Q&A on Cayman AML regime: service providers, delegation and risk-based approach

What was the authorities' goal in further amending the AML regime in 2018?
How can the 2018 amendments be characterised?
Was there significant confusion around the difference between delegation and reliance?
What are some of the practical implications arising from the changes?
Are there any additional key points or messages for service providers or compliance officers?​

What was the authorities' goal in further amending the AML regime in 2018?

The Anti-Money Laundering (AML) Regulations, which came into force in October 2017, and the accompanying guidance notes, which were published in December 2017, sought to close gaps that remained between Cayman's robust AML regime and the Financial Action Task Force 2012 recommendations. The Cayman Islands government and the Cayman Islands Monetary Authority are well aware that it is imperative that the Cayman Islands is not only perceived to, but does in fact, play a central role in the global fight against money laundering and terrorism financing. At the same time, there is a deep understanding of the need to remain competitive and commercial.

The changes published in 2018 reflect the careful balancing act that the government and the authority must play between imposing a robust AML regime and ensuring it can actually work in practice within the existing framework of an established industry. The amendments are the outcome of industry consultation with the authority throughout 2018; it was essential to obtain this further guidance addressing how certain new requirements of the AML regulations will actually work in practice.

How can the 2018 amendments be characterised?

Anti-money laundering efforts will undoubtedly be an area of increased focus for relevant financial businesses, such as investment funds and managers. However, it is clear from developments throughout 2018 that much of the established industry practice remains unchanged; concerns of total upheaval within the industry have been allayed and given the size of the financial services industry in Cayman, the significance of this cannot be underestimated. In particular, the practice of reliance on third-party service providers to help meet AML obligations remains an option; express clarification that this deeply entrenched practice can remain has been hugely important.

Was there significant confusion around the difference between delegation and reliance?

In general, there was a clear understanding of the reliance concept, it being the predominant compliance option taken by investment funds. It is for this particular reason that funds did not historically have to appoint AML officers or adopt AML manuals – they simply relied on their chosen administrator and such administrator's own AML officers and AML manual. Whether it was widely appreciated, how and why this form of reliance differed from delegation is unclear. In any event, delegation is rarely used in the funds industry; it would require a third party to apply a fund's own AML manual (and most third-party service providers are not comfortable doing this).

What are some of the practical implications arising from the changes?

The bigger picture remains unchanged; what has changed (or, in some respects, been clarified) is the detail.

Service providers that are being relied on to help funds or other businesses meet their AML obligations may now be asked to take on additional duties, such as the provision of AML officers and conducting risk analysis for their clients (not only on customers, but also on business activity). Reporting on AML matters will likely increase; oversight by, and ongoing and regular dialogue with, the newly appointed AML compliance officer will become the norm. There will certainly be greater scrutiny of service providers to determine and (crucially) document whether it is reasonable to rely on them. As such, it is now necessary to consider what might be the risks of relying on a particular service provider, particularly where such service provider is not itself subject to the Cayman Islands AML regime.

Are there any additional key points or messages for service providers or compliance officers?

While the focus on a 'risk-based approach' helpfully moves away from a check box approach to AML compliance, by allowing different businesses to assess their own risks and tailor their policies and practices to those risks, it places an additional administrative burden on businesses (in particular, compliance officers and directors). In the face of a new administrative fines regime, enhanced fines under the AML regulations and potential personal liability on AML officers, it is essential that businesses are properly considering and documenting their rationale and their decisions not only when their policies and practices are developed, but also as they evolve and are implemented over time. Service providers and compliance officers are also encouraged to remain alert to further amendments to the AML regime – for example, revisions to the AML regulations currently under consultation could see an increased focus on ongoing monitoring, anti-proliferation financing and sanctions screening, as well as new disclosure requirements.

For further information on this topic please contact Joanne Huckle at Ogier by telephone (+1 345 949 9876) or email (joanne.huckle@ogier.com). The Ogier website can be accessed at www.ogier.com.