00 by fionan



                       Compliance Institute
   Sample Examination Papers and Model Answers
                               October 2009

                        Regulatory Risk Management

               Anti-Money Laundering and Financial Crime

Please note that the following sample question papers and model answers are not
published for use as study materials. They are intended to illustrate the nature of
       each examination and to indicate the level of achievement involved.

Every effort has been made to ensure that the model answers are correct. They are
based on regulation at the time they were written and should not therefore be relied
 upon as a comprehensive statement of current regulatory standards and practice.

Sample questions and model answers for other Institute examination papers are not
                             available for 2009.
                       Examination Paper


                          October 2009

                     Time allowed: 3 hours


 1. This paper is divided into two sections. Questions in Section A are
    worth 5 marks each (maximum 20), and questions in Section B are
    worth 40 marks per Case Study (maximum 80). The total of marks
    available on the paper is 100.

 2. You are required to answer FOUR questions from Section A, and TWO
    of the Case Studies in Section B.

 3. Do NOT open this question paper until you are instructed to do so.

 4. Carefully read the instructions on the cover of the answer book.
Answer FOUR questions from this section
1. The Financial Services Authority‟s annual Financial Risk Outlook and Business
   Plan collectively set out identified risks to the Authority‟s Statutory Objectives,
   together with the work the Authority will undertake to manage those risks.

   Outline five steps that senior management of financial services firms can take to
   use the information in these reports for the benefit of their business. (5 marks)

2. The Financial Services Authority regularly and routinely uses formal letters to
   Chief Executives of financial institutions to communicate matters of regulatory
   concern. In the context of risk based regulation:

   (a) Give three examples of what the Financial Services Authority is seeking to
       accomplish through the use of “Dear Chief Executive” letters.   (3 marks)

   (b) Briefly outline two ways in which a firm might react to matters set out in a
       “Dear Chief Executive” letter.                                    (2 marks)

3. List, with a brief explanation for each, five examples of how the Financial
   Services Authority‟s Arrow programme supports the supervision of regulated
   firms.                                                           (5 marks)

4. The Markets in Financial Instruments Directive and its implementing measures
   set out the regulations relating to Material Outsourcing Arrangements.

   (a) Briefly define what is meant by a “Material Outsourcing Arrangement”
                                                                           (1 mark)
   (b) List four steps that firms should take when first establishing a Material
       Outsourcing Arrangement.                                          (4 marks)

5. The Financial Services Authority‟s rules at BIPRU require investment firms to
   carry out an Internal Capital Adequacy Assessment Programme (ICAAP) as well
   as to maintain the capital requirement identified in individual assessments.

   (a) Identify three ways that the Authority‟s work with an authorised firm‟s ICAAP
       will help support its regulatory risk management of that firm,       (3 marks)

   (b) Identify two features of an ICAAP that allow firms to manage the risks to their
       own individual businesses.                                          (2 marks)

                                                  [Maximum for Section A: 20 marks]
Answer the questions arising from TWO of the Case Studies
in this section

Case Study

1. You work for an investment firm that has a wealth management subsidiary called
Investment Plus Ltd. That subsidiary conducts advisory and discretionary investment
business for high-net worth individuals in the United Kingdom. Investment Plus has
recently had a systems and controls audit, which identified concerns about its
surveillance systems for its client advisory and discretionary management activities.
In particular the audit report highlighted that trade surveillance at Investment Plus
had the following deficiencies:

   It was conducted in an unstructured manner, without any prior thought to the
    types of trading to be reviewed or to the standards of advisory or discretionary
    activity that were to be checked.
   It was not focused in the right way, in that it appeared no consideration was given
    to the pre-classification of trading activities that might allow for a risk-based
    approach to trading surveillance.
   It contained insufficient reporting arrangements. The results of Investment Plus‟
    trading surveillance were collated once each month and presented as a general
    written report to Investment Plus‟ senior management. Moreover, the auditors
    considered that the length of the monthly report made it difficult for senior
    management to identify any emerging trends or issues and did not allow for
    senior management to make a distinction between important issues and those
    that were merely considered as routine.
   It contained insufficient escalation arrangements. In the period under review, 100
    advisory trades had been reviewed, of which ten were classified as containing
    advisory activities that might have led to some client detriment. It appeared,
    however, that no immediate actions were taken to deal with the identified trading
    concerns before the monthly senior management report was presented, and even
    then it was left to senior management to determine what remedial steps, if any, to

You have been seconded as a special adviser to the Investment Plus‟ compliance
department and have been asked to develop trading surveillance processes and
protocols that will both overcome the concerns highlighted in the external audit report
and allow Investment Plus‟ compliance function to best apply its limited resource to
monitor the quality of the firm‟s advisory and discretionary management activities.


(a) Prepare a short briefing paper outlining the arrangements you would put in place
    to operate a risk-based trade surveillance system together with the key risk
    measures that could be established to support such an approach.     (10 marks)

(b) Provide an explanation of your suggested arrangements and measures together
    with their overall significance.                                (10 marks)
(c) Explain to the firm‟s governing function the steps that would have to be taken
    when your identified key risk measures alerted you to a failure by the firm‟s client
    desk in meeting “Know Your Customer” information requirements.         (20 marks)

                                                    [Total for Case Study 1: 40 marks]
Case Study

2. You work for an Insurance Intermediary business (ABC Insurance) that has been
acquired by a venture capital company with a view to preparing it for public sale in
two years‟ time. The venture capital company is concerned that ABC Insurance‟s
management has always been too centred on its two shareholding directors. The
company‟s board comprises only the two shareholding directors and there is no
independent non-executive director representation. As a result of this structure, the
current directors‟ decision making often goes unchallenged. Moreover, the board
meets once per month and deals with all company matters but usually concentrates
on those items that have a sales focus. In the past there has been limited board
attention to risk-management, audit or compliance.

You have been asked to help the company develop a robust structure for its
corporate governance.


