As published in the HM Treasury National Risk Assessment, 2017, the highest risk Trust or Company Service providers are those which offer a wide range of services and includes Registered Office Only Provision and Company Formation Only services.
Provision of Registered Office Only service
Provision of this service may not appear to be too onerous a task in terms of due diligence. However, as this service, along with Entity Formation Only, are within the remit of the Money Laundering Regulations, 2017, you must apply your established and documented Policies, Control and Procedures to ensure that -
- You conduct an appropriate and effective Client and Matter Level Risk Assessment to fully understand the nature of the entity's activity, along with its connected jurisdictions; and
- You fully understand and are able to evidence the management and control of the entity including its ultimate beneficial ownership, as well as its decision-making processes.
In order to guide you, this table provides an example of best practice and the applicable regulations that support this guidance.
When providing a registered office service, firms are reminded that the Companies Act, 2006, must also be considered when applying due diligence. Firms are statutorily obliged to hold the following for public inspection –
- register of directors (s162, Companies Act, 2006)
- register of members (s790M, Companies Act, 2006)
- register of persons of significant control (s790M, Companies Act, 2006)
- register of charges (s877, Companies Act, 2006)
- register of interests disclosed (s809, Companies Act, 2006)
- records of resolutions and meetings (s358(1), Companies Act, 2006)
- copies of contracts (s228, Companies Act, 2006)
- copies of the accounting records (s388(1)(a), Companies Act, 2006)
A company may resolve to keep the accounting records elsewhere and we would expect to see this decision documented
- copies of qualifying indemnity provisions (s237, Companies Act, 2006)
How a firm establishes and maintains the registers listed above is for them to determine, however, the registers must contain the information stipulated in the legislation.
Please keep in mind that under the Companies Act, a company can elect to keep their statutory documentation at a Single Alternative Inspection Location (a SAIL address) to hold for public inspection, however, you must question and evidence why the client wishes to use your firm's address as its registered office if statutory documentation is to be held elsewhere.
Should your client wish to use a SAIL address you must ensure that the client has registered the SAIL address with Companies House by submitting the appropriate form. In addition, the company must also state which records are to be held at the SAIL address.
Please note that all government agencies' mail, such as HMRC and Companies House correspondence as well as legal notices should still be delivered to the registered office. Should the client request that such official mail be sent to the SAIL address, then they must change their registered office to that address and notify Companies House accordingly.
Provision of your firm's address as a registered office by way of business to an entity can provide a legitimacy to business which acts as a gateway not only to Scotland and to the UK but also globally.
It is essential that you make the client aware of their responsibilities to keep you informed of any and all material changes to the company and that they comply with your procedures. You have the ideal opportunity to do so in the terms of business/letter of engagement that you must provide to the client. It is recommended that you –
- detail your obligations under the Money Laundering Regulations, 2017
- set out the terms governing your relationship with the client, including its tenure and
- clearly stipulate your expectations of and the obligations to the client
In addition, as with your other ongoing clients, we would expect you to diarise a periodic review of such a client and to also act on trigger events as and when they occur.
Of course, you are obliged to display a sign showing each company/entity that you provide with a registered office.
Please note: this guidance has been provided with the expectation that you will use it in line with your firm's risk-based approach and, naturally, it is not a one-size-fits-all. Rather, we expect you to be able to clearly demonstrate and evidence to us that you have a full understanding of the actual activity of the company/entity you are providing this service to and you confidently appreciate its management and control.
Provision of Entity Formation Only Service
As a trust or company services provider you can form a company/entity on behalf of a client but as with the provision of the registered office only service, you are obliged to comply with the Money Laundering Regulations, 2017, to ensure that you and your firm are not being used for illicit purposes.
As with the provision of a registered office only service, you must apply your established and documented policies, controls and procedures to confidently ensure that -
- you conduct an appropriate and effective client and matter level risk assessment to fully understand why the client is requesting this service and
- you fully understand and are able to evidence the proposed management and control of the company/entity, including its ultimate beneficial ownership.
Due to the speed at which you can incorporate a company/entity and, at times it is necessary to expedite the process, you must not forget your obligation to conduct effective due diligence on the client.
The level of customer due diligence you will apply will be determined by the client and matter level risk assessment and the subsequent risk grading applied.
Your obligation to the client ends once you have concluded the service requested in line with the terms of business issued, however, your statutory obligation to comply with Regulation 40 (record keeping) of the Money Laundering Regulations, 2017, remains and you must ensure that the records pertaining to this transaction are held and open to inspection for the period of five years.
You should ask yourself the question, if you are not providing any other services to this client, why is he using your firm to form a UK company/entity?
In order to ensure that your clients are aware of their obligation to provide you with any and all due diligence documentation and information, you should clearly state in your terms of business / letter of engagement which you must provide under Rule B4 of the Practice Rules, 2011. As a mandatory requirement, this sets out the terms governing your relationship.
Informing your clients in writing of your statutory duty to comply with and adhere to the Money Laundering Regulations, 2017, at the outset of your relationship provides a valuable, and agreed, signed and dated point for reference for both parties.
This is crucially important when providing a registered office only service where the due diligence you should undertake is considerable. Please refer to the article on provision of registered office only.
Finally, the Terms of Business letter should state how you communicate with the Client and in what form the instructions should be given and who is authorised to do so on behalf of the Client, Naturally, you will need to perform and document the requisite due diligence on those parties.
Obligations as trustees
Many of you will draft trust Instruments or act as a trustee for your clients, be that in your capacity as an officer of your firm or as a body corporate. Such services are within scope of the Money Laundering Regulations, 2017 (MLR17).
