The Paradise Papers also clearly highlight the importance of implementing suitable and sufficient data security controls to protect stakeholders. These controls are not just IT system-focussed and must include effective staff training to reduce the risk of an unintentional data leak. Data security systems and processes must be monitored, tested and kept up-to-date. It goes without saying that failure to implement an efficient and effective control environment may lead to a catastrophic loss of data with disastrous reputational consequences for all stakeholders. FSB’s must also be aware and ensure that any 3rd parties who hold data do so effectively and have the necessary safeguards and review processes.

 
Conclusion
Compliance monkeyIFCs adhere to international standards and best practice. While recent data hacks have revealed that there are practitioners out there who have not abided by these requirements, the vast majority are conscientious and highly professional.

However, the current political backdrop is unfavourable to offshore jurisdictions and we should expect greater scrutiny in our professional activities for the foreseeable future. Applying the highest standards of corporate governance is our best path to a successful future.
If you have any concerns or would like to know more please either contact myself or Redwood Offshore

logo

 

Advertisements

Dear Board, don’t engage me to undertake your outsource compliance requirements until you have read this!

Compliance monkeyGuernsey has an amazing regulatory framework which has become quite a selling point with financial service businesses offering their products and services and those financial service businesses wanting to come and have operations here. Some will utilise outsource compliance professionals to assist them with the cost of set up, on-going costs,  ensuring their business can have knowledgeable and professional persons on-board while it establishes and grows its presence and offerings. Even established firms may need extra compliance support in their business to be able to ensure that they can at all times remain compliant with the Guernsey regulatory framework or ensure that remediation is appropriate and effective.

In the last year the use of outsource compliance professionals has come to the forefront of the regulatory radar, instances of their failure having been identified as contributing to businesses failing to adhere to the regulatory framework. There have been numerous communications from the Commission to the industry on the issues surrounding the requirements for utilising an outsourced compliance professional and failures where this has not been met, showing that the Commission are treating this seriously.

At the end of the day the responsibility for compliance to the regulatory framework is laid firmly at the feet of the Board and they are the first point of call when failings or regulatory deficiencies are identified by the Commission. The need to ensure a Licensee is meeting the regulatory requirements forms at the most basic level with the minimum criteria of licensing as well as being mentioned throughout the regulations, codes instructions, and guidance issued by the Commission.

So what needs to be considered by Boards? Here are some questions to be asked but at all times refer to the legislation regulations, rules,instruction and codes that pertain to your business and licence.

Prior to any engagement consider these points.

You wouldn’t employ anyone to undertake the role in a full-time capacity so why would you chose anyone to do your outsource function?

Prior to any engagement do your due diligence on the outsource company/ person, the person who will be your appointed compliance representative and the people who will be doing the work. At the very minimum the person who will be undertaking the work needs to be suitably qualified and knowledgeable of the area your business operates in and the regulatory rules that pertain to your licence.  You will need to ensure that you can evidence that they have been appropriately screened as you will be expected to have been as diligent with your provider as with your own staff!

You wouldn’t employ anyone who doesn’t have the time for your business?

Prior to any engagement you need to work out how much time will be required. This will change from the role that compliance professional will undertake, as an example an outsourced MLRO will have different time requirements to a compliance professional assisting with licensing.

When you actually look at it, if you have a compliance professional for two hours a week it would take them eighteen weeks to achieve one thirty-six hour working week in your business! Obviously cost is a major factor in this assessment and knowledge and experience never come cheap. The time any compliance professional spends on your business must be commensurate to the size, complexity and nature of your business and the role undertaken.

You need to be aware that a compliance professional will also be working for other firms, there is obviously a risk regarding resources. If their clients require more time or the outsource provider or person undertaking the role has issues with resources will you be affected? You need to ensure that there are controls in place or a plan B to mitigate these risk.

You wouldn’t have any old agreement?

You need to ensure that the outsource agreement meets the requirement of the Guernsey regulatory framework and is legally binding. The Board cannot discharge its responsibilities only delegate the work, it is often a good idea to have a Guernsey Advocate firm look over any agreement, especially if the Board are not familiar with Guernsey Law or this area.

During any engagement consider these points.

You wouldn’t want to be assessed by any old criteria, what criteria is the business or business area being assessed to?

Again this depends on the role you are utilising the outsourced compliance professional for, but you need to know how they are monitoring you and to what standard.  The Board must make sure that it can evidence and satisfy itself and the Commission that the Guernsey regulatory framework requirements have been met.

You wouldn’t want any report, do the reports provided give the full picture of the work being undertaken?

The reports that are provided to the Board must be meaningful and contain accurate management information. This allow the Board to see the whole picture of their business or the area that the outsourced provided has been contracted to service and assess the level of compliance to the regulatory framework. If areas or remediation work have been identified are the Board kept appropriately up to date?

You wouldn’t want to keep on anyone who isn’t performing, is the outsource provider performing to the required standards?

