Anti-Money Laundering Policy
Sustainable Eco Energy Management Ltd. (“SEEM” or “the Company”) values its reputation and is committed to maintaining the highest level of ethical standards in the conduct of its Company affairs. The actions and conduct of the Company’s staff as well as others acting on the Company’s behalf are key to maintaining these standards.
The purpose of this document is to set out the Company’s policy in relation to money laundering. The policy applies strictly to all employees, partners, agents, consultants, contractors and to any other people or bodies associated with SEEM within all offices, areas and functions.
The money laundering reporting officer (MLRO) is Mr. Michael Burton-Prateley
Name of person responsible for compliance with anti-money laundering (AML) regime:
Mr. Nathan Wilson
The allocation of duties and responsibilities for these roles is not prescribed in the regulations. The combined Roles of the MLRO include:
- oversight of, and be involved in, money laundering of terrorist financing (MLTF) risk assessments
- taking reasonable steps to access any relevant information about the Company
- obtain and use national and international findings to inform their performance of the role
- creating and maintain the Company’s risk-based approach to prevent MLTF
- supporting and coordinating management’s focus on MLTF risks in each individual Company area; this involves developing and implementing systems, controls, policies and procedures that are appropriate to each Company area
- taking reasonable steps to ensure the creation and maintenance of MLTF documentation
- developing customer due diligence (CDD) policies and procedures
- ensuring the creation of the systems and controls needed to enable staff to make internal suspicious activity reports (SARs) in compliance with the Proceeds of Crime Act 2002 (POCA)
- receiving internal SARs and make external SARs to the National Crime Agency (NCA)
- taking remedial action where controls are ineffective
- drawing attention to the areas in which systems and controls are effective and where improvements could be made
- taking reasonable steps to establish and maintain adequate arrangements for awareness and training
- receiving the findings of relevant audits and compliance reviews (both internal and external) and communicate these to the board (or equivalent managing body)
- making written reports to the board (or equivalent managing body) at least annually, providing an assessment of the operations and effectiveness of the Company’s AML systems and controls
- these reports should be supplemented with regular ad hoc meetings or comprehensive management information to keep senior management engaged with AML compliance and up-to-date with relevant national and international developments in AML
- the board (or equivalent managing body) should be able to demonstrate that it has given proper consideration to the reports and ad hoc briefings provided by the MLRO and then taken appropriate action to remedy any AML deficiencies highlighted.
Policy and procedure on due diligence
Company applies customer due diligence (CDD) principles as follows:
- at the start of a new Company relationship
- at appropriate points during the lifetime of the relationship
- when an occasional transaction is to be undertaken.
The required components of the CDD principles are:
- identifying the client and then verifying their identity by obtaining documents or other information from independent and reliable sources
- identifying beneficial owner(s) so that the ownership and control structures can be understood and the identities of any individuals who are the owners or controllers can be known and, on a risk-sensitive basis, reasonable measures should be taken to verify their identity
- gathering information on the intended purpose and nature of the Company relationship.
The Company adopts a risk-based approach when deciding the degree of CDD to apply. Risks are assessed at the outset of a Company relationship and updated.
Enhanced due diligence (EDD)
EDD measures (as detailed in Regulation 33(5) of the 2017 Regulations) include one or more of the following measures:
- seeking additional independent, reliable sources to verify information (including identity information provided to the Company)
- taking additional measures to understand the background, ownership and financial situation of the client, and other parties relevant to the engagement
- taking further steps to be satisfied that the transaction is consistent with the purpose and intended nature of the Company relationship
- increasing the monitoring of the Company relationship, including greater scrutiny of transactions
- examining the background and purpose of the engagement
- increasing the degree and nature of monitoring of the Company relationship in which the transaction is made to determine whether that transaction or that relationship appear to be suspicious.
Politically exposed person (PEP)
In these higher-risk situations the Company applies more stringent EDD measures. This represents part of the risk-based approach the Company takes to MLTF compliance.
