Money laundering is perceived by governments throughout the world as a major threat to the market economy. To combat this threat, lawmakers have attempted to make money laundering more difficult by restricting criminals’ access to the professional expertise which is often required to introduce dirty money back into the legitimate economy (AAT, 2009).

In the UK, anti-money laundering controls are provided through a package of legislative measures that include the Proceeds of Crime Act 2000 (Proceeds of Crime Act 2002), the Terrorism Act 2002 (Terrorism Act 2006), and the Money Laundering Regulations 2007.

HM Revenues & Customs advise that new businesses are required to have anti-money laundering controls in place and have to be registered with HMRC before the business starts to trade.

Anti-money laundering controls are policies and procedures that you must put in place within your business in order to prevent activities related to money laundering and terrorist financing.

They include assessing the risks of your business being used by criminals to launder money; verifying customers’ identity; monitoring customers’ transactions and reporting suspicious activity to the Serious Organised Crime Agency (SOCA); keeping the right records; and ensuring you have appropriate internal management controls.

Your business should establish and maintain appropriate and risk sensitive policies and procedures relating to:

• customer due diligence measures and ongoing monitoring
• reporting
• record keeping
• Internal control
• risk assessment and management
• the monitoring and management of compliance
• the internal communication of such policies and procedures.

Customer due dilligence – Know Your Customer (KYC) – and giving attention to the level of risk in business are two focus areas in anti-money laundering controls.

Customer due diligence is the term used in the Regulations for the steps that businesses must take to:

• Identify the customer and verify their identity using documents, data or information obtained from a reliable and independent source.
• Identify any beneficial owner who is not the customer. This is the individual (or individuals) behind the customer who ultimately own or control the customer or on whose behalf a transaction or activity is being conducted.
• Where a business relationship is established, you will need to understand the purpose and intended nature of the relationship, for example details of customer’s business or the source of the funds.

You must also conduct ongoing monitoring to identify large, unusual or suspicious transactions.

A risk-based approach means directing resources in accordance with priorities so that the greatest risk receives the highest attention.

This has been introduced to:

• allow public authorities and businesses to concentrate resources in the areas of greatest risk
• to avoid a ‘tick-box’ approach which can focus on a rigid system of control rather than the actual risks, which are in practice different for each business.

By adopting a risk based approach businesses are able to ensure that measures to prevent money laundering and terrorist financing are appropriate to the level of risk identified.

Applied appropriately this approach should allow businesses to be more efficient and effective in their use of resources, and minimise burdens on their customers.

Advice from HM Revenue & Customs, 2009. See: http://www.hmrc.gov.uk/mlr/controls.htm.