This post has already been read 293 times!
Risk management for providers of investment funds
The provision of investment funds can involve multiple parties: the fund manager, appointed advisers, the depositary and sub-custodians, registrars and, in some cases, prime brokers. Similarly, the distribution of these funds can involve parties such as tied agents, advisory and discretionary wealth managers, platform service providers and independent financial advisers.
The type and number of parties involved in the funds distribution process depends on the nature of the fund and may affect how much the fund knows about its customer and investors. The fund or, where the fund is not itself an obliged entity, the fund manager will retain responsibility for compliance with AML/CFT obligations, although aspects of the fund’s CDD obligations may be carried out by one or more of these other parties subject to certain conditions.
Funds can simply be a store of value for criminal asset to hide the asset from other jurisdictions. It is for this reason, these type of funds are attractive to a criminal element looking to hide money. The key is to identify who they are, where the asset is from and how it was funded – this is made more difficult by the obfuscation of who really owns the investment.
Investment funds may be used by persons or entities for ML/TF purposes:
- Retail funds are often distributed on a non-face-to-face basis; access to such funds is often easy and relatively quick to achieve, and holdings in such funds can be transferred between different parties.
- Alternative investment funds, such as hedge funds, real estate and private equity funds, tend to have a smaller number of investors, which can be private individuals as well as institutional investors (pension funds, funds of funds). Funds that are designed for a limited number of high-net-worth individuals, or for family offices, can have an inherently higher risk of abuse for ML/TF purposes than retail funds, since investors are more likely to be in a position to exercise control over the fund assets. If investors exercise control over the assets, such funds are personal asset-holding vehicles, which are mentioned as a factor indicating potentially higher risk in Annex III to Directive (EU) 2015/849.
- Notwithstanding the often medium- to long-term nature of the investment, which can contribute to limiting the attractiveness of these products for money laundering purposes, they may still appeal to money launderers on the basis of their ability to generate growth and income.
This post is directed at:
- Investment fund managers performing activities under Article 3(2)(a) of Directive (EU) 2015/849; and
- Investment funds marketing their own shares or units, under Article 3(2)(d) of Directive (EU) 2015/849.
- Other parties involved in the provision or distribution of the fund, for example intermediaries, may have to comply with their own CDD obligations and should refer to relevant chapters in these guidelines as appropriate.
- The post, while EU centric, is good advice and a standard setter globally.
For funds and fund managers, our general risk management post may also be relevant.
Product, service or transaction risk factors
The following factors may contribute to increasing the risk associated with the fund:
- The fund is designed for a limited number of individuals or family offices, for example a private fund or single investor fund.
- It is possible to subscribe to the fund and then quickly redeem the investment without the investor incurring significant administrative costs.
- Units of or shares in the fund can be traded without the fund or fund manager being notified at the time of the trade and, as a result, information about the investor is divided among several subjects (as is the case with closed-ended funds traded on secondary markets).
The following factors may contribute to increasing the risk associated with the subscription:
- The subscription involves accounts or third parties in multiple jurisdictions, in particular where these jurisdictions are associated with a high ML/TF risk as defined in our generic risk post.
- The subscription involves third party subscribers or payees, in particular where this is unexpected.
The following factors may contribute to reducing the risk associated with the fund:
- Third party payments are not allowed.
- The fund is open to small-scale investors only, with investments capped.
Customer risk factors
The following factors may contribute to increasing risk:
- The customer’s behaviour is unusual, for example:
- The rationale for the investment lacks an obvious strategy or economic purpose or the customer makes investments that are inconsistent with the customer’s overall financial situation, where this is known to the fund or fund manager.
- The customer asks to repurchase or redeem an investment within a short period after the initial investment or before the payout date without a clear rationale, in particular where this results in financial loss or payment of high transaction fees.
- The customer requests the repeated purchase and sale of shares within a short period of time without an obvious strategy or economic rationale.
- The customer transfers funds in excess of those required for the investment and asks for surplus amounts to be reimbursed.