The Company treats individuals as PEPs for at least 12 months after they cease to hold a prominent public function. However, family members and known close associates of PEPs are treated as ordinary clients (subject only to CDD obligations) from the time that the PEP ceases to discharge a prominent public function.
The Company applies EDD measures to PEPs for more than 12 months after they cease to hold a prominent public function when the Company has determined that they present a higher risk of MLTF.
If the Company intends to enter into, or continue, a Company relationship with a PEP it will carry out EDD, which includes:
- senior management approval for the relationship
- adequate measures to establish sources of wealth and fund
- enhanced monitoring of the ongoing relationship
The nature and extent of EDD measures will vary depending on the levels of MLTF risk associated with individual PEPs.
Financial sanctions and other prohibited relationships
The Company will comply with any sanctions, embargos or restrictions in respect of any person or state to which the UN, UK or EU has decided to apply such measures.
If the Company breaches any of these sanctions, embargos or restrictions it will report these to HM Treasury’s Office of Financial Sanctions Implementation (OFSI) in addition to making an external SAR to the NCA, if appropriate.
The Company complies with guidance issued by OFSI on ‘reporting information to OFSI – what to do’, which is relevant for external accountants, auditors and tax advisers.
When delays occur
The Company recognises, in accordance with the 2017 Regulations, that CDD will sometimes need to be completed while the Company relationship is established, rather than before, but this will only be permissible when there is little risk of MLTF.
To ensure the reasons are valid, and should not give rise to suspicions of MLTF, such extensions will be considered individually and agreed by the MLRO.
If a prospective or existing client refuses to provide CDD information, the work will not proceed and any existing relationship with the client will be terminated. However, in some circumstances, such as an insolvency practitioner dealing with insolvencies etc, an appropriate risk-based approach will be adopted where the client’s management are not cooperative in providing CDD information.
Consideration will also be given to whether or not an SAR should be submitted to the NCA under POCA or the Terrorism Act 2000.
Policy and procedure on assessing risk
The Company will analyse the MLTF risks and assess their nature and severity in order to produce a risk profile. The Company will then act to mitigate those risks in proportion to the severity of the threats they pose.
The Company designs and implements appropriate procedures to manage risks it identifies.
The risk analysis is conducted by the MLRO and approved by senior management. This includes formal ratification of the outcomes of the risk analysis, including the resulting policies and procedures.
The risk analysis is updated regularly by periodic reviews, the frequency of which depends on the MLTF risks faced and the stability or otherwise of the business environment. Whenever the Company sees that events have affected MLTF risks, the risk analysis is updated by the event-driven review that may in turn require AML policies, controls and procedures to be amended (such as training programmes for relevant employees).
The Company looks at its clients, markets and itself when designing an analysis process.
Risks are grouped into categories that include ‘client’, ‘services’ and ‘geographic location’.
When looking at overall risk, the Company considers all the individual risk categories. For example, a particular industry and a particular location may each be considered to pose a moderate risk, but when they are considered together by a particular client or transaction then the combined risk may be considered high.
The Company assesses the different services being offered and provided to clients when determining the risk profile of the Company. The different services being provided give rise to different risks. The risk analysis allows resources to be targeted, and procedures tailored, to address those differences.
Services such as bookkeeping, preparation of accounts and personal tax returns are usually considered by the Company to have a low risk profile, whereas insolvency, bankruptcy, recovery and audit are usually considered to have a higher risk.
The Company has a risk-based approach to undertaking work in a new type of service or product or a new region. For example, if the Company mostly deals with clients based in the UK, a potential client based outside of the UK may be treated initially as higher risk.
The Company ensures that it has controls in place to address the risk arising from a new client before establishing the client relationship. The risk profile of the Company shows where particular risks are likely to arise and where certain procedures will be needed to tackle them.
The Company has client risk categories of low, normal and high. The Company undertakes monitoring of the client relationship on a risk-based approach, with levels of monitoring varying depending on the MLTF risk associated with individual clients.