(a)      Outline and explain structural and operating arrangements for the company‟s
      board of directors that you would consider appropriate.             (20 marks)

(b)       Explain the safeguards you would put in place to ensure your governance
      structure contains an appropriate level of independent challenge.

(c)       Write a short advice to the venture capital company explaining the value of
      independent non-executive directors and identify in that advice three key criteria
      that support a non-executive director‟s independence.                 (10 marks)

                                                     [Total for Case Study 2: 40 marks]
Case Study

3. You work in the compliance department of a retail bank that has outsourced to a
call centre operation based in Brazil the processing of its clients‟ current and savings
accounts. When talking to the bank‟s clients, staff in the call centre often identify
additional client banking needs, such as loans and savings, and a procedure has
been established to allow the call centre staff to advise on and sell appropriate
banking products to the bank‟s clients.

During its recent risk assessment of the bank, the Financial Services Authority
identified major concerns with how the bank controls the outsourcing arrangement
with the Brazilian call centre, namely:

     The bank took very limited steps to assess the appropriateness of the call centre
      prior to its engagement by the bank.
     The bank has no formal written contract with the call centre. All that is in place is
      a simple “Heads of Agreement” document setting out financial performance
      related terms between the bank and the call centre.
     Although the bank has prescribed the compliance systems and controls that
      should be in place at the call centre, the bank has not to date carried out any
      supervision of the call centre‟s sales activities, other than to monitor whether it is
      meeting the sales targets set out in the Heads of Agreement.

The bank‟s board of directors has recently received the Financial Services Authority‟s
Risk Mitigation Plan (RMP). The RMP states that, although the bank has overall been
assessed by the Authority as a medium impact firm, because of the nature of the
arrangement it has with the Brazilian call centre the bank‟s procedures for the
oversight of its outsourcing arrangements are allocated a high impact and high
probability rating.

The Authority has asked that the bank‟s senior management conduct a full review of
its outsourcing procedures and report to the Authority on the steps the bank will take
to ensure that it operates in compliance with relevant regulatory obligations.
Furthermore, because of the nature of the issues identified by the Authority, it has
stated that it is minded to refer the matter to its enforcement division for further


You are required to write a short memorandum of advice to the bank‟s board setting
(a)     The controls you would expect to be put in place within the bank to ensure
    that corrective actions are taken regarding the call centre.        (10 marks)

(b)      The management information you would expect to receive to monitor the
      success of the bank‟s corrective actions.                    (10 marks)

(c)      The steps that the bank might take in the future both to reduce the high
      probability rating and to improve its relationship with the Financial Services
      Authority.                                                         (20 marks)

                                                       [Total for Case Study 3: 40 marks]

                                                      [Maximum for Section B: 80 marks]
Regulatory Risk Management - Suggested Answers

The following answers have been prepared to illustrate possible approaches to
answering the examination paper. They are not intended to be comprehensive,
covering every possibility, but they do address the key points. Marks will be available
for other points made by candidates provided they are relevant, correct and (where
appropriate) justified by reasoned argument.

The suggested answers are usually given here in brief note form. However, in the
examination, candidates should ensure that their answers contain sufficient detail to
satisfy the examiner that the question has been fully understood and addressed.


Question 1

Apply the reported risks to their own business model.

Establish a risk mitigation plan to manage those risks.

Re-asses their FSA risk mitigation plan in the context of FSA reported risks.

Prepare the business for up and coming FSA thematic work.

Advise the business to take targeted action in relation to those risk highlighted by the

Question 2.

a) Such method of communication allows the FSA to communicate messages to
   relevant sectors of the industry.

 It allows the FSA to highlight, to the targeted sectors, focused actions in relation to
 specific communicated risks.

 It allows the FSA to stress the importance of particular actions or concerns at a
 senior level within the targeted firms.

b) Assess the FSA concerns against the risk presented by their own business.

 Develop a remedial plan in order to respond to the highlighted concerns.

Question 3.

a)    It allows the FSA to assess the risk presented by firms‟ business activities to the
     achievement of its Statutory Objectives.

b) FSA carries out desk based reviews of firms based on intelligence gathered from
   regulatory returns.
c) Medium and High impact firms have a supervisory relationship with the FSA that
   allows for closer monitoring of the firm‟s activities.

d) The FSA carries out thematic supervision of risks that involve several firms or
   that are across the market.

e) For medium and high impact firms, the FSA carries out periodic risk assessment
   visits to assess the probability and impact of risks presented by the firm‟s
   business activities.

Question 4.

a) An arrangement between an authorised firm and a service provider by which the
service provider performs on behalf of the firm critical or important operational


i. Firms should assess the ability and capacity of the service provider to perform the
outsourced services.

ii. Establish appropriate methods of regularly assessing the service provider‟s
standard of performance.

iii. Manage the risks of the outsourced arrangement.

iv. Ensure a contract is in place with the service provider including terms that allow
for contract termination.

Question 5.


 i. To ensure that firms hold and maintain sufficient financial capital to meet their

ii. To ensure that firms assess the liabilities presented by the risks relevant to their

iii. Allow for the FSA to carry out regular supervision of the firm‟s capital position.


i. Firms can set part of their capital at a level that is appropriate to meet the cost of
risks specific to their business.

ii. Firms can keep their key risks under review and periodically adjust their capital in
the event of a change to those risks.

Question 1.


In answering this part of the question candidates would be expected to display an
understanding of how a risk based monitoring system can operate and an analysis of
how risk measurements can support such a risk-based approach, as well as the
importance of appropriate escalation procedures. There is no exact answer with
regard to the system that could be put in place. However, candidates‟ answers
should at least address the items below or variations on the theme of the following

Firms could establish an electronic or IT based trading surveillance system that
would select trades within agreed and pre-determined parameters and report such
trades to a compliance officer for review.

The key risk measures might include:

    Trading as a percentage of clients‟ net-worth.

    Trade classification against clients‟ attitude to risk.

