ECSH85600 - Reasonable steps
When imposing a financial penalty, decision makers (DMs) must consider whether the relevant person took “all reasonable steps and exercised all due diligence to ensure that the requirement would be complied with” (regulation 76(4)).
“Reasonable” is not defined in law; so you must consider what a typical person would do in a particular situation. As The Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (MLR 2017) provide a risk-based approach, there isn’t a one size fits all and this must be considered on a case-by-case basis.
One of the factors that must be considered is whether the business or individual has followed any relevant guidance. Therefore, where a breach is identified, you must know what published guidance was in place at the time and you must establish what they knew about the requirement(s), and to evidence the steps it took.
For example, if they say they checked guidance on GOV.UK, ask the person to show you exactly which guidance they were looking at. Is the guidance misleading or has the requirement been misunderstood? If they didn’t understand the guidance, what steps did they take to clarify it – did they contact HMRC or seek independent advice?
Even though a breach has occurred, a business may be considered to have taken reasonable steps and exercised all due diligence if they sought independent legal advice or followed recommendations from an external consultant.
Where you determine that the business did take all reasonable steps and exercise all due diligence you cannot impose a penalty on it.