The client’s risk profile is determined on various factors, including:
- legal form of the client (e.g. individual person, company, plc)
- country in which the client is established or incorporated
- countries or regions in which the client carries on Company
- industrial sectors in which the client operates
- nature of services or products being provided to the client
- channels through which the services/transactions are being delivered.
The Company will assess the following risk categories:
- client risk
- service risk
- geographic risk
- sector risk
- delivery channel risk
Identify the type of business each client is involved in and assess the risk of money laundering associated with each.
Identify any mitigating actions the Company can take to reduce the risk, which may include carrying out EDD, preparing client due diligence more often, such as annually or biannually, hot file reviews on a frequent basis and staff training in specialised areas where client risks are high.
The Company identifies all the services it supplies and offers to clients and potential clients, and then assesses the risk of MLTF associated with each of these services.
The Company identifies any mitigating actions in place or planned to reduce the risk. These may include internal or external review of the report being issued to a client, ensuring staff are properly trained and up to date (particularly in those areas with a higher risk) and considering ceasing to provide those services if judged to be too high a risk.
The Company identifies the countries each client is involved with. This would include:
- countries where the client has offices
- countries it has sites such as storage, factories etc
- countries from which funding is supplied
- countries where goods and services are purchased
- countries where sales are made.
The Company assesses the risk of MLTF associated with each of these countries.
The Company identifies any mitigating actions to reduce the risk. These may include internal or external review of specific overseas areas that are seen as particularly high risk and ensuring that staff are familiar with any practices and procedures that may be different in the overseas areas relating to specific clients.
The Company identifies the sectors with which each client is involved.
The Company assesses the risk of MLTF associated with each of these sectors.
The Company identifies any mitigating actions to reduce the risk. This may include carrying out additional work in relation to high-risk sectors such as a client that makes a high proportion of sales in cash or deals in high-value moveable goods (such as works of art), and limiting availability of the Company’s client money bank account for clients that appear to have a higher risk.
Delivery channel risk
The Company identifies all the methods of delivering services to its clients.
The Company assesses the risk of MLTF associated with each of these delivery channels.
The Company identifies any mitigating actions to reduce risk. This may include arranging more face-to-face contact with clients, particularly during the engagement process, and providing the services directly to the client instead of via an intermediary.
Policy and procedure on reporting
All ‘relevant employees’ should report their knowledge or suspicions of MLTF to the MLRO. This would normally be on the firms’ internal reporting form. If the form is not available, then a report can be made by other means to prevent delay in making the report.
The MLRO will consider the internal report and if the MLRO also suspects MLTF, then the MLRO will submit an external SAR to the NCA.
The MLRO will inform the partner in charge of the assignment of any action that they need to take (for example, ceasing work until consent has been obtained).
If the MLRO is not available, then the alternate will take over this role in their absence.
In exceptional circumstances the report can be made by the relevant employee to the NCA.
The key elements required for an SAR are ‘suspicion’, ‘crime’ and ‘proceeds’.
A ‘relevant employee’ is an employee (including partner) whose work is relevant to compliance with the regulations, or is otherwise capable of contributing to the identification and mitigation of the risks of money laundering and terrorist financing to which the Company is subject, or to the prevention or detection of money laundering and terrorist financing in relation to the Company.
Relevant employees should not commit the offence of ‘tipping off’ This offence is committed when a relevant employee discloses that:
- an SAR has been made and this disclosure is likely to prejudice any subsequent investigation, or
- an investigation into allegations of MLTF is under way (or being contemplated) and this disclosure is likely to prejudice that investigation.
After making an SAR the MLRO will consider what information, if any, in the SAR can be disclosed to the client without ‘tipping off’ and these deliberations and the conclusions reached will be kept by the Company.
Continuing work for the client may require that matters relating to the suspicions be discussed with the client’s senior management. This may be of particular relevance in audit relationships.
Relevant employees who have concerns about possible reportable offences can discuss their concerns with suitable employees/partners in the Company to help them decide if an SAR should be made.