    Traders‟ sales volumes against targets.

    Customer complaints.

    Client trading discretion limits against trades taking place.

    Frequency at which clients‟ trades take place to indicate for potential churning.

    Size of individual trades.


Here, candidates would be expected to explain the significance of each of the
measures they identify. The explanation should articulate how each measure would
operate. Assuming that candidates identify each of the measures shown in a) above,
the following would be considered as appropriate explanations of the significance of
such measures.

i An electronic trade surveillance (ETS) system allows for the reduction of human

ii An ETS system allows for efficient selection of trades from a large volume of data.

iii An ETS system provides an audit trail of those trades selected.

iv Selecting by reference to clients‟ net worth allows for the review of trades that
have a risk of not being suitable, given the customer‟s financial circumstances.

v Selecting by reference to clients attitude to risk allows for the review of trading that
might not match the customers recorded attitude to risk.

vi It allows the firm to monitor trading outside of traders scope of authority.

vii It allows the firm to manage the risk of trades on the basis of unsuitable advice
where sales might be made to meet sales targets.

viii It allows for increased scrutiny of traders with higher level of customer complaints
which could indicate the threat of unsuitable advice

ix Large individual trade sizes can indicate a threat to customers ability to afford a

x Can be an indicator of risk to customer‟s investment because of over-


Do not jump to conclusions before assessing the information that has been reported.

Assess whether individual case failures have given rise to any individual customer

In the event of individual customer loss, compensate those customers.

Do not wait until the end of a wider review to compensate initially identified customer

Identify whether any trends can be established, and focus a wider review towards
identified trends.

Agree the scope for enquiry with a senior manager.

In the event of trends, review the know-your-customer procedures and policies.

Interview key desk staff and establish differences between written procedures and
those in practice.

Identify the cause of a break down in procedures.

Respond to actualities of identified trends.

Contact potentially affected customers and assess their circumstances.

Identify any general customer loss and compensate.

Correct procedural failings.

Ensure findings are reported to the desk head and senior management.
Retrain staff on procedural or policy changes.

Institute disciplinary proceedings against any staff intentionally breaching company

Assess whether the matter needs reporting to the FSA, and report if necessary.

Identify whether your case selection parameters need to be adjusted following your

Assess whether there is a risk of further breaches and factor this into the company‟s
approach to risk management.

Question 2.


In answering this part of the question, candidates would be expected to display an
understanding of corporate governance, typical board structures that meet the
Combined Code on corporate governance, and the role of the independent non-
executive director. There is no exact answer with regard to the governance
arrangements that could be put in place. However, candidates‟ answers should at
least address the items below or variations on the theme of the following matters:

Establish a governing board with a balance between executive directors and
independent non-executive directors.

Establish an independent non-executive director recruitment process.

Appoint a non–executive director chairman.

Independent non-executive directors should chair a series of board committees.

The board should meet at regular intervals (ideally monthly).

The board should receive departmental reports. Such reports should include
“Treating Customers Fairly” measures.

At least one person on the board should have responsibility for compliance matters.

Establish an audit committee.

The audit committee should oversee the work of the internal audit function and the
outcome of the work of the firm‟s external auditors.

Establish a risk committee.

The risk committee should have responsibility for overseeing risk management within

A programme of risk mitigation.
The compliance function.

Regular monitoring of risk measures.

Establish a remuneration committee.

The remuneration committee should have responsibility for setting the firm‟s
remuneration policy and should also agree remuneration and bonus payments.


Ensure that there is an equal balance of independent non-executive and executive

Formalise the board structure and board committees.

Establish an objective non executive appointment process, thus ensuring that
executive directors do not appoint friends.

Ensure each director has clear responsibilities.

Ensure each board meeting has a clear agenda. This must cover all matters
relevant to the running of the business.

Ensure that agreed board minutes are kept.

Do not permit non-executive directors to own shares in the company, or to have any
other financial interest in the company.

Ensure non executive directors have sufficient gravitas to challenge the executives.


They contribute to oversight of the business and can provide third party advice.

They are not involved in an executive capacity and so they provide a challenge to the
executive directors‟ decision making and are free to ask difficult and unpopular

They should chair all committees that provide oversight of the Company‟s operations.

 Through their oversight they ensure that board meetings do not operate as
shareholders‟ meetings.

They help manage conflict that might exist between difficult business decisions and
directors‟ personal reward.

Their independence helps protects the company‟s duties to its shareholders.

Their personal decision making is not motivated by their interests in the company.
Question 3.


In answering this part of the question candidates should address control mechanisms
rather than discrete corrective actions. A detailed understanding of Banking
Regulation is not required and thus marks will not be given for answers that are
aimed at illustrating a thorough knowledge of those rules. Candidates, will, however,
need to appreciate the fundamental regulatory requirement to control and supervise
outsourced arrangements. There is no exact answer with regard to the measures
that could be put in place. However, candidates‟ answers should at least address the
items below or variations on the theme of the following matters:

i)   Senior management should create a clear responsibility within the firm for
     overseeing outsourced relationships, possibly by giving to one or more senior
     managers overall responsibility for outsourcing.

ii) The firm should ensure that it has in place clear written and compliant
    outsourcing supplier appointment procedures together with supporting policies.

iii) The firm‟s senior management should receive regular periodical reporting of key
     service providers‟ operational compliance performance measures.

iv) There should be prescribed standards against which service providers must
    operate services on behalf of the bank.

v) The firm should have in place, and operate, escalation triggers or red flags
   allowing senior management to know when the need arises to act upon any
   issues highlighted by the performance measures.

vi) Ensure that any compliance breaches identified by the escalation triggers are
    promptly acted upon by senior management

vii) That a programme of competence assessment is carried out for all existing and
     future new staff that are integral to the operation of the firm‟s outsourcing

viii) That senior management put in place and operate a programme of routine
      oversight of the firm‟s outsourced service providers.

