ECSH33112 - Compliance Officer

The role of the compliance officer 

Where there is a board of directors (or equivalent), one of the directors must take responsibility for the business’s compliance with the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017(MLR 2017) and update the rest of the board as appropriate in accordance with Regulation 21(1)(a).  

You should always establish who the Senior Responsible Officer (SRO), or compliance officer, is within the business to determine who is ultimately responsible. [Link to ECSH 63405 Regulation 21]. 

Once you have established who the SRO or compliance officer is, you should consider: 

what does their role involve? 

what experience do they have? 

have they received sufficient anti money laundering, counter terrorist financing and counter proliferation financing (AML/CFT/CFP) training to undertake their role as compliance officer? 

Responsibilities of the compliance officer 

The responsibilities of the compliance officer may include: 

identifying and assessing the money laundering, terrorist financing and/or proliferation financing(ML/TF/PF) risks specific to the business 

maintaining the business’s written AML/CFT/CFP risk assessment 

establishing and maintaining policies, controls and procedures to mitigate the risks identified and assessed in the business’s risk assessment 

maintaining a record in writing of the business’s AML/CFT/CFP policies, controls and procedures 

screening of relevant staff (both new staff and current staff on an ongoing basis) 

ensuring that all AML/CFT/CFP training is completed by relevant staff members and that staff are kept up to date with any changes 

ensuring that all relevant staff members understand their responsibilities under the MLR 2017 including reporting suspicious activity 

ensuring that staff follow the business’s policies, controls and procedures 

carrying out internal audits  

ensuring that records are kept in line with general data protection regulations (GDPR) and the requirements of the MLR 2017 

renewing or updating the business’s registration for anti-money laundering supervision 

establishing and maintaining systems which enable the business to respond “fully and rapidly” to enquiries from law enforcement agencies  

Sometimes the compliance officer may have additional responsibilities such as receiving internal reports of suspicion. [Link to ECSH 33111 Nominated officer] 

Alternatively, the responsibilities of receiving internal reports of suspicion and the business’ compliance with the MLR 2017 may be held by different individuals depending on the size and nature of the business. 

Testing compliance 

During the compliance check, you should test compliance and obtain evidence as detailed in [link to ECSH 63405 Regulation 21].