ECSH33215 - Duties of supervisory authority: how we check compliance: operational guidance: establishing risk, procedures and training: communication of policies, controls and procedures

Introduction

After you have established the policies, controls and procedures (PCPs) a business has in place (see ECSH33210), you should ask the business to explain how it communicates them to relevant staff members, agents, subsidiaries, and branches depending on the business structure.

PCPs need to be communicated within the business to ensure that all staff undertaking relevant activity are aware of the most up to date PCPs to mitigate and manage the risks of money laundering, terrorist financing and/or proliferation financing (ML/TF/PF) identified by the business in its risk assessment.

(This content has been withheld because of exemptions in the Freedom of Information Act 2000)

Internal communication of PCPs is required by regulation 19 and regulation 19A of the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (MLR 2017).

(This content has been withheld because of exemptions in the Freedom of Information Act 2000)

A parent company that carries out relevant activity must ensure that it complies with regulation 20 where it has subsidiaries and branches, including those located outside the UK, that carry out any activity subject to MLR 2017. This includes the requirement that the business must tell HMRC if any subsidiaries or branches cannot follow the parent company’s normal procedures.

(This content has been withheld because of exemptions in the Freedom of Information Act 2000)