ix) That all the firm‟s outsourced service providers receive training on the
    responsibilities they have as a supplier.

x) That senior management engender a culture of compliant behaviour. (The
   candidate might deal here with the cultural aspects in a number or ways. What is
   important is that there is a recognition that a firm‟s culture can play a significant
   role in embedding regulatory risk management),

In answering this part of the question, candidates should be able to apply to the
issues raised in the question a series of processes and measures that can be put in
place to help the firm to firmly establish compliance with the FSA rule on outsourcing.
Once again there is no exact answer with regard to the processes that could be put
in place. However, candidates‟ answers should at least address the items below or
variations on the theme of the following matters:

       i. A measurement confirming that supplier contracts are in place for service

      ii. A measure confirming that all service providers continue to meet the Bank‟s
          appointment conditions.

      iii. Regular reporting of the quality of sales made or products sold by outsourced

      iv. A measurement of the results of the quality of routine on-site compliance
          reviews at outsourced suppliers.

      v. Complaints data from clients sold to by outsourced service providers.

      vi. A measurement of the timeliness of compliance reviews at outsourced

     vii. Measurement to show results of staff training on outsourcing obligations.

     viii. Measurement to show the results of service provider staff training.

      ix. A measure confirming that all procedures or policy changes at service
          providers, identified as a result of the bank‟s oversight, have been effected.

      x. A root cause analysis showing the reasons why any service suppliers‟
         contracts are terminated.


 The answer to this part of the question will rely on the creativity of the candidate in
 applying regulatory risk management knowledge to the question. There is not a
 definite right answer to the approach that might be taken by the firm, although key
 messages regarding sound and reasoned management, aimed directly at
 mitigating the issues faced, should come across in the candidate‟s answer. The
 candidate should also be able to identify the additional relationship dynamic that
 arises once a firm is referred to enforcement. Candidates would be expected to
 address the following items or variations on the theme illustrated by the model

 i)     That the bank should ensure that it meets the requirements of the FSA‟s Risk
        Mitigation Plan, including reporting progress promptly to the FSA.

 ii) Present to the FSA a thorough overview of the Bank‟s new outsourcing
     procedures and policies and control measures.
iii) That it might be appropriate to offer alternative or additional methods of
     mitigating the FSA‟s identified risks than those methods specified by the FSA.

iv) The Bank should seek to identify the root cause of its outsourcing breaches.

v) That senior management would put in place a programme to eliminate the
   identified root causes and report these to the FSA.

vi) Senior management should improve its systems and controls with a view to
    preventing a repeat of the breaches.

vii) The Firm might establish a programme of Key Risk Measures to assist it in
     monitoring for breaches of outsourcing rules.

viii) As part of its systems and controls development the Bank might engage an
  external adviser to independently review and comment on its new systems and

ix) It could identify what it could achieve from the development of its relationship
    with the FSA and embark upon a programme of relationship development with
    its FSA relationship manager.

x) It should acknowledge the importance of the Bank‟s senior management being
   heavily involved in the FSA relationship development, and It should identify
   which of its senior management could contribute to the development of its FSA

xi) The relationship development programme should be aimed at creating
    confidence in the Bank‟s ability to manage its own risk mitigation, and the
    appropriateness of its own rules breach remediation.
                     Examination Paper


                         October 2009

                   Time allowed: 3 hours


   1. This paper is divided into two sections. Questions in Section A are
      worth 5 marks each (maximum 20), and questions in Section B are
      worth 40 marks per Case Study (maximum 80). The total of marks
      available on the paper is 100.

   2. You are required to answer FOUR questions from Section A, and
      all the questions from TWO of the Case Studies in Section B.

   3. Do NOT open this question paper until you are instructed to do so.

   4. Carefully read the instructions on the cover of the answer book.
Answer FOUR questions from this section

1. The Financial Services Authority (FSA) requires senior management of a firm to
   take reasonable care to establish and maintain effective systems and controls to
   combat financial crime.

   (a) The FSA‟s rules for Senior Management Arrangements, Systems and
       Controls (SYSC) provide three attributes that such controls must have. What
       are these three attributes?                                       (3 marks)

   (b) Under SYSC, senior management are required to ensure that there are
       individuals allocated to at least two defined roles with regard to combating
       financial crime. Please list the two roles.                        (2 marks)

2. Outline the elements that constitute the offence of “Tipping Off” and list any
   defences which can be raised to the offence.                        (5 marks)

3. List five different types of Market Abuse.                            (5 marks)

4. List five areas of its business and management a Common Platform firm might
   take into account when identifying its money laundering risk for the purpose of
   establishing appropriate systems and controls under SYSC.
                                                                         (5 marks)

5. Define and differentiate between the terms “money laundering” and “financial
   crime”.                                                          (5 marks)

                                                [Maximum for Section A: 20 marks]
Answer the questions arising from TWO of the Case Studies
in this section

Case Study

1. You are the Money Laundering Reporting Officer of Abbots Broking Limited
(Abbots), a UK based stockbroker. The firm provides advisory, discretionary and
execution only services to a wide range of individuals and companies in relation to
UK and overseas securities. Abbots holds client monies at several different UK banks
and generally holds clients‟ securities in a nominee name with a UK custodian or, if
foreign securities, with its sub-custodian. Abbots also allows certain of its clients to
trade on margin.

Abbots employs 40 brokers, each of whom has at least one assistant to carry out
administrative functions, including booking of some trades and moving funds
between a client‟s portfolios and sub-accounts to ensure funds are available for the
day‟s trading and to meet any margin calls.

One of the brokers, Paul Madop, looks after two corporate clients which were
introduced through a personal friend of his, Jim Dunn, who is the Chief Executive of
Silk Investments LLC and has already opened a personal advisory dealing account
with Abbots so that he may receive advice with regard to investing in AIM listed

One of the corporate clients is Silk Investments LLC, a hedge fund adviser based in
New York. Silk Investments LLC is an SEC regulated firm in the United States. It
maintains an execution only account with Abbots.