Throughout any engagement the Board must consistently monitor and evidence its monitoring of the outsource provider and/or those undertaking the work for the Licensee. Is the Board satisfied with the work undertaken, is the monitoring of the business meeting the requirements of the Guernsey regulatory framework, has the business changed in its complexity, nature or size and is the person doing the role still suitable?

The most important aspect to any outsource relationship is that you have the right person/firm, they add something to your business, provide you with the accurate management information, they get on with you and are honest to you regarding their business and yours. By hopefully considering and evidencing these requirements a Board will be able to show that they have acted to ensure that their business meets the requirements of the Guernsey regulatory framework. In the unfortunate case where things have not worked out the Board will be able to evidence that they were aware of the issues at the earliest opportunity and have acted to mitigate any non-compliance and remediate the situation.

The Sum of All the Parts

Compliance monkeyThe Guernsey Anti-Money Laundering and Countering Terrorist Financing (“AML/CTF”) framework has continually developed to take in to account good practice, external pressures, requests and recommendations of onshore governments, quangos and international organisations  to ensure that financial crime in all its guises is effectively tackled. The Commission have sought to and I would say that they have largely achieved a cohesive framework that effectively mitigates against the use by criminals of Guernsey as an international finance centre while not over burdening the Financial Service Business operating here.

This cohesive framework has been achieved over the course of the years by open dialogue with local industry bodies, licensees and working effectively and productively with those outside of Guernsey to achieve a proportionate approach for  the products and services that are provided to clients wishing to utilise the jurisdiction. Most notably in 2013 the AML/CTF framework in Guernsey changed extensively and this resulted in general insurance products being removed, but did it remove all the products and services that can classified as General Insurance?

With regard to the Insurance sector in Guernsey, a legal entity can be licensed for general business or for long-term business. Long term business is defined in the Insurance Business (Bailiwick of Guernsey) Law, 2002 as contracts on human life, human longevity, marriage and birth, linked long-term, permanent health, capital redemption, pension fund management and credit life assurance. Due to the nature and the requirements of some clients, an insurance licensee with a general business categorisation may want to offer some of these products to their clients to supplement the range of products and services they currently or can offer their clients, but without the need to be licensed for long-term business.  Section 2(4) of the Insurance Business (Bailiwick of Guernsey) Law, 2002 does allow for an Insurance licensee to elect that a contract for a term of not more than 18 months that may be regarded as a long-term business contract and can be deemed to be general business.

This would appear to allow a general insurer to fit such products into their licence requirements e.g. general insurance, without the requirements to adhere to the Guernsey AML/CTF framework as per the changes that were made to the Commission’s AML/CTF Handbook (” Commission’s Handbook”), in 2013.  It should be noted that the treatment of these products, though allowed to be done in certain circumstances by an Insurance licensee does not change the definition of those products in the Insurance Business (Bailiwick of Guernsey) Law, 2002.

In the Criminal Justice (Proceeds of Crime) (Bailiwick of Guernsey) Regulations, 2007 at schedule 1 it states that a Financial Services Businesses for the purposes of the Regulations are detailed in part 1 of the schedule, except where they are incidental or are other activities as listed at Part 2 of the Schedule. Part 1 of the schedule includes the carrying on of “Long Term Business as defined by the Insurance Business (Bailiwick of Guernsey) Law, 2002 as being a Financial Services Business for the purposes of the Regulation and the Commission’s Handbook, it does not include any change in the treatment of an Insurance product by an Insurance Licensee. The Commission’s Handbook at section 4.8 specifically deals with the treatment of life or other investment linked insurance policies and as such these appear to directly fall in to the Guernsey AML/CTF regime. Effectively this is saying that if a product falls under the long-term definition stated in the Insurance Business (Bailiwick of Guernsey) Law, 2002 though a Licensee it may regard it as being General business they remain subject to the AML/CTF Regulations. Thus a licensee must adhere to the requirements of the Commission’s Handbook and AML/CTF framework when dealing with such products.

The sum of all these parts would indicate that an Insurance licensee effecting or carrying out life or other long-term products regardless of how a Licensee may be able to classify these products as general business under the Insurance Business (Bailiwick of Guernsey) Law, 2002, they would still fall under the AML/CTF regulations and Commission’s Handbook by way of the requirements of the Criminal Justice (Proceeds of Crime) (Bailiwick of Guernsey) Regulations, 2007 held at schedule 1. An Insurance Licensee regardless of how it treats such products under its licence would be required to have in place an effective AML/CTF framework.  A licensee must be able to evidence the suitability of its AML/CTF framework and compliance with the AML/CTF requirements pertaining to its business to the Commission.

An Insurance licensee must ensure that at all times they meet the requirements for the minimum criteria for licensing, schedule 4 of the Insurance Business (Bailiwick of Guernsey) Law, 2002. This includes a requirement to meet and adhere to any rules, codes, guidance, principles and instructions issued from time to time under any other enactment as may be applicable to the business, and this would also be inclusive of the Guernsey AML/CTF framework.

