Economic Crime Supervision Handbook

ECSH33390 - Requirement to cease transactions

If a business is unable to complete its customer due diligence (CDD) measures, it must not establish a business relationship or carry out a transaction with the customer and must terminate any existing business relationship, see ECSH63490. It must also consider whether a suspicious activity report (SAR) should be raised.

You should ask the business if it has raised any SARs in relation to this or if it recalls any transactions which were not completed. You should review any internal SARs or records relating to the customer/cancelled transaction.

You may be able to locate transactions marked as cancelled within transactional data and discuss the reasons for this with the business. You will need to understand why this occurred and what actions the business took to decide if there is a breach of regulation 31 of the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (MLR 2017).

Make sure you add this to your aide memoire or topic plan. If the transaction was being carried out as part of a business relationship, you must check whether any further transactions were carried out. You can evidence this by searching transactional data and any other supporting records (such as bank statements) from the date of termination onwards.

If payment had already been received from the customer, confirm how they were refunded. For example, if the transaction was in cash, you should ask if the cash was returned to the customer. If it had already been banked, was the refund made by bank transfer? Explain to the business that if it was refunded differently to how it was paid, it could provide legitimate source of funds which is a risk of money laundering or terrorist financing (ML/TF).

 

Breaches

Where you establish that the business has not ceased a transaction where it should have, you should tell the business that there is a breach of regulation 31 MLR 2017, and it must terminate the business relationship immediately. 

 

Case study

You are conducting a check on an art market participant (AMP). For one of the transactions you are testing, the business advises you that it requested ID documents to verify the identity of individuals which the customer did not provide; the business carried out the transaction irrespective of this. A review of the bank statements shows that the transaction was completed by bank transfer.

You consider there is a breach of regulation 31(1)(a) MLR 2017 and advise the business it should not have continued with the transaction, even if it considered there was a low risk of ML/TF and should retrospectively consider submitting a SAR, see ECSH33600. For guidance on corresponding breaches, see ECSH33395 on specific breaches of customer due diligence.