The other corporate client looked after by Paul Madop is the Theta Fund, a focused
long/short equity fund, registered in the Cayman Islands. For UK purposes, the Theta
Fund is therefore an unregulated collective investment scheme. Silk Investments LLC
has been appointed investment adviser to the Theta Fund. The Theta Fund has
opened an account on an execution only basis. Silk Investments LLC has full power
of attorney over the assets held by the Theta Fund on its Abbots account. The Theta
Fund trades very actively and has many investors from across the globe.

Following an internal tip off, your investigation of the Theta Fund accounts indicates

o   The Theta Fund has established a line of credit and is trading on margin in USD
    – EUR FX options.

o   Recent instructions to trade have been given at the UK market opening by
    telephone. Most of these calls were taken by Paul Madop. As required under
    internal rules, Paul has made a note of the calls; the notes indicate that Paul
    received a number of these orders on his mobile telephone line which is not
    recorded. The reason is that New York opens for business in the afternoon and
    continues until approximately 11.00pm. The calls taken on Paul‟s mobile were all
    taken after UK office hours.
o   A few calls withdrawing funds were made on a recorded line to Paul Madop‟s
    assistant who has not met any of the client‟s representatives. There is no
    password or other security information required and instructions are not required
    to be confirmed in writing from or to the client.

o   Over the last few days the account has been losing money, margin calls have
    been issued through Paul Madop and these margin calls have been settled from
    an account – the “internal errors account” - at Abbots.

o   The internal errors account now shows a zero balance, but further checking
    indicates that funds to settle margin calls have also been paid in from Jim Dunn‟s
    personal account.

o   Monies have also been paid from the Theta Fund account at Abbots to other
    offshore companies. The payment process allows monies to be remitted to other
    accounts and institutions on the signature of the broker only.

o   No monitoring of the Theta account was carried out because Silk Investments
    LLC is an SEC registered company.

o   You also note that various cupboards and printers containing confidential
    information are left unsecured after Paul Madop and his assistant have left for the
    evening. On looking at the policy arrangements and training records, you note
    that there is a draft clear desk policy, but no training has been carried out on it

  (a) Analyse the different risk characteristics of each of the following, and describe
      what customer due diligence documentation and information you would
      expect to find on file for:

       (i) Jim Dunn;                                                         (3 marks)

       (ii) The Theta Fund;                                                  (7 marks)

       (iii) Silk Investments LLC?                                           (3 marks)

    (b) Analyse the situation at Abbots with respect to the methods of accepting
        orders, the trading process and post facto monitoring, looking in particular at:

       (i) the potential internal risks                                     (11 marks)

       (ii) the potential risks from external fraud                         (8 marks)

In each case, your answer should include any obvious control weaknesses and how
you would mitigate them.

    (c) Identify the external reports that may be required in relation to the above
        situation and state the legislation or regulations under which such reports
        would be required.
                                                                          (4 marks)
(d) Outline the matters you need to consider in deciding whether there is an
    obligation to make any reports.                                (4 marks)

                                           [Total for Case Study 1: 40 marks]
Case Study

2. You are a compliance consultant. You have been retained by the Rightway
Group (Rightway), a firm of Independent Financial Advisers (IFAs).

The results of your fieldwork are as follows:

Rightway employs a number of IFAs across the UK. It has one office in Birmingham
and 75% of its IFAs are home based, visiting the office only occasionally. Rightway
was founded 10 years ago by a group of 10 IFAs who left larger firms. Each of the 10
founders, who are still with Rightway, now has at least 20 years‟ experience.

As a result of an expansion drive some three years ago, 40 of the IFAs at Rightway
have been employed by the firm for less than 2 years. 30 of this group of 40 are
experienced IFAs who brought existing clients with them. 10 of the 40 have not
previously worked as IFAs but have either worked in the industry, or in a related
industry, before.

Rightway advises on the full range of investments, including pensions and pensions
transfers. Some of the IFAs are also qualified accountants and tax advisors, and the
firm derives some fee income from tax advice. Most clients have been introduced by
other professionals. In the past, many of the introductions have been from estate
agents, property lawyers, property development companies and surveyors. As a
result, there is a large number of clients for whom Rightway has arranged either a
residential or buy to let mortgage. Some of these then go on to receive advice on
investments. Some IFAs advise clients on the whole of their investment portfolios.

As a result of the current economic situation, the volume of business from mortgages
and referrals from estate agents, property lawyers and surveyors has declined

Rightway has, over the last 3 months, hired an additional 10 IFAs all of whom have
been FSA approved. The reason for appointing this group of 10 new hires, whose
areas of expertise are in areas other than mortgages, is to assist with the
diversification of the Rightway‟s income base. The internal control process for new
recruits is:

o   CVs are collected and most recruits are interviewed by one member of staff

o   The last employer is contacted to check the employment dates. Where the recruit
    has been self employed, a personal reference is sought

o   Contracts refer to remuneration and basic employment law matters only. No
    statement about previous activities is sought.
You do some testing of the client base of a sample of the IFAs and find the following:

 IFA        Years’       Revenue    Total
            Experience   (Per       Number of     Clients        Number of     Comment
                         annum      Current       Introduced     Introducing
                         £’000s)    Clients       by other       Firms
 Randell    10           60         100           45             25            Wide spread of
                                                                               investment and
                                                                               business. Clients
                                                                               across East
 Singh      20           80         120           60             20            Wide spread of
                                                                               mortgage and
                                                                               business, mainly
                                                                               based around
                                                                               East Midlands.
 Taylor     3            50         10            10             1             Main revenue
                                                                               from buy to let
                                                                               Client base/
                                                                               properties in 2
                                                                               developments in
                                                                               SE London.
 Usman      20           54         93            46             8             Pensions
                                                                               specialist and
                                                                               tax adviser,
 Voce       5            52         15            14             1             Mortgage
                                                                               Clients mainly
                                                                               from Manchester
                                                                               – all buy to let
                                                                               from 3
 Williams   30           85         150           75             15            General
                                                                               investments and
                                                                               Clients mainly in
 Xenia      15           40         200           180            20            General
                                                                               products and
                                                                               some funds
                                                                               business. Clients
                                                                               mainly in Bristol
                                                                               and surrounding