Missing the Elephant in the room.

These last few weeks I have been thinking back to myCompliance monkey time in Law Enforcement. Those of you who can remember back that far probably have an image of a young surfer dude who turned up in the most scruffiest uniform, collar half in half out, requiring either a haircut or beard trim, usually both and never mind the lack of tie!

Those who worked with me will probably remember a person who worked manically yet methodically, questioning everything, discussing and testing theories before providing a list of potential targets for Officers to stop and check out. I am very proud to have been one of the highest seizing drugs Officers during my time, but all this could not have been done without the above, the support of my senior officers (and at times I pushed them to the limits) and the Law Enforcement Officers and teams I worked with, who looked at the whole.

In recent weeks there has been a lot of international interest in the offshore world regarding tax avoidance and tax evasion as well as financial crime, which has included revelations of HSBC in Switzerland. This post is not about HSBC, what is or isn’t tax evasion or even the ethics behind tax avoidance or financial crime, but I hope to try to provide some advice where the due diligence process fails. I have previously written about how due diligence is only part of the solution. As a past Customs and Immigration Officer and now as a compliance manager and consultant these documents are essential in identifying and verifying the target/ client but this is by no means the be all or end all.

It is all about the analysis of information in front of us, checking these details and asking the questions not our pre-conceived ideas or prejudices. Do we ask the question of why our clients invest offshore or set up dynastic structures or entrepreneurial structures offshore, do we understand and test and document, this rationale and reason and do the transactions make sense and fit the profile?

As a Law Enforcement Officer I would start by building a picture of travellers, and ask myself if the analysis I had in front of me made sense. Were there any comparisons to known smuggling and people trafficking profiles? Then I would seek out the experience of my peers, asking questions and gaining in-sights, understanding and clarifying what I had in front of me. This is no different from a Financial Services Business, where you are obtaining identification details, verifying these with documentation, researching through the various open-source intelligence databases for known facts, asking questions regarding the rationale. Seeking supporting evidence e.g. tax/ legal rationale and advice for the creation of a structure, its suitability and comparing the client and business relationship to known criminal profiles.

Having assisted licensees when they have been subjected to on-site visits by the Commission the main observation is, to a greater or lesser extent, that the requirements of the Regulations and the Handbook have been met. Some licensees have gone for just meeting the required standards others are far in excess of what is required by the regulations, but all generally pass with only the criticism of lack of former names or certification not meeting the expectations of the Commission. The real bug bear for the Commission is the lack of or insufficient periodic review. Yes we screen for sanctions, yes we check the appropriateness of our due diligence and we risk assess to what we see in our verification documents and from our refreshed our database checks but is this enough? Well unfortunately no it’s not and we are missing the Elephant in the room.

We spend alot of time getting the tax/ legal advice, the rationale of the relationship and the expected transactions at the start of the on-boarding process but we seldom question these areas again in the course of the business relationship. Tax advice is valid when it is given and after that it is outdated and what was legal tax mitigation can become tax evasion, transactions vary due to life circumstances including financial crime, entrepreneurial relationships change due to economic reasons and taking advantage of situations, some which can be financial crime. The information is in front of our eyes yet we fail to look at it, react to it, analysis it and document these changes or question the rationale.

Being miles above and beyond regulation may serve little purpose apart from to annoy clients and make the offshore world difficult to invest in and access for those with legitimate reasons and rationales. You may think it looks good to a Regulator to be gold platted but that is not the case as they are only looking at compliance with the regulatory requirements. The information to detect financial crime in all its guises is in front of us, the transactions, the file notes of meetings and the tax advice or legal advice. All this allows us to analyse the client to ensure that what we have fits in to our knowledge and understanding of the them and that what we have is legal and remains legal. This though is the Elephant in the room we seldom look at and where Regulators will not look kindly on when they find it lacking, regardless of how high above the required due diligence standards you are!

In all these Financial crime and Tax evasion cases if the advice had been looked at, the transactions and rationale been reviewed in detail would things have been different? It is not OK to say things were different back in the day, it does not absolve you or anyone from financial crime or being complicit in it.

If the only thing you take from this is to look at the whole picture, analyse all the information and rationale of a client, ask any questions you can’t fathom out, and obtain answers and document your full review, this post will have been worth it.

Questions, Coffee and Ghosts.

imagesAre we now being regulated by international organisations and their regulators rather that our own regulators?  Is our regulatory framework becoming a secondary consideration to the regulatory frameworks and group policies of international organisations that finance our community?  Is this leading to the stagnation of Guernsey as a whole where compliance cost rise to meet these external influences rather than our own bespoke regulatory framework? Is our competing and partaking in business in the international or developing world inhibited? Are the policies of the international regulatory community focused on large organisations, with a one size fits all attitude to the detriment of our smaller bespoke financial service providers? Even looking outside of our Financial Service Industry have international organisations, regulators and governments lost contact with local industry and people making them unproductive, uncompetitive and restricted?

