Coronavirus - Dealing with your client due diligence requirements (“CDD”)
In this Blog on some of the many queries received from our clients through our Ask Teal Service, we look at the most popular question we’ve had on how to deal with meeting your CDD obligations during a lockdown period.
We are in unprecedented times and it’s unlikely you’ll be able to obtain certified copy documents from the majority of clients as they will struggle to deal with this during a period of restricted movement or total lockdown. It’s worth remembering that the CDD documents we collect are not used purely for anti-money laundering purposes but also to satisfy other requirements such as those set by UK Finance (i.e. where a client purchases a property with a mortgage, you’re required by the UK Finance Handbook to see an original document and keep a copy of it) and also to identify fraudulent transactions.
With any instructions you receive from new clients not previously known to you, it’s unlikely you’ll be able to meet your clients face-to-face in the short term to check their identification documents. Usually this would lead you to having to seek enhanced due diligence. However, bear in mind that for one of the highest (and busiest) risk areas for AML purposes, property transactions, that it’s unlikely that any matters will be able to complete in the near future given the lockdown. Indeed, on 26 March the government issued guidance for buying and selling residential properties.
Should you wish to progress a matter in the meantime, you could consider using consider electronic verification services – something that many firms already use as part of their processes. Whilst UK Finance has not yet provided guidance on whether electronic verification may be used to satisfy their requirements, we understand that a number of law firms have spoken with them to see whether they will allow firms to obtain copy documents and then use electronic techniques to verify their authenticity. We recommend speaking with UK Finance and also with individual lenders to clarify whether they’ll permit this form of CDD during this period.
Commonly, we see firms using EVS running a two track approach: they still obtain documents from clients and then use their EVS to validate those documents. EVS generally:
1) check against data that they hold (usually credit reference agency files and other data such as electoral roll registers) to verify whether clients actually exist,
2) on most EVS you can use their functionality to authenticate your documents by checking algorithms contained on documents provided to you (for example, those you find on a passport or driving licence).This can be a much more robust check than reviewing original documents yourself, as it can often be difficult to spot a fake.
You can also hold a virtual call (for example using Skype or Zoom) with your client to check the picture contained within the document, if they have the facilities to do so. Firms then run the document through their EVS.
Shazia Zamir of Team Teal has recently written a blog on EVS, where she takes us through the different types of services available and gives an overview of their “pros and cons” (https://www.tealcompliance.com/single-post/2020/02/02/The-benefits-of-Electronic-Verification).
Using CDD in this way was envisaged by the Fifth Money Laundering Directive. The 2019 version of the Money Laundering Regulations state that where you have an electronic verification which is protected from fraud and misuse (i.e. by authenticating the document), then you may use that for verifying a client - and the risk of the client being non face-to-face and the need to undertake EDD falls away, provided you know that your client has had the document authenticated.
However, if you feel these processes aren’t as robust as your current procedures, remember these are only temporary measures for you to consider. If you decide to depart from your usual Policy, we recommend that you prepare a Policy Addendum detailing the changes. It’s open to you to carve out any types of work where you do not wish any new measures to be deployed.
The SRA has now issued guidance on CDD issues arising due the epidemic. They have pointed out that Rule 8.1 of the Code of Conduct for Solicitors (Rule 7.1 of the Code of Conduct for Firms applies this Rule equally to firms) says you must identify who you are acting for, but that this is not prescriptive and up to you to determine what is necessary. They go on to state that you have discretion to put together a risk-profile for work and appropriate requirements. They acknowledge that face-to-face contact is not necessarily required and you may consider using other means, giving examples such as email, telephone and virtual appointments, whilst highlighting that you should ensure that you comply with the CDD requirements in the Money Laundering Regulations.
The SRA also discusses whether electronic verification is sufficient for EDD purposes, stating that it may be enough, provided that the service provider uses multiple sources of data in the verification process. They also point out that e-verification only confirms that someone exists and not that your client is who they say they are, so that if there is anything to suggest that they aren’t, you will need to do further EDD.
For full details see: https://www.sra.org.uk/sra/news/coronavirus-qa