You have been asked by Rightway‟s board of directors to provide the following:

   (a) An assessment with reasons, of the risks from financial crime in Rightway‟s
       business, concentrating in particular on the mortgage and general insurance
       products offered by Rightway.                                    (14 marks)

   (b) An analysis of any weaknesses in the recruitment control structure at
       Rightway that might increase the risk from financial crime by its IFAs and how
       you would address them.                                              (7 marks)

   (c) Indicators of risk that you would use to assess the risk of financial crime that
       each IFA‟s business presents.                                         (5 marks)

   (d) An assessment for each of the seven IFA s you have looked at as to whether,
       on a comparative basis, you regard each IFA‟s business as presenting either
       a higher risk or lower risk of financial crime.                 (14 marks)

                                                   [Total for Case Study 2: 40 marks]
Case Study

3. (Please answer both parts of this question).

Part 1
You are the MLRO of a boutique bank. The bank offers corporate finance and wealth
management services to entrepreneurs across the globe. The client base is attracted
by the discretion and confidentiality offered by the bank. Your bank‟s corporate
finance department is advising Winloz, an AIM listed internet gaming company, with
regard to its offer to purchase the entire shareholding of Lozelodz, another AIM listed
internet gaming company.

You receive a copy of a suspicious transaction report made by a relationship
manager at the wealth management arm of your bank with regard to the following
matters, none of which is legally privileged:

o   The subjects of the report are Subco (a subsidiary of Winloz), the Chief Executive
    of Lozelodz and its Chief Financial Officer, all of whom hold accounts at the bank.

o   Subco has paid an amount of £10m to Alpha Investments Limited, a British Virgin
    Island investment company.

o   The Chief Executive and Chief Financial Officer of Lozelodz have received £2m
    and £1m respectively, from Alpha Investments Limited.

The payments to the Chief Executive and Chief Financial Officer of Lozelodz from
Alpha Investments Limited may be the redemption of investments made by them. On
the other hand, these could be payments to them by Winloz for their support in
recommending the takeover of the company to investors and for selling their shares.
If so, this could also be a fraud on the other shareholders of Lozelodz.

You are in a quandary. There could be a perfectly acceptable reason for the
payments by Alpha Investments Limited or you could be looking at a fraud being
perpetrated on the shareholders in Lozelodz.

If senior executives are involved in a fraud then what you need to do is clear. If,
however, there is a perfectly innocent explanation as to the payments made to the
Chief Executive and Chief Financial Officer of Lozelodz such as the redemption of an
investment and you report the transaction, it is likely that the clients concerned will be
none too happy, and the information will soon spread that you made a suspicious
transaction report which was unwarranted. Senior management at your bank are
concerned with any legal liability the bank may incur and with the reputational risk if
you make a defensive suspicious transaction report on a transaction that turns out to
be perfectly innocent.

   (a) With reference to the facts in the case study above, analyse the law on the
       requirement to make a suspicious transaction report, making reference to any
       precedent cases that assist in interpreting the law.             (11 marks)

   (b) If you decide to delay the completion of the transaction (i.e. the Winloz offer
       for Lozelodz), which results in your client suffering considerable damages,
       analyse the protection offered to the bank by the cases of Squirrell v National
       Westminster Bank [2005] EWHC 664 (Ch), K v National Westminster Bank
       [2006] EWCA Civ 1039 and Shah v HSBC Private Bank (UK) Limited.
                                                                          (8 marks)

   (c) State to which of the following liabilities you and the bank might be exposed if
       you fail to report the suspicion and, instead, proceed with the transaction at

               Criminal Liability
               Civil Liability
               Regulatory Liability

         In each case give your reasons.                                   (9 marks)

Part 2

You have reported the matter to SOCA. Six days have passed since you made the
report to SOCA. The Chief Executive and Chief Financial Officer of Lozlodz have
drawn cheques on their accounts which have been “Referred to Drawer”.

They are unable to meet their normal living expenses due to the bank‟s failure to
honour their cheques. They, individually, are shortly to see one of the bank‟s
directors about the failure to make payments from their accounts. Several of the
cheques are of low value and the director thinks that the bank should honour these
as the amounts are so small and the potential hardship so great.


   (d) Provide guidelines to the director setting out what he may and may not
       mention to the clients at the meeting. Include the guiding principles for his
       conduct and any relevant criminal laws and penalties he may be exposed to if
       he either honours the cheques, or tells the clients why he cannot honour the
       cheques.                                                          (12 marks)

                                                   [Total for Case Study 3: 40 marks]

                                                  [Maximum for Section B: 80 marks]
Anti-Money Laundering and Financial Crime – Suggested Answers

The following answers have been prepared to illustrate possible approaches to
answering the examination paper. They are not intended to be comprehensive,
covering every possibility, but they do address the key points. Marks will be available
for other points made by candidates provided they are relevant, correct and (where
appropriate) justified by reasoned argument.

The suggested answers are usually given here in brief note form. However, in the
examination, candidates should ensure that their answers contain sufficient detail to
satisfy the examiner that the question has been fully understood and addressed.


   Question 1

   (a) Senior management has a responsibility to ensure that the firm‟s control
       processes and procedures are:
           Appropriately designed.
           Implemented.
           Effective.

   (b) [Requirement can be found in SYSC 3.1.1R, 3.2.6R and 3.2.6A]
           They must ensure that certain appointments are made:
                  i. Money Laundering Reporting Officer.
                 ii. A senior person with responsibility for ensuring that controls are

   Question 2.