Investigations into suspected MLTF should not be conducted unless to do so would be within the scope of the engagement.
When more than one relevant employee is aware of the same reportable matter, a single SAR can be submitted to the MLRO, but it should contain the names of all those making the SAR.
It is the MLRO’s responsibility to decide whether the information reported internally needs to be reported to the NCA. If an SAR is made, the MLRO will also decide:
- whether consent is required from law enforcement for the engagement or any aspect of it to continue
- how client Company should be conducted while a consent decision is awaited.
The MLRO will consider making reasonable enquires of other relevant employees and systems within the Company, before making an external SAR.
If an SAR is to be made to the NCA, the MLRO (or deputy) will make the report using the NCA SAR Online System.
The SAR should contain the following essential information:
- name of reporter
- date of report
- name of the suspect or information which may identify them
- details of who else is involved, associated, and how
- facts regarding what is suspected and why
- relevant NCA glossary code (if applicable)
- whereabouts of any criminal property, or information that may help locate it
- actions that the Company is taking that require consent.
The MLRO keeps records relating to SARs that include the following:
- all internal SARs made
- how the MLRO handled matters, including any requests for further information
- assessments of the information provided, along with any subsequent decisions about whether or not to await developments or seek extra information
- rationale for deciding whether or not to make an external SAR
- any advice given to engagement teams about continued working and any consent requests made.
The MLRO (and in exceptional circumstances the relevant employee making an internal SAR) will consider the ‘privileged circumstances’ exemption when making an SAR. As these matters can be complex, the MLRO will also consider if professional legal advice is required before making this decision.
Once a consent request has been made, the activity in question will cease unless and until:
- consent has been received or
- the notice period has expired or
- after consent was been refused during the notice period, the moratorium period has expired.
If no refusal has been received within seven working days following the day of submission (this is the notice period), consent is deemed to have been given and the activity in question can proceed.
If consent is refused during the notice period, a further 31 days must pass, from the day of refusal, before the activity can continue. This is called the moratorium period.
The Company will usually take legal advice before continuing the activity after the moratorium period.
After making an SAR report, the Company will consider whether the suspicion is such that for professional or commercial reasons it no longer wishes to act for the client.
In most cases the Company policy is not to share this information regarding suspicious activity with other advisers.
The Company has other obligations, such as the reporting obligations as auditors or the reporting of misconduct by fellow members of a professional body. In these cases the offence of tipping off must be considered and avoided.
Policy and procedure on record keeping (client due diligence and money laundering issues only)
The CDD form and consideration of money laundering issues documentation will be completed for all new clients and updated on at least an annual basis and when a significant transaction or change takes place.
When the original document was seen by a relevant employee, that person will endorse the copy to that effect, including the date on which it was seen.
When the copy originates from outside the Company, the standing of the person who certified it should be considered and relevant employees should be aware of the risks associated with certified copies.
Where a document is not an original but could be mistaken for one, it is annotated to that effect. Such documents should carry an indication of the source and when they were obtained or downloaded.
The Company will keep the AML documents for at least the period specified below.
The AML documents are:
- documents and information obtained to satisfy the CDD requirements
- sufficient supporting records in respect of a transaction that is the subject of CDD measures or ongoing monitoring to enable the transaction to be reconstructed.
The period is five years from
- the date the transaction is complete, for records relating to an occasional transaction
- the date the Company relationship has come to an end for records relating to:
(i) any transaction which occurs as part of a Company relationship, or
(ii) CDD measures taken in connection with that relationship.
The Company will delete any personal data from the records if the documents are retained after the minimum retention periods referred to above.
When we cease to act for a client, this information will be archived in the companies compliance files with a date logged. It will be passed for confidential destruction after five years.
Policy and procedure on third-party reliance
If the Company relies on a third party to complete all or part of the CDD it will still carry out a risk assessment and perform ongoing monitoring.
If the Company contracts with a group of companies that are under the control of a parent undertaking, all of which could be considered clients, it may consider applying CDD in a proportionate, risk-sensitive way by treating the group as a single entity.
