Further Important Changes to the Cayman Islands AML Regime
A number of major developments impacted the Cayman Islands AML regime in December 2017, as the CFATF fourth round mutual evaluation of the Cayman Islands was being conducted. For background on the introduction of the Anti-Money Laundering Regulations, 2017 ("AML Regulations") in November 2017, please see our prior client updates: The Anti-Money Laundering Regulations, 2017 and New AML Regulations: Application to Insurance & Unregulated Investment Entities.
This update provides a high-level summary of the most recent developments. If you would like further information, please contact one of the authors, or your usual Maples and Calder contact.
Revisions to the AML / CFT Guidance Notes
The Guidance Notes on the Prevention and Detection of Money Laundering and Terrorist Financing in the Cayman Islands ("Guidance Notes") were revised and re-issued by the Cayman Islands Monetary Authority ("CIMA") in December 2017. The Guidance Notes support the interpretation and application of the AML Regulations and contain sector specific guidance.
Without a transitional period under the AML Regulations for pre-existing in-scope entities, the issuance of the Guidance Notes was critically important in determining practical compliance. Accordingly, clients should review their existing AML / CFT policies and procedures (or those of their delegate) to ensure they adhere to updated current requirements.
Many of the revisions in the Guidance Notes flow from the new, or revised, provisions of the AML Regulations (e.g. risk-based assessments, enhanced due diligence on PEPs, etc.).
However, some changes are incongruous with the AML Regulations or other parts of the Guidance Notes and have introduced some uncertainty. The key points to note are:
(a) Managed financial service providers (e.g. banks, investment funds, etc.) are still permitted to delegate or, in certain circumstances, rely on, a suitable party to maintain all of the AML / CFT procedures and functions. This includes the Compliance Officer ("AMLCO"), Money Laundering Reporting Officer ("MLRO") and Deputy MLRO roles. The prior conditions for delegation remain and reference is also made to the requirements under CIMA's Statement of Guidance on Outsourcing. As such, a separately nominated AMLCO or MLRO is not required when delegating the functions.
(b) The Guidance Notes provide that a gap analysis (assessing lesser AML standards of a different jurisdiction and remediating to Cayman standards) should be undertaken when delegating and/or relying on an eligible introduction. However, the Guidance Notes also provide that CIMA will regard a delegate as complying with the AML Regulations and Guidance Notes, when the delegate is subject to the AML regime of a jurisdiction listed by the Cayman Islands AML Steering Group as having equivalent AML legislation to the Cayman Islands (an "AMLSG Jurisdiction", formerly known as Schedule 3 jurisdictions). Accordingly, a gap analysis should only be required where the delegation may be to a party that is either not subject to the AML regime of, or based in, an AMLSG Jurisdiction. While there is a good argument that the same logic should apply to eligible introductions, unfortunately it is unclear, given the gap analysis language in the Guidance Notes, whether CIMA takes that view.
(c) Under the old regulations, a commonly used exception to conducting full due diligence was when a payment was made from a bank account in the name of the applicant for business (e.g. a fund investor) with a bank regulated in an AMLSG Jurisdiction. The new iteration of this exception (now categorised as a type of "simplified due diligence") under the AML Regulations now states it cannot be used in certain circumstances, i.e. there should be a collection of due diligence evidence. One of those circumstances is the occurrence of an "onward payment" to the applicant for business or a third party. In the consultation feedback with CIMA, it appeared that simplified due diligence would be permitted as long as payment was only made back to the same bank account of the applicant for business, as that was understood not to constitute "onward payment", but no specific guidance on the point was issued. As no guidance was issued that indicates to the contrary, we consider that payments to an investor's account at the same originating bank would not constitute onward payment and therefore simplified due diligence should be permitted. This type of due diligence should however only be used if there is assessed to be a low level of risk. We hope to get further clarity from CIMA on this point.
(d) There is a lack of sector specific guidance for some of the industries that are newly (or previously were not fully) subject to the AML Regulations, including for unregulated investment entities, structured finance vehicles, high-net worth dealers, and law and accounting firms. This guidance will need to be developed shortly in order for such businesses to understand the extent of their AML (particularly KYC) obligations.
Given the lack of a transitional period for pre-existing in-scope entities, we recommend that AML Procedures and / or delegation / reliance arrangements are reviewed to ensure that all functions are being undertaken in accordance with the new requirements. For entities that are newly subject to the AML Regulations, a transitional period has been granted until 31 May 2018 in order to implement a delegation / reliance arrangement. It is important to note that KYC remediation will need to be performed for existing customers of these entities before that deadline.