   Proceeds of Crime Act 2002 / Terrorism Act 2000

   You know that a suspicious transaction report (authorised disclosure) has been
   made or that an investigation under POCA or TA is contemplated or underway, and
   you make a disclosure that is likely to prejudice any such investigation.

       Disclosure made within a group of companies;
       Disclosure made to a professional legal adviser;
       Disclosure made between certain regulated institutions for the purposes of
         preventing an offence.

   Question 3

   Five from the following seven:
   Insider dealing.
   Improper disclosure of inside information.
   Misuse of information.
   Manipulating transactions.
   Manipulating devices.
   Disseminating information likely to give a false or misleading impression.
   Market distortion.

Question 4

          its customer, product and activity profiles;
          its distribution channels;
          the complexity and volume of its transactions;
          its processes and systems;
          its operating environment.

Question 5

“Money laundering” is a crime that involves the acquisition, use, possession,
transferring or making arrangements in respect of criminal property [as outlined in
the UK in the Proceeds of Crime Act 2002].

    According to the FSA SYSC provisions, “financial crime” includes:
        Fraud
        Market abuse
        Money Laundering / Terrorist financing

    Money laundering is only one crime amongst them.

Question 1

    (i) Individual from a standard risk country:
          Personal identity information: Name, date of birth, permanent address.
          Passport / other photographic ID and source of wealth information.
    (ii) Unregulated collective investment scheme:
Offshore unregulated collective scheme is a higher risk. Therefore, it is appropriate to
look behind it in more detail. Therefore, client due diligence documentation should
include at least:
           Fund prospectus/offering document and copies of material contracts listed
             in the prospectus/offering document
           Certificate of incorporation / extract from commercial register / proof of
             registration of the fund
           Individual identification and verification of fund officers
           Individual Identification and verification of the fund manager, directors of the
             promoter and fund manager, and shareholders in the fund where
             shareholding is over 25% (i.e. UBO)
           Identity of scheme functionaries/counterparties
    (iii) Regulated investment firm in equivalent jurisdiction:
           Simplified due diligence to include name and business address of the
           To include checking on the SEC website that they are registered

      (i) The major potential risks from internal fraud are centred around the amount of
          unsupervised client access the relationship manager, Madop, has with the
          clients. In particular :

            Madop appears to be able to take instructions on his mobile

            Madop and his team appear to be able to move monies between the
             internal errors account and the client account

            Madop is the conduit for client communication on margin calls

         There appears to be no application of the “4 eyes” principle

         There is no monitoring that might detect the unusual trading patterns as this
         appears to be driven by Silk, the advisor being regulated, rather than looking at
         the client or the activity on the account.

         To mitigate the risks, the following should be required:
         - all instructions are taken on a taped line;
         - the internal error account is subject to proper process / oversight including
           independent authority for its usage;
       -   an independent check is made on the client instructions for moving money
           out of the account. This could be on all transfers or just those that do not go
           to a client nominated default account. (There could be a limit on all money
           transfers to that account – Abbots is not a bank);
       -   Margin calls etc to be sent by a separate unit.

       With regard to external fraud, the major risk appears to be:

       -   the lack of controls on accepting instructions which could leave the firm
           open to fraudsters / imposters giving instructions.
       -   exacerbated by the fact that the assistant has not met the client.

       Mitigation of this threat would be to:

       -properly identify the person giving instructions by e.g.:
              -password or other arrangements e.g. call back
              -written confirmation to the client of an agreed fax number or similar for
              all instructions;
              -assistants or other employees should meet the clients.

       There also appear to be some information security problems which might lead
       to either internal or external fraud.

       This could mean that confidential information could be removed by internal
       persons or contractors e.g. cleaners.

       A clear desk policy, to include securing physical information, should be issued
       and training provided.

          Relevant legislation for money laundering is the Proceeds of Crime Act 2002
           for a report to SOCA about suspicions of money laundering.

          Also possibly a crime (under Fraud Act) that it might be appropriate to report
           via the standard criminal complaints process.

          Finally consider whether a report to FSA might be appropriate (either market
           abuse or a serious control failure / compliance breach) under SYSC.

   The key consideration for POCA 2002 is whether there is enough information to
   date to indicate that something is wrong such that we are suspicious that the
   account may contain the proceeds of crime.

   This is arguable either way, but you could report defensively or gather more

   The key for a complaint to the police is whether we believe a crime has been

Question 2

Mortgages General

Note the difference between the residential and buy to let – i.e. it is easier to set up
frauds etc on somewhere that the mortgagee does not live in

         Residential Mortgages

                   o   Fraud – Overvalued properties / fraud on the lender

                   o   Money Laundering – Popular target for criminals due to the
                       volume and ubiquity of the product

                   o   Terrorist financing – Lower risk, but may happen in concert with a

         Buy-to-let mortgages

                   o   Fraud – Increased risk over residential mortgages as has been
                       seen of late. Problems with dishonest surveyors etc and
                       overvaluation of properties.

                   o   Money Laundering – Possibly, as turnover in this sector is more
                       common than in residential markets. Also, illegitimate cash can
                       be disguised as “rent”.

                   o   Terrorist financing – Possibly, but as part of the above.

         General Insurance

                   o   Fraud – in the sales process low risk, but obviously for the
                       insurance company there is a risk of false claims.

                   o   Money Laundering – Low risk

                   o   Terrorist Financing – Low risk
Risks to all of the above. Also the possibility of IFAs being in concert with external
parties to get mortgages or other products with view to using those for criminal ends.
This is because of the role of IFAs as financial gatekeepers.

Internal fraud

Possibility of misleading client into giving powers to the IFA. Also the possibility of data
theft from the client, or other abuse of position of trust with clients‟ assets.

   (b) Weaknesses in recruitment control structure

   Given the risk of hiring someone who will either defraud the client or the firm, there
   is a need to ensure that they are fit and proper.

   Rightway‟s business involves a lot of unsupervised activity (home based advisers
   are the majority). Currently only the last employer is checked.

