The area of compliance that interests me most is client on-boarding, which involves screening and carrying out an appropriateness test.
The implementation of COBS10, the appropriateness test that firms must carry out if they provide non-advised investment services to retail clients involving financial instruments covered by MiFID (the EU Markets in Financial Instruments Directive) or any type of derivative.
Under the Conduct of Business sourcebook, Chapter 10 (COBS), firms carry out a specific test to determine that clients have the necessary knowledge and experience in order to understand the risks involved related to the product or service that they will be trading in.
This is usually done by the client answering questions about their previous trading history, the frequency and volume of their trading.
Sometimes a client may be asked about their educational or professional qualifications relevant to the type of trading they wish to carry out.
Most importantly, if a firm considers that on the basis of information provided by the client that the product or service is not appropriate to the client, the firm must warn the client. The firm must also warn the client that they are unable to determine appropriateness if the client will not provide the necessary or sufficient information to enable the firm to reach a view.
Where a firm has deemed his client to have insufficient knowledge and experience, it does not necessary mean that the client is rejected, but the firm must inform the client that the product or service is not appropriate and that should they wish to continue, they should ask their client to certify that they understand the risks associated with CFD trading/spread betting and that they regard such trading as suitable to them. It would also be good practice for the firm to refer the client to its standard product risk warning and ask the client to actually confirm that they have read the risk warnings.
It is important that firms do not regard COBS 10 as just a ‘’tick box’’ exercise, with no benefit to the firm or client and not integrate the test into their normal account opening procedures.
Why Your Enterprise’s Finances Rely on Employee TrainingGo to article >>
Screening of clients for AML purposes must comply with the Joint Money Laundering Steering Groups (JMLSG) guidelines.
Many firms now use electronic screening, and where such screening is carried out, it must use data from multiple sources, or incorporate qualitave checks that assess the strength of the information supplied.
The recommended criteria for verification is address, surname, date of birth and forename.
The standard level of confirmation, that do not give rise to concern or uncertainty is, one full match of full name and a second match of an individuals full name and either his current address or date of birth.
The criteria for creating a pass in JMLSG criteria is 2+2 or in other words it has 2 names and 2 addresses or 1 name to 1 address and 1 name to 1 date of birth.
This shows that 2+2 can be achieved by verifying an individual by surname and forename on two separate databases, or by surname and forename on one database and surname, forename and date of birth on another.
In order to mitigate impersonation where identity is verified electronically, or copy documents are used, a firm should apply additional robust verification checks to manage the risk of impersonation fraud. The additional check may consist of robust anti-fraud checks that a firm routinely undertakes as part of its existing procedures.
Where scanned documents need to be certified, the certifier must print his name, sign and date, and state that it is a true copy of the original. The certifier must also confirm their occupation and provide a telephone number or email address. Where there is a photograph, the certifier must state that it is a true likeness of the applicant.