Our businesses whether in finance or outside must adhere in some degree, to the requirements of committees and boardrooms far flung from our Island, and the whims of persons who lack connection understanding or appreciation of our island economy and value. Are these institutions aware of our idiosyncrasies as they strive to achieve a mythical norm presented by scoring sheets, algorithms and public opinion of their home countries? Has the international community lost the ability or the want to differentiate between the size nature and complexity of their own and other communities, businesses and financial centres?

A thought struck me while handing over my Guernsey one pound notes for my coffee today, if we print money why can’t we loan money? Why can’t we create a bank of the Bailiwick or other funding enterprises, regulated to our own standards that are acceptable international standards and set up for the needs, development and innovation of our local businesses?  Could we run a bank for the good and development of our community and its financial and non-financial businesses, lessening compliance expense faced by our businesses by focusing achieving the requirements of our regulations? Are we not best placed to understand, develop, innovate and realise the hopes and dreams of our Island community? Could we provide this as yet another string to our bow allowing us to partake and compete effectively in the international community? Rather than fit in to a box could we provide the bespoke solution tailored to our needs and requirements?

WilliamLeLacheurLooking into the last of my coffee as the rain began my mind was taken back to the ocean that I love so much, and yes we are but a drop in the ocean. The ocean has allowed us to raise some of the earliest taxes known, an anchor tax no less for the benefit of our Island and the development of our harbour in the 1400’s.  The ocean was mastered by our forefathers, and none other than William Le Lacheur who imported coffee and went on to influence economic and spiritual development in South America, as I walked through the Arcade I recalled how it was financed by Guernsey ingenuity and innovation.  I headed home past the Thomas De La Rue Public House, named after a Guernsey man who went from humble beginnings to founding De La Rue, who having adapted over the centuries and who have continually innovated while still printing bank notes today. These are but a few of the great historical figures that this Island has had and I could not help but wonder what these ghosts would suggest the same today, what would they think of my thoughts, would they see the potential of such ideas or a necessary to bring the development and innovation required to make the reality of tomorrow?

The ocean is vast and bountiful with a diversity of species and opportunities leading to competition and equilibrium, the loss of the equilibrium leads to the destruction of these unique habitats and species. Could the ripples of this idea radiate out to the benefit of our Island both domestically and internationally or will we be bound by the strangling nets of direct and/or indirect extra-territorial international regulation and policy? We need to look and focus on tomorrow while reflecting on the lessons of yesterday to achieve the dynamic solutions and adapt to the changing world as our forefathers did.

F1- Team Guernsey

Singapore F1The excitement of the Singapore Grand Prix has only be heightened by the restriction on what information can be passed to the Drivers. This addition to the regulations has come about as a result of what the fans and the controllers of Formula 1 believe is the driving of the car from the pit wall rather than the Driver actually driving and racing. To me, though the cars are complex, it is the Drivers who have the best perspective and the feel of what is going on around them in order to make the winning or best decisions, as we saw with Hamilton in Monza, who then capitalised on the situation and went on to win the race.

I don’t think it can be questioned that Guernsey is racing in the Formula 1 of Financial Centres globally, or that it has developed a high standard of regulation to be adhered to, while flexible enough to allow businesses to develop and have an advantage over other competing jurisdictions. One of the concerns that I am spoken to about and have previously posted on is whether the Directors and Partners of our Financial Service Businesses are becoming controlled by Compliance Officers and departments, and that essential business decisions are being curtailed and taken out of the hands of these Drivers.

The Board or Partners of a business must work to achieve the aims and objectives that have been set down. To do this they must obtain suitable and sufficient management information to assess whether opportunities are able to be taken. This information does not just come from the compliance department or officer but from a whole host of potential reports from committees and operational units.  They are listening, analysing and digesting all this information in much the same way that a racing driver pre-race will do with his team.  The strategies will be discussed and engineers and technicians will provide reams of information to allow the drivers to realise their strengths and weaknesses and those of the opposition. Drivers must also be aware of the regulations and where the track limits are and what is acceptable and what will be punished and penalised.

It then comes down to the race. Though the reports from the data sources are important to the team and must be continually analysed to ensure that the engines and electrical systems are performing as well as identifying and managing potential issues as they happen. The most important feedback though comes from the Drivers, who feel the track, the car and can see the tyres and the degradation, while eyeing the competition, corners and hazards.  The Directors and Partners are the drivers seeing through their visors the race as it develops, more than a compliance officer, the operational staff and support services, who remain in the pits or the pit wall, working hard behind the scenes and preparing for any eventuality that may occur and ensuring the strategy remains on track. This is why there is a need to have effective management information that is relevant, short and succinct for the Drivers who are racing.