   The firm should consider the following checks:

          Full reference check back for 5 years (and reasons for leaving employer)

          Credit check / Credit Court Judgements

          Criminal Records

   Recruits to be interviewed by more than one person, and should at least be
   required to positively state – no convictions etc

   (c) Major indicators of risk are:

                    o   Product specialisation in higher risk products.

                    o   Geographical concentration of clients in particular higher risk

                    o   Referrals from a small number of firms for higher risk products.

                    o   Experience of IFA: generally higher risk the less experienced,
                        although this is not conclusive.

                    o   IFAs who are outliers in either gross or average revenue.

   (d) Assessment of the IFAs listed:

                Randell - Experienced. Wide spread of clients; average income for the
                 number of clients. Wide spread of products. Large number of introducing
                 firms. Even distribution of clients – probably fairly low risk.

                Singh – Experienced. Average fee income. Large number of clients.
               Large number of introductions but from large number of firms – Lower

              Taylor – Low number of clients, high revenue from low number of
               referral sources. Higher risk products. Low experience – Higher risk.

              Usman - Experienced. Average fee income. Large number of clients.
               Large number of introductions but from large number of firms – Lower

              Voce - Low number of clients, high revenue from low number of referral
               sources. Higher risk products. Low experience – Higher risk.

              Williams - Experienced. Average fee income. Large number of clients.
               Large number of introductions but from large number of firms – Lower

              Xenia - Experienced. Low fee income. Large number of clients. Large
               number of introductions but from large number of firms. Specialises in
               lower risk products – Lower risk. BUT is an “outlier”, so may deserve a
               further look.

Question 3

   (a) Legal analysis of criminal offence: statutory vs case law.

 Relevant statutory provisions:
   In the regulated sector, failure to report money laundering is an offence under
      Section 330/1 of Proceeds of Crime Act 2002.
   It is an offence not to report where a person knows or suspects or has
      reasonable grounds for knowing or suspecting that another person was
      engaging in money laundering.
   Section 330 applies to any person in the sector;
   Section 331 applies to the MLRO receiving a suspicious activity report.

Money laundering is defined as acts in relation to criminal property.

In this case the question turns on whether we know, suspect or have reasonable
grounds to know or suspect.

Reference to case law to assist:
Leading case:
   • R v Da Silva [2006] EWCA Crim 1654
      (a money laundering case): „the essential element in the word “suspect” … is …
      that there is a possibility, which is more than fanciful, that the relevant facts
    •   „A vague feeling of unease would not suffice‟

    •   „But the statute does not require the suspicion to be “clear” or “firmly grounded
        and targeted on specific facts”, or based upon “reasonable grounds”‟

The interpretation of “suspicion” is one in that is more than merely fanciful; it is more
than a feeling of unease – therefore the concern falls within the legal definition of
suspicion, and so a report should be made..

    (b) Leading cases

Squirrell v National Westminster Bank [2005]
    • It was also obliged not to carry out any transaction in relation to that
    • „.. the course adopted by Natwest was unimpeachable. It did precisely what
       the legislation intended it to do. In the circumstances there can be no question
       of me ordering it to operate the account in accordance with Squirrell‟s
       instructions. To do so would be to require it to commit a criminal offence.‟
K v National Westminster Bank [2006]:
       „The truth is that Parliament has struck a precise and workable balance of
       conflicting interests ....
       . a limited interference is to be tolerated in preference to allowing the
       undoubted evil of money-laundering to run rife in the commercial

Shah v HSBC Private Bank

       Suspicion under POCA was a purely subjective matter. It did not matter whether
    or not there were reasonable grounds for that suspicion provided that it was
    genuinely held.

       A bank has no civil liability as a result of damages flowing from the reporting of
        a suspicious transaction because of the conflict between duties under conflicting
        criminal and civil law where the bank complying with criminal law should be

        The bank was also not in breach of any duty to disclose information to the
    claimants. To have done so would have put the bank at risk of committing a „tipping
    off‟ offence under POCA 2002.

    (c) Criminal Law
         Failure to Report as s331 above is subject to a fine or imprisonment of 5
         Officers at the bank carrying out an act in breach of POCA S328 – making
           arrangements in relation to property which they know or suspect assists
       a laundering offence. This is a principal money laundering offence – 14
       years, a fine or both.
      Civil recovery of any profits made.

   Regulatory Liability
    Individual‟s breach of FSA principles – if malice / dishonesty found,
    Any officer holding Significant Influence Function might be fined or barred.
    Institutional breach of FSA principles – the Bank may have breached
      systems and controls principles and
    Could be sanctioned – a range of enforcement options from private letter to
      public fine / authorisation removed.
   Civil Liability
    Possibility of civil liability to the victims of a fraud if it is known or suspected
      that what the client is doing is illegal.
    So-called constructive trustee.

(d) Guidelines

   Two key principles are at work: i) Do not Tip Off; ii) All transactions are covered
   regardless of value.

   In meeting with the clients, you must not make a statement to them that would
   prejudice an investigation: Proceeds of Crime Act 2002 / Terrorism Act 2000.
   Therefore, we cannot currently honour the client‟s cheques. You may not give a
   reason for this, nor give any indication that a report has been made or that an
   investigation might be underway by the authorities.

   The relevant law is

   POCA Section 333 as amended – Tipping Off.
   The potential offence is committed if a person knows that a suspicious
   transaction report (authorised disclosure has been made) or that an
   investigation under POCA or TA is contemplated or underway; and then he
   makes a disclosure that is likely to prejudice any such investigation.

   The defences available do not seem to apply in this case.

   The penalty for committing the offence of Tipping Off is a fine or up to 5 years in

   The specific money laundering offences set out in POCA do not have a
   minimum amount attributable to them. Therefore we cannot honour any of the
   cheques at present, regardless of value.

   To honour the cheques without consent would be to risk committing a principal
   offence which is liable to an unlimited fine, 14 years imprisonment or both.

To top