The much-awaited Consultation Document by Malta’s FIAU, proposing amendments to the Implementing Procedures Part 1, was published on the 30th October 2018.
The consultation period ends at the end of the year and it is fair to assume that the final version will then be published in the early weeks of 2019 as minor changes are expected.
Let’s be fair, there are very few surprises if any in this document. After all, the major changes were implemented at the beginning of the year when the revised regulations were issued. The Implementing Procedures are only beefing up these regulations.
One of the most welcome change is the simplified approach being adopted for non-face-to-face relationships. Under the new regulations, a non-face-to-face is no longer being treated as high risk and this is now reflected in the more relaxed procedures that will be adopted. The focus remains on the level of risk, but at least in a low risk environment a simple copy of the identity document may after all be suitable.
It is also positive to note that the position of the designated employee is now being given a higher status as the proposed procedures will now allow the designated employee to file a suspicious report in the temporary absence of the MLRO.
One of the shocks of the Regulations is the imposition to have in place an independent audit. This created quite a debate, especially for small and medium sized firms as this is considered a potential added compliance cost. In terms of the new procedures the role of the independent auditor can be undertaken by a member of the same firm provided he/she is not the MLRO or any other person involved in the AML-CFT Compliance role.
But there must be a catch somewhere… is it possible that all is good news? Yes you are right! There is a catch and this is hidden in the penultimate paragraph. The FIAU will now be regulating the way data is organised by each subject person. The signals are simple as the document says “To facilitate the retrieval of records and to assist in any compliance monitoring activity conducted by the FIAU” the data must be maintained in a specific format. This means that the FIAU intends to intensify offsite inspections by making a simple request to the MLRO to deliver data in terms of paragraph 9.5.2. of the Implementing Procedures. The likelihood is that data is available but probably scattered all over. This may inevitably create a big headache to gather all data within the limited time period allowed by the regulator.
InScope is offering the solution. In fact the reporting tool of its AML-CFT Compliance software is so powerful that the requested information can be easily extracted and any request by the authorities can be met instantly.
Truly with InScope it’s just another day!