At the end of the day it is up for the drivers to decide how to use the information they receive, some will push too hard and end up in the barriers, blow their engines or destroy their tyres. Blowing the engine or planting yourself into a barrier ensures that the race is over and for a financial service business it potentially means a total rebuild of the business, legal expenses and a loss of reputation. If the Directors or Partners act recklessly or with a cavalier attitude why would an investor or customer place their money or assets with the business? Destroying your tyres means that the driver can continue the race but they will be slower and need to pit stop more, allowing the competitors to seize the advantage, potentially the sponsors as well if the poor performance continues.  We have already seen this year in F1 how sponsors and investors have left or sold their holdings as well as the threats of doing so due to legal proceedings relating to the sport.

By over controlling the drivers or providing them with excessive information or information that is not succinct there are two possible outcomes.

  • The Driver cannot race effectively and take advantage of the opportunities as they arise with the potential of not seeing the hazards ahead or;
  • The Driver does not understand the severity of what they are being told or chooses to ignore the information, acting recklessly they or the team are penalised.

For the Directors and Partners this has the potential of substandard performance to potential legal and regulatory action against them and the business.

2014 SingaporeAs Sterling Moss said before the 2014 Singapore Grand Prix “to win the race you must be the first home”, and to do this the Drivers must have the freedom to race while also respecting the information that they are receiving. For any Director or Partner to have the right information delivered at the right time will assist them in driving the race to their full potential and to bring the race home, while minimising regulatory and legal exceptions or issues that may inhibit them being the first home. Drivers need to have the trust in their teams to continually advance the car to the changing regulations.  The team must provide the Driver with appropriate and effective information so that they can run to the regulations.

The trust developed between the compliance function as well as the other functions of the Business with the Directors and Partners is essential and will assist in the development of the business and the achieving of the Businesses aims and objectives in and effective and efficient manner. Undoubtedly in any season there will be set backs, but for any Driver to have trust and respect of their team reciprocated means that these setbacks can be overcome, potentially without detriment to their championship hopes. Most importantly this cohesiveness will allow the team to focus on the future, perfecting their car to ensure that they remain competitive providing the best outcome for their sponsors and greatest potential to win points and achieve the rewards, Team Guernsey must aspire to this.  Failure to let the Driver race can lose you the race or race advantage the same as the Driver not accurately analysing the right information provided succinctly to manage the car.

Diving in to Compliance

Entering the waterMy weekends are spent reviewing overarching risk assessments and analysing specific risk assessments as well as undertaking the compliance review of policies and procedures, finishing with the review of performance of the systems and controls.  I am not taking work home with me nor am I moon-lighting or taking on further roles, I am though a qualified Diver and a qualified Solo Diver.

Diving can be a high risk pursuit and can lead to death even at shallow depths. My joy and passion is to go deep, exploring wrecks and reefs of the Channel Islands below 30 meters or 100ft and seeing the beauty and fragility of the alien world below illuminated in beautiful colours with its abundance of life.  The chance of swimming to the surface and surviving without any injury after a total gear failure or panic attack are slim at best, at these depths. The choices I make are calculated and risks are mitigated using similar principles that a Financial Services Business (“FSB”) would utilise.

I start every dive season off with an overarching risk assessment, looking at the risk I am prepared to take, what I want to achieve and the factors affect me. This is not overly different to the Anti-Money Laundering and Combatting Terrorist Financing (“AML/CTF”) Business Risk Assessment for any FSB in Guernsey.  My overarching risk assessment is where I look at what I want to achieve and the risks that I am prepared to take in essence what my risk appetite is, and it does vary year to year.

For a FSB the AML/CTF Business Risk Assessment looks at the risks posed by its products and services and its customers. In my case these translate to the types of diving I want to engage in, my planning and who I dive with.  My mitigation of the risks faced would be my diving gear and its set up and my overall health to make the dive.

I then put into action a monitoring programme taking into account my overarching risk assessment.  A full review of my diving gear is essential as is my fitness, this will involve servicing both gear, body and mind and reviewing them on a periodic basis.  This is similar to the provision of management information to the Directors of a FSB. They require to know the state of health of their policies, procedures, systems and controls, to ensure that they are maintained and remain in good condition and fit for purpose in order to mitigate the risks their business face. Knowing that my gear is in good condition and works is essential for whatever dive I do while the health of my body and mind will dictate the dive that can be undertaken safely. Resources must be put to where areas of concern are noted to ensure that the potential for errors or incidents are reduced to a minimum.

drift drivingThen it all comes down to the day, where I undertake a specific risk assessment of myself, the conditions, the type of dive to be undertaken and who I am diving with or if I am going solo. In a sense this is similar to the customer risk assessment that FSB’s undertake for each customer, in order to identify the risk they pose to the FSB and whether the risks are acceptable.

FSB’s by appreciating the risk posed and faced by the customer can decide whether they are prepared to engage in a business relationship with a customer.  In some cases when I have dived I have been satisfied with the risk I face and have dived but I have also be known to decide that the risks are too high or that my systems and controls are not up to the task and have declined the dive or undertaken an easier dive.  I always work on the idea that it is better to be on the surface wishing you were diving then being in trouble under the water away from help and wishing you were on the surface.

