Regulations for crypto asset service providers in the UK
When do firms need to conduct client due diligence (CDD) under the UK's AML regulations?
"Firms must have policies, controls and procedures to identify and scrutinise transactions which are complex or unusually large or unusual patterns of transactions or which have no apparent economic or legal purpose. The previous MLR 2017 requirements obliged firms to have policies, controls and procedures which provide for the identification and scrutiny (a) of transactions which are complex and unusual large, or (b) unusual patterns of transactions, in either case if the transaction(s) have no apparent economic or legal person;
Firms must have ensure that appropriate measures are taken to assess and, if necessary, mitigate any money laundering/terrorist financing (“ML/TF“) risk when adopting “new products, new business practices (including new delivery mechanisms) or new technology”.
Firms must have group-wide policies, controls and procedures for sharing information about clients with other group companies for AML/CTF purposes;
Training requirements for “relevant employees” are extended to any agents the firm uses in its business whose work is relevant to the firm’s compliance with the MLRs or who are otherwise capable of contributing identifying or mitigating MT/TF risk, or preventing or detecting ML/TF."
"You must make sure that your business has adequate internal controls and monitoring systems. These should alert you and other relevant people in your business if criminals try to use your business for money laundering. Once you’ve been made aware of a potential threat, you can take steps to prevent it and report any suspicious activity.
Your controls should include:
appointing a ‘nominated officer’ and making sure that employees know to report any suspicious activity to them
appointing a compliance officer if your business is larger or more complex
identifying the responsibilities of senior managers and providing them with regular information on money laundering risks
training relevant employees on their anti-money laundering responsibilities
documenting and updating your anti-money laundering policies, controls and procedures
introducing measures to make sure that the risk of money laundering is taken into account in the day-to-day running of your business"