Over the past year or so, legislative reform in the Anti-Money Laundering and Combatting the
Financing of Terrorism (“AML CFT”) sphere has been a common occurrence. The regulatory landscape has witnessed multiple amendments to the Financial Intelligence and Anti-Money Laundering Regulations 2018 (the “Regulations”), the introduction of the Anti-Money Laundering and Combatting the Financing of Terrorism Handbook by the Financial Services Commission (the “Handbook”) (and subsequently amendments thereto), drafting of guidelines by different regulators, the repeal of the FSC Code on the Prevention of Money Laundering and Terrorist Financing (the “Code”), the drafting of the UN (Financial Prohibitions, Arms Embargo and Travel Ban) Sanctions Act 2019 and its accompanying guidelines. That is undoubtedly the result of the Government’s efforts to delist Mauritius from the Financial Action Task Force (“FATF”) list of jurisdictions under increased monitoring. But as laudable of an endeavour that is, it comes with its own challenges.
The Gap
For starters, there is a significant gap between the issuance of the Handbook on 13 January 2020 and the Code being repealed on 6 November 2020. Global business professionals were wary of the applicability of the Code in light of the issuance of the Handbook, and rightfully so because of certain conflicting requirements. The more so that the FSC Code was rule based while the Handbook is principle based and thus inevitably attracts some subjectivity in its applicability. These concerns were met by high level reassurances from the regulator to take remedial action. The tardy clarification (almost a year later) from the authorities gives implicit recognition to the complexity of the matter at hand. It is recalled that, the Financial Services Commission (the “FSC”) had in its circular letter warned that the repeal of the FSC Code would not:
- Affect any obligations or liability incurred under the repealed Code 2012;
- Affect the previous operations of the repealed Code 2012 or anything duly done or suffered
under the repealed Code 2012; - Affect any regulatory action already taken as a result of non-compliance with the repealed
Code 2012; or - Affect any investigation carried out under the repealed Code 2012. The FSC reserved its
rights to take any regulatory/disciplinary actions for any breaches of the Code 2012 that
occurred on or before the date upon which the circular was issued.
However, the blunt fact remains that between the date of the repeal and the issuance of the
Handbook there was a gap in the AML CFT regime. The repealing circular did not preserve the
effectiveness of the Code which then begs the question of what, in reality, is the legal status of the Handbook?
The Handbook itself expressly posits that the guidance provided therein is not enforceable. It does go on to state that it is illustrative to the extent that conformance would tend to indicate compliance with the legislative framework. The legislative framework in question includes the Financial Intelligence and Anti-Money Laundering Act 2002 (the “Act”) and its accompanying Regulations. Section 32A of the FIAMLA stipulates that a breach of the Act is a criminal offence which, in the absence of a specific penalty being provided, attracts a fine not exceeding one million Mauritian Rupees and imprisonment for a term not exceeding 5 years. By extension, does this mean that nonconformity with the Handbook is a breach of the Code and therefore a criminal offence or only a regulatory deficiency?
On the other hand, the Code sets out the position very clearly – non-compliance with the Code will expose the licensee to regulatory action. In simple terms, it is hard to say whether prior to the Code being repealed, from a strictly legal standpoint at least, whether the Code had precedence over the Handbook. This whole ordeal then raises a couple of very serious questions. What are the consequences of non-compliance with the Handbook? How effective really was the Handbook prior to the Code being definitively repealed?
The Handbook
With the repeal of the FSC Code, there has been a litany of interesting changes which have been made to the Handbook on 31 March 2021. For example, there is now an entire chapter which is devoted to the Independent Audit requirement which emanates from Regulation 22(1)(d) of the Regulations. This much needed guidance expatiates on the requirements set out in the Regulations which simply called for an independent audit function to review and verify compliance with the effectiveness of the measures taken in accordance with the applicable legal framework.
Independence of the Audit Professional
The newly added Chapter 13 of the Handbook confirms that the independent audit can be carried out either internally by an in-house auditor or externally by an external auditor. It further goes on to discuss the factors to be considered when assessing the independence and competence of the proposed auditor. It is notable that in relation to external auditors, the criteria considered by the Financial Institution1 (“FI”) should be properly documented and be made available to the FSC upon request, which in other words means that the onus is on the party seeking to appoint the auditor. It is hard to accept that in a sound and effective governance framework, the onus of declaring a conflict of interest should rest with a single party. Quite to the contrary, it should be the shared responsibilities of both parties. How the independent auditor considers that its objectivity is not impaired should also be disclosed.
Rotation of Auditors
In the same vein, as part of its request for information the FSC may request whether, from a corporate governance perspective, an FI is considering rotating the audit professional after a number of years (as it deems appropriate). It is therefore advisable for licensees to provide for the rotation of independent auditors in their audit policy. At a wider level, rotation is sure to improve audit quality by helping ensure that auditors remain professionally sceptical and do not become overly reliant on their clients’ assertions.
Lack of Regulation of Independent Auditors
The absence of any proper regulating framework for persons providing independent audit services is also noteworthy. The Handbook only states that “the person or firm conducting the audit should have the necessary skills, qualifications, relevant experience of the audit process, have a proper understanding of the FIAMLA and its supporting regulations as well as sufficient knowledge of the financial industry”. No further meaning is given as to the expectation of the regulator nor is there any licensing or prior approval requirement from the regulators, as is customary for the appointment of statutory auditors of most FIs.
Winding up
The Handbook also stipulates that a final independent audit should be carried out until the FI is no more considered as a “reporting person”. A literal interpretation of this guidance would suggest that the entity would have to carry out an independent audit prior to surrendering its licence to the FSC. From a practical standpoint, it is clear that the customary independent audit exercise as contemplated in the Regulations is meant to be forward-looking in so far as it is meant to improve the effectiveness of the AML CFT framework of an organisation by verifying and reviewing compliance with the existing framework. On the other hand, it is logical to conclude that the final independent audit is backward looking. It is intended to flag any AML CFT related deficiencies, errors and omissions which have occurred prior to the entity surrendering its licence with a view to unearthing past malfeasances (if
any).
The Handbook fails to make a distinction between these 2 very different types of audit exercises. In addition, a typical independent audit operates on a sample size of 10-20%, which means that the probability of an irregular transaction falling through the cracks is significantly high. To this end, a more suitable alternative would be the prescription of an AML CFT Due Diligence rather than an independent audit. The downside of this solution is that it is likely to be costly, cumbersome and timeconsuming. It is hoped that the regulator will be mindful of weighing these two requirements.
Training
Finally, the Handbook states that FIs must provide the appropriate level of AML and CFT induction training to, among others, all board members. By extension, non-executive directors as well as foreign directors are captured by this requirement. As a result, there is a positive obligation, whether from a practical perspective or a financial perspective, on an FI, to ensure that its board is properly conversant with AML CFT laws.
Conclusion
The efforts of the Mauritian Government to revamp the AML CFT framework are commendable. However, one cannot cast off the lingering sentiment of the FSC Handbook coming across as a stopgap in certain respects. Meaningful change can only be achieved through the implementation of a clear, cohesive, and comprehensive system. The good news is that a few simple tweaks can go a long way.
---
Read the original publication at BLC Robert & Associates.