- The customer uses multiple accounts without previous notification, especially when these accounts are held in multiple jurisdictions or jurisdictions associated with higher ML/TF risk.
- The customer wishes to structure the relationship in such a way that multiple parties, for example non-regulated nominee companies, are used in different jurisdictions, particularly where these jurisdictions are associated with higher ML/TF risk.
- The customer suddenly changes the settlement location without rationale, for example by changing the customer’s country of residence.
- The customer and the beneficial owner are located in different jurisdictions and at least one of these jurisdictions is associated with higher ML/TF risk as defined in the general part of the guidelines.
- The beneficial owner’s funds have been generated in a jurisdiction associated with higher ML/TF risk, in particular where the jurisdiction is associated with higher levels of predicate offences to ML/TF.
The following factors may contribute to reducing risk:
- The customer is an institutional investor whose status has been verified by an EEA government agency, for example a government-approved pensions scheme;
- The customer is a firm in an EEA country or a third country that has AML/CFT requirements that are not less robust than those required by Directive (EU) 2015/849.
Distribution channel risk factors
The following factors may contribute to increasing risk:
- Unclear or complex distribution channels that limit the fund’s oversight of its business relationships and restrict its ability to monitor transactions, for example the fund uses a large number of sub-distributors for distribution in third countries;
- Uhe distributor is located in a jurisdiction associated with higher ML/TF risk as defined in the general part of these guidelines.
The following factors may indicate lower risk:
- The fund admits only a designated type of low-risk investor, such as regulated firms investing as a principal (e.g. life companies) or corporate pension schemes.
- The fund can be purchased and redeemed only through a firm, for example a financial intermediary, in an EEA country or a third country that has AML/CFT requirements that are not less robust than those required by Directive (EU) 2015/849.
Country or geographical risk factors
The following factors may contribute to increasing risk:
- Investors’ monies have been generated in jurisdictions associated with higher ML/TF risk, in particular those associated with higher levels of predicate offences to money laundering.
- The fund or fund manager invests in sectors with higher corruption risk (e.g. the extractive industries or the arms trade) in jurisdictions identified by credible sources as having significant levels of corruption or other predicate offences to ML/TF, in particular where the fund is a single investor fund or has a limited number of investors.
The measures funds or fund managers should take to comply with their CDD obligations will depend on how the customer or the investor (where the investor is not the customer) comes to the fund. The fund or fund manager should also take risk-sensitive measures to identify and verify the identity of the natural persons, if any, who ultimately own or control the customer (or on whose behalf the transaction is being conducted), for example by asking the prospective investor to declare, when they first apply to join the fund, whether they are investing on their own behalf or whether they are an intermediary investing on someone else’s behalf.
The following paragraph is referenced elsewhere in this post and should be read carefully. It dictates the level of risk and measures to be applied in each circumstance.
The customer is:
- (A) A natural or legal person who directly purchases units of or shares in a fund on their own account, and not on behalf of other, underlying investors; or
- (B) A firm that, as part of its economic activity, directly purchases units of or shares in its own name and exercises control over the investment for the ultimate benefit of one or more third parties who do not control the investment or investment decisions; or
- (C) A firm, for example a financial intermediary, that acts in its own name and is the registered owner of the shares or units but acts on the account of, and pursuant to specific instructions from, one or more third parties (e.g. because the financial intermediary is a nominee, broker, multi-client pooled account/omnibus type account operator or operator of a similar passive-type arrangement); or
- (D) A firm’s customer, for example a financial intermediary’s customer, where the firm is not the registered owner of the shares or units (e.g. because the investment fund uses a financial intermediary to distribute fund shares or units, and the investor purchases units or shares through the firm and the firm does not become the legal owner of the units or shares).
