Even the most dedicated and determined MLRO needs a break from his work occasionally, and as he packs his flip-flops/salopettes* and the latest thriller/romance/colouring-in book* [* delete as appropriate] he can relax knowing that all is being left in the capable hands of his deputy MLRO. Or at least that’s the theory.
To be fair, no (or rare) mention of a deputy MLRO is made is in the underlying legislation: in the UK, the Money Laundering Regulations 2007 talk of a “nominated officer” who will receive disclosures, but do not stipulate what should happen while he is sipping a mint julep on a beach in the Caribbean. The guidance – in this case, the guidance produced by the Joint Money Laundering Steering Group – is much more forthcoming on the matter. “In larger firms,” Part I of the guidance suggests in paragraph 3.15, “because of their size and complexity, the appointment of one or more permanent Deputy MLROs of suitable seniority may be necessary. In such circumstances, the principal, or group MLRO needs to ensure that roles and responsibilities within the group are clearly defined, so that staff of all business areas know exactly who they must report suspicions to.” The wording clearly indicates that the principal MLRO and his phalanx of deputies should all be of senior rank, and that are all capable of receiving reports of suspicion in the role of nominated officer. This position is supported by my other go-to source, the AML Handbook issued by the Guernsey Financial Services Commission, which, when specifying in section 2.4 the required credentials for an MLRO, lumps together “the MLRO and any deputy MLROs that are appointed” so that all are subject to the same list of requirements. “Deputy MLRO” is the accepted term, but perhaps “lieutenant MLRO” would have been a better title, as the intention is that the deputy is capable of taking the place of the MLRO, and thereby assuming his duties and (crucially) his legal responsibilities.
(An entirely different creature is the assistant MLRO. As the name suggests, the assistant MLRO helps the MLRO with some aspects of his role. The concept of the MLRO delegating some of his duties is entirely accepted and probably expected, but – and here’s the fly in the proverbial – he cannot delegate his responsibilities to an assistant. As the JMLSG guidance puts it: “Where AML/CTF tasks are delegated by a firm’s MLRO, the Financial Conduct Authority [the UK financial regulator] will expect the MLRO to take ultimate managerial responsibility.”)
I have met a few deputy MLROs – thankfully not many, but enough to prompt this post – who do not quite grasp the extent of their potential exposure. They imagine that for the fortnight or so that the MLRO is recharging his batteries on that beach, they will be fielding a few emails and making sure that any reports of suspicion are filed carefully for his attention on his return. Not so: for all intents and purposes (or perhaps, for all prosecutions and convictions…) the deputy MLRO is the MLRO for that period. And so any sensible deputy MLRO will insist on having the same level of training as the MLRO, and will try to keep in the AML loop as much as possible, so that when his turn comes, he will not drop the baton.
Some DMLROs are a “stand in”, others are almost “job share” MLROs – possibly why the quality varies so much. I’m a “full time” DMLRO so have the benefit of doing the job every day and can insist on a commensurate level of training.
Yes, there are so many variants of “MLRO-ish” roles. They key is for anyone who can receive reports of suspicion and make decisions on them – i.e. whether to disclose or not – to realise that they have serious legal responsibilities. And if they are doing that without letting their regulator know (many insist on fit and proper tests, as well as notification) or without the proper training, they are storing up trouble.
Best wishes from Susan
In Guernsey. as you indicate Susan, the roles of Nominated Officer and Deputy MLRO are confusing and clear instructions need to be given to staff as to whom they should make a report in the absence of the MLRO. The Handbook makes it clear that, where a suspicion arises in the absence of the MLRO, it must be reported to the Nominated Officer. This is not necessarily the Deputy MLRO(s) unless, of course, one of them has also been appointed as the Nominated Officer. Until recently it was only the MLRO that needed to submit a Personal Questionnaire to the regulator – not the Deputies nor the Nominated Officer. Now the Nominated Officer also needs to submit his or her PQ but still no Deputies in that role. This can cause confusion between jurisdictions when it is assumed that the suspicion can be reported to any Deputy in Guernsey and no-one being formally appointed as the Nominated Officer.
Hopefully the current emphasis (in the UK at the moment, but ripe for spreading elsewhere) on senior management responsibility will address this, through the device of “job mapping”. The idea is to make it crystal clear to everyone who has which responsibilities – so that if something goes wrong, the authorities know who to pursue… Internal reporting of suspicion will have double weight, as it’s a management role and a legal one. As ever, the key is clear communication, as problems arise when (mistaken) assumptions are made.
Best wishes from Susan
Susan, you raise an interesting question regarding the difference between an MLRO, DMLRO and ‘nominated officer’, between different jurisdictions, who does what? who is accountable? what their scope is? and then there’s… Jersey different again. Some DMLRO’s do the full time work of the MRLO, who simply gives the approving nod to report, whereby the ‘nominated officer’ is in name only who nobody knows. The roles and responsibilities must be clearly defined, the UK Senior Managers Regime (SMR) coming in March 2016 clearly puts responsibility squarely at the door of the MLRO…. when! SMR comes to Guernsey local institutions may have to think again.
Welcome to the blog, Phil, and thank you for your comment.
I think you’re absolutely right: the SMR is going to require much more clarity. I also think it’s only fair: if people are going to be held responsible for certain duties, they – and their colleagues – need to be absolutely certain who is doing what. (It should also help to seal some of those cracks that appear when everyone assumes that someone else is doing it…)
Best wishes from Susan