Due to the higher risks I take my systems and controls are tailored to me and include as a minimum two independent air cylinders.  I implement my systems and controls by dividing my body in to two halves, one side has computers connected to one cylinder and the other side has old-fashioned gauges connect to my other cylinder, the idea being that should one side fail I can rely on the other as back up.  It also means I can monitor the performance of my systems and controls effectively ensuring that any false readings or dangerous situations are detected early and evasive action taken.

The last thing I do after every dive is to review my systems and controls obtaining data from my computers, analysing this to ensure my policies and procedures remain fit for purpose.  I then assess my overarching risk assessment making changes if required. This has similarities to the quarterly and annual reviews that are done by management and Directors of a FSB to ensure that their businesses are meeting the regulatory framework and mitigating the risks that they face, in essence it’s just good corporate governance.

Diver OKThings do go wrong and no matter how good your policies, procedures, systems and controls are.  I have been in situations where I have had to shut down one side of my systems and controls due to sudden failure of a hose or regulator as well as having to rely on my old-fashioned gauges, watch and mental arithmetic when my computer has failed. It does not come down to luck that I am here writing this but that my risk assessments and planning have taken these situations into account.  My compliance monitoring has reduced these incidents and malfunctions to a minimum and I have put resources to the risks I face ensuring I am suitable trained and able to deal with incidents of this nature.

FSB’s that have a good corporate governance culture, a suitable compliance framework and a compliance monitoring programme that meets their needs and provides the required management information effectively, have in general survived the financial crisis and have adapted to business and regulatory changes with ease.  Where issues have surfaced they have been able to deal with them effectively and/or report at the earliest opportunity where required to the regulatory authorities or Financial Intelligence Unit.

(Pictures by kind permission of Colin Peters)

Is Client Due Diligence there to stop Criminals and Criminality?

ImageOver the last few years of training people in the weird and wonderful world of AML/CTF I have noticed that people have become despondent with the subject.  I will be the first to admit that it can be a pretty dry subject if not put across well.  One of the areas of despondency that Licensees and their employees have with AML/CTF comes from the task of collecting Client Due Diligence (“CDD”).  Will the collation of CDD actually stop criminals utilising the Bailiwick?  Does this process have any effect on stopping criminality? With some Licensees believing that this burdensome exercise acts as a detriment to business, is this really the case or a misunderstanding?

Stopping criminality and criminals using the Bailiwick by obtaining a passport and utility bill is improbable. It is very unlikely that on production of these documents that they will inform you that they are a criminal and will be using your services and products for their criminality (I have only ever had one unsuccessful drug importer inform me what he was up to when stopped, but that’s another story). These documents are provided to criminals by Government agencies and Utility firms, legitimately, as it is the criminal’s human right after all to be able to live and travel and many do have legitimate incomes.  Criminals will sometimes use fraudulent documents which I’m afraid are prevalent in today’s society.  Fraudulent documents are cheap and easy to obtain and in today’s world of computer technology easy to produce to a very good standard, just look at the print quality of documents that you produce in your office on a day-to-day basis!  Criminals have access to the same if not better technology. Criminals in my experience are only different from ourselves through their moral and ethical values. Ethical and moral values change throughout a person’s life due to the situations they find themselves in and therefore a legitimate customer at a start of a business relationship may change in to a criminal. Unfortunately a passport or utility bill will not tell you if your customer will become a criminal at a later stage.

We are an International Finance Centre respected worldwide for our professionalism and the quality of our products and services and this will naturally be attractive to our customers and potential customers as well as criminals.  Our regulatory framework requires us to identify and verify our customers by obtaining CDD and in my opinion this is not only for us to know our clients and undertake checks to identify any adverse information on them but it also assists Regulators and Law Enforcement Agencies in preventing and detecting criminality and identifying the perpetrators.  By obtaining the required level of CDD when international requests for assistance in investigations are received by either our Regulator or Law Enforcement Agency, it will allow a licensee to react effectively and efficiently, searching their client database to establish if there is any connection or potential connection.

Our Law Enforcement Agency and the Regulator receive requests for assistance from overseas agencies and from my experience the requests are not always the most detailed or extensive and sometimes not totally accurate, this is not the fault of the overseas agency as they are only as good as the intelligence they receive from their sources.  From my time in the Financial Intelligence Service it has never ceased to amaze me that with a little information provided to our Licensees they are able to quickly identify if there is a connection or a potential connection to an enquiry, this is a credit to the professionalism of their employees and commitment in not allowing criminals to prosper.

In one case I dealt with the request for assistance was received from an overseas Law Enforcement Agency who could only provide the suspected person’s name which was very common and a potential address. Not expecting a lot I was surprised to get a phone call from a local financial institution that had a possible match on the suspected person. Relaying this information back to the overseas Law Enforcement Agency their amazement was evident. With a bit more investigative work and liaising between the parties involved it transpired that the local financial institution did have the person the overseas Law Enforcement Agency believed to be involved in criminality, an exercise made easier due to the financial institution having obtained the required CDD which also led to further details being discovered.

