Skip to main content

FIAU’s Proposed Amendments to Part I of the Implementing Procedures Provide More Guidance on Subject Persons’ Key Obligations

By March 10, 2021August 3rd, 2023No Comments

The Financial Intelligence Analysis Unit (FIAU) issued a Consultation Document setting out a series of proposed amendments to Part I of the Implementing Procedures to address recent issues and concerns brought forward by subject persons.  The Consultation Documents includes proposed amendments dealing with adverse media, subject persons’ obligations to perform ongoing monitoring, more flexibility in the Money Laundering Reporting Officer’s (MLRO) appointment and duties, and further guidance in carrying out a Jurisdictional Risk Assessment.

Assessing Adverse Media Information

The FIAU is proposing additional guidance, under Section 3.5.1 (a) (a), to assist subject persons in assessing the reliability of adverse media when carrying out the Customer Risk Assessment.  The same guidelines are also intended to assist subject persons in their evaluation of supervisory and regulatory information within the context of Simplified Due Diligence.  Specifically, the FIAU is proposing taking the following into consideration when assessing whether adverse media is to influence the (prospective) customer’s ML/FT risk:

  • When did the breach of the requirement/s resulting in administrative measures take place?
  • What was the regulatory requirement breached?
  • What was the regulatory action taken against the (prospective) customer?
  • Have the regulatory issues been resolved, i.e. has the customer taken action to address the issues highlighted by its regulator or supervisor?

Ongoing Monitoring for Investment Fund Managers

FIAU’s proposed amendments with regard to subject persons’ obligation to carry out ongoing monitoring are intended to clarify the position of subject persons like investment fund managers.  Section outlines that “where the transactions carried out by a subject person on behalf of its customers are left to the subject person’s own discretion, as is the case with discretionary portfolio management and investment management services offered to collective investment schemes or retirement schemes, it is not expected that the subject person monitors the transactions it is carrying out itself.”  As in these scenarios, the subject person would have received a mandate from the customer to invest funds and manage assets as the subject person wishes within the agreed parameters, the activities subject to monitoring would be any increase in the funds or assets entrusted to the subject person for investment purposes, and any request from the customer to have any funds or assets entrusted to the subject person released back to it.

Ongoing Monitoring in Simplified Due Diligence Scenarios

Section reiterates the FIAU’s message that Simplified Due Diligence (SDD) still requires some level of ongoing monitoring to ensure that the business relationship is still deemed to be low risk and therefore, still falls within the conditions justifying the application of SDD.  As part of this process, subject persons are to regularly ensure that the information obtained at the start of the business relationship is still valid and current.  More importantly, the FIAU’s proposed guidelines state that the subject person should consider whether:

  • Any new regulatory or supervisory information has been made public which may somehow impact the subject person’s earlier customer risk assessment and rating of the business relationship as one presenting a low risk of ML/FT.
  • The volume of funds being channelled or invested through a nominee, omnibus or pooled account can somehow be considered to increase the risk of ML/FT posed by the given business relationship.
  • Any data, information or documentation made available in relation to particular transactions or the underlying investors or customers is in keeping with the information provided by the customer at the start of the business relationship.

More Flexibility in MLRO Appointments

Chapter 5 of the Consultation Document includes several proposed amendments to  address constant issues, which subject persons face in the appointment of the MLRO.  For starters, the FIAU recognizes that while having a dedicated MLRO function is ideal, this may not always be possible.  In this regard, the FIAU is proposing:

  • The removal of the prohibition on non-executive directors to act as MLROs;
  • The considerations which should be taken into account when a subject person locates its MLRO abroad;
  • A more detailed explanation of which situations may present a conflict of interest and the introduction of an element of proportionality, allowing for the taking of mitigating measures rather than the outright refusal or removal of the (proposed) MLRO;  and
  • The removal of the restriction on the number of Designated Employees that can be appointed by each subject person.

Reliance on Jurisdictional Risk Assessments:

Section 8.1.2 sets out proposed  criteria which, if met, will allow a subject person to rely on Jurisdiction Risk Assessments carried out by engaged consultants or to even rely on standardized jurisdiction assessments drawn up by third parties.  This is only allowed when the subject person is assured that:

  • The risk assessment carried out considers a sufficient number of aspects that may impact the subject person, and the sources used for the purposes of the said assessment are known and When particular aspects are not factored in, the subject person should supplement the said risk assessment and consider what is likely to be the impact on the risk rating provided by the third party.
  • The methodology behind the risk assessment and the resulting risk rating attributed to any one given jurisdiction is fully understood. Additionally, the subject person must be ascertained that the methodology makes sense and is sufficiently objective.
  • Any assessment and associated risk rating is updated periodically.

Finally, the fact that a subject person may be making use of a readily available Jurisdictional Risk Assessment index does not absolve the subject person from understanding the main reasons for a jurisdiction being considered as presenting its assigned level of risk, especially in situations where a jurisdiction is deemed to present a higher than usual risk of ML/FT.  As to the jurisdictions that are to be considered for assessment purposes, this may vary depending on the nature of the relevant activity or relevant financial business carried out by the subject person – the FIAU provides some specific guiding examples to assist subject persons in identifying customers’ jurisdictional risks.


The FIAU is receiving feedback through written submissions, to be provided via electronic mail on, on the proposed amendments to the Implementing Procedures Part I by not later than Friday 9th April, 2021.


For assistance with written feedback, kindly contact: or