CIMA Administrative Fine Regime
The Monetary Authority (Amendment) Law, 2016 (the "MA Law") and the Monetary Authority (Administrative Fines) Regulations, 2017 (the "MA Regulations"), both came into force in December 2017. The MA Law gives CIMA the power to impose administrative fines for breaches committed by persons (entities and individuals) subject to Cayman Islands regulatory laws (including CIMA Rules) or the AML Regulations. This will give CIMA equivalent powers to those that are customary for onshore regulators.
Breaches are to be categorised as being "minor", "serious" or "very serious". There will be a sliding scale of fines from CI$5,000 for minor breaches to CI$100,000 for individuals and CI$1 million for entities for very serious breaches. Fines for ongoing minor breaches can be applied at intervals on a continuing basis up to a CI$20,000 cap.
CIMA will have six months from becoming aware of a minor breach, or having received information from which the fact of the breach can be reasonably inferred, to impose a fine. There is a two year time limit in respect of the imposition of fines for serious or very serious breaches.
Fines may be imposed even if the relevant breach is not a criminal offence, though where a breach is also an offence the imposition of a fine will not preclude prosecution for that offence (or be limited by the penalty for that offence), and likewise any prosecution will not preclude the imposition of administrative fines or penalties.
The procedures relating to the imposition of the fines, and the types of laws / provisions for which fines may be imposed, are set out under the MA Regulations. Among other things, the MA Regulations outline:
(a) the criteria that CIMA must adopt when issuing breach notices, considering or reconsidering matters if there is cause and imposing discretionary fines;
(b) when a party that has received a fine notice for a fixed fine may apply to the Management Committee of CIMA to review the original decision; and
(c) when a party that has received a fine notice for a discretionary fine may apply to the Grand Court for leave to appeal against the original decision.
Schedule 1 of the MA Regulations sets out the prescribed regulatory law provisions and corresponding breach categories. In the initial phase, only provisions of the AML Regulations are included in the Schedule which means CIMA's powers are currently limited to the imposition of fines for breaches of the AML Regulations. It is expected that this will be broadened in the future to include breaches of other Regulatory Laws and ancillary Rules.
Designated Non-Financial Businesses and Professions
On 13 December 2017, amendments were made to the AML Regulations to clarify and expand their application to certain Designated Non-Financial Businesses and Professions ("DNFBPs"), including precious metal and stone dealers, real estate agents and brokers, as well as law and accounting / audit firms and sole practitioners.
The Department of Commerce and Investment is designated as the Supervisory Authority for AML purposes for the real estate brokers and precious metal and stone dealers. The Cayman Islands Institute of Professional Accountants is the Supervisory Authority for the accounting / audit industry, and a body has yet to be assigned by Cabinet for the law firms and sole legal practitioners.
Supervisory Authorities may respectively issue guidance and shall develop a registration procedure in order to be able to monitor DNFBPs. Currently, DNFBPs shall have 90 days from the date of the amendment to register with their respective Supervisory Authority by filing a Declaration, but this may very well be extended, as the Supervisory Authorities have yet to establish their processes, and / or have yet to be designated (i.e. for law firms).
A DNFBP can be de-registered by the Supervisory Authority for breach of the AML Regulations (where not otherwise addressed by an administrative fine) or where the DNFBP or a connected person (including an officer or operator) is not fit and proper, or has ceased business. Certain factors will be considered by the Supervisory Authority to determine fitness and propriety.
Supervisory Authorities also have the power to (i) request disclosure of information or documentation (save for protected documentation, as defined) from the DNFBP and (ii) impose fines for breach of the AML Regulations. Fines can be up to $100,000 for natural persons or up to $250,000 for legal persons. Imposing a fine precludes a criminal prosecution for an offence, and vice versa.
The Supervisory Authority must provide a written notice of the intention to impose a fine and the DNFBP has 30 days to rectify the breach or object. Appeals can be made to the Grand Court.
Tax Evasion as a Money Laundering Predicate Offence
The Penal Code (2017 Revision) was amended on 1 December 2017. The amendment creates a tax offence in the Cayman Islands, which forms a predicate for money laundering. In conjunction with the dual criminality provisions under the Proceeds of Crime Law (2017 Revision) (whereby criminal conduct, for the purposes of money laundering, can include conduct committed overseas, as long as it would be an offence under Cayman law), this new offence reinforces the fact that foreign tax evasion and equivalent tax crimes are reportable in the Cayman Islands.
Broadly, it is an offence when a person, with intent to defraud the Cayman Islands Government, wilfully (i) provides false or fraudulent information to a collector of general revenue; (ii) omits information required to be provided to a collector of general revenue; or (iii) obstructs, hinders, intimidates or resists a collector of general revenue.