Your client take-on procedures, including the client risk assessment, needs to be robust - as it does with all your clients - know your client and know who ultimately controls the assets.
In addition, those that maintain or retain control over the assets may include a protector and in some instances the settlor or a close family member who has reserved powers, therefore, it is important to establish from the outset what powers and or controls that person or persons has.
Pursuant to Regulation 44 of the MLR17, trustees of 'relevant trusts' are obliged to maintain accurate and up to date written records on the trust's beneficial owners, as well as potential beneficiaries and provide this information to your regulator and to law enforcement agencies on request.
This places further emphasis on your statutory duty to conduct appropriate and effective customer due diligence pursuant to Regulations 27, 28, 30, 33 - 36 of the MLR17.
Trust Registration Service (TRS)
The TRS was introduced by Regulation 45 of The Money Laundering Regulations, 2017.
For those of you who act as trustees of a 'taxable relevant trust' then you are obliged to register the trust with HMRC. In addition, you are obliged to maintain accurate and up to date written records pertaining to trust's beneficiaries as well as potential beneficiaries.
It should not be required, but this places further emphasis on your duty to conduct proper and effective due diligence on the principal parties connected to each trust, including -
- the settlor, even if they are deceased, and all subsequent settlors
- the beneficiaries, if vested
- the protector(s)
- any professional advisors to the trust
- if you have not registered any of your trusts with HMRC then you must do so immediately.
Please note: the fifth EU AML Directive came into force in July 2008, however, the UK has until January 2020 to implement the key changes. Although the UK will in due course not be a member of the EU, we will still be obliged to adhere to the objectives of the directive. Crucially, this includes a register of trusts. We will provide further clarification once the nature and scope becomes available.
Establishing a Trust
It is vital that you conduct appropriate and effective due diligence when establishing a trust for a client and acting as trustee.
When considering your obligations under the Money Laundering Regulations, 2017, you must from the outset clearly identify the principals connected to the trust, namely:
- the settlor(s)
- the beneficiaries, if named
- the class of beneficiaries, if applicable
- the protector(s)
It is worth noting that you are not obliged to verify the identity of an individual beneficiary until that person receives a benefit or distribution from the trust. However, it is your statutory duty to do so before you resolve to make a benefit, be that payment of school fees, the right to live in a property owned by the trust etc.
Your duty to question, understand and document the source of wealth and source of funds is discussed here. However, you will appreciate when taking legal title to trust assets - which can be substantial - you must be comfortable and confident that assets under your management are legitimate.
You have a statutory duty to comply with Regulation 40 of the MLR17 and you must be able to evidence on request any and all customer due diligence documentation, client and matter level risk assessments, ongoing monitoring and your decision-making processes. if it is not documented, then it did not happen.
Please note: you are required to retain all due diligence and supporting documentation for at least five years after a business relationship or transaction is terminated.
Further, your policies, controls and procedures should clearly detail your record keeping and file retention policy and act as a guide to all staff.
When providing trust or company services you may wish to place reliance (Regulation 39) on another licensed and regulated service provider (third party) to conduct appropriate and effective Customer Due Diligence CDD checks on your behalf.
The benefits of placing reliance on a third party can save time and expedite the delivery of your services to the client. However, there are factors that you must consider and document -
- your policies, controls and procedures (PCPs) must address the associated risks when placing reliance on a third party
- detail when reliance is permitted, the conditions precedent and the necessary controls you have in place to satisfy your firm that you are indeed meeting your statutory obligations to comply with Regulation 28 of the MLR17
- obtain the agreement of the third party
- establish and document that the third party has appropriate and effective PCPs in place to ensure they are robust and executed
- ensure that the third party can make the CDD information available to you immediately on request
- ensure that the third party retains the documentation pursuant to Regulation 40 and
- Periodically test that the arrangements are adequate
Conversely, should your firm be relied upon you must ensure that you have the factors listed above in place and, importantly, that you have the consent of the parties involved in the matter to share the CDD information and documentation that you hold on file.
Please note: You cannot outsource your responsibility to ensure that your firm complies with the Regulations and will remain liable for any failures.
Another factor to consider is the geographical location of the third party. You can only place reliance on the following regulated entities in the UK:
- a credit or financial institution as defined in Regulation 10
- auditors, insolvency practitioners, external accountants and tax advisers as defined in Regulation 1
- independent legal professionals as defined in Regulation 12
- trust or company service providers as defined in Regulation 12(2)
- estate agents as defined in Regulation 13
- high value dealers as defined in Regulation 14(1) and
- casinos as defined in Regulation 14(2)
Further, you can only place reliance on the following third parties in an EEA member state if they are:
- subject to the requirements of the 4th Money Laundering Directive (4MLD) implemented through national legislation and
- they are supervised for compliance as stipulated in Section 2, Chapter VI of the 4MLD
Similarly, for all other countries you can only place reliance on the following third parties if they are:
- subject to the same requirements with regard to CDD and record keeping if they are the equivalent to the 4MLD and
- they are supervised for compliance with the requirements similar to those stipulated in Section 2, Chapter VI of the 4MLD
Please note: you cannot place reliance on a third party if they are located in a 'high-risk third country", as designated by the European Commission, unless:
- the third party is a brand or majority owned subsidiary of a person established in an EEA state who is subject to the 4MLD and
- the branch or subsidiary complies fully with the procedures and policies established for the group under Article 45 of the 4MLD.
The Financial Action Task Force have released Risk Based Approach guidance for Trust or Company Service Providers specifically.
The Egmont Group of Financial Intelligence Units and the Financial Action Task Force have jointly published a paper on concealment of beneficial ownership which includes sections on Trust and Company Service provision.