The Company will ensure that appropriate client identification steps are taken to comply with the requirements in the ACCA Rulebook, Section B2, which relates to AML.
The Company undertakes verification procedures using a risk-sensitive basis. Appendix C of the CCAB Anti-Money Laundering Guidance for the Accountancy Sector contains a non-exhaustive list of documents that can be used for verification purposes.
Before using any electronic service, the Company questions whether the information is reliable, comprehensive and accurate. It considers the following:
- Does the system draw on multiple sources? A system that combines negative and positive data sources is generally more robust than a single-source system.
- Are the sources checked and reviewed regularly?
- Are there control mechanisms to ensure data quality and reliability?
- Is the information accessible? It should be possible to either download and store search results in electronic form or print a hard copy that contains all the details required.
- Does the system provide adequate evidence that the client is who they claim to be?
Policy and procedure on internal control
As detailed below, the firm will appoint an MLRO and where appropriate an alternative.
The MLRO will be given authority to implement the necessary changes in the firm’s procedures to ensure compliance.
All partners and relevant employees will be required to accept the changes to the office rules and partnership agreement that confer the necessary authority on the MLRO.
All partners and relevant employees will be required to make the necessary internal reports using the standard form when they have a suspicion in respect of a client.
All partners and relevant employees will be required to complete the fit and proper, confirmation of independence and annual declaration on an annual basis.
The firm will retain evidence of all partner and relevant employees screening relating to skills, knowledge, expertise, conduct and integrity both before, and during the course of, their appointment. This includes knowledge of the law relating to money laundering, terrorist financing and data protection as well as an assessment of conduct and integrity as part of the firm’s ethics training.
Policy and procedure on compliance management
The MLRO will undertake a compliance review on an 6 monthly basis. This review will include, but is not limited to:
- consideration of the annual declaration of fit and proper status, etc completed by all partners and staff
- a review of a sample of files to ensure that the CDD pack has been completed and/or updated as necessary
- consideration of the adequacy of the training given to all staff and partners
- consideration as to whether staff working in high-risk Company areas require specialised training or more frequent training.
Policy and procedure on communication
All partners and relevant employees will be required to:
- undertake training for any new regulations; these include the law relating to money laundering, terrorist financing and data protection
- undertake training and assessment to ensure that they:
- are aware of their legal and regulatory duties
- understand how to put those requirements into practice in their roles, including training on ethics
- are continuously updated about changes in(a) the Company’s AML policies, systems and controls
(b) the money laundering risks faced
- consider whether they need to undertake further training on an annual basis during the appraisal process
- confirm their understanding of and compliance with the regulations and the firm’s policies and procedures as part of their annual declaration.
Policy and procedure on training and awareness
The MLRO is responsible for ensuring that all relevant employees (and others if appropriate) undertake the AML training at the appropriate time.
The training includes the following:
- an explanation of the law within the context of the Company’s own commercial activities
- the ‘red flags’ of which the relevant employees should be aware when conducting Company, which would cover all aspects of the MLTF procedures, including CDD and SARs
- how to deal with transactions that might be related to MLTF (including how to use internal reporting systems), the Company’s expectations of confidentiality and how to avoid tipping off
- the relevant data protection requirements.
The training programmes are tailored to each Company area and cover the Company’s procedures so that relevant employees understand the MLTF risks posed by the specific services they provide and types of client they deal with, and so are able to appreciate the approach they should be taking for each and every client they are involved with.
The Company aims to create an AML culture in which relevant employees are always alert to the risks of MLTF and habitually adopt a risk-based approach to CCD and the work they undertake.
The Company keeps records showing who has received training, the training received and when training took place. These records are used to decide when additional training is required, for example when the role of a relevant employee changes or the MLTF risk of a specific Company area changes.
The relevant employees will be able to determine when to make an internal SAR to the MLRO and what information should be included in the report.
New relevant employees are provided with AML training as soon as possible after joining the Company.