In the situations described in bullet points ‘A’ and ‘B’ above, examples of SDD and EDD measures a fund or fund manager should apply in high-risk situations include:
- Obtaining additional customer information, such as the customer’s reputation and background, before the establishment of the business relationship;
- Taking additional steps to further verify the documents, data or information obtained;
- Obtaining information on the source of funds and/or the source wealth of the customer and of the customer’s beneficial owner;
- Requiring that the redemption payment is made through the initial account used for investment or an account in the sole or joint name of the customer;
- Increasing the frequency and intensity of transaction monitoring;
- Requiring that the first payment is made through a payment account held in the sole or joint name of the customer with an EEA-regulated credit or financial institution or a regulated credit or financial institution in a third country that has AML/CFT requirements that are not less robust than those required by Directive (EU) 2015/849;
- Obtaining approval from senior management at the time of the transaction when a customer uses a product or service for the first time;
- Enhanced monitoring of the customer relationship and individual transactions.
In lower risk situations, to the extent permitted by national legislation, and provided that the funds are verifiably being transferred to or from a payment account held in the customer’s sole or joint name with an EEA-regulated credit or financial institution, an example of the SDD measures the fund or fund manager may apply is using the source of funds to meet some of the CDD requirements.
SDD and EDD measures to be taken in situations described in bullet point ‘C’ above.
In the situations described in ‘C’ (above), where the financial intermediary is the fund or fund manager’s customer, the fund or fund manager should apply risk-sensitive CDD measures to the financial intermediary. The fund or fund manager should also take risk- sensitive measures to identify, and verify the identity of, the investors underlying the financial intermediary, as these investors are beneficial owners of the funds invested through the intermediary. To the extent permitted by national law, in low-risk situations, funds or fund managers may apply SDD measures similar to those described in the ‘pooled accounts section of our Retail Banking Risks post, subject to the following conditions:
- The financial intermediary is subject to AML/CFT obligations in an EEA jurisdiction or in a third country that has AML/CFT requirements that are not less robust than those required by Directive (EU) 2015/849.
- The financial intermediary is effectively supervised for compliance with these requirements.
- The fund or fund manager has taken risk-sensitive steps to be satisfied that the ML/TF risk associated with the business relationship is low, based on, inter alia, the fund or fund manager’s assessment of the financial intermediary’s business, the types of clients the intermediary’s business serves and the jurisdictions the intermediary’s business is exposed to.
- The fund or fund manager has taken risk-sensitive steps to be satisfied that the intermediary applies robust and risk-sensitive CDD measures to its own customers and its customers’ beneficial owners. As part of this, the fund or fund manager should take risk-sensitive measures to assess the adequacy of the intermediary’s CDD policies and procedures, for example by referring to publicly available information about the intermediary’s compliance record or liaising directly with the intermediary.
- The fund or fund manager has taken risk-sensitive steps to be satisfied that the intermediary will provide CDD information and documents on the underlying investors immediately upon request, for example by including relevant provisions in a contract with the intermediary or by sample-testing the intermediary’s ability to provide CDD information upon request.
Where the risk is increased, in particular where the fund is designated for a limited number of investors, EDD measures must apply and may include those set out above relating to higher risk (A and B in the bullet list)
SDD and EDD measures to be taken in situations described in bullet point ‘D’ above.
In the situations described in bullet point ‘D’ above, the fund or fund manager should apply risk-sensitive CDD measures to the ultimate investor as the fund or fund manager’s customer. To meet its CDD obligations, the fund or fund manager may rely upon the intermediary in line with, and subject to, the conditions set out in Chapter II, Section 4, of Directive (EU) 2015/849.
To the extent permitted by national law, in low-risk situations, funds or fund managers may apply SDD measures. Provided that the conditions listed in relation to the risk for a ‘C’ classified customer are met, SDD measures may consist of the fund or fund manager obtaining identification data from the fund’s share register, together with the information specified in Article 27(1) of Directive (EU) 2015/849, which the fund or fund manager must obtain from the intermediary within a reasonable time-frame. The fund or fund manager should set that time-frame in line with the risk-based approach.
Where the risk is increased, in particular where the fund is designated for a limited number of investors, EDD measures must apply and may include those set out in the measures for customers identified as bullet points ‘A’ and ‘B’ above.