I have also been told on occasions by overseas agencies that they always like dealing with the Bailiwick as they are able to establish quickly if there is a connection to their suspect.   This greatly assists them in directing and managing their case and also any potential prosecution. Something positive for all stakeholders in our financial industry to take away with them!

We can safely say that the CDD documents we obtain will not stop criminals utilising the Bailiwick but as you can see they do act as a deterrent.  These documents won’t stop criminality but they will assist in the fight to detect and identify effectively and efficiently suspected criminals when we receive requests from our Law Enforcement Agency or Regulators. The assistance we give to the international community allows the Bailiwick to hold its head up high while discrediting the view held by some out there that we are a safe haven for criminals and their ill-gotten gains, and we do have our supporters out there.

Explaining my view on the necessity to collate these documents, Licensee’s and their employees are able understand the vital importance that they and these documents play in deterring criminals and assisting the international community in the prevention and detection of crime. I hope I have removed the perception that the CDD collation exercise is worthless and burdensome to a business, while demonstrating that it is a worthwhile and a necessary part of doing business in a moral and ethical way. It is interesting to note the recent developments in the on-shore world to pass regulations in respect of identifying ultimate beneficial owners, something we have had in or regulatory framework and have been undertaking for a very long time!

Diversity in the Boardroom

Lloyds Banking Group have committed to diversifying its business dynamics by pledging to make 40% of its senior executives women by 2020.  This good news story has though, been followed up by the news the Women attendees at Davos have slightly decreased, in essence still showing that the female proportion of the world population remains largely undervalued, unrecognised and potentially discriminated against.  Why is it that this amazing untapped natural resource remains under used and underappreciated?

It is well-known that to have a successful business you need to have an entrepreneurial Board that considers the risks faced and applies their collective experience to the issues while individually challenging ideas and mitigating risk.  Diversity in the Boardroom allows a safeguard against reckless behaviour or the undertaking of risk for self-interest allowing entrepreneurial spirit to flourish.  Diversity brings different skills, knowledge and backgrounds allowing the Board to collectively become stronger allowing greater stewardship of a Business whilst decisions and business opportunities can be openly challenged and investigated. With this in mind why is it that there is still a gender gap? Why is the Boardroom still the domain of the male executives in general? Should we go further than gender itself in order to continue to ensure that our financial industry remains at the forefront of the international finance sector and global financial community?

I believe that the reason that the Boardroom remains a bastion of the Male senior executive is down to education, opportunity and succession planning. Without education or equal opportunities the calibre and number of candidates to undertake these roles is significantly reduced. Whilst without the long-term succession planning of a business, education and career advancement opportunities for employees cannot be identified or put in place, this worryingly may lead to potential candidates becoming disillusioned.

Throughout my various roles I have had the opportunity to work with people of all genders and I truly believe that this has allowed me to develop personally for the better and has advanced me in my role as a compliance specialist.  I have always fitted a person to role in respect of knowledge and experience they possess rather than preconceived ideas of gender. I now find myself in a position where some of these people have succeeded in obtaining their goals, some have even surpassed me and this gives me the hunger to continue to challenge myself and achieve. I can’t help but smile at their achievements.

I have been lucky enough to be invited into the Boardroom to deliver my reports and provide advice.  Where the Board has been diversified by gender, I found that they were more confident, open to challenge and discussion. These Boards reviewed in-depth my reports and advice and sought through their individual integrity to collectively come to a decision that benefited the company from a holistic approach of regulation, best practice and the business of the company.

It is unfortunate to say that I have also delivered my reports and advice to Boards that have been male orientated and at times had a stagnant corporate governance culture.  In some of these cases my reports and advice were treated more as hindrance to the business and not considered in-depth due to a lack of challenge by the other Board members.  This has led to regulatory consequences that could have been avoided with the regulator pointing to a failure in corporate governance.  I can’t help but feel sadden by the cost in remedial action and reputation and the personal cost this has caused, due to a lack of diversification.

Though I believe in diversification I am against positive discrimination, as this can unintentionally lead to the achievements of people being discounted and discredited, this serves no purpose but to demoralise the person or a workforce and at worst create distrust and aggression through bullying.  By businesses taking the Lloyds example, over a period of time they can establish suitable practices for education and opportunity for all persons and allowing for successful succession planning to be put in place.  Allowing for people of any gender to be enthused to obtain education and seek challenging opportunities, this can only lead to a better and stronger corporate governance culture.

While the negative connotations surrounding gender must be challenged and put to the annals of history, I believe that the attributes of a person must be considered above gender.  It is often too easy to follow a fashion and rather than enhancing the Board or the Company, you increase the likelihood of a weak or defunct corporate governance system with a greater potential for reduced productivity or business capability, reputational damage and regulatory sanction. It also does not assist in the challenging of gender inequality.

