AML Compliance as a Competitive Advantage
New regulatory requirements can offer an opportunity to re-appraise the way a firm operates and identify opportunities for strategic improvement. Hazel Gibbens, Regulatory Communications and Awareness, Amiqus ID, looks at the opportunities to use AML compliance for competitive advantage.
With the creation of the Office for Professional Body Anti Money Laundering Supervision (OPBAS) in January, GDPR coming into effect on 25th May, and the deadline for nationwide AML Approved Person Application (which requires all beneficial owners, officers and managers to undergo a Basic Disclosure check) on 26th June, now is the time to assess your firm’s current standing.
While many practice managers and sole practitioners may feel a headache coming on at the thought of yet more regulatory compliance paperwork taking up billable staff and company time, it could prove incredibly beneficial to tackle the latest requirements strategically.
Rather than an exercise in box ticking, you can view the new frameworks as an opportunity to put together sound AML and client data systems, further securing the trust of your clients and employees.
Accountancy firms will find their responsibilities moving in three directions: vertically to your regulatory body, laterally to staff and employees, and of course externally to all existing and potential clients.
Using a streamlined approach to engage with and handle compliance processes could well be used as a differentiator and give your firm the edge in a competitive environment.
Regulators
Regulatory supervisors will monitor and evaluate whether your firm is applying best practice in regards to firm-wide assessment of risk, client due diligence and overall anti-money laundering compliance.
The ICAS AML Monitoring Report 2017 concluded that around 20% of firms ‘needed to improve their risk assessment’, and also saw a notable decrease in the number of fully compliant firms as the regulatory bar rises further.
As monitoring and compliance audits increase, now is the time to connect with your regulator, ask for advice and implement incremental improvements to systems and processes.
Staff and Employees
The most important aspect of any firm-wide compliance policies is ensuring that all members of staff understand and engage with them.
Creating and maintaining a culture that focuses on reduction of risk, respect of client data privacy and efficient repeatable processes can play a part in retaining staff as well as attracting new talent, particularly as more people take into consideration not just their job role but the company and environment they’re part of.
By starting with robust staff and client intake processes and handling risk assessment at the initial stages of a relationship, clear expectations are set and firms can increase the likelihood of flagging any suspicious behaviour early on.
It’s worthwhile educating staff on how and when to store or dispose of sensitive information and deliver regular training to stay on top of the latest rights data subjects have.
Implementing security procedures such as password management software, two-factor authentication login and access restriction on client identity data would help reduce the risk of internal data-related issues.
If your firm hasn’t already attained the Government-backed Cyber Essentials Scheme, that’s a good first step and can be completed for a few hundred pounds.
Clients
Existing and potential clients want to be sure that the firms they work with are securely collecting, handling and storing their data, and are now more wary of who can access and work with their sensitive information.
E-mail threads and paper-based processes are being seen as unsecure and inefficient, particularly for larger firms who may be dealing with a high volume of clients or transactional checks at any one time.
Consideration around appropriate use of digital systems and storage has the added benefits of making GDPR compliance easier, particularly when considering issues of data portability, subject access requests and the potential need to internally evidence a clear audit trail and decision-making process.
The future of firms
Leading a successful accountancy practice into the future will naturally rely on a firm’s ability to provide tailored and expert advice to both long-standing and new clients.
Implementing tech and automation to manual tasks and day-to-day admin, whilst still allowing important decisions to be made by senior or specialised staff, opens up more time for firms to focus on their clients’ needs.
Taking a proactive approach to addressing client data and compliance risk now means your firm is on a good footing as technology becomes ever more part of daily practice management.
Amiqus is working with ICAS to help firms reduce risks and achieve AML compliance. Amiqus ID can be used to collect, analyse and handle both staff and client compliance with basic disclosure, risk assessment, KYC and adverse media checks available for firms of all sizes. To find out more, contact Amiqus or book a demo.
Any views expressed in this article are the views of the author and do not necessarily represent the views, policies or regulatory approach of ICAS.