The Board need the best people for the job at hand regardless of gender and we are in times where decisions made by Boards are being challenged by various stakeholders.  There are high-profile cases where failure of a business was down to self-interest, and unacceptable risk taking due to a failed corporate governance framework that could have been avoided by diversification of the Board by suitable qualified and knowledgeable persons, allowing for the challenge of business practices and decisions.

Introducer Certificates the Pro’s and Con’s

Does anyone else find it so frustrating to constantly provide client due diligence when accessing financial services products or even when accessing legal services?  Is this constant due diligence treadmill stopping us and potentially our clients from accessing products and services?  I personally feel that this is unfortunately the case and in some cases I am aware that this has caused clients to utilise other jurisdictions or miss out on investment or business opportunities.  I believe that there is a solution to this which could add to the attraction of Guernsey as a place to do business as well as allowing clients greater access to the products and services that can be offered.

The current solution is that the regulated or registered business can if the introducer meets the requirements of an Appendix C business, utilise the introducer regime as stipulated by the Guernsey Financial Services Commissions (GFSC).  This allows the registered or regulated business to rely on a certificate confirming identity while promising that the due diligence they hold and maintain meets the Guernsey requirements and will be provided when requested from the regulated or registered business.  The regulated or registered business then has to test the introducer throughout the life of the business relationship, to ensure that the introducer can meet the obligations of the introducer certificate and that the due diligence does meets the Guernsey standards. The unfortunate downfall of this system is that sometimes an introducer won’t adhere to the obligations of the introducer certificate or requirements of the rules governing due diligence in Guernsey leaving the regulated or registered business with quite a headache, and remedial work to undertake.

Where an introducer provides clients to regulated or registered business by the use of introducer certificate, for example an IFA providing 300 clients to invest in various Funds at a Guernsey Fund provider, the introducer can become disillusioned with Guernsey and the regulated or registered business when year on year they receive requests to provide the copies of due diligence for a selection of these clients introduced by them.  This is a burdensome process for the introducer, taking them away from their business, only to provide documentation for which they can not necessarily recover the cost from their client.  Unfortunately some will not want to or be willing to keep their obligations, leading to problems for the regulated or registered business.  The solution to this problem is to undertake a 100% testing programme where copies are provided to the receiving regulated or registered business with the introducer form.  There is only the need to periodically on a risk based approach go back to the introducer to confirm that the clients details have not changed during the life of the business relationship, such as the address, and if the details have changed that the copies of the updated due diligence are provided.  Undertaking this approach allows the regulated or registered business potentially less risk as the due diligence will already have been assessed and deemed suitable at the start of the business relationship and less risk of the introducer not subsequently meeting or adhering to their obligations by not providing the required due diligence. This allows for beneficial relationships to develop between the regulated or registered business and the enhancement of Guernsey as a place to do business.

Where clients have a business relationship with a regulated or registered business that is over a period of years, rather than a one off legal transaction where the business relationship is only for a matter of days or weeks.  If the introducer sells these clients during the course of the business relationship to another provider or is taken over, new introducer certificates will have to be obtained by the registered or regulated business or the clients will need to provide due diligence in order that the rules of the GFSC can be met.  Therefore I would always recommend for these longer term business relationships that due diligence is obtained rather than relying on the introducer certificate.

The rules issued by the GFSC state that clients who are introduced cannot then be introduced again by the regulated or registered business e.g. no introducer chains.  This can lead to the issues of a regulated or registered business unknowingly becoming involved in an introducer chain and having then to obtain the client due diligence, which can have an adverse effect on the business relationship with the client and the relationship with the introducer.  This also has the potential for higher cost to the client or loss of earnings by not being able to access an investment product to take advantage of price and in the worst case scenario the client may miss the investment opportunity altogether.

But what if Guernsey could offer a due diligence depository overseen by a regulating authority subject to stringent audits? Just think if clients provided their due diligence to this depository who then ensured that it met the regulatory standards, could this avoid altogether the need to obtain copies of due diligence or have a testing programme?  This depository could then provide registered or regulated businesses with an introducer certificate which would be more reliable and there would be less potential of unknowingly becoming part of an introducer chain or finding out the introducer was unable to meet its obligations. Could this reduce compliance cost to a regulated business and make Guernsey more competitive, the Jurisdiction of choice? Clients would be able to access products and services offered by other regulated or registered business with ease and certainty without suffering from the due diligence treadmill. Why stop at just offering this service to local registered and regulated businesses why not take an international approach and service other jurisdictions.  This could then lead to an enhancing of our economy while diversifying it at the same time.  We have all the right ingredients in Guernsey to undertake this opportunity we just need the political want to do this. But until my utopia happens please think carefully about the use of introducer certificates, sometimes it is actually easier and more beneficial for a registered or regulated business to get original due diligence and can save time money and cost in man hours to undertake the monitoring and any remedial work.